last executing test programs:

1m36.592523639s ago: executing program 0 (id=82):
socket$inet6(0xa, 0x1, 0x0)
syz_open_dev$tty20(0xc, 0x4, 0x0)
r0 = openat$kvm(0x0, &(0x7f00000000c0), 0x800, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4048aecb, &(0x7f0000000080)=ANY=[@ANYRES16=r1])
ioctl$KVM_GET_VCPU_EVENTS(r2, 0xc048aeca, &(0x7f0000000080))

1m36.373131533s ago: executing program 0 (id=84):
unshare(0x2a020480)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x5, 0x4, 0x8, 0xb, 0x0, 0xffffffffffffffff, 0xfffffffc}, 0x50)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x55, r0, 0x4}, 0x38)

1m36.352911774s ago: executing program 0 (id=85):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="0a00000007000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r1, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x3800, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

1m36.301263045s ago: executing program 0 (id=88):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x446, &(0x7f0000000480)={[{@min_batch_time={'min_batch_time', 0x3d, 0x9}}, {@journal_dev={'journal_dev', 0x3d, 0x1045}}, {@errors_continue}, {@noquota}, {@data_err_ignore}, {@noblock_validity}, {@delalloc}, {@noauto_da_alloc}, {@orlov}, {@user_xattr}, {@nodioread_nolock}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}]}, 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0)
fallocate(r0, 0x0, 0x0, 0xffff)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27ffff7, 0x4012011, r0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./file1\x00', 0x143142, 0x40)
open(&(0x7f0000000180)='./bus\x00', 0x14937e, 0x111)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r2, 0x4c04, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x1, 0x8005, 0x0, 0x0, 0x19, 0xd, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f2c100000000000000010064000000000900", [0x8]})
pwritev2(r1, &(0x7f0000000100)=[{&(0x7f0000000080)="ff", 0xabfb}], 0x1, 0x5405, 0x0, 0x0)

1m35.911258342s ago: executing program 0 (id=94):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000380)={[{@delalloc}, {@data_err_abort}, {@bh}, {@dioread_lock}, {@data_err_ignore}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x4007b1}}, {@data_err_ignore}, {@grpquota}, {@nobh}, {@user_xattr}, {@bh}, {@dioread_nolock}]}, 0x1, 0x553, &(0x7f0000000a40)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
socket$inet_tcp(0x2, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00'}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
sched_rr_get_interval(0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r2, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
write(r2, &(0x7f0000000340)="07000000010001", 0x7)

1m34.92592136s ago: executing program 0 (id=97):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x47)
setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000140)=0x2, 0x4)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
sendto$inet(r0, &(0x7f0000001480)="3b5250dd8df768c581177cc96346a125c5baecd7e46618851e723e8ef1628f8e5c9fff1954ad66", 0x27, 0x20000080, 0x0, 0x0)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000340)=[@timestamp, @window={0x3, 0x6, 0x7}, @mss={0x2, 0x7}, @window={0x3, 0x0, 0x4}, @window={0x3, 0x8, 0x6}, @timestamp, @window={0x3, 0xfffe}, @sack_perm], 0x2000000000000061)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0), 0x4)
sendto$inet(r0, &(0x7f00000004c0)='<', 0x381, 0x805, 0x0, 0x0)

1m34.706988914s ago: executing program 32 (id=97):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x47)
setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000140)=0x2, 0x4)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
sendto$inet(r0, &(0x7f0000001480)="3b5250dd8df768c581177cc96346a125c5baecd7e46618851e723e8ef1628f8e5c9fff1954ad66", 0x27, 0x20000080, 0x0, 0x0)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000340)=[@timestamp, @window={0x3, 0x6, 0x7}, @mss={0x2, 0x7}, @window={0x3, 0x0, 0x4}, @window={0x3, 0x8, 0x6}, @timestamp, @window={0x3, 0xfffe}, @sack_perm], 0x2000000000000061)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0), 0x4)
sendto$inet(r0, &(0x7f00000004c0)='<', 0x381, 0x805, 0x0, 0x0)

9.202805149s ago: executing program 2 (id=397):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000ddffff"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000003680)='sched_switch\x00', r0}, 0x10)
timer_create(0x0, &(0x7f00000003c0)={0x0, 0x21, 0x800000000004}, &(0x7f0000000380))
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000580)='./file1\x00', 0x800040, &(0x7f0000000340), 0x1, 0x5a3, &(0x7f00000005c0)="$eJzs3U9oHPUeAPDvzGZf/+U1ffAevPfooahQoXST9I9WT+1VLBR6KHipYbMNIZtsyG60CTmk9yL2ICq91JsePCoePIgXwYtXL4pnodig0PSgK/svbZPduKlJN81+PjDZ+c1vdr+/38x+J78ZZtgA+tax2p804n8RcSmJGHqkbiCalcca662uLOUfrCzlk6hWL/+SRBIR91eW8q31k+broYhYjoj/RsTX2YgT6ca45YXFqbFisTDXLA9XpmeHywuLJyenxyYKE4WZ0y+/cvbcmbOjp0Y7Nz67tb7e/PHWOze/e+3OrU8+Pbqcf28sifMx2Kx7tB/bqbFNsnF+3fIzOxGsh5JeN4AnkmnmeS2V/hNDkWlmfTvVoafaNGCHVfdFVLciWd7S6sBulmwt/4E9ozUOqJ3/tqbHBgiZDgOHfdsz/rh7oXECUou72pwaNQONaxOxv35ucvDX5LEzk9r55pHtaQJ9bPlGRIwMDGz8/ifN79+TG9mOBrKjvrrQ2FEb93+6dvyJNsefwda107+pdfxb3XD8exg/0+H4d6nLGL+/8dOHHePfiPh/2/jJWvykTfw0It7sMv7tK1+c61RX/SjieLSP35Jsfn14+NpksTDS+Ns2xpfHj766Wf8PdojfuGa7v/5vpt32n+2y/59/89lzy5vEf/H5zfd/u+1/ICLe7TL+v+5//Hqnurs3knu1UcBW939t2Z0u4790/tgPHaoOdPkRAAAAAAAAAABAG2n9XrYkza3Np2ku13iG999xMC2WypUT10rzM+ONe96ORDZt3Wk11CgntfJo837cVvnUuvLp1n3EmQP1ci5fKo73uO8AAAAAAAAAAAAAAAAAAACwWxxa9/z/b5n68//rf64a2Ks6/+Q3sNfJf+hfj+d/sm0/7gvsfo/k/4NetgN46qrG/9C/5D/0L/kP/Uv+Q/+S/9C/5D/0L/kPAAAAAAAAAAAAAAAAAAAAAAAAAAA74tLFi7Wp+mBlKV8rjw8szE+V3jo5XihP5abn87l8aW42N1EqTRQLuXxp+q8+r1gqzY7EzPz14UqhXBkuLyxenS7Nz1SuTk6PTRSuFrJPpVcAAAAAAAAAAAAAAAAAAADwbBmsT0mai4i0Pp+muVzEPyPiSGSTa5PFwkhEHI6I7zPZfbXyaK8bDQAAAAAAAAAAAAAAAAAAAHtMeWFxaqxYLMz1yczAhiXfdl45Ipa3txm1T9zyu7LNfbVbtuGzNnN483Uy0fMW7saZHh+YAAAAAAAAAAAAAAAAAACgDz186Lfbd/yxsw0CAAAAAAAAAAAAAAAAAACAvpT+nEREbTo+9MLg+tp/JKuZ+mtEvH378vvXxyqVudHa8ntryysfNJef6i7ilW3vA9CNVp628hgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4qLywODVWLBbmdnCm130EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeBJ/BgAA//9UNdg0")
syz_usb_connect(0x0, 0x62, 0x0, 0x0)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
setsockopt$MRT6_ADD_MIF(0xffffffffffffffff, 0x29, 0xca, &(0x7f0000000280)={0xffffffffffffffff, 0x8022c37b9b00b63a, 0x4, 0x0, 0x8}, 0xc)
preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17)
clock_gettime(0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
madvise(&(0x7f0000000000/0x2000)=nil, 0x8000000, 0x19)
syz_mount_image$fuse(0x0, &(0x7f0000001040)='./file2\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000cc0)={0x6, 0x2, &(0x7f0000000000)=@raw=[@map_idx={0x18, 0x8, 0x5, 0x0, 0xb}], &(0x7f0000000200)='GPL\x00', 0x3, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, r1, 0x8, &(0x7f0000000500)={0x7, 0x5}, 0x8, 0x10, &(0x7f0000000540)={0x3, 0xd, 0xa2, 0x7}, 0x10, 0x0, 0x0, 0x9, 0x0, &(0x7f0000000c00)=[{0x3, 0x3, 0x1, 0x1}, {0x5, 0x3, 0xb, 0x1}, {0x1, 0x2, 0xb, 0x1}, {0x5, 0x1, 0xb, 0x8}, {0x0, 0x2, 0x3, 0x7}, {0x2, 0x4, 0xc, 0x7}, {0x2, 0x3, 0x0, 0x3}, {0x2, 0x3, 0xc, 0x9}, {0x3, 0x1, 0xe, 0x9}], 0x10, 0x1}, 0x94)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27ffff7, 0x4012011, r2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8)

7.978027932s ago: executing program 1 (id=399):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000000000000000000000000000000000000000000000000da06f76992669d5e03eb05c5c54ad02c86ff3a24bbd088ab6f14c89e9f8de9a437b48baa02ec70552b5593f01291682679d176ce89cf6b37f395a8b43cc4634884514c977ca52ec233978c9a763df4d49589b90b269b46e23034eba4379ece9ac76d27bdd8e1888cef6ce1f49d074960c7d533de56275f5a7525d581d4df33aecda36e76fd051d2086e27922749e0512e04765e7b4ab49c20a2e0094fe99174f7e30f3869757844f81b74e56d6164a525bea2c64bb8b45089c50cb647cc88f7b4450378bce9a74362292e0f9a8b464f63538871181"], 0x48)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = dup(r2)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil})
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
syz_emit_ethernet(0xbe, &(0x7f0000000000)={@local, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @rand_addr=0x64010101, @dev={0xac, 0x14, 0x14, 0x21}}, {0x0, 0x4e20, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "7b4b143b7461fd777b1c012bd14efb9f49fcdb8f080c26a04883ad5c8c82b8af", "584cbf2649a50f2dbc43efa8698dfa871c51852e4451b57d037ad3c045942824251d7d17b5191584cdd4fbe40a27424d", "bcfd56f1373669caaa2f19935e6996c7096ffe4f3a4745a8f762b964", {"9a3bfbc1f39cb307b3472eb9cdb042d2", "643fcbb2c5a57df67d544af6e8dafe09"}}}}}}}, 0x0)
syz_kvm_setup_cpu$x86(r3, r1, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, 0x0}], 0x1, 0x42, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x36, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7020000140000e5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='sched_switch\x00', r5}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[], 0x48)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
process_vm_writev(0x0, &(0x7f0000001c80)=[{&(0x7f0000001bc0)=""/156, 0x9c}], 0x1, &(0x7f0000001d80), 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x88e, &(0x7f0000000540)={[{@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x2}}, {@mblk_io_submit}, {@bh}, {@auto_da_alloc}, {@barrier}, {@test_dummy_encryption}, {@nogrpid}]}, 0x3, 0x445, &(0x7f0000000800)="$eJzs3M9rHFUcAPDv7CZt06YmlvqjadVoFYM/kiattQcvioIHBUEP9RiTtMRuG2ki2BI0itSjFLyLR8G/wJNeRD0JXvUuhSK5tIqHldmdSXY3u2k2blzNfj4wyXszb3nvuzNv9715mQTQs0bTH0nEYET8EhFD1Wx9gdHqr9uryzN/rC7PJFEuv/57Uil3a3V5Ji+av+5AnumLKHycxNEm9S5euXphulSau5zlJ5YuvjOxeOXq0/MXp8/PnZ+7NHXmzKmTk8+ennqmI3Gmcd0aeX/h2JGX37z+6szZ62/98FWSx98QR4eMbnbwsXK5w9V118GadNLXxYbQlmK1m0Z/pf8PRTHWT95QvPRRVxsH7KhyuVy+t/XhlTKwiyXR7RYA3ZF/0afz33zbfMDQ0eFH1918vjoBSuO+nW3VI31RyMr0N8xvO2k0Is6u/Pl5usXO3IcAAKjzTTr+earZ+K8QtfeF7srWUIYj4u6IOBQRpyPicETcE1Epe19E3N9m/Y2LJBvHP4Ub2wpsi9Lx33PZ2lb9+C8f/cVwMcsdrMTfn5ybL82dyN6Tsejfm+YnN6nj2xd//rTVsdrxX7ql9edjwawdN/r21r9mdnpp+p/EXOvmhxEjfc3iT9ZWApKIOBIRI9usY/6JL4+1Onbn+JurvCUdWGcqfxHxePX8r0RD/Llk8/XJiX1RmjsxkV8VG/3407XXWtW/3fg7JT3/+5te/2vxDye167WL7ddx7ddPWs5ptnv970neqNv33vTS0uXJiD3JK9VG1+6faig3tV4+jX/sePP+fyjW34mjEZFexA9ExIMR8VDW9ocj4pGIOL5J/N+/8OjbdTvGBtuIf2el8c+2df7XE3uicU/zRPHCd1/XVTocbcSfnv9TldRYtmcrn39badf2rmYAAAD4/ylExGAkhfG1dKEwPl79G/7Dsb9QWlhcevLcwruXZqvPCAxHfyG/0zVUcz90MpvW5/mphvzJ7L7xZ8WBSn58ZqE02+3goccdaNH/U78Vu906YMd5Xgt6l/4PvUv/h96l/0PvatL/Bzbu+qvhkUFgN2j2/f9BF9oB/Psa+r9lP+gh5v/Qu/R/6F36P/SkxYG480PyEhIbElH4TzRj5xP7tvhvLnZZotufTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ3xdwAAAP//FX7vJg==")
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.stat\x00', 0x275a, 0x0)
r7 = openat$selinux_access(0xffffffffffffff9c, &(0x7f0000000600), 0x2, 0x0)
write$selinux_access(r7, &(0x7f0000000740)=ANY=[@ANYBLOB="73797374656d5f753a6f626a6563745f723a6c645f736f5f7420704a122f7362696e2f6468636c69656e742030"], 0x41)
write$binfmt_script(r6, &(0x7f0000000040), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r6, 0x0)
r8 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCFLSH(r8, 0x400455c8, 0x0)
fdatasync(r6)

7.920031152s ago: executing program 3 (id=400):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000003680)='sched_switch\x00', r0}, 0x10)
timer_create(0x0, &(0x7f00000003c0)={0x0, 0x21, 0x800000000004}, &(0x7f0000000380))
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000580)='./file1\x00', 0x800040, &(0x7f0000000340), 0x1, 0x5a3, &(0x7f00000005c0)="$eJzs3U9oHPUeAPDvzGZf/+U1ffAevPfooahQoXST9I9WT+1VLBR6KHipYbMNIZtsyG60CTmk9yL2ICq91JsePCoePIgXwYtXL4pnodig0PSgK/svbZPduKlJN81+PjDZ+c1vdr+/38x+J78ZZtgA+tax2p804n8RcSmJGHqkbiCalcca662uLOUfrCzlk6hWL/+SRBIR91eW8q31k+broYhYjoj/RsTX2YgT6ca45YXFqbFisTDXLA9XpmeHywuLJyenxyYKE4WZ0y+/cvbcmbOjp0Y7Nz67tb7e/PHWOze/e+3OrU8+Pbqcf28sifMx2Kx7tB/bqbFNsnF+3fIzOxGsh5JeN4AnkmnmeS2V/hNDkWlmfTvVoafaNGCHVfdFVLciWd7S6sBulmwt/4E9ozUOqJ3/tqbHBgiZDgOHfdsz/rh7oXECUou72pwaNQONaxOxv35ucvDX5LEzk9r55pHtaQJ9bPlGRIwMDGz8/ifN79+TG9mOBrKjvrrQ2FEb93+6dvyJNsefwda107+pdfxb3XD8exg/0+H4d6nLGL+/8dOHHePfiPh/2/jJWvykTfw0It7sMv7tK1+c61RX/SjieLSP35Jsfn14+NpksTDS+Ns2xpfHj766Wf8PdojfuGa7v/5vpt32n+2y/59/89lzy5vEf/H5zfd/u+1/ICLe7TL+v+5//Hqnurs3knu1UcBW939t2Z0u4790/tgPHaoOdPkRAAAAAAAAAABAG2n9XrYkza3Np2ku13iG999xMC2WypUT10rzM+ONe96ORDZt3Wk11CgntfJo837cVvnUuvLp1n3EmQP1ci5fKo73uO8AAAAAAAAAAAAAAAAAAACwWxxa9/z/b5n68//rf64a2Ks6/+Q3sNfJf+hfj+d/sm0/7gvsfo/k/4NetgN46qrG/9C/5D/0L/kP/Uv+Q/+S/9C/5D/0L/kPAAAAAAAAAAAAAAAAAAAAAAAAAAA74tLFi7Wp+mBlKV8rjw8szE+V3jo5XihP5abn87l8aW42N1EqTRQLuXxp+q8+r1gqzY7EzPz14UqhXBkuLyxenS7Nz1SuTk6PTRSuFrJPpVcAAAAAAAAAAAAAAAAAAADwbBmsT0mai4i0Pp+muVzEPyPiSGSTa5PFwkhEHI6I7zPZfbXyaK8bDQAAAAAAAAAAAAAAAAAAAHtMeWFxaqxYLMz1yczAhiXfdl45Ipa3txm1T9zyu7LNfbVbtuGzNnN483Uy0fMW7saZHh+YAAAAAAAAAAAAAAAAAACgDz186Lfbd/yxsw0CAAAAAAAAAAAAAAAAAACAvpT+nEREbTo+9MLg+tp/JKuZ+mtEvH378vvXxyqVudHa8ntryysfNJef6i7ilW3vA9CNVp628hgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4qLywODVWLBbmdnCm130EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeBJ/BgAA//9UNdg0")
syz_usb_connect(0x0, 0x62, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000fb5d7d086d04c308166b0102030109025000010000000009041f0000ff0100000a24010400050201020724070500000508240805040004960d24060101030200010006000609240305050306058109240306010304050507240405"], 0x0)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
setsockopt$MRT6_ADD_MIF(0xffffffffffffffff, 0x29, 0xca, &(0x7f0000000280)={0xffffffffffffffff, 0x8022c37b9b00b63a, 0x4, 0x0, 0x8}, 0xc)
preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17)
clock_gettime(0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
madvise(&(0x7f0000000000/0x2000)=nil, 0x8000000, 0x19)
syz_mount_image$fuse(0x0, &(0x7f0000001040)='./file2\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000cc0)={0x6, 0x2, &(0x7f0000000000)=@raw=[@map_idx={0x18, 0x8, 0x5, 0x0, 0xb}], &(0x7f0000000200)='GPL\x00', 0x3, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, r1, 0x8, &(0x7f0000000500)={0x7, 0x5}, 0x8, 0x10, &(0x7f0000000540)={0x3, 0xd, 0xa2, 0x7}, 0x10, 0x0, 0x0, 0x9, 0x0, &(0x7f0000000c00)=[{0x3, 0x3, 0x1, 0x1}, {0x5, 0x3, 0xb, 0x1}, {0x1, 0x2, 0xb, 0x1}, {0x5, 0x1, 0xb, 0x8}, {0x0, 0x2, 0x3, 0x7}, {0x2, 0x4, 0xc, 0x7}, {0x2, 0x3, 0x0, 0x3}, {0x2, 0x3, 0xc, 0x9}, {0x3, 0x1, 0xe, 0x9}], 0x10, 0x1}, 0x94)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27ffff7, 0x4012011, r2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8)

7.881753864s ago: executing program 2 (id=401):
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f0000000200)={0x2020, 0x0, <r1=>0x0}, 0x2020)
r2 = geteuid()
r3 = getgid()
write$FUSE_ATTR(r0, &(0x7f00000000c0)={0x78, 0x0, r1, {0xb, 0x188, 0x0, {0x6, 0xec, 0xfff, 0x3, 0x60e3, 0x3, 0x576f, 0x7, 0x200, 0x1000, 0x401, r2, r3, 0x7f, 0x2}}}, 0x78)
r4 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000000018105e04da07000000000001090224000100000000090400000903000000092100000001222200090581030800000000"], 0x0)
syz_usb_control_io$hid(r4, 0x0, 0x0)
syz_usb_control_io$hid(r4, &(0x7f00000001c0)={0x24, 0x0, 0x0, &(0x7f0000000000)={0x0, 0x22, 0x1f, {[@global=@item_012={0x2, 0x1, 0x9, "2313"}, @global=@item_012={0x2, 0x1, 0x0, "e53f"}, @global=@item_4={0x3, 0x1, 0x0, '\f\x00'}, @global=@item_4={0x3, 0x1, 0x0, "0900be00"}, @main=@item_4={0x3, 0x0, 0x8}, @local=@item_4={0x3, 0x2, 0x0, "09007a15"}, @local=@item_4={0x3, 0x2, 0x0, "5d8c3dda"}]}}, 0x0}, 0x0)
syz_usb_ep_write(r4, 0x81, 0x7, &(0x7f0000000000)='BBBBBBB')
syz_usb_ep_write(r4, 0x81, 0x7, &(0x7f0000000000)='BBBBBBB')

7.00391416s ago: executing program 1 (id=402):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1008413, &(0x7f0000000000)={[{@noblock_validity}, {@barrier}]}, 0x0, 0x517, &(0x7f00000000c0)="$eJzs3c9vG1kdAPDvOHG2adJNFjjASuwu7KK0gtrJRrsb9VCKhOBUCSj3EhIniuLEVey0TVTRVPwBSAgBEie4cEHiD0BClbhwREiV4AwCBELQwgEk6CDb4zR17CS0rp0mn480nffDM9/33M543sx0JoBT60o2PU7T9EJETGTluWz6ZD2zE/FWRDx6eGehPiWRptf+lkSSlbXWlTa8EmPNRRor+MoXI76e7I9b3dpenS+XSxtZvlhbu1Gsbm1fXFmbXy4tl9ZnZ2fen/tg7r256efp3tJYljgXEZc//6fvfuvHX7j888/c+v31v5z/RtJs8932fvx/hg+sbX6f+TjTtsjGswU7lob3JkaPtsy97J8IAAD9VT8u/VB2nH8hJmLokONZAAAA4OWTfnY8/pO0rt3tM9KlHAAAAHiJ5CJiPJJcIbvfdzxyuUIhGvfwfiTO5sqVau3TS5XN9cV6XcRk5HNLK+XSdHZv62Tkk3p+ppF+kn+3LT8bEa9FxHcmRhv5wkKlvDjokx8AAABwSoy1jf//OdEc/wMAAAAnzOSgGwAAAAC8cMb/AAAAcPIZ/wMAAMCJ9qWrV+tT2nr/9eLNrc3Vys2Li6XqamFtc6GwUNm4UViuVJYbz+xbO3Blu68OXN+8XayVqrVidWv7+lplc712feXpV2ADAAAA/fPam/d/m0TEzqXRGL002igb2VP/7+w9AQNrIPDC7J6yiySbj+z/0O9ebc7/2KdGAX0xNOgGAAMzPOgGAAOTH3QDgIFLDqnvevPOr7L5J3rbHgAAoPemPvbk+v9O2/X/3IFL7hxcDRx7NmI4vVz/h9Orcf2/wy1/HTlYgBMl7wgATr3nvv5/KP+HCAAABm28MSW5QnZ6bzxyuUIh4lzjtQD5ZGmlXJqOiFcj4jcT+Vfq+ZnGksmhYwYAAAAAAAAAAAAAAAAAAAAAAAAAoClNk0gBAACAEy0i9+fkF81n+U9NvDPefn5gJPnXRGSvCL31g2vfuz1fq23M1Mv/vlte+35W/u4gzmAAAAAA7Vrj9NY4HgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB66dHDOwutqZ9x//q5iJjsFH84zjTmZyIfEWf/kcTwnuWSiBjqQfydexHx0U7xk3qzdkN2ij/64uPHZPYtdIo/1oP4cJrdr+9/rnTa/nLxVmPeefsbjngq/6y67/9id/831GX7P3fEGK8/+Gmxa/x7Ea8Pd97/tOInXeK/fcT4X/vq9na3uvSHEVMdf3+Sp2IVa2s3itWt7Ysra/PLpeXS+uzszPtzH8y9NzddXFopl7I/O8b49sd/9vig/p/tEn/ykP6/c8T+//fB7YcfbibzneKff7tD/F/+KPvE/vi57LfvU1m6Xj/VSu8003u98ZNfv3FQ/xe79P+wv//zR+z/hS9/8w9H/CgA0AfVre3V+XK5tHFiE/VR+jFohsQxTNzdX/VmdF0qSQ5eYZqmaX2beo6GJd2j9yeR7JYMes8EAAD02pOj/0G3BAAAAAAAAAAAAAAAAAAAAE6vfjxXrD3mzm4q6cUjtAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeuJ/AQAA//8fp+fv")
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
lseek(r0, 0xfffffffffffffffe, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x6)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="18050000000000fe000000004b64ffec850000007d000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0xc)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
sendto$inet6(r4, &(0x7f00000000c0), 0x0, 0x0, 0x0, 0x0)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, 0x0)
writev(0xffffffffffffffff, 0x0, 0x0)
r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
readv(r5, &(0x7f0000000000)=[{&(0x7f0000001200)=""/150, 0x96}], 0x1)
ioctl$TCSETS(r5, 0x5402, &(0x7f00000014c0)={0xfffffffd, 0xffffffcb, 0x1c02, 0x2, 0x7f, "cc33101d3f0000002000"})
ioctl$TCSETS(r5, 0x40045431, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x9, 0x0, "000080f100df000000a7d9de16c708db7200"})

6.724763035s ago: executing program 5 (id=405):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000540)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f0000000480), 0x400034f, 0x2, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000000e00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
socket$inet6(0x10, 0x3, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
chroot(&(0x7f0000000240)='./file0\x00')
r4 = socket(0x10, 0x3, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r6)
sendmsg$nl_route(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000005840)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x70bd28, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{}, 0x3548}}}]}, 0x78}, 0x1, 0x0, 0x0, 0x585d4d9346027f5c}, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000002c0)=@newtfilter={0x70, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {}, {0xd, 0x1fff}}, [@filter_kind_options=@f_basic={{0xa}, {0x40, 0x2, [@TCA_BASIC_EMATCHES={0x3c, 0x2, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0xffff}}, @TCA_EMATCH_TREE_LIST={0x30, 0x2, 0x0, 0x1, [@TCF_EM_NBYTE={0x10, 0x1, 0x0, 0x0, {{}, {0x0, 0x0, 0x1}}}, @TCF_EM_META={0x1c, 0x2, 0x0, 0x0, {{}, [@TCA_EM_META_HDR={0xc, 0x1, {{}, {0x5}}}, @TCA_EM_META_LVALUE={0x4}]}}]}]}]}}]}, 0x70}}, 0x0)
mount$overlay(0x0, 0x0, 0x0, 0x2040000, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x1000000, &(0x7f0000000600)={[{@noblock_validity}, {@nobarrier}, {@nomblk_io_submit}, {@min_batch_time={'min_batch_time', 0x3d, 0x1}}, {@noload}, {@errors_remount}, {@bsdgroups}, {@auto_da_alloc}, {@journal_async_commit}]}, 0xfe, 0x472, &(0x7f0000000940)="$eJzs3MtvG8UfAPDvOk6a9PFLfyU8GloIFETEI2nSBz1wAYHEAQQSHIo4BSetQt0GNUGiVQSBQxDigCpxRxyR+As4wQUBJySucEeVEMqlhZPR2rtp4tohDydO8ecjbTuzu+7Md2fHnp2xG0DHGkr/SCL2R8SvEdEfEcX6E4Zqf91cmi/9tTRfSqJSee3PJH1Z3FiaL2X/RHVL7avtqFSy/J4G5S6+GTFRLk9dzvKjcxffGZ29cvWp6YsT56fOT10aP3Pm5ImjPafHT7UkzjSuG4Pvzxw5/OIb114unb321o9fp/Xdnx3P42ilodrVbejRVhfWZgdWpJNiGyvChhzI+nt3tf/3R1f0LR/rjxc+amvlgG1VqVQqjT6fMwsV4D8siXbXAGiP/IM+ff7Ntx0aeuwKfzxbewBK476ZbbUjxShk53TXPd+2Um9EnF34+4t0i22ahwAAWOnbdPzzZKPxXyHuWXHe/7I1lIMR8f+IOBQRd0XEQETcHVE9996IuG+D5devkNw+/ilc31Rg65SO/57J1rZWj//y0V8c7MpyB6rxdyfnpstTx7NrMhzde9L82KqXrPbd8798Vr/v02yafWjF+C/d0vLzsWBWj+vFugm6yYm5iZYEn8b/YcRgsVH8yfI6YBIRhyNicJNlTD/+1ZFmx/49/jW0YJ2p8mXEY7X2X4i6+HNJ0/XJsadPj58a7Y3y1PHR/K643U8/L77arPwtxd8CafvvbXj/1+JPnxGT3ojZK1cvVNdrZzdexuJvH5eSJscGNnn/9ySvV9M92b73JubmLo9F9CQvpdm+VfvHb702z+fnp/EPH2vc/w/VHs+qV+L+iEhv4qMR8UBEPJi13UMR8XBEHFsj/h+ee+TtZseat/8as/ItlMY/uUb7p295aepW+2880XXh+2+alV9ZV/ufrKaGsz3ref9bbwW3cu0AAADgTlGofgc+KYwspwuFkZHad/gHYm+hPDM798S5mXcvTda+K38wugv5TFf/ivnQsWxuOM+P1+VPZPPGn3f1VfMjpZnyZLuDhw63r0n/T/3e1e7aAdvO77Wgc+n/0Ln0f+hc+j90Lv0fOlRP490f7HQ9gLbY+Od/77bUA9h5xv/QufR/6Fz6P3Skpr+NL2zpJ/93aqK4O6rRMNG3O6qRJ6KwK6rRusQrn9S6xG6pT54orvs/s9hkYk/DQ+1+ZwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGiNfwIAAP//RwfmeQ==")

5.654956605s ago: executing program 1 (id=407):
r0 = socket$inet6(0xa, 0x3, 0x5)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000240)={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x800, 0x0, 0x3, 0x9}, 0x20)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000180)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
getpid()
setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f0000000000)=0xffffffc3, 0x4)
r4 = socket$inet6(0xa, 0x3, 0x84)
connect$inet6(r4, 0x0, 0x0)
sendmmsg(r0, &(0x7f0000001500)=[{{&(0x7f0000000040)=@l2tp6={0xa, 0x0, 0x7080000, @ipv4={'\x00', '\xff\xff', @loopback}, 0x7, 0x1}, 0x80, 0x0, 0x0, &(0x7f0000000100)=ANY=[], 0x108}}], 0x1, 0xc040)

5.557979257s ago: executing program 3 (id=408):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000540)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f0000000480), 0x400034f, 0x2, 0x0)
socket$inet6(0x10, 0x3, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
chroot(&(0x7f0000000240)='./file0\x00')
r3 = socket(0x10, 0x3, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r5)
sendmsg$nl_route(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000005840)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x70bd28, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{}, 0x3548}}}]}, 0x78}, 0x1, 0x0, 0x0, 0x585d4d9346027f5c}, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000002c0)=@newtfilter={0x70, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {}, {0xd, 0x1fff}}, [@filter_kind_options=@f_basic={{0xa}, {0x40, 0x2, [@TCA_BASIC_EMATCHES={0x3c, 0x2, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0xffff}}, @TCA_EMATCH_TREE_LIST={0x30, 0x2, 0x0, 0x1, [@TCF_EM_NBYTE={0x10, 0x1, 0x0, 0x0, {{}, {0x0, 0x0, 0x1}}}, @TCF_EM_META={0x1c, 0x2, 0x0, 0x0, {{}, [@TCA_EM_META_HDR={0xc, 0x1, {{}, {0x5}}}, @TCA_EM_META_LVALUE={0x4}]}}]}]}]}}]}, 0x70}}, 0x0)
mount$overlay(0x0, 0x0, 0x0, 0x2040000, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x1000000, &(0x7f0000000600)={[{@noblock_validity}, {@nobarrier}, {@nomblk_io_submit}, {@min_batch_time={'min_batch_time', 0x3d, 0x1}}, {@noload}, {@errors_remount}, {@bsdgroups}, {@auto_da_alloc}, {@journal_async_commit}]}, 0xfe, 0x472, &(0x7f0000000940)="$eJzs3MtvG8UfAPDvOk6a9PFLfyU8GloIFETEI2nSBz1wAYHEAQQSHIo4BSetQt0GNUGiVQSBQxDigCpxRxyR+As4wQUBJySucEeVEMqlhZPR2rtp4tohDydO8ecjbTuzu+7Md2fHnp2xG0DHGkr/SCL2R8SvEdEfEcX6E4Zqf91cmi/9tTRfSqJSee3PJH1Z3FiaL2X/RHVL7avtqFSy/J4G5S6+GTFRLk9dzvKjcxffGZ29cvWp6YsT56fOT10aP3Pm5ImjPafHT7UkzjSuG4Pvzxw5/OIb114unb321o9fp/Xdnx3P42ilodrVbejRVhfWZgdWpJNiGyvChhzI+nt3tf/3R1f0LR/rjxc+amvlgG1VqVQqjT6fMwsV4D8siXbXAGiP/IM+ff7Ntx0aeuwKfzxbewBK476ZbbUjxShk53TXPd+2Um9EnF34+4t0i22ahwAAWOnbdPzzZKPxXyHuWXHe/7I1lIMR8f+IOBQRd0XEQETcHVE9996IuG+D5devkNw+/ilc31Rg65SO/57J1rZWj//y0V8c7MpyB6rxdyfnpstTx7NrMhzde9L82KqXrPbd8798Vr/v02yafWjF+C/d0vLzsWBWj+vFugm6yYm5iZYEn8b/YcRgsVH8yfI6YBIRhyNicJNlTD/+1ZFmx/49/jW0YJ2p8mXEY7X2X4i6+HNJ0/XJsadPj58a7Y3y1PHR/K643U8/L77arPwtxd8CafvvbXj/1+JPnxGT3ojZK1cvVNdrZzdexuJvH5eSJscGNnn/9ySvV9M92b73JubmLo9F9CQvpdm+VfvHb702z+fnp/EPH2vc/w/VHs+qV+L+iEhv4qMR8UBEPJi13UMR8XBEHFsj/h+ee+TtZseat/8as/ItlMY/uUb7p295aepW+2880XXh+2+alV9ZV/ufrKaGsz3ref9bbwW3cu0AAADgTlGofgc+KYwspwuFkZHad/gHYm+hPDM798S5mXcvTda+K38wugv5TFf/ivnQsWxuOM+P1+VPZPPGn3f1VfMjpZnyZLuDhw63r0n/T/3e1e7aAdvO77Wgc+n/0Ln0f+hc+j90Lv0fOlRP490f7HQ9gLbY+Od/77bUA9h5xv/QufR/6Fz6P3Skpr+NL2zpJ/93aqK4O6rRMNG3O6qRJ6KwK6rRusQrn9S6xG6pT54orvs/s9hkYk/DQ+1+ZwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGiNfwIAAP//RwfmeQ==")

5.095152915s ago: executing program 5 (id=409):
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$sock_FIOGETOWN(r0, 0x8903, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x6)
syz_mount_image$fuse(0x0, &(0x7f0000000040)='./file0\x00', 0x40081, 0x0, 0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000180)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})

4.545323896s ago: executing program 1 (id=410):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb7020000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000003680)='sched_switch\x00', r0}, 0x10)
timer_create(0x0, &(0x7f00000003c0)={0x0, 0x21, 0x800000000004}, &(0x7f0000000380))
syz_usb_connect(0x0, 0x62, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000fb5d7d086d04c308166b0102030109025000010000000009041f0000ff0100000a24010400050201020724070500000508240805040004960d24060101030200010006000609240305050306058109240306010304050507240405"], 0x0)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
setsockopt$MRT6_ADD_MIF(0xffffffffffffffff, 0x29, 0xca, &(0x7f0000000280)={0xffffffffffffffff, 0x8022c37b9b00b63a, 0x4, 0x0, 0x8}, 0xc)
preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17)
clock_gettime(0x0, 0x0)
madvise(&(0x7f0000000000/0x2000)=nil, 0x8000000, 0x19)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000cc0)={0x6, 0x2, &(0x7f0000000000)=@raw=[@map_idx={0x18, 0x8, 0x5, 0x0, 0xb}], &(0x7f0000000200)='GPL\x00', 0x3, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, r1, 0x8, &(0x7f0000000500)={0x7, 0x5}, 0x8, 0x10, &(0x7f0000000540)={0x3, 0xd, 0xa2, 0x7}, 0x10, 0x0, 0x0, 0x9, 0x0, &(0x7f0000000c00)=[{0x3, 0x3, 0x1, 0x1}, {0x5, 0x3, 0xb, 0x1}, {0x1, 0x2, 0xb, 0x1}, {0x5, 0x1, 0xb, 0x8}, {0x0, 0x2, 0x3, 0x7}, {0x2, 0x4, 0xc, 0x7}, {0x2, 0x3, 0x0, 0x3}, {0x2, 0x3, 0xc, 0x9}, {0x3, 0x1, 0xe, 0x9}], 0x10, 0x1}, 0x94)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27ffff7, 0x4012011, r2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)

3.707898601s ago: executing program 2 (id=411):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000003680)='sched_switch\x00', r0}, 0x10)
timer_create(0x0, &(0x7f00000003c0)={0x0, 0x21, 0x800000000004}, &(0x7f0000000380))
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000580)='./file1\x00', 0x800040, &(0x7f0000000340), 0x1, 0x5a3, &(0x7f00000005c0)="$eJzs3U9oHPUeAPDvzGZf/+U1ffAevPfooahQoXST9I9WT+1VLBR6KHipYbMNIZtsyG60CTmk9yL2ICq91JsePCoePIgXwYtXL4pnodig0PSgK/svbZPduKlJN81+PjDZ+c1vdr+/38x+J78ZZtgA+tax2p804n8RcSmJGHqkbiCalcca662uLOUfrCzlk6hWL/+SRBIR91eW8q31k+broYhYjoj/RsTX2YgT6ca45YXFqbFisTDXLA9XpmeHywuLJyenxyYKE4WZ0y+/cvbcmbOjp0Y7Nz67tb7e/PHWOze/e+3OrU8+Pbqcf28sifMx2Kx7tB/bqbFNsnF+3fIzOxGsh5JeN4AnkmnmeS2V/hNDkWlmfTvVoafaNGCHVfdFVLciWd7S6sBulmwt/4E9ozUOqJ3/tqbHBgiZDgOHfdsz/rh7oXECUou72pwaNQONaxOxv35ucvDX5LEzk9r55pHtaQJ9bPlGRIwMDGz8/ifN79+TG9mOBrKjvrrQ2FEb93+6dvyJNsefwda107+pdfxb3XD8exg/0+H4d6nLGL+/8dOHHePfiPh/2/jJWvykTfw0It7sMv7tK1+c61RX/SjieLSP35Jsfn14+NpksTDS+Ns2xpfHj766Wf8PdojfuGa7v/5vpt32n+2y/59/89lzy5vEf/H5zfd/u+1/ICLe7TL+v+5//Hqnurs3knu1UcBW939t2Z0u4790/tgPHaoOdPkRAAAAAAAAAABAG2n9XrYkza3Np2ku13iG999xMC2WypUT10rzM+ONe96ORDZt3Wk11CgntfJo837cVvnUuvLp1n3EmQP1ci5fKo73uO8AAAAAAAAAAAAAAAAAAACwWxxa9/z/b5n68//rf64a2Ks6/+Q3sNfJf+hfj+d/sm0/7gvsfo/k/4NetgN46qrG/9C/5D/0L/kP/Uv+Q/+S/9C/5D/0L/kPAAAAAAAAAAAAAAAAAAAAAAAAAAA74tLFi7Wp+mBlKV8rjw8szE+V3jo5XihP5abn87l8aW42N1EqTRQLuXxp+q8+r1gqzY7EzPz14UqhXBkuLyxenS7Nz1SuTk6PTRSuFrJPpVcAAAAAAAAAAAAAAAAAAADwbBmsT0mai4i0Pp+muVzEPyPiSGSTa5PFwkhEHI6I7zPZfbXyaK8bDQAAAAAAAAAAAAAAAAAAAHtMeWFxaqxYLMz1yczAhiXfdl45Ipa3txm1T9zyu7LNfbVbtuGzNnN483Uy0fMW7saZHh+YAAAAAAAAAAAAAAAAAACgDz186Lfbd/yxsw0CAAAAAAAAAAAAAAAAAACAvpT+nEREbTo+9MLg+tp/JKuZ+mtEvH378vvXxyqVudHa8ntryysfNJef6i7ilW3vA9CNVp628hgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4qLywODVWLBbmdnCm130EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeBJ/BgAA//9UNdg0")
syz_usb_connect(0x0, 0x62, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000fb5d7d086d04c308166b0102030109025000010000000009041f0000ff0100000a24010400050201020724070500000508240805040004960d24060101030200010006000609240305050306058109240306010304050507240405"], 0x0)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
setsockopt$MRT6_ADD_MIF(0xffffffffffffffff, 0x29, 0xca, &(0x7f0000000280)={0xffffffffffffffff, 0x8022c37b9b00b63a, 0x4, 0x0, 0x8}, 0xc)
preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17)
clock_gettime(0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
madvise(&(0x7f0000000000/0x2000)=nil, 0x8000000, 0x19)
syz_mount_image$fuse(0x0, &(0x7f0000001040)='./file2\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27ffff7, 0x4012011, r2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8)

3.702609451s ago: executing program 3 (id=412):
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f00000001c0)=ANY=[@ANYBLOB="010000000000000071000040"])
open(&(0x7f00000000c0)='./bus\x00', 0x147c7c, 0x10)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x28100, 0x0)
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000)={@multicast1, @local}, 0xc)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
accept4(0xffffffffffffffff, 0x0, &(0x7f00000000c0), 0x80800)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[@ANYBLOB="0000000000b401002400128009000100626f6e640000000014000280050011790000000005000d"], 0x44}}, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000440)={[0x0, 0x100000000, 0x0, 0x81, 0x100000, 0x0, 0x2004c8, 0x8000000, 0x0, 0x0, 0x7, 0x0, 0x5, 0x0, 0x2, 0xffffffffffffffff], 0x0, 0x200})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

3.545140435s ago: executing program 3 (id=413):
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
r1 = geteuid()
r2 = getgid()
write$FUSE_ATTR(r0, &(0x7f00000000c0)={0x78, 0x0, 0x0, {0xb, 0x188, 0x0, {0x6, 0xec, 0xfff, 0x3, 0x60e3, 0x3, 0x576f, 0x7, 0x200, 0x1000, 0x401, r1, r2, 0x7f, 0x2}}}, 0x78)
r3 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000000018105e04da07000000000001090224000100000000090400000903000000092100000001222200090581030800000000"], 0x0)
syz_usb_control_io$hid(r3, 0x0, 0x0)
syz_usb_control_io$hid(r3, &(0x7f00000001c0)={0x24, 0x0, 0x0, &(0x7f0000000000)={0x0, 0x22, 0x22, {[@global=@item_012={0x2, 0x1, 0x9, "2313"}, @global=@item_012={0x2, 0x1, 0x0, "e53f"}, @global=@item_4={0x3, 0x1, 0x0, '\f\x00'}, @local=@item_012={0x2, 0x2, 0x2, "9000"}, @global=@item_4={0x3, 0x1, 0x0, "0900be00"}, @main=@item_4={0x3, 0x0, 0x8}, @local=@item_4={0x3, 0x2, 0x0, "09007a15"}, @local=@item_4={0x3, 0x2, 0x0, "5d8c3dda"}]}}, 0x0}, 0x0)
syz_usb_ep_write(r3, 0x81, 0x7, &(0x7f0000000000)='BBBBBBB')
syz_usb_ep_write(r3, 0x81, 0x7, &(0x7f0000000000)='BBBBBBB')

3.256321639s ago: executing program 5 (id=414):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000ddffff"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000003680)='sched_switch\x00', r0}, 0x10)
timer_create(0x0, &(0x7f00000003c0)={0x0, 0x21, 0x800000000004}, &(0x7f0000000380))
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000580)='./file1\x00', 0x800040, &(0x7f0000000340), 0x1, 0x5a3, &(0x7f00000005c0)="$eJzs3U9oHPUeAPDvzGZf/+U1ffAevPfooahQoXST9I9WT+1VLBR6KHipYbMNIZtsyG60CTmk9yL2ICq91JsePCoePIgXwYtXL4pnodig0PSgK/svbZPduKlJN81+PjDZ+c1vdr+/38x+J78ZZtgA+tax2p804n8RcSmJGHqkbiCalcca662uLOUfrCzlk6hWL/+SRBIR91eW8q31k+broYhYjoj/RsTX2YgT6ca45YXFqbFisTDXLA9XpmeHywuLJyenxyYKE4WZ0y+/cvbcmbOjp0Y7Nz67tb7e/PHWOze/e+3OrU8+Pbqcf28sifMx2Kx7tB/bqbFNsnF+3fIzOxGsh5JeN4AnkmnmeS2V/hNDkWlmfTvVoafaNGCHVfdFVLciWd7S6sBulmwt/4E9ozUOqJ3/tqbHBgiZDgOHfdsz/rh7oXECUou72pwaNQONaxOxv35ucvDX5LEzk9r55pHtaQJ9bPlGRIwMDGz8/ifN79+TG9mOBrKjvrrQ2FEb93+6dvyJNsefwda107+pdfxb3XD8exg/0+H4d6nLGL+/8dOHHePfiPh/2/jJWvykTfw0It7sMv7tK1+c61RX/SjieLSP35Jsfn14+NpksTDS+Ns2xpfHj766Wf8PdojfuGa7v/5vpt32n+2y/59/89lzy5vEf/H5zfd/u+1/ICLe7TL+v+5//Hqnurs3knu1UcBW939t2Z0u4790/tgPHaoOdPkRAAAAAAAAAABAG2n9XrYkza3Np2ku13iG999xMC2WypUT10rzM+ONe96ORDZt3Wk11CgntfJo837cVvnUuvLp1n3EmQP1ci5fKo73uO8AAAAAAAAAAAAAAAAAAACwWxxa9/z/b5n68//rf64a2Ks6/+Q3sNfJf+hfj+d/sm0/7gvsfo/k/4NetgN46qrG/9C/5D/0L/kP/Uv+Q/+S/9C/5D/0L/kPAAAAAAAAAAAAAAAAAAAAAAAAAAA74tLFi7Wp+mBlKV8rjw8szE+V3jo5XihP5abn87l8aW42N1EqTRQLuXxp+q8+r1gqzY7EzPz14UqhXBkuLyxenS7Nz1SuTk6PTRSuFrJPpVcAAAAAAAAAAAAAAAAAAADwbBmsT0mai4i0Pp+muVzEPyPiSGSTa5PFwkhEHI6I7zPZfbXyaK8bDQAAAAAAAAAAAAAAAAAAAHtMeWFxaqxYLMz1yczAhiXfdl45Ipa3txm1T9zyu7LNfbVbtuGzNnN483Uy0fMW7saZHh+YAAAAAAAAAAAAAAAAAACgDz186Lfbd/yxsw0CAAAAAAAAAAAAAAAAAACAvpT+nEREbTo+9MLg+tp/JKuZ+mtEvH378vvXxyqVudHa8ntryysfNJef6i7ilW3vA9CNVp628hgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4qLywODVWLBbmdnCm130EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeBJ/BgAA//9UNdg0")
syz_usb_connect(0x0, 0x62, 0x0, 0x0)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
setsockopt$MRT6_ADD_MIF(0xffffffffffffffff, 0x29, 0xca, &(0x7f0000000280)={0xffffffffffffffff, 0x8022c37b9b00b63a, 0x4, 0x0, 0x8}, 0xc)
preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17)
clock_gettime(0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
madvise(&(0x7f0000000000/0x2000)=nil, 0x8000000, 0x19)
syz_mount_image$fuse(0x0, &(0x7f0000001040)='./file2\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000cc0)={0x6, 0x2, &(0x7f0000000000)=@raw=[@map_idx={0x18, 0x8, 0x5, 0x0, 0xb}], &(0x7f0000000200)='GPL\x00', 0x3, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, r1, 0x8, &(0x7f0000000500)={0x7, 0x5}, 0x8, 0x10, &(0x7f0000000540)={0x3, 0xd, 0xa2, 0x7}, 0x10, 0x0, 0x0, 0x9, 0x0, &(0x7f0000000c00)=[{0x3, 0x3, 0x1, 0x1}, {0x5, 0x3, 0xb, 0x1}, {0x1, 0x2, 0xb, 0x1}, {0x5, 0x1, 0xb, 0x8}, {0x0, 0x2, 0x3, 0x7}, {0x2, 0x4, 0xc, 0x7}, {0x2, 0x3, 0x0, 0x3}, {0x2, 0x3, 0xc, 0x9}, {0x3, 0x1, 0xe, 0x9}], 0x10, 0x1}, 0x94)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27ffff7, 0x4012011, r2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8)

3.23050898s ago: executing program 4 (id=415):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x0, &(0x7f0000000200)})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x101100, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000380)={[0x6, 0x9, 0xfffffffffffffffd, 0x0, 0x2, 0x0, 0x8, 0x1004, 0x9, 0xc595, 0x9, 0x8, 0xfffffffffffffffe, 0x8, 0x80000004000000, 0x1c], 0x80a0000, 0x2010d3})
ioctl$KVM_GET_MSRS_cpu(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000100)={0x1, 0x0, [{0x4b564d01}]})
ioctl$KVM_RUN(r4, 0xae80, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000016000/0x18000)=nil, &(0x7f0000000300)=[@text32={0x20, 0x0}], 0x1, 0x4e, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000180)={0x0, 0xd000})
syz_emit_ethernet(0x3e, &(0x7f0000000000)=ANY=[], 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)

2.985774095s ago: executing program 4 (id=416):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x4a16, &(0x7f0000000080)=ANY=[@ANYRES16=0x0, @ANYRES64, @ANYRESHEX, @ANYRES8, @ANYRES32], 0x5, 0x327, &(0x7f00000002c0)="$eJzs3MFLG1kcwPGfSYxJXJMcll12YfGxe9llYdDsnpcNi8KygRU1y+rCwqiTNmSaSCZYUkrVU6+l954KPYhHb0LrP+Clt/bSS29eCj3UQ+mUTGZMMonRxmisfj8g8/Le+znvOS/ym5A3B/8+uFXIWVpOr0ggouQLEZFDkaQExDPkHgNOOSzNNuSn0bcvvptbWPwrnclMzSo1nZ7/JaWUio8/vX036nbbHZH95P8Hb1Kv97/a/+bgw/zNvKXyliqWKkpXS6VXFX3JNNRK3ipoSs2Yhm4ZKl+0jHK9vVRvz5ml1dWq0osrY7HVsmFZSi9WVcGoqkpJVcpVpd/Q80WlaZoaiwlOkt2andXTPQYv93kwOCflcloPiki0rSW7NZABAQCAgfLn/4FaSt9T/i9xJ/+vdW7k/9vf71VG/9mJu/n/brhT/v/ry/rvasn/IyLSS/7/SD4h/2/PiK6XM+X/uBzGw21VQy2vavl/zH3/Ojb/255wCuT/AAAAAAAAAAAAAAAAAAAAAAB8Dg5tO2HbdsI7ej+NLQTua1xJx13/ERGJ1K6+zfW/yuYWFiXibNwLxUXM+2vZtWz96HbYExFTDJmQhLx31oOrVvZ2HqmapDwz19349bVs0GlJ5yTvxE9KQpL+eNue/jMzNanq3PijbUqx5viUJOTLzvGp1nj3/GH58YemeE0S8nxZSmLKirOuG/H3JpX64++MLz7q9AMAAAAA4CrQ1JGO9++adlx7/SkjR/fXHT8fqN9fT3S8Pw8lvg0NevYAAAAAAFwPVvVOQTdNo9ylEJWT+/ReCJ2uc9hXM9ytc7BphqcdT9j5vovIWef1uPNfNSjdorwvUrQ0RdzK05z956C/xpt/367XRnNNoOt03ELIP/jxWoU663i8j43Cx6xemWmPCnRZCcN9W89fP3zyrn9vkN92vBVwcufNXs8V8a86pzB8Ef97AAAAAFysRtLv1fze3Dw0kEEBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHDNnMsj/XyFQc8RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuCw+BgAA//+K4fj8")
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x2d)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000040), 0x10}, 0x94)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newlink={0x30, 0x10, 0x40d, 0x70bd25, 0x0, {0x0, 0x0, 0x0, 0x0, 0x2a500}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @gre={{0x8}, {0x4}}}]}, 0x30}}, 0x0)
write$binfmt_elf32(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="7f454c46000000000000000000000000030006000000000000000000380000000000000000191bda00002000010000000002"], 0x69)
inotify_init1(0x0)
execve(&(0x7f0000000340)='./file0\x00', 0x0, 0x0)

2.757184579s ago: executing program 4 (id=417):
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f00000001c0)=ANY=[@ANYBLOB="010000000000000071000040"])
open(&(0x7f00000000c0)='./bus\x00', 0x147c7c, 0x10)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x28100, 0x0)
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000)={@multicast1, @local}, 0xc)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
accept4(0xffffffffffffffff, 0x0, &(0x7f00000000c0), 0x80800)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[@ANYRES32=0x0, @ANYBLOB="0000000000b401002400128009000100626f6e64000000001400028005001179000000"], 0x44}}, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000440)={[0x0, 0x100000000, 0x0, 0x81, 0x100000, 0x0, 0x2004c8, 0x8000000, 0x0, 0x0, 0x7, 0x0, 0x5, 0x0, 0x2, 0xffffffffffffffff], 0x0, 0x200})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x4, 0x5, 0x6, 0x4004, 0x2, 0x4, 0xefffffffffffffff, 0x0, 0x0, 0x2000000, 0x0, 0x1c, 0x0, 0xffffffffffffffff, 0x6], 0x0, 0x41901})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

2.667128321s ago: executing program 4 (id=418):
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x74, 0x0, 0x0)
r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
ioctl$VHOST_SET_OWNER(r2, 0xaf01, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000300)={0x1, 0x0, 0x0, &(0x7f0000001600)=""/78, 0x0})
ioctl$VHOST_SET_MEM_TABLE(r2, 0x4008af03, &(0x7f0000001680))
r3 = eventfd2(0x1, 0x1)
ioctl$VHOST_SET_VRING_ERR(r2, 0x4008af22, &(0x7f00000001c0)={0x0, r3})
ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000240)={0x0, 0x0, 0x0, &(0x7f0000001d00)=""/176, 0x0, 0xffff1000})
ioctl$VHOST_SET_VRING_KICK(r2, 0x4008af20, &(0x7f0000000000)={0x0, r3})
ioctl$VHOST_VSOCK_SET_RUNNING(r2, 0x4004af61, &(0x7f00000000c0)=0x1)
ioctl$VHOST_VSOCK_SET_GUEST_CID(r2, 0x4008af60, &(0x7f0000000140)={@my=0x1})
r4 = socket$vsock_stream(0x28, 0x1, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0})
connect$vsock_stream(r4, &(0x7f0000000200)={0x28, 0x0, 0x0, @my=0x1}, 0x10)
mremap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x3000, 0x3, &(0x7f0000ffc000/0x3000)=nil)

2.550567243s ago: executing program 1 (id=419):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000000000000000000000000000000000000000000000000da06f76992669d5e03eb05c5c54ad02c86ff3a24bbd088ab6f14c89e9f8de9a437b48baa02ec70552b5593f01291682679d176ce89cf6b37f395a8b43cc4634884514c977ca52ec233978c9a763df4d49589b90b269b46e23034eba4379ece9ac76d27bdd8e1888cef6ce1f49d074960c7d533de56275f5a7525d581d4df33aecda36e76fd051d2086e27922749e0512e04765e7b4ab49c20a2e0094fe99174f7e30f3869757844f81b74e56d6164a525bea2c64bb8b45089c50cb647cc88f7b4450378bce9a74362292e0f9a8b464f63538871181"], 0x48)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = dup(r2)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil})
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
syz_emit_ethernet(0xbe, &(0x7f0000000000)={@local, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @rand_addr=0x64010101, @dev={0xac, 0x14, 0x14, 0x21}}, {0x0, 0x4e20, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "7b4b143b7461fd777b1c012bd14efb9f49fcdb8f080c26a04883ad5c8c82b8af", "584cbf2649a50f2dbc43efa8698dfa871c51852e4451b57d037ad3c045942824251d7d17b5191584cdd4fbe40a27424d", "bcfd56f1373669caaa2f19935e6996c7096ffe4f3a4745a8f762b964", {"9a3bfbc1f39cb307b3472eb9cdb042d2", "643fcbb2c5a57df67d544af6e8dafe09"}}}}}}}, 0x0)
syz_kvm_setup_cpu$x86(r3, r1, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, 0x0}], 0x1, 0x42, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x36, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7020000140000e5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='sched_switch\x00', r5}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[], 0x48)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
process_vm_writev(0x0, &(0x7f0000001c80)=[{&(0x7f0000001bc0)=""/156, 0x9c}], 0x1, &(0x7f0000001d80), 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x88e, &(0x7f0000000540)={[{@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x2}}, {@mblk_io_submit}, {@bh}, {@auto_da_alloc}, {@barrier}, {@test_dummy_encryption}, {@nogrpid}]}, 0x3, 0x445, &(0x7f0000000800)="$eJzs3M9rHFUcAPDv7CZt06YmlvqjadVoFYM/kiattQcvioIHBUEP9RiTtMRuG2ki2BI0itSjFLyLR8G/wJNeRD0JXvUuhSK5tIqHldmdSXY3u2k2blzNfj4wyXszb3nvuzNv9715mQTQs0bTH0nEYET8EhFD1Wx9gdHqr9uryzN/rC7PJFEuv/57Uil3a3V5Ji+av+5AnumLKHycxNEm9S5euXphulSau5zlJ5YuvjOxeOXq0/MXp8/PnZ+7NHXmzKmTk8+ennqmI3Gmcd0aeX/h2JGX37z+6szZ62/98FWSx98QR4eMbnbwsXK5w9V118GadNLXxYbQlmK1m0Z/pf8PRTHWT95QvPRRVxsH7KhyuVy+t/XhlTKwiyXR7RYA3ZF/0afz33zbfMDQ0eFH1918vjoBSuO+nW3VI31RyMr0N8xvO2k0Is6u/Pl5usXO3IcAAKjzTTr+earZ+K8QtfeF7srWUIYj4u6IOBQRpyPicETcE1Epe19E3N9m/Y2LJBvHP4Ub2wpsi9Lx33PZ2lb9+C8f/cVwMcsdrMTfn5ybL82dyN6Tsejfm+YnN6nj2xd//rTVsdrxX7ql9edjwawdN/r21r9mdnpp+p/EXOvmhxEjfc3iT9ZWApKIOBIRI9usY/6JL4+1Onbn+JurvCUdWGcqfxHxePX8r0RD/Llk8/XJiX1RmjsxkV8VG/3407XXWtW/3fg7JT3/+5te/2vxDye167WL7ddx7ddPWs5ptnv970neqNv33vTS0uXJiD3JK9VG1+6faig3tV4+jX/sePP+fyjW34mjEZFexA9ExIMR8VDW9ocj4pGIOL5J/N+/8OjbdTvGBtuIf2el8c+2df7XE3uicU/zRPHCd1/XVTocbcSfnv9TldRYtmcrn39badf2rmYAAAD4/ylExGAkhfG1dKEwPl79G/7Dsb9QWlhcevLcwruXZqvPCAxHfyG/0zVUcz90MpvW5/mphvzJ7L7xZ8WBSn58ZqE02+3goccdaNH/U78Vu906YMd5Xgt6l/4PvUv/h96l/0PvatL/Bzbu+qvhkUFgN2j2/f9BF9oB/Psa+r9lP+gh5v/Qu/R/6F36P/SkxYG480PyEhIbElH4TzRj5xP7tvhvLnZZotufTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ3xdwAAAP//FX7vJg==")
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.stat\x00', 0x275a, 0x0)
r7 = openat$selinux_access(0xffffffffffffff9c, &(0x7f0000000600), 0x2, 0x0)
write$selinux_access(r7, &(0x7f0000000740)=ANY=[@ANYBLOB="73797374656d5f753a6f626a6563745f723a6c645f736f5f7420704a122f7362696e2f6468636c69656e742030"], 0x41)
write$binfmt_script(r6, &(0x7f0000000040), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r6, 0x0)
r8 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCFLSH(r8, 0x400455c8, 0x0)
fdatasync(r6)

2.17554878s ago: executing program 5 (id=420):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1008413, &(0x7f0000000000)={[{@noblock_validity}, {@barrier}]}, 0x0, 0x517, &(0x7f00000000c0)="$eJzs3c9vG1kdAPDvOHG2adJNFjjASuwu7KK0gtrJRrsb9VCKhOBUCSj3EhIniuLEVey0TVTRVPwBSAgBEie4cEHiD0BClbhwREiV4AwCBELQwgEk6CDb4zR17CS0rp0mn480nffDM9/33M543sx0JoBT60o2PU7T9EJETGTluWz6ZD2zE/FWRDx6eGehPiWRptf+lkSSlbXWlTa8EmPNRRor+MoXI76e7I9b3dpenS+XSxtZvlhbu1Gsbm1fXFmbXy4tl9ZnZ2fen/tg7r256efp3tJYljgXEZc//6fvfuvHX7j888/c+v31v5z/RtJs8932fvx/hg+sbX6f+TjTtsjGswU7lob3JkaPtsy97J8IAAD9VT8u/VB2nH8hJmLokONZAAAA4OWTfnY8/pO0rt3tM9KlHAAAAHiJ5CJiPJJcIbvfdzxyuUIhGvfwfiTO5sqVau3TS5XN9cV6XcRk5HNLK+XSdHZv62Tkk3p+ppF+kn+3LT8bEa9FxHcmRhv5wkKlvDjokx8AAABwSoy1jf//OdEc/wMAAAAnzOSgGwAAAAC8cMb/AAAAcPIZ/wMAAMCJ9qWrV+tT2nr/9eLNrc3Vys2Li6XqamFtc6GwUNm4UViuVJYbz+xbO3Blu68OXN+8XayVqrVidWv7+lplc712feXpV2ADAAAA/fPam/d/m0TEzqXRGL002igb2VP/7+w9AQNrIPDC7J6yiySbj+z/0O9ebc7/2KdGAX0xNOgGAAMzPOgGAAOTH3QDgIFLDqnvevPOr7L5J3rbHgAAoPemPvbk+v9O2/X/3IFL7hxcDRx7NmI4vVz/h9Orcf2/wy1/HTlYgBMl7wgATr3nvv5/KP+HCAAABm28MSW5QnZ6bzxyuUIh4lzjtQD5ZGmlXJqOiFcj4jcT+Vfq+ZnGksmhYwYAAAAAAAAAAAAAAAAAAAAAAAAAoClNk0gBAACAEy0i9+fkF81n+U9NvDPefn5gJPnXRGSvCL31g2vfuz1fq23M1Mv/vlte+35W/u4gzmAAAAAA7Vrj9NY4HgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB66dHDOwutqZ9x//q5iJjsFH84zjTmZyIfEWf/kcTwnuWSiBjqQfydexHx0U7xk3qzdkN2ij/64uPHZPYtdIo/1oP4cJrdr+9/rnTa/nLxVmPeefsbjngq/6y67/9id/831GX7P3fEGK8/+Gmxa/x7Ea8Pd97/tOInXeK/fcT4X/vq9na3uvSHEVMdf3+Sp2IVa2s3itWt7Ysra/PLpeXS+uzszPtzH8y9NzddXFopl7I/O8b49sd/9vig/p/tEn/ykP6/c8T+//fB7YcfbibzneKff7tD/F/+KPvE/vi57LfvU1m6Xj/VSu8003u98ZNfv3FQ/xe79P+wv//zR+z/hS9/8w9H/CgA0AfVre3V+XK5tHFiE/VR+jFohsQxTNzdX/VmdF0qSQ5eYZqmaX2beo6GJd2j9yeR7JYMes8EAAD02pOj/0G3BAAAAAAAAAAAAAAAAAAAAE6vfjxXrD3mzm4q6cUjtAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeuJ/AQAA//8fp+fv")
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
lseek(r0, 0xfffffffffffffffe, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x6)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="18050000000000fe000000004b64ffec850000007d000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0xc)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_int(r4, 0x29, 0x19, &(0x7f0000000080)=0x1b, 0x4)
sendto$inet6(r4, &(0x7f00000000c0), 0x0, 0x0, 0x0, 0x0)
recvmmsg(r4, 0x0, 0x0, 0x40002040, 0x0)
socket$netlink(0x10, 0x3, 0x8000000004)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)

1.688727159s ago: executing program 4 (id=421):
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800040000000000000000000000000018110000", @ANYRES32, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="0b000000070000000100", @ANYRES32, @ANYBLOB='\x00'/17, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000006000000000000000000000000000000000000000000001e24525181618fbf60279ed64b246b09795c9f2f317a6c147202b6473a51d38e982d0a8e58d4fcdcd1866a54156739390010fb60e5c54818f3f33eacbfbb867dd760d427c0ab41b75144f8abe3ebf2558e07bcdf30fc07183add3692e24acddfc3c260c932b594d2f67004b67a0f2c952410b57c7952792d82357fa459f98c776b277a8e23f5c56c9e316f9c39f66ae8cec363a67e9bd930dd3fa4922661bad21c22a7b9fd37d9b54cae1320b9885842c76512fb58f36f9020916f52d4db43801fca63723a3e5714af69d3808b407d9c44def098535af8d7005abf2614a35d9d264eb1886cd68c1c077b"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
statx(0xffffffffffffffff, 0x0, 0x6000, 0x400, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r5 = add_key$fscrypt_v1(&(0x7f0000000000), 0x0, &(0x7f00000002c0)={0x0, "c54f8ce8ea93ece54cbf29e7035c17f52e65dab7bdd012e05b067838bda1bd2e4e1bd932568c7fae502e8602586175e59f4dca5cfb2f6619c1156ab58fc26d08", 0x30}, 0x48, 0xffffffffffffffff)
keyctl$update(0x2, r5, 0x0, 0x0)
keyctl$KEYCTL_PKEY_VERIFY(0x1c, 0x0, &(0x7f0000000380)={'enc=', 'raw', ' hash=', {'sha384-arm64\x00'}}, &(0x7f00000004c0)="1739ec70ee15e43bbc9708d475fcec62db9b606b3daef9ca9bc83ffbe3de27330a5e33131a12e5c7b9a1af92b1992df46449a8f96ff98b37bf4a332e89765d777ee3a3d40d0511c5df21e506858831ad0f5e5d0b3ff6a020ef", &(0x7f0000000280)="73bf31c02907a4d57dde40044e0490f0a8f4")
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$sock_timeval(r6, 0x1, 0x15, &(0x7f0000000040)={0x0, 0xea60}, 0x10)
setsockopt$inet6_tcp_int(r6, 0x6, 0x1e, &(0x7f0000000180)=0x400000001, 0xc2)
setsockopt$inet6_tcp_int(r6, 0x6, 0x2000000000000022, &(0x7f0000000140)=0x1, 0x4)
connect$inet6(r6, &(0x7f0000000240)={0xa, 0x4e23, 0xa4e4, @remote, 0x3}, 0x1c)
sendmmsg(r6, &(0x7f0000001000)=[{{0x0, 0x0, &(0x7f0000000a00)=[{&(0x7f0000000440)='-', 0x1}], 0x1}}], 0x1, 0x10)

1.563431081s ago: executing program 2 (id=422):
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x74, 0x0, 0x0)
r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
ioctl$VHOST_SET_OWNER(r2, 0xaf01, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000300)={0x1, 0x0, 0x0, &(0x7f0000001600)=""/78, 0x0})
ioctl$VHOST_SET_MEM_TABLE(r2, 0x4008af03, &(0x7f0000001680))
r3 = eventfd2(0x1, 0x1)
ioctl$VHOST_SET_VRING_ERR(r2, 0x4008af22, &(0x7f00000001c0)={0x0, r3})
ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000240)={0x0, 0x0, 0x0, &(0x7f0000001d00)=""/176, 0x0, 0xffff1000})
ioctl$VHOST_SET_VRING_KICK(r2, 0x4008af20, &(0x7f0000000000)={0x0, r3})
ioctl$VHOST_VSOCK_SET_RUNNING(r2, 0x4004af61, &(0x7f00000000c0)=0x1)
ioctl$VHOST_VSOCK_SET_GUEST_CID(r2, 0x4008af60, &(0x7f0000000140)={@my=0x1})
r4 = socket$vsock_stream(0x28, 0x1, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0})
connect$vsock_stream(r4, &(0x7f0000000200)={0x28, 0x0, 0x0, @my=0x1}, 0x10)
mremap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x3000, 0x3, &(0x7f0000ffc000/0x3000)=nil)

1.196958028s ago: executing program 1 (id=423):
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f0000000200)={0x2020, 0x0, <r1=>0x0}, 0x2020)
r2 = geteuid()
r3 = getgid()
write$FUSE_ATTR(r0, &(0x7f00000000c0)={0x78, 0x0, r1, {0xb, 0x188, 0x0, {0x6, 0xec, 0xfff, 0x3, 0x60e3, 0x3, 0x576f, 0x7, 0x200, 0x1000, 0x401, r2, r3, 0x7f, 0x2}}}, 0x78)
r4 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000000018105e04da07000000000001090224000100000000090400000903000000092100000001222200090581030800000000"], 0x0)
syz_usb_control_io$hid(r4, 0x0, 0x0)
syz_usb_control_io$hid(r4, &(0x7f00000001c0)={0x24, 0x0, 0x0, &(0x7f0000000000)={0x0, 0x22, 0x1f, {[@global=@item_012={0x2, 0x1, 0x9, "2313"}, @global=@item_012={0x2, 0x1, 0x0, "e53f"}, @global=@item_4={0x3, 0x1, 0x0, '\f\x00'}, @global=@item_4={0x3, 0x1, 0x0, "0900be00"}, @main=@item_4={0x3, 0x0, 0x8}, @local=@item_4={0x3, 0x2, 0x0, "09007a15"}, @local=@item_4={0x3, 0x2, 0x0, "5d8c3dda"}]}}, 0x0}, 0x0)
syz_usb_ep_write(r4, 0x81, 0x7, &(0x7f0000000000)='BBBBBBB')
syz_usb_ep_write(r4, 0x81, 0x7, &(0x7f0000000000)='BBBBBBB')

1.139414179s ago: executing program 3 (id=424):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000000000000000000000000000000000000000000000000da06f76992669d5e03eb05c5c54ad02c86ff3a24bbd088ab6f14c89e9f8de9a437b48baa02ec70552b5593f01291682679d176ce89cf6b37f395a8b43cc4634884514c977ca52ec233978c9a763df4d49589b90b269b46e23034eba4379ece9ac76d27bdd8e1888cef6ce1f49d074960c7d533de56275f5a7525d581d4df33aecda36e76fd051d2086e27922749e0512e04765e7b4ab49c20a2e0094fe99174f7e30f3869757844f81b74e56d6164a525bea2c64bb8b45089c50cb647cc88f7b4450378bce9a74362292e0f9a8b464f63538871181"], 0x48)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = dup(r2)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil})
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
syz_emit_ethernet(0xbe, &(0x7f0000000000)={@local, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @rand_addr=0x64010101, @dev={0xac, 0x14, 0x14, 0x21}}, {0x0, 0x4e20, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "7b4b143b7461fd777b1c012bd14efb9f49fcdb8f080c26a04883ad5c8c82b8af", "584cbf2649a50f2dbc43efa8698dfa871c51852e4451b57d037ad3c045942824251d7d17b5191584cdd4fbe40a27424d", "bcfd56f1373669caaa2f19935e6996c7096ffe4f3a4745a8f762b964", {"9a3bfbc1f39cb307b3472eb9cdb042d2", "643fcbb2c5a57df67d544af6e8dafe09"}}}}}}}, 0x0)
syz_kvm_setup_cpu$x86(r3, r1, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, 0x0}], 0x1, 0x42, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x36, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7020000140000e5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='sched_switch\x00', r5}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[], 0x48)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
process_vm_writev(0x0, &(0x7f0000001c80)=[{&(0x7f0000001bc0)=""/156, 0x9c}], 0x1, &(0x7f0000001d80), 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x88e, &(0x7f0000000540)={[{@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x2}}, {@mblk_io_submit}, {@bh}, {@auto_da_alloc}, {@barrier}, {@test_dummy_encryption}, {@nogrpid}]}, 0x3, 0x445, &(0x7f0000000800)="$eJzs3M9rHFUcAPDv7CZt06YmlvqjadVoFYM/kiattQcvioIHBUEP9RiTtMRuG2ki2BI0itSjFLyLR8G/wJNeRD0JXvUuhSK5tIqHldmdSXY3u2k2blzNfj4wyXszb3nvuzNv9715mQTQs0bTH0nEYET8EhFD1Wx9gdHqr9uryzN/rC7PJFEuv/57Uil3a3V5Ji+av+5AnumLKHycxNEm9S5euXphulSau5zlJ5YuvjOxeOXq0/MXp8/PnZ+7NHXmzKmTk8+ennqmI3Gmcd0aeX/h2JGX37z+6szZ62/98FWSx98QR4eMbnbwsXK5w9V118GadNLXxYbQlmK1m0Z/pf8PRTHWT95QvPRRVxsH7KhyuVy+t/XhlTKwiyXR7RYA3ZF/0afz33zbfMDQ0eFH1918vjoBSuO+nW3VI31RyMr0N8xvO2k0Is6u/Pl5usXO3IcAAKjzTTr+earZ+K8QtfeF7srWUIYj4u6IOBQRpyPicETcE1Epe19E3N9m/Y2LJBvHP4Ub2wpsi9Lx33PZ2lb9+C8f/cVwMcsdrMTfn5ybL82dyN6Tsejfm+YnN6nj2xd//rTVsdrxX7ql9edjwawdN/r21r9mdnpp+p/EXOvmhxEjfc3iT9ZWApKIOBIRI9usY/6JL4+1Onbn+JurvCUdWGcqfxHxePX8r0RD/Llk8/XJiX1RmjsxkV8VG/3407XXWtW/3fg7JT3/+5te/2vxDye167WL7ddx7ddPWs5ptnv970neqNv33vTS0uXJiD3JK9VG1+6faig3tV4+jX/sePP+fyjW34mjEZFexA9ExIMR8VDW9ocj4pGIOL5J/N+/8OjbdTvGBtuIf2el8c+2df7XE3uicU/zRPHCd1/XVTocbcSfnv9TldRYtmcrn39badf2rmYAAAD4/ylExGAkhfG1dKEwPl79G/7Dsb9QWlhcevLcwruXZqvPCAxHfyG/0zVUcz90MpvW5/mphvzJ7L7xZ8WBSn58ZqE02+3goccdaNH/U78Vu906YMd5Xgt6l/4PvUv/h96l/0PvatL/Bzbu+qvhkUFgN2j2/f9BF9oB/Psa+r9lP+gh5v/Qu/R/6F36P/SkxYG480PyEhIbElH4TzRj5xP7tvhvLnZZotufTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ3xdwAAAP//FX7vJg==")
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.stat\x00', 0x275a, 0x0)
r7 = openat$selinux_access(0xffffffffffffff9c, &(0x7f0000000600), 0x2, 0x0)
write$selinux_access(r7, &(0x7f0000000740)=ANY=[@ANYBLOB="73797374656d5f753a6f626a6563745f723a6c645f736f5f7420704a122f7362696e2f6468636c69656e742030"], 0x41)
write$binfmt_script(r6, &(0x7f0000000040), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r6, 0x0)
r8 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCFLSH(r8, 0x400455c8, 0x0)
fdatasync(r6)

973.186882ms ago: executing program 5 (id=425):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x446, &(0x7f0000000480)={[{@min_batch_time={'min_batch_time', 0x3d, 0x9}}, {@journal_dev={'journal_dev', 0x3d, 0x1045}}, {@errors_continue}, {@noquota}, {@data_err_ignore}, {@noblock_validity}, {@delalloc}, {@noauto_da_alloc}, {@orlov}, {@user_xattr}, {@nodioread_nolock}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}]}, 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7f, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r4, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000280)='sched_switch\x00', r5}, 0x18)
sendmsg$nl_xfrm(r0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r6 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r6, &(0x7f00000002c0)={0xa, 0x4e24, 0x0, @rand_addr, 0x8000}, 0x1c)
sendmmsg(r6, 0x0, 0x0, 0xfdff)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r7 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0)
truncate(&(0x7f0000000900)='./file1\x00', 0x3000000)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27ffff7, 0x4012011, r7, 0x0)

758.682756ms ago: executing program 4 (id=426):
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f0000000200)={0x2020}, 0x2020)
geteuid()
getgid()
write$FUSE_ATTR(r0, 0x0, 0x0)
r1 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000000018105e04da07000000000001090224000100000000090400000903000000092100000001222200090581030800000000"], 0x0)
syz_usb_control_io$hid(r1, 0x0, 0x0)
syz_usb_control_io$hid(r1, &(0x7f00000001c0)={0x24, 0x0, 0x0, &(0x7f0000000000)={0x0, 0x22, 0x22, {[@global=@item_012={0x2, 0x1, 0x9, "2313"}, @global=@item_012={0x2, 0x1, 0x0, "e53f"}, @global=@item_4={0x3, 0x1, 0x0, '\f\x00'}, @local=@item_012={0x2, 0x2, 0x2, "9000"}, @global=@item_4={0x3, 0x1, 0x0, "0900be00"}, @main=@item_4={0x3, 0x0, 0x8}, @local=@item_4={0x3, 0x2, 0x0, "09007a15"}, @local=@item_4={0x3, 0x2, 0x0, "5d8c3dda"}]}}, 0x0}, 0x0)
syz_usb_ep_write(r1, 0x81, 0x7, &(0x7f0000000000)='BBBBBBB')
syz_usb_ep_write(r1, 0x81, 0x7, &(0x7f0000000000)='BBBBBBB')

270.088706ms ago: executing program 2 (id=427):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x0, &(0x7f0000000200)})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x101100, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000380)={[0x6, 0x9, 0xfffffffffffffffd, 0x0, 0x2, 0x0, 0x8, 0x1004, 0x9, 0xc595, 0x9, 0x8, 0xfffffffffffffffe, 0x8, 0x80000004000000, 0x1c], 0x80a0000, 0x2010d3})
ioctl$KVM_GET_MSRS_cpu(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000100)={0x1, 0x0, [{0x4b564d01}]})
ioctl$KVM_RUN(r4, 0xae80, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000016000/0x18000)=nil, &(0x7f0000000300)=[@text32={0x20, 0x0}], 0x1, 0x4e, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000180)={0x0, 0xd000})
syz_emit_ethernet(0x3e, &(0x7f0000000000)=ANY=[], 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)

117.906528ms ago: executing program 2 (id=428):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000540)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, 0x0, 0x0, 0x2, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000000e00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
socket$inet6(0x10, 0x3, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
chroot(&(0x7f0000000240)='./file0\x00')
r4 = socket(0x10, 0x3, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r6)
sendmsg$nl_route(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000005840)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x70bd28, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{}, 0x3548}}}]}, 0x78}, 0x1, 0x0, 0x0, 0x585d4d9346027f5c}, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000002c0)=@newtfilter={0x70, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {}, {0xd, 0x1fff}}, [@filter_kind_options=@f_basic={{0xa}, {0x40, 0x2, [@TCA_BASIC_EMATCHES={0x3c, 0x2, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0xffff}}, @TCA_EMATCH_TREE_LIST={0x30, 0x2, 0x0, 0x1, [@TCF_EM_NBYTE={0x10, 0x1, 0x0, 0x0, {{}, {0x0, 0x0, 0x1}}}, @TCF_EM_META={0x1c, 0x2, 0x0, 0x0, {{}, [@TCA_EM_META_HDR={0xc, 0x1, {{}, {0x5}}}, @TCA_EM_META_LVALUE={0x4}]}}]}]}]}}]}, 0x70}}, 0x0)
mount$overlay(0x0, 0x0, 0x0, 0x2040000, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x1000000, &(0x7f0000000600)={[{@noblock_validity}, {@nobarrier}, {@nomblk_io_submit}, {@min_batch_time={'min_batch_time', 0x3d, 0x1}}, {@noload}, {@errors_remount}, {@bsdgroups}, {@auto_da_alloc}, {@journal_async_commit}]}, 0xfe, 0x472, &(0x7f0000000940)="$eJzs3MtvG8UfAPDvOk6a9PFLfyU8GloIFETEI2nSBz1wAYHEAQQSHIo4BSetQt0GNUGiVQSBQxDigCpxRxyR+As4wQUBJySucEeVEMqlhZPR2rtp4tohDydO8ecjbTuzu+7Md2fHnp2xG0DHGkr/SCL2R8SvEdEfEcX6E4Zqf91cmi/9tTRfSqJSee3PJH1Z3FiaL2X/RHVL7avtqFSy/J4G5S6+GTFRLk9dzvKjcxffGZ29cvWp6YsT56fOT10aP3Pm5ImjPafHT7UkzjSuG4Pvzxw5/OIb114unb321o9fp/Xdnx3P42ilodrVbejRVhfWZgdWpJNiGyvChhzI+nt3tf/3R1f0LR/rjxc+amvlgG1VqVQqjT6fMwsV4D8siXbXAGiP/IM+ff7Ntx0aeuwKfzxbewBK476ZbbUjxShk53TXPd+2Um9EnF34+4t0i22ahwAAWOnbdPzzZKPxXyHuWXHe/7I1lIMR8f+IOBQRd0XEQETcHVE9996IuG+D5devkNw+/ilc31Rg65SO/57J1rZWj//y0V8c7MpyB6rxdyfnpstTx7NrMhzde9L82KqXrPbd8798Vr/v02yafWjF+C/d0vLzsWBWj+vFugm6yYm5iZYEn8b/YcRgsVH8yfI6YBIRhyNicJNlTD/+1ZFmx/49/jW0YJ2p8mXEY7X2X4i6+HNJ0/XJsadPj58a7Y3y1PHR/K643U8/L77arPwtxd8CafvvbXj/1+JPnxGT3ojZK1cvVNdrZzdexuJvH5eSJscGNnn/9ySvV9M92b73JubmLo9F9CQvpdm+VfvHb702z+fnp/EPH2vc/w/VHs+qV+L+iEhv4qMR8UBEPJi13UMR8XBEHFsj/h+ee+TtZseat/8as/ItlMY/uUb7p295aepW+2880XXh+2+alV9ZV/ufrKaGsz3ref9bbwW3cu0AAADgTlGofgc+KYwspwuFkZHad/gHYm+hPDM798S5mXcvTda+K38wugv5TFf/ivnQsWxuOM+P1+VPZPPGn3f1VfMjpZnyZLuDhw63r0n/T/3e1e7aAdvO77Wgc+n/0Ln0f+hc+j90Lv0fOlRP490f7HQ9gLbY+Od/77bUA9h5xv/QufR/6Fz6P3Skpr+NL2zpJ/93aqK4O6rRMNG3O6qRJ6KwK6rRusQrn9S6xG6pT54orvs/s9hkYk/DQ+1+ZwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGiNfwIAAP//RwfmeQ==")

34.95187ms ago: executing program 3 (id=429):
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12011001000000406a051500000000000001090224"], 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{}, &(0x7f0000000040), &(0x7f0000000080)}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x10}, 0x0)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
socket$inet_udp(0x2, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r3, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=ANY=[@ANYBLOB="14000000", @ANYRES16=r4, @ANYBLOB='ya\x00\x00\x00\x00\x00\x00 \x00~\x00\x00\x00'], 0x14}}, 0x4000054)

0s ago: executing program 5 (id=430):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x446, &(0x7f0000000480)={[{@min_batch_time={'min_batch_time', 0x3d, 0x9}}, {@journal_dev={'journal_dev', 0x3d, 0x1045}}, {@errors_continue}, {@noquota}, {@data_err_ignore}, {@noblock_validity}, {@delalloc}, {@noauto_da_alloc}, {@orlov}, {@user_xattr}, {@nodioread_nolock}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}]}, 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7f, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r4, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000280)='sched_switch\x00', r5}, 0x18)
sendmsg$nl_xfrm(r0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r6 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r6, &(0x7f00000002c0)={0xa, 0x4e24, 0x0, @rand_addr, 0x8000}, 0x1c)
sendmmsg(r6, 0x0, 0x0, 0xfdff)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r7 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0)
truncate(&(0x7f0000000900)='./file1\x00', 0x3000000)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27ffff7, 0x4012011, r7, 0x0)

kernel console output (not intermixed with test programs):

EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 1 overlaps superblock
[   64.349401][ T1032] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 1 overlaps superblock
[   64.365548][ T1032] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 1 overlaps superblock
[   64.387742][ T1028] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[   64.388818][ T1032] EXT4-fs (loop4): revision level too high, forcing read-only mode
[   64.403228][ T1032] [EXT4 FS bs=4096, gc=2, bpg=34, ipg=32, mo=c042e01c, mo2=0000]
[   64.416999][ T1032] EXT4-fs (loop4): orphan cleanup on readonly fs
[   64.423714][ T1028] device veth0_vlan left promiscuous mode
[   64.425073][ T1032] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.189: bg 0: block 34: padding at end of block bitmap is not set
[   64.430261][ T1028] device veth0_vlan entered promiscuous mode
[   64.452101][ T1028] device veth1_macvtap left promiscuous mode
[   64.461642][ T1028] device veth1_macvtap entered promiscuous mode
[   64.469464][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   64.512828][ T1032] Quota error (device loop4): write_blk: dquota write failed
[   64.524046][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   64.527032][  T683] EXT4-fs (loop5): unmounting filesystem.
[   64.534793][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   64.546471][  T389] bridge0: port 1(bridge_slave_0) entered blocking state
[   64.548560][ T1032] Quota error (device loop4): qtree_write_dquot: Error -28 occurred while creating quota
[   64.553575][  T389] bridge0: port 1(bridge_slave_0) entered forwarding state
[   64.571175][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   64.585561][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   64.594422][  T389] bridge0: port 2(bridge_slave_1) entered blocking state
[   64.598372][ T1032] EXT4-fs error (device loop4): ext4_acquire_dquot:6803: comm syz.4.189: Failed to acquire dquot type 1
[   64.601525][  T389] bridge0: port 2(bridge_slave_1) entered forwarding state
[   64.602178][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   64.628556][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_0: link becomes ready
[   64.639348][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   64.658277][ T1032] EXT4-fs (loop4): 1 truncate cleaned up
[   64.664330][ T1032] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[   64.667527][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_1: link becomes ready
[   64.681696][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   64.690229][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   64.699946][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   64.708237][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   64.716799][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   64.728316][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   64.737065][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   64.745747][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   64.754418][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   64.763170][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   64.776571][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   64.788114][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   64.802137][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   64.817283][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   64.825932][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   64.834409][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   64.842554][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   64.851407][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   64.860770][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   64.870504][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   64.880740][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   64.890966][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   64.911873][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   65.170018][  T286] EXT4-fs (loop4): unmounting filesystem.
[   65.189240][  T561] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[   65.196852][  T289] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[   65.302906][ T1058] loop1: detected capacity change from 0 to 512
[   65.312364][ T1058] EXT4-fs: Ignoring removed mblk_io_submit option
[   65.318850][ T1058] EXT4-fs: Ignoring removed bh option
[   65.324786][ T1058] EXT4-fs (loop1): Test dummy encryption mode enabled
[   65.331883][ T1058] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   65.344402][ T1058] EXT4-fs (loop1): 1 truncate cleaned up
[   65.352956][ T1058] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[   65.380421][  T289] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   65.391878][  T561] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   65.407225][  T561] usb 6-1: config 0 has no interfaces?
[   65.413281][  T289] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[   65.422505][  T561] usb 6-1: New USB device found, idVendor=056a, idProduct=0015, bcdDevice= 0.00
[   65.431909][  T289] usb 4-1: New USB device found, idVendor=044f, idProduct=b323, bcdDevice= 0.00
[   65.441160][  T561] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   65.456620][  T289] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   65.484168][  T561] usb 6-1: config 0 descriptor??
[   65.500817][  T289] usb 4-1: config 0 descriptor??
[   65.518595][   T28] audit: type=1400 audit(1759548430.954:224): avc:  denied  { create } for  pid=1063 comm="syz.2.198" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[   65.538420][   T28] audit: type=1400 audit(1759548430.954:225): avc:  denied  { setopt } for  pid=1063 comm="syz.2.198" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[   65.560792][ T1064] netlink: 4 bytes leftover after parsing attributes in process `syz.2.198'.
[   65.566730][   T28] audit: type=1400 audit(1759548431.004:226): avc:  denied  { bind } for  pid=1063 comm="syz.2.198" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[   65.636801][  T283] EXT4-fs (loop1): unmounting filesystem.
[   65.929254][  T289] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[   66.140746][  T289] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   66.189294][  T289] usb 2-1: config 0 has no interfaces?
[   66.195080][  T289] usb 2-1: New USB device found, idVendor=056a, idProduct=0015, bcdDevice= 0.00
[   66.219443][  T289] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   66.242205][  T289] usb 2-1: config 0 descriptor??
[   66.408645][ T1077] loop2: detected capacity change from 0 to 512
[   66.420404][ T1077] EXT4-fs: Ignoring removed mblk_io_submit option
[   66.427198][ T1077] EXT4-fs: Ignoring removed bh option
[   66.434346][ T1077] EXT4-fs (loop2): Test dummy encryption mode enabled
[   66.441622][ T1077] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   66.625700][  T344] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[   66.645139][  T385] usb 2-1: USB disconnect, device number 7
[   66.681626][ T1077] EXT4-fs (loop2): 1 truncate cleaned up
[   66.688611][ T1077] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   66.839321][  T344] usb 5-1: Using ep0 maxpacket: 16
[   66.846512][  T344] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   66.859022][  T344] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[   66.872856][  T344] usb 5-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[   66.882840][  T344] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   66.896205][  T344] usb 5-1: config 0 descriptor??
[   67.254703][ T1082] loop1: detected capacity change from 0 to 1024
[   67.282444][ T1082] EXT4-fs: Ignoring removed orlov option
[   67.314901][  T344] HID 045e:07da: Invalid code 65791 type 1
[   67.337966][ T1082] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[   67.343455][  T344] input: HID 045e:07da as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:045E:07DA.0003/input/input6
[   67.362691][  T344] microsoft 0003:045E:07DA.0003: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.4-1/input0
[   67.439368][  T441] EXT4-fs (loop2): unmounting filesystem.
[   67.723862][ T1088] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3836: comm syz.1.203: Allocating blocks 497-513 which overlap fs metadata
[   67.819644][  T878] usb 4-1: USB disconnect, device number 7
[   67.850105][ T1092] netlink: 12 bytes leftover after parsing attributes in process `syz.2.204'.
[   67.866418][ T1092] loop2: detected capacity change from 0 to 512
[   67.879775][ T1092] EXT4-fs: Ignoring removed nomblk_io_submit option
[   67.893358][ T1092] EXT4-fs (loop2): can't mount with journal_async_commit, fs mounted w/o journal
[   68.095845][ T1090] EXT4-fs (loop1): pa ffff88810c3c8690: logic 816, phys. 177, len 21
[   68.104114][ T1090] EXT4-fs error (device loop1): ext4_mb_release_inode_pa:4876: group 0, free 0, pa_free 1
[   68.142071][ T1097] loop3: detected capacity change from 0 to 512
[   68.144365][  T283] EXT4-fs (loop1): unmounting filesystem.
[   68.150688][  T878] usb 5-1: USB disconnect, device number 7
[   68.193518][ T1097] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 1 overlaps superblock
[   68.213617][ T1097] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 1 overlaps superblock
[   68.223934][ T1097] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 1 overlaps superblock
[   68.239285][ T1097] EXT4-fs (loop3): revision level too high, forcing read-only mode
[   68.247455][ T1097] [EXT4 FS bs=4096, gc=2, bpg=34, ipg=32, mo=c042e01c, mo2=0000]
[   68.257257][ T1097] EXT4-fs (loop3): orphan cleanup on readonly fs
[   68.265704][ T1097] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.206: bg 0: block 34: padding at end of block bitmap is not set
[   68.280704][ T1097] Quota error (device loop3): write_blk: dquota write failed
[   68.288304][ T1097] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota
[   68.298589][ T1097] EXT4-fs error (device loop3): ext4_acquire_dquot:6803: comm syz.3.206: Failed to acquire dquot type 1
[   68.311935][ T1097] EXT4-fs (loop3): 1 truncate cleaned up
[   68.318234][ T1097] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[   68.463527][  T344] usb 6-1: USB disconnect, device number 5
[   68.469552][  T339] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[   68.759220][  T339] usb 2-1: Using ep0 maxpacket: 16
[   68.766621][  T339] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   68.789831][  T339] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[   68.818245][  T339] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[   68.827696][  T339] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   68.840895][  T339] usb 2-1: config 0 descriptor??
[   69.061992][  T282] EXT4-fs (loop3): unmounting filesystem.
[   69.093629][ T1120] loop3: detected capacity change from 0 to 128
[   69.132057][ T1116] netlink: 4 bytes leftover after parsing attributes in process `syz.5.212'.
[   69.269516][  T339] HID 045e:07da: Invalid code 65791 type 1
[   69.278342][  T339] input: HID 045e:07da as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:045E:07DA.0004/input/input7
[   69.290942][  T339] microsoft 0003:045E:07DA.0004: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.1-1/input0
[   69.709322][  T878] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[   69.820714][ T1126] loop4: detected capacity change from 0 to 1024
[   69.837799][ T1128] netlink: 'syz.5.216': attribute type 27 has an invalid length.
[   69.846901][ T1128] netlink: 12 bytes leftover after parsing attributes in process `syz.5.216'.
[   69.855659][ T1126] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[   69.869309][ T1126] ext4 filesystem being mounted at /33/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   69.890757][  T878] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   69.901596][  T878] usb 3-1: config 0 has no interfaces?
[   69.902744][  T344] usb 2-1: USB disconnect, device number 8
[   69.907158][  T878] usb 3-1: New USB device found, idVendor=056a, idProduct=0015, bcdDevice= 0.00
[   69.923417][  T878] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   69.984258][  T878] usb 3-1: config 0 descriptor??
[   70.121972][ T1140] loop5: detected capacity change from 0 to 128
[   70.129619][ T1141] netlink: 12 bytes leftover after parsing attributes in process `syz.3.219'.
[   70.159282][  T561] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[   70.607298][  T561] usb 5-1: Using ep0 maxpacket: 8
[   70.613856][  T561] usb 5-1: config 0 has an invalid interface number: 31 but max is 0
[   70.622288][  T561] usb 5-1: config 0 has no interface number 0
[   70.642203][  T561] usb 5-1: New USB device found, idVendor=046d, idProduct=08c3, bcdDevice=6b.16
[   70.651541][  T561] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   70.659957][ T1147] loop1: detected capacity change from 0 to 128
[   70.666615][  T561] usb 5-1: Product: syz
[   70.682990][  T561] usb 5-1: Manufacturer: syz
[   70.687831][  T561] usb 5-1: SerialNumber: syz
[   70.701667][  T561] usb 5-1: config 0 descriptor??
[   70.897333][ T1150] netlink: 4 bytes leftover after parsing attributes in process `syz.3.222'.
[   70.907117][ T1150] netlink: 12 bytes leftover after parsing attributes in process `syz.3.222'.
[   70.967484][ T1152] loop3: detected capacity change from 0 to 512
[   70.997704][ T1152] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 1 overlaps superblock
[   71.030879][ T1152] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 1 overlaps superblock
[   71.054148][ T1152] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 1 overlaps superblock
[   71.089529][ T1152] EXT4-fs (loop3): revision level too high, forcing read-only mode
[   71.104523][ T1152] [EXT4 FS bs=4096, gc=2, bpg=34, ipg=32, mo=c042e01c, mo2=0000]
[   71.120269][ T1152] EXT4-fs (loop3): orphan cleanup on readonly fs
[   71.129587][ T1152] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.223: bg 0: block 34: padding at end of block bitmap is not set
[   71.179306][ T1152] Quota error (device loop3): write_blk: dquota write failed
[   71.204136][ T1152] Quota error (device loop3): qtree_write_dquot: Error -28 occurred while creating quota
[   71.226651][ T1152] EXT4-fs error (device loop3): ext4_acquire_dquot:6803: comm syz.3.223: Failed to acquire dquot type 1
[   71.243316][ T1152] EXT4-fs (loop3): 1 truncate cleaned up
[   71.259468][ T1152] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[   71.843763][  T282] EXT4-fs (loop3): unmounting filesystem.
[   71.870310][ T1169] netlink: 'syz.5.227': attribute type 27 has an invalid length.
[   71.903527][ T1169] netlink: 12 bytes leftover after parsing attributes in process `syz.5.227'.
[   71.916142][ T1172] netlink: 4 bytes leftover after parsing attributes in process `syz.3.226'.
[   72.134962][  T289] usb 3-1: USB disconnect, device number 5
[   72.160537][ T1179] loop2: detected capacity change from 0 to 1024
[   72.169283][  T339] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[   72.210316][ T1179] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   72.223288][ T1179] ext4 filesystem being mounted at /36/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   72.360280][  T339] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   72.379222][  T339] usb 2-1: config 0 has no interfaces?
[   72.384761][  T339] usb 2-1: New USB device found, idVendor=056a, idProduct=0015, bcdDevice= 0.00
[   72.393901][  T339] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   72.408530][  T339] usb 2-1: config 0 descriptor??
[   73.241222][  T289] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[   73.248810][ T1080] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm ext4lazyinit: bg 0: block 393: padding at end of block bitmap is not set
[   73.275336][  T878] usb 2-1: USB disconnect, device number 9
[   73.336785][ T1187] loop5: detected capacity change from 0 to 128
[   73.339216][  T561] usb 5-1: Found UVC 0.04 device syz (046d:08c3)
[   73.350516][  T561] uvcvideo 5-1:0.31: Entity type for entity Output 6 was not initialized!
[   73.363964][  T286] EXT4-fs (loop4): unmounting filesystem.
[   73.366111][  T561] usb 5-1: USB disconnect, device number 8
[   73.459276][  T289] usb 3-1: Using ep0 maxpacket: 8
[   73.465683][  T289] usb 3-1: config 0 has an invalid interface number: 31 but max is 0
[   73.479521][  T289] usb 3-1: config 0 has no interface number 0
[   73.494685][  T289] usb 3-1: New USB device found, idVendor=046d, idProduct=08c3, bcdDevice=6b.16
[   73.508729][  T289] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   73.520138][ T1194] loop4: detected capacity change from 0 to 512
[   73.527829][  T289] usb 3-1: Product: syz
[   73.532181][  T289] usb 3-1: Manufacturer: syz
[   73.536805][  T289] usb 3-1: SerialNumber: syz
[   73.544100][ T1194] EXT4-fs: Ignoring removed mblk_io_submit option
[   73.557168][  T289] usb 3-1: config 0 descriptor??
[   73.563561][ T1194] EXT4-fs: Ignoring removed bh option
[   73.569738][ T1194] EXT4-fs (loop4): Test dummy encryption mode enabled
[   73.577103][ T1194] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   73.596465][ T1194] EXT4-fs (loop4): 1 truncate cleaned up
[   73.609232][ T1194] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[   73.709247][   T19] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[   73.847054][   T28] audit: type=1400 audit(1759548439.284:227): avc:  denied  { read write } for  pid=1197 comm="syz.1.235" name="vhost-vsock" dev="devtmpfs" ino=268 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[   73.900406][   T19] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   73.925739][   T19] usb 4-1: config 0 has no interfaces?
[   73.932487][   T28] audit: type=1400 audit(1759548439.324:228): avc:  denied  { open } for  pid=1197 comm="syz.1.235" path="/dev/vhost-vsock" dev="devtmpfs" ino=268 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[   73.960260][   T19] usb 4-1: New USB device found, idVendor=056a, idProduct=0015, bcdDevice= 0.00
[   73.986295][   T19] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   74.015040][   T19] usb 4-1: config 0 descriptor??
[   74.026933][   T28] audit: type=1400 audit(1759548439.324:229): avc:  denied  { ioctl } for  pid=1197 comm="syz.1.235" path="/dev/vhost-vsock" dev="devtmpfs" ino=268 ioctlcmd=0xaf01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[   74.590928][  T286] EXT4-fs (loop4): unmounting filesystem.
[   74.621189][ T1208] loop5: detected capacity change from 0 to 512
[   74.637201][ T1208] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 1 overlaps superblock
[   74.667353][ T1208] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 1 overlaps superblock
[   74.692907][ T1208] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 1 overlaps superblock
[   74.713173][ T1208] EXT4-fs (loop5): revision level too high, forcing read-only mode
[   74.722332][ T1208] [EXT4 FS bs=4096, gc=2, bpg=34, ipg=32, mo=c042e01c, mo2=0000]
[   74.730795][ T1208] EXT4-fs (loop5): orphan cleanup on readonly fs
[   74.749661][ T1208] EXT4-fs error (device loop5): ext4_validate_block_bitmap:438: comm syz.5.237: bg 0: block 34: padding at end of block bitmap is not set
[   74.789382][ T1208] Quota error (device loop5): write_blk: dquota write failed
[   74.796887][ T1208] Quota error (device loop5): qtree_write_dquot: Error -28 occurred while creating quota
[   74.817018][ T1208] EXT4-fs error (device loop5): ext4_acquire_dquot:6803: comm syz.5.237: Failed to acquire dquot type 1
[   74.835970][  T289] usb 3-1: Found UVC 0.04 device syz (046d:08c3)
[   74.849575][  T289] uvcvideo 3-1:0.31: Entity type for entity Output 6 was not initialized!
[   74.853909][ T1208] EXT4-fs (loop5): 1 truncate cleaned up
[   74.860496][  T289] usb 3-1: USB disconnect, device number 6
[   74.871819][ T1208] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[   74.933777][ T1217] netlink: 'syz.4.239': attribute type 27 has an invalid length.
[   74.962538][ T1217] bridge0: port 2(bridge_slave_1) entered disabled state
[   74.969728][ T1217] bridge0: port 1(bridge_slave_0) entered disabled state
[   75.002937][ T1219] netlink: 12 bytes leftover after parsing attributes in process `syz.4.239'.
[   75.244523][ T1223] loop4: detected capacity change from 0 to 128
[   75.383297][  T441] EXT4-fs (loop2): unmounting filesystem.
[   75.409220][   T19] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[   75.423896][ T1226] netlink: 4 bytes leftover after parsing attributes in process `syz.2.241'.
[   75.612376][  T683] EXT4-fs (loop5): unmounting filesystem.
[   75.939246][   T19] usb 2-1: Using ep0 maxpacket: 16
[   75.946825][   T19] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   75.957912][   T19] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[   75.970881][   T19] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[   75.980376][   T19] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   75.992447][   T19] usb 2-1: config 0 descriptor??
[   76.159224][  T289] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[   76.517509][  T562] usb 4-1: USB disconnect, device number 8
[   76.619240][  T289] usb 6-1: Using ep0 maxpacket: 32
[   76.625529][  T289] usb 6-1: config 1 has an invalid interface number: 137 but max is 0
[   76.634028][  T289] usb 6-1: config 1 has no interface number 0
[   76.640852][  T289] usb 6-1: config 1 interface 137 has no altsetting 0
[   76.649398][  T289] usb 6-1: New USB device found, idVendor=0557, idProduct=2021, bcdDevice=74.1a
[   76.658597][  T289] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   76.666902][  T289] usb 6-1: Product: syz
[   76.671704][  T289] usb 6-1: Manufacturer: syz
[   76.676369][  T289] usb 6-1: SerialNumber: syz
[   76.957706][  T289] pl2303 6-1:1.137: required interrupt-in endpoint missing
[   76.978730][  T289] usb 6-1: USB disconnect, device number 6
[   76.980629][  T562] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[   76.992340][  T344] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[   77.180417][  T344] usb 3-1: Using ep0 maxpacket: 32
[   77.185688][  T562] usb 4-1: Using ep0 maxpacket: 32
[   77.192032][  T344] usb 3-1: config 1 has an invalid interface number: 137 but max is 0
[   77.200334][  T562] usb 4-1: config 1 has an invalid interface number: 137 but max is 0
[   77.208546][  T562] usb 4-1: config 1 has no interface number 0
[   77.214759][  T344] usb 3-1: config 1 has no interface number 0
[   77.221467][  T344] usb 3-1: config 1 interface 137 has no altsetting 0
[   77.228366][  T562] usb 4-1: config 1 interface 137 has no altsetting 0
[   77.236892][  T344] usb 3-1: New USB device found, idVendor=0557, idProduct=2021, bcdDevice=74.1a
[   77.246043][  T562] usb 4-1: New USB device found, idVendor=0557, idProduct=2021, bcdDevice=74.1a
[   77.255150][  T344] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   77.263231][  T562] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   77.269332][  T878] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[   77.271332][  T344] usb 3-1: Product: syz
[   77.283028][  T562] usb 4-1: Product: syz
[   77.287329][  T562] usb 4-1: Manufacturer: syz
[   77.291991][  T344] usb 3-1: Manufacturer: syz
[   77.296601][  T344] usb 3-1: SerialNumber: syz
[   77.301242][  T562] usb 4-1: SerialNumber: syz
[   77.460640][  T878] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   77.470938][  T878] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[   77.479962][  T878] usb 5-1: New USB device found, idVendor=044f, idProduct=b323, bcdDevice= 0.00
[   77.489286][  T878] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   77.523702][  T878] usb 5-1: config 0 descriptor??
[   77.613681][  T562] pl2303 4-1:1.137: required interrupt-in endpoint missing
[   77.635790][  T562] usb 4-1: USB disconnect, device number 9
[   77.673436][ T1253] loop5: detected capacity change from 0 to 512
[   77.681614][ T1253] EXT4-fs: Ignoring removed mblk_io_submit option
[   77.685330][  T344] pl2303 3-1:1.137: required interrupt-in endpoint missing
[   77.699017][ T1253] EXT4-fs: Ignoring removed bh option
[   77.705377][ T1253] EXT4-fs (loop5): Test dummy encryption mode enabled
[   77.712610][ T1253] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[   77.713205][  T344] usb 3-1: USB disconnect, device number 7
[   77.730156][ T1253] EXT4-fs (loop5): 1 truncate cleaned up
[   77.736102][ T1253] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[   78.306905][   T19] usbhid 2-1:0.0: can't add hid device: -71
[   78.329271][   T19] usbhid: probe of 2-1:0.0 failed with error -71
[   78.348692][   T19] usb 2-1: USB disconnect, device number 10
[   78.413093][ T1267] loop2: detected capacity change from 0 to 512
[   78.437131][ T1267] EXT4-fs: Ignoring removed mblk_io_submit option
[   78.443627][ T1268] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=8296 sclass=netlink_route_socket pid=1268 comm=syz.4.247
[   78.461873][ T1268] netlink: 36 bytes leftover after parsing attributes in process `syz.4.247'.
[   78.471810][ T1267] EXT4-fs: Ignoring removed bh option
[   78.477754][ T1267] EXT4-fs (loop2): Test dummy encryption mode enabled
[   78.485052][ T1267] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   78.530745][ T1271] loop3: detected capacity change from 0 to 128
[   78.537961][ T1267] EXT4-fs (loop2): 1 truncate cleaned up
[   78.548118][ T1274] loop1: detected capacity change from 0 to 16
[   78.559494][ T1267] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   78.591024][  T683] EXT4-fs (loop5): unmounting filesystem.
[   78.614225][ T1274] erofs: (device loop1): mounted with root inode @ nid 36.
[   78.681845][ T1276] loop5: detected capacity change from 0 to 1024
[   78.743668][ T1276] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[   78.756873][ T1276] ext4 filesystem being mounted at /34/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   79.069271][  T289] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[   79.206316][  T441] EXT4-fs (loop2): unmounting filesystem.
[   79.269230][  T289] usb 6-1: Using ep0 maxpacket: 8
[   79.280045][  T289] usb 6-1: config 0 has an invalid interface number: 31 but max is 0
[   79.288154][  T289] usb 6-1: config 0 has no interface number 0
[   79.301348][  T289] usb 6-1: New USB device found, idVendor=046d, idProduct=08c3, bcdDevice=6b.16
[   79.310486][  T289] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   79.318679][  T289] usb 6-1: Product: syz
[   79.322933][  T289] usb 6-1: Manufacturer: syz
[   79.327556][  T289] usb 6-1: SerialNumber: syz
[   79.333339][  T289] usb 6-1: config 0 descriptor??
[   79.419890][ T1286] netlink: 'syz.1.256': attribute type 27 has an invalid length.
[   79.440053][ T1286] bridge0: port 2(bridge_slave_1) entered disabled state
[   79.447326][ T1286] bridge0: port 1(bridge_slave_0) entered disabled state
[   79.499713][   T19] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[   79.527846][ T1287] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[   79.549587][ T1287] device veth0_vlan left promiscuous mode
[   79.568039][ T1287] device veth0_vlan entered promiscuous mode
[   79.575714][ T1287] device veth1_macvtap left promiscuous mode
[   79.583718][ T1287] device veth1_macvtap entered promiscuous mode
[   79.593007][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   79.601068][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   79.608751][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   79.642389][  T389] bridge0: port 1(bridge_slave_0) entered blocking state
[   79.649515][  T389] bridge0: port 1(bridge_slave_0) entered forwarding state
[   79.710537][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   79.763546][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   79.824098][  T389] bridge0: port 2(bridge_slave_1) entered blocking state
[   79.831211][  T389] bridge0: port 2(bridge_slave_1) entered forwarding state
[   79.904477][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   79.913062][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_0: link becomes ready
[   79.921473][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   79.930259][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_1: link becomes ready
[   79.938702][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   79.947074][   T19] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   79.957703][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   79.965623][   T19] usb 3-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[   79.979591][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   79.987916][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   79.999228][   T19] usb 3-1: New USB device found, idVendor=044f, idProduct=b323, bcdDevice= 0.00
[   80.008342][   T19] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   80.016767][  T344] usb 5-1: USB disconnect, device number 9
[   80.019634][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   80.038431][   T19] usb 3-1: config 0 descriptor??
[   80.044696][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   80.061333][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   80.070013][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   80.078432][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   80.087503][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   80.095774][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   80.104107][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   80.112361][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   80.120628][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   80.129240][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   80.137742][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   80.146074][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   80.154815][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   80.162634][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   80.170357][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   80.178725][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   80.187233][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   80.201998][  T289] usb 6-1: Found UVC 0.04 device syz (046d:08c3)
[   80.208411][  T289] uvcvideo 6-1:0.31: Entity type for entity Output 6 was not initialized!
[   80.211770][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   80.240089][  T289] usb 6-1: USB disconnect, device number 7
[   80.246329][ T1299] loop1: detected capacity change from 0 to 1024
[   80.270894][ T1299] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[   80.279685][ T1299] ext4 filesystem being mounted at /58/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   80.354653][ T1303] loop3: detected capacity change from 0 to 512
[   80.362014][ T1303] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 1 overlaps superblock
[   80.372113][ T1303] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 1 overlaps superblock
[   80.382002][ T1303] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 1 overlaps superblock
[   80.392597][ T1303] EXT4-fs (loop3): revision level too high, forcing read-only mode
[   80.400728][ T1303] [EXT4 FS bs=4096, gc=2, bpg=34, ipg=32, mo=c042e01c, mo2=0000]
[   80.408849][ T1303] EXT4-fs (loop3): orphan cleanup on readonly fs
[   80.415976][ T1303] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.260: bg 0: block 34: padding at end of block bitmap is not set
[   80.430536][ T1303] Quota error (device loop3): write_blk: dquota write failed
[   80.437939][ T1303] Quota error (device loop3): qtree_write_dquot: Error -28 occurred while creating quota
[   80.439259][  T344] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[   80.448171][ T1303] EXT4-fs error (device loop3): ext4_acquire_dquot:6803: comm syz.3.260: Failed to acquire dquot type 1
[   80.467579][ T1303] EXT4-fs (loop3): 1 truncate cleaned up
[   80.473847][ T1303] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[   80.609234][  T562] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[   80.661112][  T344] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   80.671871][  T344] usb 5-1: config 0 has no interfaces?
[   80.677457][  T344] usb 5-1: New USB device found, idVendor=056a, idProduct=0015, bcdDevice= 0.00
[   80.688459][  T344] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   80.720052][  T344] usb 5-1: config 0 descriptor??
[   80.829276][  T562] usb 2-1: Using ep0 maxpacket: 8
[   80.835985][  T562] usb 2-1: config 0 has an invalid interface number: 31 but max is 0
[   80.844359][  T562] usb 2-1: config 0 has no interface number 0
[   80.851691][  T683] EXT4-fs (loop5): unmounting filesystem.
[   80.852231][  T562] usb 2-1: New USB device found, idVendor=046d, idProduct=08c3, bcdDevice=6b.16
[   80.866611][  T562] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   80.881694][ T1310] loop5: detected capacity change from 0 to 1024
[   80.883002][  T562] usb 2-1: Product: syz
[   80.892548][  T562] usb 2-1: Manufacturer: syz
[   80.897246][  T562] usb 2-1: SerialNumber: syz
[   80.906412][  T562] usb 2-1: config 0 descriptor??
[   80.907506][ T1310] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[   80.921521][ T1310] ext4 filesystem being mounted at /35/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   80.970552][ T1313] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=8296 sclass=netlink_route_socket pid=1313 comm=syz.2.255
[   81.062762][ T1313] netlink: 36 bytes leftover after parsing attributes in process `syz.2.255'.
[   81.440231][  T344] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[   81.449331][  T282] EXT4-fs (loop3): unmounting filesystem.
[   81.513217][  T562] usb 2-1: Found UVC 0.04 device syz (046d:08c3)
[   81.520077][  T562] uvcvideo 2-1:0.31: Entity type for entity Output 6 was not initialized!
[   81.537277][  T562] usb 2-1: USB disconnect, device number 11
[   81.588354][ T1321] loop3: detected capacity change from 0 to 512
[   81.605631][ T1321] EXT4-fs: Ignoring removed mblk_io_submit option
[   81.612352][ T1321] EXT4-fs: Ignoring removed bh option
[   81.618402][ T1321] EXT4-fs (loop3): Test dummy encryption mode enabled
[   81.625440][  T344] usb 6-1: Using ep0 maxpacket: 8
[   81.630794][ T1321] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   81.641936][  T344] usb 6-1: config 0 has an invalid interface number: 31 but max is 0
[   81.650376][  T344] usb 6-1: config 0 has no interface number 0
[   81.658369][  T344] usb 6-1: New USB device found, idVendor=046d, idProduct=08c3, bcdDevice=6b.16
[   81.669404][ T1321] EXT4-fs (loop3): 1 truncate cleaned up
[   81.675195][ T1321] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[   81.683818][  T344] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   81.691950][  T344] usb 6-1: Product: syz
[   81.696309][  T344] usb 6-1: Manufacturer: syz
[   81.712776][  T344] usb 6-1: SerialNumber: syz
[   81.727924][  T344] usb 6-1: config 0 descriptor??
[   82.024872][  T283] EXT4-fs (loop1): unmounting filesystem.
[   82.252116][  T385] usb 3-1: USB disconnect, device number 8
[   82.401538][  T282] EXT4-fs (loop3): unmounting filesystem.
[   82.450967][ T1334] loop3: detected capacity change from 0 to 128
[   82.576360][  T344] usb 6-1: Found UVC 0.04 device syz (046d:08c3)
[   82.584385][  T344] uvcvideo 6-1:0.31: Entity type for entity Output 6 was not initialized!
[   82.600488][  T344] usb 6-1: USB disconnect, device number 8
[   82.933385][ T1339] loop2: detected capacity change from 0 to 16
[   82.940518][ T1339] erofs: (device loop2): mounted with root inode @ nid 36.
[   83.093526][  T385] usb 5-1: USB disconnect, device number 10
[   83.236666][ T1347] overlayfs: missing 'workdir'
[   83.327201][ T1349] overlayfs: failed to resolve './bus': -2
[   83.344952][  T683] EXT4-fs (loop5): unmounting filesystem.
[   84.528903][ T1357] netlink: 4 bytes leftover after parsing attributes in process `syz.3.269'.
[   84.546638][ T1357] loop3: detected capacity change from 0 to 512
[   84.553769][ T1357] EXT4-fs: Ignoring removed nomblk_io_submit option
[   84.564149][ T1357] EXT4-fs (loop3): can't mount with journal_async_commit, fs mounted w/o journal
[   85.071024][ T1360] loop5: detected capacity change from 0 to 1024
[   85.259422][  T385] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[   85.280645][ T1360] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[   85.331191][ T1360] ext4 filesystem being mounted at /37/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   85.489279][  T385] usb 3-1: Using ep0 maxpacket: 32
[   85.496364][  T385] usb 3-1: config 1 has an invalid interface number: 137 but max is 0
[   85.596052][  T385] usb 3-1: config 1 has no interface number 0
[   85.643114][  T385] usb 3-1: config 1 interface 137 has no altsetting 0
[   85.703730][  T385] usb 3-1: New USB device found, idVendor=0557, idProduct=2021, bcdDevice=74.1a
[   85.773895][  T385] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   85.829030][  T385] usb 3-1: Product: syz
[   85.864430][  T385] usb 3-1: Manufacturer: syz
[   85.869126][  T385] usb 3-1: SerialNumber: syz
[   85.937632][ T1368] loop1: detected capacity change from 0 to 1024
[   85.964603][ T1369] loop4: detected capacity change from 0 to 1024
[   85.975219][ T1369] EXT4-fs: Ignoring removed orlov option
[   85.982854][ T1368] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[   85.991990][ T1368] ext4 filesystem being mounted at /61/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   85.993446][ T1369] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[   86.082508][  T344] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[   86.396597][ T1374] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:3836: comm syz.4.274: Allocating blocks 497-513 which overlap fs metadata
[   86.410806][  T289] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[   86.455394][  T385] pl2303 3-1:1.137: required interrupt-in endpoint missing
[   86.471877][  T385] usb 3-1: USB disconnect, device number 9
[   86.529266][  T344] usb 6-1: Using ep0 maxpacket: 8
[   86.535373][  T344] usb 6-1: config 0 has an invalid interface number: 31 but max is 0
[   86.543536][  T344] usb 6-1: config 0 has no interface number 0
[   86.551096][  T344] usb 6-1: New USB device found, idVendor=046d, idProduct=08c3, bcdDevice=6b.16
[   86.560381][  T344] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   86.568446][  T344] usb 6-1: Product: syz
[   86.572690][  T344] usb 6-1: Manufacturer: syz
[   86.577377][  T344] usb 6-1: SerialNumber: syz
[   86.586613][  T344] usb 6-1: config 0 descriptor??
[   86.599323][  T289] usb 2-1: Using ep0 maxpacket: 8
[   86.606051][  T289] usb 2-1: config 0 has an invalid interface number: 31 but max is 0
[   86.614286][  T289] usb 2-1: config 0 has no interface number 0
[   86.622410][  T289] usb 2-1: New USB device found, idVendor=046d, idProduct=08c3, bcdDevice=6b.16
[   86.632244][  T289] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   86.640709][  T289] usb 2-1: Product: syz
[   86.646204][  T289] usb 2-1: Manufacturer: syz
[   86.650906][  T289] usb 2-1: SerialNumber: syz
[   86.660971][  T289] usb 2-1: config 0 descriptor??
[   86.845332][ T1377] EXT4-fs (loop4): pa ffff888133195540: logic 2096, phys. 177, len 21
[   86.853609][ T1377] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:4876: group 0, free 0, pa_free 1
[   86.902831][  T286] EXT4-fs (loop4): unmounting filesystem.
[   87.035609][ T1394] loop2: detected capacity change from 0 to 128
[   87.608503][   T28] audit: type=1400 audit(1759548452.564:230): avc:  denied  { execute } for  pid=1389 comm="syz.4.278" path="/43/file1" dev="tmpfs" ino=253 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[   87.631707][ T1364] EXT4-fs error (device loop5): ext4_validate_block_bitmap:438: comm ext4lazyinit: bg 0: block 393: padding at end of block bitmap is not set
[   88.279794][  T344] usb 6-1: Found UVC 0.04 device syz (046d:08c3)
[   88.289938][  T344] uvcvideo 6-1:0.31: Entity type for entity Output 6 was not initialized!
[   88.300534][  T683] EXT4-fs (loop5): unmounting filesystem.
[   88.314726][  T344] usb 6-1: USB disconnect, device number 9
[   88.431606][  T289] usb 2-1: Found UVC 0.04 device syz (046d:08c3)
[   88.438272][  T289] uvcvideo 2-1:0.31: Entity type for entity Output 6 was not initialized!
[   88.485912][  T289] usb 2-1: USB disconnect, device number 12
[   88.499342][ T1404] loop2: detected capacity change from 0 to 16
[   88.508814][ T1404] erofs: (device loop2): mounted with root inode @ nid 36.
[   88.657146][  T283] EXT4-fs (loop1): unmounting filesystem.
[   89.542585][ T1412] loop1: detected capacity change from 0 to 1024
[   89.571315][ T1412] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[   89.580078][ T1412] ext4 filesystem being mounted at /62/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   89.789205][  T344] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[   89.833121][ T1422] overlayfs: missing 'workdir'
[   89.969233][  T344] usb 6-1: Using ep0 maxpacket: 16
[   89.976405][  T344] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   90.022972][  T344] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[   90.080082][  T344] usb 6-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[   90.094045][  T344] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   90.103420][  T344] usb 6-1: config 0 descriptor??
[   90.109216][  T289] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[   90.179249][  T878] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[   90.289270][  T289] usb 2-1: Using ep0 maxpacket: 8
[   90.295573][  T289] usb 2-1: config 0 has an invalid interface number: 31 but max is 0
[   90.303947][  T289] usb 2-1: config 0 has no interface number 0
[   90.312787][  T289] usb 2-1: New USB device found, idVendor=046d, idProduct=08c3, bcdDevice=6b.16
[   90.321954][  T289] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   90.330124][  T289] usb 2-1: Product: syz
[   90.334480][  T289] usb 2-1: Manufacturer: syz
[   90.339100][  T289] usb 2-1: SerialNumber: syz
[   90.348392][  T289] usb 2-1: config 0 descriptor??
[   90.360476][  T878] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   90.370731][  T878] usb 5-1: config 0 has no interfaces?
[   90.376275][  T878] usb 5-1: New USB device found, idVendor=056a, idProduct=0015, bcdDevice= 0.00
[   90.385791][  T878] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   90.394674][  T878] usb 5-1: config 0 descriptor??
[   90.678982][  T339] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[   90.901162][  T339] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   90.922197][  T339] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[   90.959737][  T339] usb 4-1: New USB device found, idVendor=044f, idProduct=b323, bcdDevice= 0.00
[   91.003307][  T339] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   91.037146][  T339] usb 4-1: config 0 descriptor??
[   91.089262][  T878] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[   91.116564][  T289] usb 2-1: Found UVC 0.04 device syz (046d:08c3)
[   91.123158][  T289] uvcvideo 2-1:0.31: Entity type for entity Output 6 was not initialized!
[   91.133080][  T289] usb 2-1: USB disconnect, device number 13
[   91.270512][  T878] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   91.280821][  T878] usb 3-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[   91.289930][  T878] usb 3-1: New USB device found, idVendor=044f, idProduct=b323, bcdDevice= 0.00
[   91.299015][  T878] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   91.308077][  T878] usb 3-1: config 0 descriptor??
[   91.589284][ T1415] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm ext4lazyinit: bg 0: block 393: padding at end of block bitmap is not set
[   91.604535][ T1437] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=8296 sclass=netlink_route_socket pid=1437 comm=syz.3.288
[   91.629739][  T283] EXT4-fs (loop1): unmounting filesystem.
[   93.206002][ T1446] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=8296 sclass=netlink_route_socket pid=1446 comm=syz.2.289
[   93.218888][  T562] usb 5-1: USB disconnect, device number 11
[   93.238328][  T344] usbhid 6-1:0.0: can't add hid device: -71
[   93.248095][  T344] usbhid: probe of 6-1:0.0 failed with error -71
[   93.268352][ T1448] loop4: detected capacity change from 0 to 512
[   93.288779][  T344] usb 6-1: USB disconnect, device number 10
[   93.304739][ T1448] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 1 overlaps superblock
[   93.329347][ T1448] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 1 overlaps superblock
[   93.339988][ T1446] netlink: 36 bytes leftover after parsing attributes in process `syz.2.289'.
[   93.349250][ T1448] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 1 overlaps superblock
[   93.360979][ T1448] EXT4-fs (loop4): revision level too high, forcing read-only mode
[   93.369017][ T1448] [EXT4 FS bs=4096, gc=2, bpg=34, ipg=32, mo=c042e01c, mo2=0000]
[   93.382386][ T1448] EXT4-fs (loop4): orphan cleanup on readonly fs
[   93.389954][ T1448] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.292: bg 0: block 34: padding at end of block bitmap is not set
[   93.404545][ T1448] Quota error (device loop4): write_blk: dquota write failed
[   93.412438][ T1448] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota
[   93.422824][ T1448] EXT4-fs error (device loop4): ext4_acquire_dquot:6803: comm syz.4.292: Failed to acquire dquot type 1
[   93.435008][ T1448] EXT4-fs (loop4): 1 truncate cleaned up
[   93.484098][ T1448] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[   93.507152][ T1456] loop1: detected capacity change from 0 to 1024
[   93.541470][ T1456] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[   93.550424][ T1456] ext4 filesystem being mounted at /65/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   93.583695][ T1462] Zero length message leads to an empty skb
[   93.597077][ T1462] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[   93.615269][ T1462] device veth0_vlan left promiscuous mode
[   93.622371][ T1462] device veth0_vlan entered promiscuous mode
[   93.629879][ T1462] device veth1_macvtap left promiscuous mode
[   93.636581][ T1462] device veth1_macvtap entered promiscuous mode
[   93.644435][  T457] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   93.652224][  T457] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   93.659882][  T457] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   93.668190][  T457] bridge0: port 1(bridge_slave_0) entered blocking state
[   93.675292][  T457] bridge0: port 1(bridge_slave_0) entered forwarding state
[   93.682885][  T457] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   93.691418][  T457] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   93.699856][  T457] bridge0: port 2(bridge_slave_1) entered blocking state
[   93.707070][  T457] bridge0: port 2(bridge_slave_1) entered forwarding state
[   93.714668][  T457] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   93.723075][  T457] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_0: link becomes ready
[   93.731267][  T457] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   93.739549][  T457] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_1: link becomes ready
[   93.747710][  T457] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   93.755981][  T457] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   93.764118][  T457] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   93.772394][  T457] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   93.780517][  T457] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   93.788655][  T457] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   93.797156][  T457] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   93.805609][  T457] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   93.814013][  T457] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   93.822440][  T457] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   93.830540][  T457] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   93.838656][  T457] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   93.846723][  T457] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   93.854853][  T457] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   93.859209][  T878] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[   93.863429][  T457] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   93.878939][  T457] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   93.887028][  T457] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   93.895033][  T457] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   93.902563][  T457] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   93.910166][  T457] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   93.918412][  T457] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   93.926719][  T457] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   93.934595][  T457] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   93.954327][ T1464] loop5: detected capacity change from 0 to 16
[   93.962768][ T1464] erofs: (device loop5): mounted with root inode @ nid 36.
[   94.067532][ T1466] loop5: detected capacity change from 0 to 1024
[   94.079244][  T878] usb 2-1: Using ep0 maxpacket: 8
[   94.085869][  T878] usb 2-1: config 0 has an invalid interface number: 31 but max is 0
[   94.102859][  T878] usb 2-1: config 0 has no interface number 0
[   94.111146][  T286] EXT4-fs (loop4): unmounting filesystem.
[   94.117965][ T1466] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[   94.126705][ T1466] ext4 filesystem being mounted at /42/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   94.133138][  T878] usb 2-1: New USB device found, idVendor=046d, idProduct=08c3, bcdDevice=6b.16
[   94.157545][ T1470] loop4: detected capacity change from 0 to 1024
[   94.165359][  T878] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   94.173882][  T878] usb 2-1: Product: syz
[   94.178177][  T878] usb 2-1: Manufacturer: syz
[   94.183617][  T878] usb 2-1: SerialNumber: syz
[   94.184043][ T1470] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[   94.190283][  T878] usb 2-1: config 0 descriptor??
[   94.199537][ T1470] ext4 filesystem being mounted at /47/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   94.237614][  T385] usb 4-1: USB disconnect, device number 10
[   94.337046][ T1476] loop3: detected capacity change from 0 to 512
[   94.347843][ T1476] EXT4-fs: Ignoring removed mblk_io_submit option
[   94.354583][ T1476] EXT4-fs: Ignoring removed bh option
[   94.361256][ T1476] EXT4-fs (loop3): Test dummy encryption mode enabled
[   94.370143][ T1476] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   94.389044][  T562] usb 3-1: USB disconnect, device number 10
[   94.442484][ T1476] EXT4-fs (loop3): 1 truncate cleaned up
[   94.448555][ T1476] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[   94.469288][   T19] usb 6-1: new high-speed USB device number 11 using dummy_hcd
[   94.479386][  T344] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[   94.608841][  T878] usb 2-1: Found UVC 0.04 device syz (046d:08c3)
[   94.615552][  T878] uvcvideo 2-1:0.31: Entity type for entity Output 6 was not initialized!
[   94.626616][  T878] usb 2-1: USB disconnect, device number 14
[   94.669230][  T344] usb 5-1: Using ep0 maxpacket: 8
[   94.669255][   T19] usb 6-1: Using ep0 maxpacket: 8
[   94.680705][  T344] usb 5-1: config 0 has an invalid interface number: 31 but max is 0
[   94.687052][   T19] usb 6-1: config 0 has an invalid interface number: 31 but max is 0
[   94.688862][  T344] usb 5-1: config 0 has no interface number 0
[   94.700904][  T344] usb 5-1: New USB device found, idVendor=046d, idProduct=08c3, bcdDevice=6b.16
[   94.703374][   T19] usb 6-1: config 0 has no interface number 0
[   94.719293][  T344] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   94.727475][  T344] usb 5-1: Product: syz
[   94.729412][   T19] usb 6-1: New USB device found, idVendor=046d, idProduct=08c3, bcdDevice=6b.16
[   94.731973][  T344] usb 5-1: Manufacturer: syz
[   94.745554][  T344] usb 5-1: SerialNumber: syz
[   94.751137][   T19] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   94.755993][  T344] usb 5-1: config 0 descriptor??
[   94.764849][   T19] usb 6-1: Product: syz
[   94.769182][   T19] usb 6-1: Manufacturer: syz
[   94.773988][   T19] usb 6-1: SerialNumber: syz
[   94.784330][   T19] usb 6-1: config 0 descriptor??
[   94.829225][  T562] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[   95.010579][  T562] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   95.020868][  T562] usb 3-1: config 0 has no interfaces?
[   95.026414][  T562] usb 3-1: New USB device found, idVendor=056a, idProduct=0015, bcdDevice= 0.00
[   95.059256][  T562] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   95.079965][  T562] usb 3-1: config 0 descriptor??
[   95.136019][  T283] EXT4-fs (loop1): unmounting filesystem.
[   95.192186][ T1487] loop1: detected capacity change from 0 to 512
[   95.211407][  T282] EXT4-fs (loop3): unmounting filesystem.
[   95.226901][ T1487] EXT4-fs: Ignoring removed mblk_io_submit option
[   95.256963][ T1487] EXT4-fs: Ignoring removed bh option
[   95.279530][ T1487] EXT4-fs (loop1): Test dummy encryption mode enabled
[   95.374756][ T1487] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   95.386662][ T1487] EXT4-fs (loop1): 1 truncate cleaned up
[   95.392617][ T1487] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[   95.670559][ T1459] EXT4-fs error (device loop5): ext4_validate_block_bitmap:438: comm ext4lazyinit: bg 0: block 393: padding at end of block bitmap is not set
[   95.849607][  T283] EXT4-fs (loop1): unmounting filesystem.
[   95.930353][   T19] usb 6-1: Found UVC 0.04 device syz (046d:08c3)
[   95.931937][  T344] usb 5-1: Found UVC 0.04 device syz (046d:08c3)
[   95.936776][   T19] uvcvideo 6-1:0.31: Entity type for entity Output 6 was not initialized!
[   95.949410][   T19] usb 6-1: USB disconnect, device number 11
[   95.964823][  T344] uvcvideo 5-1:0.31: Entity type for entity Output 6 was not initialized!
[   95.980403][  T344] usb 5-1: USB disconnect, device number 12
[   96.159237][  T561] usb 2-1: new high-speed USB device number 15 using dummy_hcd
[   96.239261][  T878] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[   96.340521][  T561] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   96.350734][  T561] usb 2-1: config 0 has no interfaces?
[   96.356286][  T561] usb 2-1: New USB device found, idVendor=056a, idProduct=0015, bcdDevice= 0.00
[   96.365387][  T561] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   96.374392][  T561] usb 2-1: config 0 descriptor??
[   96.429231][  T878] usb 4-1: Using ep0 maxpacket: 16
[   96.435570][  T878] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   96.446612][  T878] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[   96.465431][  T878] usb 4-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[   96.474650][ T1459] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm ext4lazyinit: bg 0: block 393: padding at end of block bitmap is not set
[   96.485712][  T683] EXT4-fs (loop5): unmounting filesystem.
[   96.489501][  T878] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   96.504809][  T286] EXT4-fs (loop4): unmounting filesystem.
[   96.505416][  T878] usb 4-1: config 0 descriptor??
[   96.816546][  T344] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[   97.019201][  T344] usb 5-1: Using ep0 maxpacket: 32
[   97.026884][  T344] usb 5-1: config 1 has an invalid interface number: 137 but max is 0
[   97.040487][  T344] usb 5-1: config 1 has no interface number 0
[   97.051379][  T344] usb 5-1: config 1 interface 137 has no altsetting 0
[   97.067017][  T344] usb 5-1: New USB device found, idVendor=0557, idProduct=2021, bcdDevice=74.1a
[   97.083568][  T344] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   97.099075][  T344] usb 5-1: Product: syz
[   97.103395][  T344] usb 5-1: Manufacturer: syz
[   97.108048][  T344] usb 5-1: SerialNumber: syz
[   97.407420][  T344] pl2303 5-1:1.137: required interrupt-in endpoint missing
[   97.415931][  T344] usb 5-1: USB disconnect, device number 13
[   97.471105][   T19] usb 3-1: USB disconnect, device number 11
[   97.498069][ T1513] loop5: detected capacity change from 0 to 512
[   97.506184][ T1513] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 1 overlaps superblock
[   97.516232][ T1513] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 1 overlaps superblock
[   97.526182][ T1513] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 1 overlaps superblock
[   97.536447][ T1513] EXT4-fs (loop5): revision level too high, forcing read-only mode
[   97.544477][ T1513] [EXT4 FS bs=4096, gc=2, bpg=34, ipg=32, mo=c042e01c, mo2=0000]
[   97.552961][ T1513] EXT4-fs (loop5): orphan cleanup on readonly fs
[   97.560020][ T1513] EXT4-fs error (device loop5): ext4_validate_block_bitmap:438: comm syz.5.308: bg 0: block 34: padding at end of block bitmap is not set
[   97.574613][ T1513] Quota error (device loop5): write_blk: dquota write failed
[   97.582131][ T1513] Quota error (device loop5): qtree_write_dquot: Error -28 occurred while creating quota
[   97.592041][ T1513] EXT4-fs error (device loop5): ext4_acquire_dquot:6803: comm syz.5.308: Failed to acquire dquot type 1
[   97.603940][ T1513] EXT4-fs (loop5): 1 truncate cleaned up
[   97.610126][ T1513] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[   97.889384][   T19] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[   98.079209][   T19] usb 3-1: Using ep0 maxpacket: 16
[   98.085633][   T19] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   98.096622][   T19] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[   98.109518][   T19] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[   98.118705][   T19] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   98.127983][   T19] usb 3-1: config 0 descriptor??
[   98.209217][  T339] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[   98.360837][  T683] EXT4-fs (loop5): unmounting filesystem.
[   98.391611][  T339] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   98.402770][  T339] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[   98.412087][  T339] usb 5-1: New USB device found, idVendor=044f, idProduct=b323, bcdDevice= 0.00
[   98.421448][  T339] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   98.434423][  T339] usb 5-1: config 0 descriptor??
[   98.537860][   T19] HID 045e:07da: Invalid code 65791 type 1
[   98.551651][   T19] input: HID 045e:07da as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:045E:07DA.0005/input/input8
[   98.565076][   T19] microsoft 0003:045E:07DA.0005: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.2-1/input0
[   98.950470][  T562] usb 2-1: USB disconnect, device number 15
[   98.983999][  T878] usbhid 4-1:0.0: can't add hid device: -71
[   98.990684][  T878] usbhid: probe of 4-1:0.0 failed with error -71
[   98.997232][ T1527] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=8296 sclass=netlink_route_socket pid=1527 comm=syz.4.309
[   99.026872][  T878] usb 4-1: USB disconnect, device number 11
[   99.366965][   T19] usb 3-1: USB disconnect, device number 12
[   99.382564][  T562] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[   99.399244][  T878] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[   99.579400][  T878] usb 4-1: Using ep0 maxpacket: 32
[   99.585711][  T878] usb 4-1: config 1 has an invalid interface number: 137 but max is 0
[   99.594116][  T878] usb 4-1: config 1 has no interface number 0
[   99.600281][  T878] usb 4-1: config 1 interface 137 has no altsetting 0
[   99.608763][  T878] usb 4-1: New USB device found, idVendor=0557, idProduct=2021, bcdDevice=74.1a
[   99.617910][  T878] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   99.626126][  T878] usb 4-1: Product: syz
[   99.630340][  T878] usb 4-1: Manufacturer: syz
[   99.634990][  T878] usb 4-1: SerialNumber: syz
[   99.639216][  T562] usb 2-1: Using ep0 maxpacket: 32
[   99.646205][  T562] usb 2-1: config 1 has an invalid interface number: 137 but max is 0
[   99.654520][  T562] usb 2-1: config 1 has no interface number 0
[   99.660701][  T562] usb 2-1: config 1 interface 137 has no altsetting 0
[   99.669123][  T562] usb 2-1: New USB device found, idVendor=0557, idProduct=2021, bcdDevice=74.1a
[   99.678460][  T562] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   99.686538][  T562] usb 2-1: Product: syz
[   99.690829][  T562] usb 2-1: Manufacturer: syz
[   99.695532][  T562] usb 2-1: SerialNumber: syz
[   99.928071][  T878] pl2303 4-1:1.137: required interrupt-in endpoint missing
[   99.943415][  T878] usb 4-1: USB disconnect, device number 12
[   99.986440][  T562] pl2303 2-1:1.137: required interrupt-in endpoint missing
[   99.996031][  T562] usb 2-1: USB disconnect, device number 16
[  100.054823][ T1541] loop2: detected capacity change from 0 to 1024
[  100.072199][ T1541] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  100.081307][ T1541] ext4 filesystem being mounted at /52/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  100.195912][ T1546] loop5: detected capacity change from 0 to 1024
[  100.215851][ T1546] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  100.224553][ T1546] ext4 filesystem being mounted at /47/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  100.359265][  T339] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[  100.509204][  T562] usb 6-1: new high-speed USB device number 12 using dummy_hcd
[  100.539411][  T339] usb 3-1: Using ep0 maxpacket: 8
[  100.546073][  T339] usb 3-1: config 0 has an invalid interface number: 31 but max is 0
[  100.554295][  T339] usb 3-1: config 0 has no interface number 0
[  100.561808][  T339] usb 3-1: New USB device found, idVendor=046d, idProduct=08c3, bcdDevice=6b.16
[  100.570978][  T339] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  100.579005][  T339] usb 3-1: Product: syz
[  100.579223][ T1544] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm ext4lazyinit: bg 0: block 393: padding at end of block bitmap is not set
[  100.583369][  T339] usb 3-1: Manufacturer: syz
[  100.602492][  T339] usb 3-1: SerialNumber: syz
[  100.607763][  T339] usb 3-1: config 0 descriptor??
[  100.699219][  T562] usb 6-1: Using ep0 maxpacket: 8
[  100.705427][  T562] usb 6-1: config 0 has an invalid interface number: 31 but max is 0
[  100.713767][  T562] usb 6-1: config 0 has no interface number 0
[  100.722229][  T562] usb 6-1: New USB device found, idVendor=046d, idProduct=08c3, bcdDevice=6b.16
[  100.731354][  T562] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  100.739414][  T562] usb 6-1: Product: syz
[  100.743674][  T562] usb 6-1: Manufacturer: syz
[  100.748278][  T562] usb 6-1: SerialNumber: syz
[  100.753036][  T344] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[  100.761679][  T562] usb 6-1: config 0 descriptor??
[  100.779193][  T878] usb 2-1: new high-speed USB device number 17 using dummy_hcd
[  100.940670][  T344] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  100.960432][  T878] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  100.962696][  T344] usb 4-1: config 0 has no interfaces?
[  100.970923][  T878] usb 2-1: config 0 has no interfaces?
[  100.981920][  T344] usb 4-1: New USB device found, idVendor=056a, idProduct=0015, bcdDevice= 0.00
[  100.992048][  T878] usb 2-1: New USB device found, idVendor=056a, idProduct=0015, bcdDevice= 0.00
[  100.995126][  T344] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  101.011247][  T406] usb 5-1: USB disconnect, device number 14
[  101.017569][  T344] usb 4-1: config 0 descriptor??
[  101.041179][  T878] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  101.066827][  T878] usb 2-1: config 0 descriptor??
[  101.459405][  T406] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[  101.941492][  T406] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  101.970809][  T406] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  102.001222][  T562] usb 6-1: Found UVC 0.04 device syz (046d:08c3)
[  102.010213][  T562] uvcvideo 6-1:0.31: Entity type for entity Output 6 was not initialized!
[  102.018934][  T406] usb 5-1: New USB device found, idVendor=044f, idProduct=b323, bcdDevice= 0.00
[  102.028697][  T406] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  102.049381][  T562] usb 6-1: USB disconnect, device number 12
[  102.073258][  T406] usb 5-1: config 0 descriptor??
[  102.533769][  T683] EXT4-fs (loop5): unmounting filesystem.
[  102.578501][ T1563] loop5: detected capacity change from 0 to 512
[  102.590497][ T1563] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 1 overlaps superblock
[  102.605874][ T1563] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 1 overlaps superblock
[  102.616197][ T1563] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 1 overlaps superblock
[  102.633514][ T1563] EXT4-fs (loop5): revision level too high, forcing read-only mode
[  102.641638][ T1563] [EXT4 FS bs=4096, gc=2, bpg=34, ipg=32, mo=c042e01c, mo2=0000]
[  102.650425][ T1563] EXT4-fs (loop5): orphan cleanup on readonly fs
[  102.657646][ T1563] EXT4-fs error (device loop5): ext4_validate_block_bitmap:438: comm syz.5.320: bg 0: block 34: padding at end of block bitmap is not set
[  102.672512][ T1563] Quota error (device loop5): write_blk: dquota write failed
[  102.680204][ T1563] Quota error (device loop5): qtree_write_dquot: Error -117 occurred while creating quota
[  102.690528][ T1563] EXT4-fs error (device loop5): ext4_acquire_dquot:6803: comm syz.5.320: Failed to acquire dquot type 1
[  102.702675][ T1563] EXT4-fs (loop5): 1 truncate cleaned up
[  102.708669][ T1563] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  102.994831][ T1567] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=8296 sclass=netlink_route_socket pid=1567 comm=syz.4.319
[  103.065118][  T339] usb 3-1: Found UVC 0.04 device syz (046d:08c3)
[  103.071870][ T1567] netlink: 36 bytes leftover after parsing attributes in process `syz.4.319'.
[  103.072160][  T339] uvcvideo 3-1:0.31: Entity type for entity Output 6 was not initialized!
[  103.090074][  T441] EXT4-fs (loop2): unmounting filesystem.
[  103.098460][  T339] usb 3-1: USB disconnect, device number 13
[  103.113068][ T1570] loop2: detected capacity change from 0 to 128
[  104.315474][  T406] usb 4-1: USB disconnect, device number 13
[  104.347980][  T683] EXT4-fs (loop5): unmounting filesystem.
[  104.366301][   T19] usb 2-1: USB disconnect, device number 17
[  104.386105][ T1578] loop1: detected capacity change from 0 to 1024
[  104.397837][  T339] usb 5-1: USB disconnect, device number 15
[  104.403840][ T1578] EXT4-fs: Ignoring removed orlov option
[  104.463429][ T1578] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  104.745804][ T1595] loop2: detected capacity change from 0 to 128
[  104.752255][  T878] usb 6-1: new high-speed USB device number 13 using dummy_hcd
[  104.799379][ T1591] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3836: comm syz.1.323: Allocating blocks 497-513 which overlap fs metadata
[  104.979239][  T878] usb 6-1: Using ep0 maxpacket: 16
[  104.986389][  T878] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  104.997795][  T878] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  105.019307][  T878] usb 6-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  105.038749][  T878] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  105.057539][  T878] usb 6-1: config 0 descriptor??
[  105.259691][ T1591] EXT4-fs (loop1): pa ffff88810c3c8bd0: logic 2640, phys. 177, len 21
[  105.268038][ T1591] EXT4-fs error (device loop1): ext4_mb_release_inode_pa:4876: group 0, free 0, pa_free 1
[  105.341372][  T283] EXT4-fs (loop1): unmounting filesystem.
[  105.472485][  T878] HID 045e:07da: Invalid code 65791 type 1
[  105.492937][  T878] input: HID 045e:07da as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/0003:045E:07DA.0006/input/input9
[  105.744871][ T1605] loop3: detected capacity change from 0 to 512
[  105.785108][ T1605] EXT4-fs: Ignoring removed mblk_io_submit option
[  105.813304][ T1605] EXT4-fs: Ignoring removed bh option
[  105.868937][ T1605] EXT4-fs (loop3): Test dummy encryption mode enabled
[  105.886071][ T1605] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  105.907760][  T878] microsoft 0003:045E:07DA.0006: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.5-1/input0
[  105.939248][  T561] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  105.940351][ T1605] EXT4-fs (loop3): 1 truncate cleaned up
[  105.970915][ T1605] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  106.093471][  T878] usb 6-1: USB disconnect, device number 13
[  106.100937][  T282] EXT4-fs (loop3): unmounting filesystem.
[  106.119983][ T1613] loop3: detected capacity change from 0 to 128
[  106.129316][  T561] usb 5-1: Using ep0 maxpacket: 32
[  106.135873][  T561] usb 5-1: config 1 has an invalid interface number: 137 but max is 0
[  106.147884][  T561] usb 5-1: config 1 has no interface number 0
[  106.154365][  T561] usb 5-1: config 1 interface 137 has no altsetting 0
[  106.168524][  T561] usb 5-1: New USB device found, idVendor=0557, idProduct=2021, bcdDevice=74.1a
[  106.178740][  T561] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  106.187095][  T561] usb 5-1: Product: syz
[  106.191732][  T561] usb 5-1: Manufacturer: syz
[  106.253705][  T561] usb 5-1: SerialNumber: syz
[  106.263998][ T1616] loop1: detected capacity change from 0 to 512
[  106.274470][ T1616] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 1 overlaps superblock
[  106.284599][ T1616] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 1 overlaps superblock
[  106.294471][ T1616] EXT4-fs (loop1): ext4_check_descriptors: Inode table for group 1 overlaps superblock
[  106.340022][ T1616] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  106.364496][ T1616] [EXT4 FS bs=4096, gc=2, bpg=34, ipg=32, mo=c042e01c, mo2=0000]
[  106.376965][ T1616] EXT4-fs (loop1): orphan cleanup on readonly fs
[  106.383621][  T562] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[  106.394977][ T1616] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.333: bg 0: block 34: padding at end of block bitmap is not set
[  106.416366][ T1616] Quota error (device loop1): write_blk: dquota write failed
[  106.425019][ T1616] Quota error (device loop1): qtree_write_dquot: Error -28 occurred while creating quota
[  106.435915][ T1616] EXT4-fs error (device loop1): ext4_acquire_dquot:6803: comm syz.1.333: Failed to acquire dquot type 1
[  106.450895][ T1616] EXT4-fs (loop1): 1 truncate cleaned up
[  106.543055][ T1616] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  106.551286][  T561] pl2303 5-1:1.137: required interrupt-in endpoint missing
[  106.579683][  T561] usb 5-1: USB disconnect, device number 16
[  106.639216][  T562] usb 3-1: Using ep0 maxpacket: 16
[  106.645982][  T562] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  106.663633][  T562] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  106.676622][  T562] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  106.685839][  T562] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  106.695899][  T562] usb 3-1: config 0 descriptor??
[  106.949199][  T878] usb 6-1: new high-speed USB device number 14 using dummy_hcd
[  107.121824][ T1626] loop3: detected capacity change from 0 to 512
[  107.128526][ T1626] EXT4-fs: Ignoring removed mblk_io_submit option
[  107.140923][  T562] HID 045e:07da: Invalid code 65791 type 1
[  107.142696][  T878] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  107.157637][  T283] EXT4-fs (loop1): unmounting filesystem.
[  107.162225][  T562] input: HID 045e:07da as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:045E:07DA.0007/input/input10
[  107.170631][ T1626] EXT4-fs: Ignoring removed bh option
[  107.180525][  T878] usb 6-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  107.193407][  T562] microsoft 0003:045E:07DA.0007: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.2-1/input0
[  107.214508][  T878] usb 6-1: New USB device found, idVendor=044f, idProduct=b323, bcdDevice= 0.00
[  107.225191][  T878] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  107.230565][ T1626] EXT4-fs (loop3): Test dummy encryption mode enabled
[  107.240832][  T878] usb 6-1: config 0 descriptor??
[  107.255988][ T1626] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  107.375035][ T1626] EXT4-fs (loop3): 1 truncate cleaned up
[  107.385058][ T1626] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  107.466058][ T1638] netlink: 4 bytes leftover after parsing attributes in process `syz.1.337'.
[  107.497221][ T1638] loop1: detected capacity change from 0 to 512
[  107.505350][ T1638] EXT4-fs: Ignoring removed nomblk_io_submit option
[  107.560473][ T1638] EXT4-fs (loop1): can't mount with journal_async_commit, fs mounted w/o journal
[  107.877193][ T1641] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=8296 sclass=netlink_route_socket pid=1641 comm=syz.5.334
[  107.947028][  T562] usb 3-1: USB disconnect, device number 14
[  108.637999][  T282] EXT4-fs (loop3): unmounting filesystem.
[  108.739208][  T878] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[  108.767458][ T1647] loop3: detected capacity change from 0 to 1024
[  108.791124][ T1647] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  108.799751][ T1647] ext4 filesystem being mounted at /74/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  108.929357][  T878] usb 5-1: Using ep0 maxpacket: 16
[  108.935841][  T878] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  108.946808][  T878] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  108.960226][  T878] usb 5-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  108.969421][  T878] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  109.039211][ T1653] netlink: 12 bytes leftover after parsing attributes in process `syz.2.341'.
[  109.131034][ T1653] loop2: detected capacity change from 0 to 512
[  109.139521][ T1653] EXT4-fs: Ignoring removed nomblk_io_submit option
[  109.177127][ T1653] EXT4-fs (loop2): can't mount with journal_async_commit, fs mounted w/o journal
[  109.260585][    T6] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[  109.275547][  T878] usb 5-1: config 0 descriptor??
[  109.616930][ T1655] loop1: detected capacity change from 0 to 128
[  110.125800][  T562] usb 6-1: USB disconnect, device number 14
[  110.191284][  T878] HID 045e:07da: Invalid code 65791 type 1
[  110.203341][  T878] input: HID 045e:07da as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:045E:07DA.0008/input/input11
[  110.216173][  T878] microsoft 0003:045E:07DA.0008: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.4-1/input0
[  110.235508][ T1660] loop2: detected capacity change from 0 to 16
[  110.264229][ T1660] erofs: (device loop2): mounted with root inode @ nid 36.
[  110.279287][    T6] usb 4-1: Using ep0 maxpacket: 8
[  110.307480][    T6] usb 4-1: config 0 has an invalid interface number: 31 but max is 0
[  110.315936][    T6] usb 4-1: config 0 has no interface number 0
[  110.323932][    T6] usb 4-1: New USB device found, idVendor=046d, idProduct=08c3, bcdDevice=6b.16
[  110.333595][    T6] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  110.341860][    T6] usb 4-1: Product: syz
[  110.346237][    T6] usb 4-1: Manufacturer: syz
[  110.351081][    T6] usb 4-1: SerialNumber: syz
[  110.362828][    T6] usb 4-1: config 0 descriptor??
[  110.609377][  T562] usb 6-1: new high-speed USB device number 15 using dummy_hcd
[  110.789204][ T1635] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm ext4lazyinit: bg 0: block 393: padding at end of block bitmap is not set
[  110.809060][  T878] usb 5-1: USB disconnect, device number 17
[  110.810373][  T562] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  110.843504][  T562] usb 6-1: config 0 has no interfaces?
[  110.860071][  T562] usb 6-1: New USB device found, idVendor=056a, idProduct=0015, bcdDevice= 0.00
[  110.884723][  T562] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  110.907541][  T562] usb 6-1: config 0 descriptor??
[  110.939961][    T6] usb 4-1: Found UVC 0.04 device syz (046d:08c3)
[  110.946381][    T6] uvcvideo 4-1:0.31: Entity type for entity Output 6 was not initialized!
[  110.984970][    T6] usb 4-1: USB disconnect, device number 14
[  111.009439][ T1669] loop1: detected capacity change from 0 to 512
[  111.024625][ T1669] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 1 overlaps superblock
[  111.046315][ T1669] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 1 overlaps superblock
[  111.056738][ T1669] EXT4-fs (loop1): ext4_check_descriptors: Inode table for group 1 overlaps superblock
[  111.069052][ T1669] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  111.078049][ T1669] [EXT4 FS bs=4096, gc=2, bpg=34, ipg=32, mo=c042e01c, mo2=0000]
[  111.086704][ T1669] EXT4-fs (loop1): orphan cleanup on readonly fs
[  111.094511][ T1669] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.345: bg 0: block 34: padding at end of block bitmap is not set
[  111.112543][ T1669] Quota error (device loop1): write_blk: dquota write failed
[  111.120323][ T1669] Quota error (device loop1): qtree_write_dquot: Error -28 occurred while creating quota
[  111.130696][ T1669] EXT4-fs error (device loop1): ext4_acquire_dquot:6803: comm syz.1.345: Failed to acquire dquot type 1
[  111.143261][ T1669] EXT4-fs (loop1): 1 truncate cleaned up
[  111.149550][ T1669] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  111.376323][ T1677] loop4: detected capacity change from 0 to 1024
[  111.402570][ T1677] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  111.411948][ T1677] ext4 filesystem being mounted at /55/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  111.449216][  T878] usb 3-1: new high-speed USB device number 15 using dummy_hcd
[  111.482184][  T282] EXT4-fs (loop3): unmounting filesystem.
[  111.639216][  T878] usb 3-1: Using ep0 maxpacket: 32
[  111.645626][  T878] usb 3-1: config 1 has an invalid interface number: 137 but max is 0
[  111.653915][  T878] usb 3-1: config 1 has no interface number 0
[  111.660122][  T878] usb 3-1: config 1 interface 137 has no altsetting 0
[  111.668581][  T878] usb 3-1: New USB device found, idVendor=0557, idProduct=2021, bcdDevice=74.1a
[  111.677744][  T878] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  111.685827][  T878] usb 3-1: Product: syz
[  111.690171][  T878] usb 3-1: Manufacturer: syz
[  111.694800][  T878] usb 3-1: SerialNumber: syz
[  111.709221][  T406] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[  111.779224][    T6] usb 4-1: new high-speed USB device number 15 using dummy_hcd
[  111.866788][  T283] EXT4-fs (loop1): unmounting filesystem.
[  111.883414][ T1684] loop1: detected capacity change from 0 to 128
[  111.958253][  T406] usb 5-1: Using ep0 maxpacket: 8
[  111.960384][    T6] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  111.970122][  T406] usb 5-1: config 0 has an invalid interface number: 31 but max is 0
[  111.981590][  T406] usb 5-1: config 0 has no interface number 0
[  111.999895][  T406] usb 5-1: New USB device found, idVendor=046d, idProduct=08c3, bcdDevice=6b.16
[  112.010746][  T406] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  112.017759][  T878] pl2303 3-1:1.137: required interrupt-in endpoint missing
[  112.019486][  T406] usb 5-1: Product: syz
[  112.026404][    T6] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  112.030508][  T406] usb 5-1: Manufacturer: syz
[  112.041101][  T878] usb 3-1: USB disconnect, device number 15
[  112.050086][    T6] usb 4-1: New USB device found, idVendor=044f, idProduct=b323, bcdDevice= 0.00
[  112.053027][  T406] usb 5-1: SerialNumber: syz
[  112.060665][    T6] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  112.071296][  T406] usb 5-1: config 0 descriptor??
[  112.479323][ T1680] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm ext4lazyinit: bg 0: block 393: padding at end of block bitmap is not set
[  112.651997][    T6] usb 4-1: config 0 descriptor??
[  112.996075][ T1695] loop1: detected capacity change from 0 to 512
[  113.051084][ T1695] EXT4-fs: Ignoring removed mblk_io_submit option
[  113.057597][ T1695] EXT4-fs: Ignoring removed bh option
[  113.069985][ T1695] EXT4-fs (loop1): Test dummy encryption mode enabled
[  113.076854][ T1695] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  113.099200][  T878] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[  113.130306][ T1695] EXT4-fs (loop1): 1 truncate cleaned up
[  113.136027][ T1695] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  113.176797][  T561] usb 6-1: USB disconnect, device number 15
[  113.280319][  T878] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  113.291253][  T878] usb 3-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  113.301188][  T878] usb 3-1: New USB device found, idVendor=044f, idProduct=b323, bcdDevice= 0.00
[  113.310412][  T878] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  113.319965][  T878] usb 3-1: config 0 descriptor??
[  113.573783][ T1701] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=8296 sclass=netlink_route_socket pid=1701 comm=syz.3.348
[  113.586491][  T561] usb 6-1: new high-speed USB device number 16 using dummy_hcd
[  113.609295][ T1701] netlink: 36 bytes leftover after parsing attributes in process `syz.3.348'.
[  113.780373][  T561] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  113.797495][  T561] usb 6-1: config 0 has no interfaces?
[  113.803299][  T561] usb 6-1: New USB device found, idVendor=056a, idProduct=0015, bcdDevice= 0.00
[  113.812476][  T561] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  113.825198][  T561] usb 6-1: config 0 descriptor??
[  113.896423][  T283] EXT4-fs (loop1): unmounting filesystem.
[  114.234764][ T1711] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=8296 sclass=netlink_route_socket pid=1711 comm=syz.2.350
[  114.244806][ T1710] loop1: detected capacity change from 0 to 512
[  114.268350][ T1710] EXT4-fs: Ignoring removed mblk_io_submit option
[  114.280570][ T1710] EXT4-fs: Ignoring removed bh option
[  114.290172][ T1710] EXT4-fs (loop1): Test dummy encryption mode enabled
[  114.297658][ T1710] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  114.319388][ T1710] EXT4-fs (loop1): 1 truncate cleaned up
[  114.325676][ T1710] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  114.377477][  T406] usb 5-1: Found UVC 0.04 device syz (046d:08c3)
[  114.396385][  T286] EXT4-fs (loop4): unmounting filesystem.
[  114.405209][  T406] uvcvideo 5-1:0.31: Entity type for entity Output 6 was not initialized!
[  114.510796][  T406] usb 5-1: USB disconnect, device number 18
[  114.658406][  T561] usb 4-1: USB disconnect, device number 15
[  114.686569][ T1721] loop3: detected capacity change from 0 to 16
[  114.736990][ T1721] erofs: (device loop3): mounted with root inode @ nid 36.
[  114.777186][ T1722] netlink: 4 bytes leftover after parsing attributes in process `syz.4.355'.
[  114.823943][ T1722] loop4: detected capacity change from 0 to 512
[  114.832827][ T1722] EXT4-fs: Ignoring removed nomblk_io_submit option
[  114.842524][ T1722] EXT4-fs (loop4): can't mount with journal_async_commit, fs mounted w/o journal
[  115.796553][  T344] usb 3-1: USB disconnect, device number 16
[  115.891491][  T283] EXT4-fs (loop1): unmounting filesystem.
[  116.229197][  T561] usb 2-1: new high-speed USB device number 18 using dummy_hcd
[  116.308088][ T1736] overlayfs: failed to resolve './bus': -2
[  116.314313][  T344] usb 3-1: new high-speed USB device number 17 using dummy_hcd
[  116.430395][  T561] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  116.449195][  T561] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  116.458210][  T561] usb 2-1: New USB device found, idVendor=044f, idProduct=b323, bcdDevice= 0.00
[  116.479173][  T561] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  116.502693][  T561] usb 2-1: config 0 descriptor??
[  116.513934][  T344] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  116.539225][  T344] usb 3-1: config 0 has no interfaces?
[  116.550330][  T344] usb 3-1: New USB device found, idVendor=056a, idProduct=0015, bcdDevice= 0.00
[  116.560862][  T344] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  116.598200][  T344] usb 3-1: config 0 descriptor??
[  116.908096][ T1738] loop4: detected capacity change from 0 to 1024
[  116.930662][ T1738] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  116.960487][ T1738] ext4 filesystem being mounted at /58/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  117.254270][    T6] usb 6-1: USB disconnect, device number 16
[  117.299496][ T1746] loop5: detected capacity change from 0 to 128
[  117.430689][ T1751] loop3: detected capacity change from 0 to 512
[  117.454745][ T1751] EXT4-fs: Ignoring removed mblk_io_submit option
[  117.476041][ T1751] EXT4-fs: Ignoring removed bh option
[  117.491995][ T1751] EXT4-fs (loop3): Test dummy encryption mode enabled
[  117.510634][ T1751] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  117.539262][  T562] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[  117.548776][ T1751] EXT4-fs (loop3): 1 truncate cleaned up
[  117.563826][ T1751] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  117.572547][ T1754] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=8296 sclass=netlink_route_socket pid=1754 comm=syz.1.358
[  117.739244][  T562] usb 5-1: Using ep0 maxpacket: 8
[  117.745655][  T562] usb 5-1: config 0 has an invalid interface number: 31 but max is 0
[  117.764669][  T562] usb 5-1: config 0 has no interface number 0
[  117.773006][  T562] usb 5-1: New USB device found, idVendor=046d, idProduct=08c3, bcdDevice=6b.16
[  117.782476][  T562] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  117.790753][  T562] usb 5-1: Product: syz
[  117.795107][  T562] usb 5-1: Manufacturer: syz
[  117.800016][  T562] usb 5-1: SerialNumber: syz
[  117.810911][  T562] usb 5-1: config 0 descriptor??
[  118.426414][  T282] EXT4-fs (loop3): unmounting filesystem.
[  118.531678][ T1762] netlink: 4 bytes leftover after parsing attributes in process `syz.5.364'.
[  118.579741][ T1762] loop5: detected capacity change from 0 to 512
[  118.588610][ T1762] EXT4-fs: Ignoring removed nomblk_io_submit option
[  118.649539][ T1762] EXT4-fs (loop5): can't mount with journal_async_commit, fs mounted w/o journal
[  118.770764][ T1761] loop3: detected capacity change from 0 to 1024
[  119.615182][ T1763] usb 3-1: USB disconnect, device number 17
[  119.621845][ T1741] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm ext4lazyinit: bg 0: block 393: padding at end of block bitmap is not set
[  119.669698][ T1761] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  119.688429][    T6] usb 2-1: USB disconnect, device number 18
[  119.694971][ T1761] ext4 filesystem being mounted at /79/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  119.759423][  T562] usb 5-1: Found UVC 0.04 device syz (046d:08c3)
[  119.765864][  T562] uvcvideo 5-1:0.31: Entity type for entity Output 6 was not initialized!
[  119.782405][  T562] usb 5-1: USB disconnect, device number 19
[  119.882632][ T1776] loop1: detected capacity change from 0 to 16
[  119.889775][ T1776] erofs: (device loop1): mounted with root inode @ nid 36.
[  120.018552][ T1777] overlayfs: failed to resolve './bus': -2
[  120.029208][  T878] usb 4-1: new high-speed USB device number 16 using dummy_hcd
[  120.085277][ T1780] loop1: detected capacity change from 0 to 1024
[  120.092253][ T1780] EXT4-fs: Ignoring removed orlov option
[  120.109233][ T1763] usb 3-1: new high-speed USB device number 18 using dummy_hcd
[  120.145509][ T1780] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  120.219202][  T878] usb 4-1: Using ep0 maxpacket: 8
[  120.225403][  T878] usb 4-1: config 0 has an invalid interface number: 31 but max is 0
[  120.244189][  T878] usb 4-1: config 0 has no interface number 0
[  120.255683][  T878] usb 4-1: New USB device found, idVendor=046d, idProduct=08c3, bcdDevice=6b.16
[  120.279206][  T878] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  120.288443][  T878] usb 4-1: Product: syz
[  120.294628][  T286] EXT4-fs (loop4): unmounting filesystem.
[  120.300545][ T1763] usb 3-1: Using ep0 maxpacket: 16
[  120.306058][  T878] usb 4-1: Manufacturer: syz
[  120.311960][ T1763] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  120.474695][ T1783] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3836: comm syz.1.370: Allocating blocks 497-513 which overlap fs metadata
[  120.502032][  T878] usb 4-1: SerialNumber: syz
[  120.510089][  T878] usb 4-1: config 0 descriptor??
[  120.515144][ T1763] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  120.531184][ T1763] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  120.541359][ T1763] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  120.551044][ T1763] usb 3-1: config 0 descriptor??
[  120.640287][ T1789] loop5: detected capacity change from 0 to 512
[  120.647678][ T1789] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 1 overlaps superblock
[  120.670345][ T1789] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 1 overlaps superblock
[  120.680555][ T1789] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 1 overlaps superblock
[  120.692213][ T1789] EXT4-fs (loop5): revision level too high, forcing read-only mode
[  120.700439][ T1789] [EXT4 FS bs=4096, gc=2, bpg=34, ipg=32, mo=c042e01c, mo2=0000]
[  120.711394][ T1789] EXT4-fs (loop5): orphan cleanup on readonly fs
[  120.718524][ T1789] EXT4-fs error (device loop5): ext4_validate_block_bitmap:438: comm syz.5.372: bg 0: block 34: padding at end of block bitmap is not set
[  120.733430][ T1789] Quota error (device loop5): write_blk: dquota write failed
[  120.741148][ T1789] Quota error (device loop5): qtree_write_dquot: Error -28 occurred while creating quota
[  120.752848][ T1789] EXT4-fs error (device loop5): ext4_acquire_dquot:6803: comm syz.5.372: Failed to acquire dquot type 1
[  120.766415][ T1789] EXT4-fs (loop5): 1 truncate cleaned up
[  120.772666][ T1789] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  120.960562][ T1779] EXT4-fs (loop1): pa ffff88810c3c8d20: logic 928, phys. 177, len 21
[  120.968762][ T1779] EXT4-fs error (device loop1): ext4_mb_release_inode_pa:4876: group 0, 
[  120.968783][ T1763] HID 045e:07da: Invalid code 65791 type 1
[  120.968786][ T1779] free 0, pa_free 1
[  121.012616][  T283] EXT4-fs (loop1): unmounting filesystem.
[  121.036344][ T1763] input: HID 045e:07da as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:045E:07DA.0009/input/input12
[  121.062703][ T1763] microsoft 0003:045E:07DA.0009: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.2-1/input0
[  121.237371][ T1799] loop4: detected capacity change from 0 to 128
[  121.244401][  T878] usb 4-1: Found UVC 0.04 device syz (046d:08c3)
[  121.251308][  T878] uvcvideo 4-1:0.31: Entity type for entity Output 6 was not initialized!
[  121.265223][  T878] usb 4-1: USB disconnect, device number 16
[  121.359212][   T19] usb 2-1: new high-speed USB device number 19 using dummy_hcd
[  121.658262][  T683] EXT4-fs (loop5): unmounting filesystem.
[  121.670988][  T385] usb 3-1: USB disconnect, device number 18
[  121.800334][   T19] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  121.816531][ T1805] loop5: detected capacity change from 0 to 512
[  121.819194][   T19] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  121.825621][ T1805] EXT4-fs: Ignoring removed mblk_io_submit option
[  121.832813][   T19] usb 2-1: New USB device found, idVendor=044f, idProduct=b323, bcdDevice= 0.00
[  121.839311][ T1805] EXT4-fs: Ignoring removed bh option
[  121.853585][   T19] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  121.869707][ T1805] EXT4-fs (loop5): Test dummy encryption mode enabled
[  121.869870][   T19] usb 2-1: config 0 descriptor??
[  121.877726][ T1805] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  121.903531][ T1805] EXT4-fs (loop5): 1 truncate cleaned up
[  121.910382][ T1805] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  121.912191][  T282] EXT4-fs (loop3): unmounting filesystem.
[  122.083397][ T1810] loop3: detected capacity change from 0 to 512
[  122.138069][ T1810] EXT4-fs: Ignoring removed mblk_io_submit option
[  122.186779][ T1810] EXT4-fs: Ignoring removed bh option
[  122.212897][ T1810] EXT4-fs (loop3): Test dummy encryption mode enabled
[  122.229257][ T1810] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  122.267934][ T1810] EXT4-fs (loop3): 1 truncate cleaned up
[  122.284111][ T1810] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  122.459235][   T19] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[  122.509204][  T385] usb 3-1: new high-speed USB device number 19 using dummy_hcd
[  122.659208][   T19] usb 5-1: Using ep0 maxpacket: 8
[  122.670040][   T19] usb 5-1: config 0 has an invalid interface number: 31 but max is 0
[  122.678191][   T19] usb 5-1: config 0 has no interface number 0
[  122.699242][  T385] usb 3-1: Using ep0 maxpacket: 32
[  122.705396][   T19] usb 5-1: New USB device found, idVendor=046d, idProduct=08c3, bcdDevice=6b.16
[  122.705894][  T385] usb 3-1: config 1 has an invalid interface number: 137 but max is 0
[  122.726753][  T683] EXT4-fs (loop5): unmounting filesystem.
[  122.729246][   T19] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  122.740580][   T19] usb 5-1: Product: syz
[  122.740838][  T385] usb 3-1: config 1 has no interface number 0
[  122.744755][   T19] usb 5-1: Manufacturer: syz
[  122.744773][   T19] usb 5-1: SerialNumber: syz
[  122.749589][   T19] usb 5-1: config 0 descriptor??
[  122.751514][  T385] usb 3-1: config 1 interface 137 has no altsetting 0
[  122.789665][  T385] usb 3-1: New USB device found, idVendor=0557, idProduct=2021, bcdDevice=74.1a
[  122.799227][  T385] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  122.807480][  T385] usb 3-1: Product: syz
[  122.811787][  T385] usb 3-1: Manufacturer: syz
[  122.816410][  T385] usb 3-1: SerialNumber: syz
[  122.837409][ T1819] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=8296 sclass=netlink_route_socket pid=1819 comm=syz.1.373
[  122.920824][  T282] EXT4-fs (loop3): unmounting filesystem.
[  122.949959][ T1822] loop3: detected capacity change from 0 to 1024
[  123.095073][ T1822] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  123.111256][ T1822] ext4 filesystem being mounted at /81/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  123.160160][   T19] usb 5-1: Found UVC 0.04 device syz (046d:08c3)
[  123.169069][  T385] pl2303 3-1:1.137: required interrupt-in endpoint missing
[  123.169521][   T19] uvcvideo 5-1:0.31: Entity type for entity Output 6 was not initialized!
[  123.182346][  T385] usb 3-1: USB disconnect, device number 19
[  123.202287][   T19] usb 5-1: USB disconnect, device number 20
[  123.399269][  T344] usb 4-1: new high-speed USB device number 17 using dummy_hcd
[  123.579200][  T344] usb 4-1: Using ep0 maxpacket: 8
[  123.585557][  T344] usb 4-1: config 0 has an invalid interface number: 31 but max is 0
[  123.593884][  T344] usb 4-1: config 0 has no interface number 0
[  123.605636][  T344] usb 4-1: New USB device found, idVendor=046d, idProduct=08c3, bcdDevice=6b.16
[  123.614784][  T344] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  123.647664][  T344] usb 4-1: Product: syz
[  123.651957][  T344] usb 4-1: Manufacturer: syz
[  123.656755][  T344] usb 4-1: SerialNumber: syz
[  123.662101][  T344] usb 4-1: config 0 descriptor??
[  123.745881][ T1837] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  123.848944][ T1840] loop4: detected capacity change from 0 to 512
[  123.868069][ T1840] EXT4-fs: Ignoring removed mblk_io_submit option
[  123.885878][ T1840] EXT4-fs: Ignoring removed bh option
[  123.895491][ T1840] EXT4-fs (loop4): Test dummy encryption mode enabled
[  123.902804][ T1840] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  123.919739][ T1840] EXT4-fs (loop4): 1 truncate cleaned up
[  123.926821][ T1840] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  124.029229][   T19] usb 3-1: new high-speed USB device number 20 using dummy_hcd
[  124.059215][  T878] usb 6-1: new high-speed USB device number 17 using dummy_hcd
[  124.069343][  T562] usb 2-1: USB disconnect, device number 19
[  124.127418][ T1845] loop1: detected capacity change from 0 to 1024
[  124.175789][ T1845] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  124.188894][ T1845] ext4 filesystem being mounted at /86/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  124.249270][   T19] usb 3-1: Using ep0 maxpacket: 16
[  124.259014][   T19] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  124.271645][  T878] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  124.286838][  T878] usb 6-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  124.299219][   T19] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  124.309569][ T1741] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm ext4lazyinit: bg 0: block 393: padding at end of block bitmap is not set
[  124.317746][  T878] usb 6-1: New USB device found, idVendor=044f, idProduct=b323, bcdDevice= 0.00
[  124.343560][   T19] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  124.362634][   T19] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  124.371880][  T878] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  124.392820][   T19] usb 3-1: config 0 descriptor??
[  124.402671][  T878] usb 6-1: config 0 descriptor??
[  124.599185][  T562] usb 2-1: new high-speed USB device number 20 using dummy_hcd
[  124.713400][  T286] EXT4-fs (loop4): unmounting filesystem.
[  124.849223][  T562] usb 2-1: Using ep0 maxpacket: 8
[  124.871373][  T562] usb 2-1: config 0 has an invalid interface number: 31 but max is 0
[  124.879628][  T562] usb 2-1: config 0 has no interface number 0
[  124.887273][  T562] usb 2-1: New USB device found, idVendor=046d, idProduct=08c3, bcdDevice=6b.16
[  124.896468][  T562] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  124.904734][  T562] usb 2-1: Product: syz
[  124.909004][  T562] usb 2-1: Manufacturer: syz
[  124.913761][  T562] usb 2-1: SerialNumber: syz
[  124.919773][  T562] usb 2-1: config 0 descriptor??
[  125.360645][  T562] usb 2-1: Found UVC 0.04 device syz (046d:08c3)
[  125.367157][  T562] uvcvideo 2-1:0.31: Entity type for entity Output 6 was not initialized!
[  125.383947][ T1855] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=8296 sclass=netlink_route_socket pid=1855 comm=syz.5.385
[  125.390725][  T562] usb 2-1: USB disconnect, device number 20
[  125.422741][ T1855] netlink: 36 bytes leftover after parsing attributes in process `syz.5.385'.
[  125.877006][  T283] EXT4-fs (loop1): unmounting filesystem.
[  125.919243][  T562] usb 5-1: new high-speed USB device number 21 using dummy_hcd
[  125.954525][  T344] usb 4-1: Found UVC 0.04 device syz (046d:08c3)
[  125.961889][  T282] EXT4-fs (loop3): unmounting filesystem.
[  125.968510][  T344] uvcvideo 4-1:0.31: Entity type for entity Output 6 was not initialized!
[  125.978447][  T344] usb 4-1: USB disconnect, device number 17
[  126.109235][  T562] usb 5-1: Using ep0 maxpacket: 32
[  126.116527][  T562] usb 5-1: config 1 has an invalid interface number: 137 but max is 0
[  126.124814][  T562] usb 5-1: config 1 has no interface number 0
[  126.148113][ T1864] loop3: detected capacity change from 0 to 512
[  126.159178][  T562] usb 5-1: config 1 interface 137 has no altsetting 0
[  126.170060][ T1864] EXT4-fs: Ignoring removed mblk_io_submit option
[  126.185520][ T1864] EXT4-fs: Ignoring removed bh option
[  126.187202][  T562] usb 5-1: New USB device found, idVendor=0557, idProduct=2021, bcdDevice=74.1a
[  126.200296][ T1864] EXT4-fs (loop3): Test dummy encryption mode enabled
[  126.209614][ T1865] overlayfs: failed to resolve './bus': -2
[  126.215531][  T562] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  126.223935][ T1864] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  126.228756][  T562] usb 5-1: Product: syz
[  126.238298][  T562] usb 5-1: Manufacturer: syz
[  126.243050][  T562] usb 5-1: SerialNumber: syz
[  126.261690][ T1864] EXT4-fs (loop3): 1 truncate cleaned up
[  126.270843][ T1864] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  126.653698][  T562] pl2303 5-1:1.137: required interrupt-in endpoint missing
[  126.676015][  T562] usb 5-1: USB disconnect, device number 21
[  126.744951][   T19] usbhid 3-1:0.0: can't add hid device: -71
[  126.753681][   T19] usbhid: probe of 3-1:0.0 failed with error -71
[  126.782166][   T19] usb 3-1: USB disconnect, device number 20
[  126.836120][  T878] usb 6-1: USB disconnect, device number 17
[  127.107723][  T282] EXT4-fs (loop3): unmounting filesystem.
[  127.251994][ T1882] netlink: 12 bytes leftover after parsing attributes in process `syz.4.396'.
[  127.268109][ T1882] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  127.275604][  T878] usb 6-1: new high-speed USB device number 18 using dummy_hcd
[  127.293307][ T1882] device veth0_vlan left promiscuous mode
[  127.299663][ T1882] device veth0_vlan entered promiscuous mode
[  127.306625][ T1882] device veth1_macvtap left promiscuous mode
[  127.313417][ T1882] device veth1_macvtap entered promiscuous mode
[  127.320880][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  127.328584][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  127.336193][  T385] usb 2-1: new high-speed USB device number 21 using dummy_hcd
[  127.344617][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  127.353091][    T8] bridge0: port 1(bridge_slave_0) entered blocking state
[  127.360194][    T8] bridge0: port 1(bridge_slave_0) entered forwarding state
[  127.367849][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  127.376496][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  127.384774][    T8] bridge0: port 2(bridge_slave_1) entered blocking state
[  127.389354][   T19] usb 4-1: new high-speed USB device number 18 using dummy_hcd
[  127.391930][    T8] bridge0: port 2(bridge_slave_1) entered forwarding state
[  127.406966][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  127.415362][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_0: link becomes ready
[  127.423589][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  127.431794][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_1: link becomes ready
[  127.439905][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  127.448112][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  127.456302][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  127.464484][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  127.470435][  T878] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  127.472844][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  127.483179][  T878] usb 6-1: config 0 has no interfaces?
[  127.491018][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  127.496337][  T878] usb 6-1: New USB device found, idVendor=056a, idProduct=0015, bcdDevice= 0.00
[  127.504521][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  127.513315][  T878] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  127.521390][  T385] usb 2-1: Using ep0 maxpacket: 8
[  127.534165][  T878] usb 6-1: config 0 descriptor??
[  127.535412][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  127.547497][  T385] usb 2-1: config 0 has an invalid interface number: 31 but max is 0
[  127.547916][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  127.555643][  T385] usb 2-1: config 0 has no interface number 0
[  127.564705][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  127.571891][  T385] usb 2-1: New USB device found, idVendor=046d, idProduct=08c3, bcdDevice=6b.16
[  127.578239][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  127.587078][  T385] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  127.594957][   T19] usb 4-1: Using ep0 maxpacket: 32
[  127.603034][  T385] usb 2-1: Product: syz
[  127.608776][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  127.612258][  T385] usb 2-1: Manufacturer: syz
[  127.620904][   T19] usb 4-1: config 1 has an invalid interface number: 137 but max is 0
[  127.633097][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  127.641258][   T19] usb 4-1: config 1 has no interface number 0
[  127.647745][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  127.656110][   T19] usb 4-1: config 1 interface 137 has no altsetting 0
[  127.662194][  T385] usb 2-1: SerialNumber: syz
[  127.672719][  T385] usb 2-1: config 0 descriptor??
[  127.678957][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  127.680245][   T19] usb 4-1: New USB device found, idVendor=0557, idProduct=2021, bcdDevice=74.1a
[  127.687899][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  127.699573][ T1884] loop2: detected capacity change from 0 to 1024
[  127.705132][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  127.717921][   T19] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  127.718526][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  127.733737][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  127.734209][   T19] usb 4-1: Product: syz
[  127.746148][   T19] usb 4-1: Manufacturer: syz
[  127.749731][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  127.751031][   T19] usb 4-1: SerialNumber: syz
[  127.769626][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  127.776255][ T1884] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  127.778150][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  127.786556][ T1884] ext4 filesystem being mounted at /66/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  127.794229][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  128.420674][  T385] usb 2-1: Found UVC 0.04 device syz (046d:08c3)
[  128.427208][  T385] uvcvideo 2-1:0.31: Entity type for entity Output 6 was not initialized!
[  128.442972][   T19] pl2303 4-1:1.137: required interrupt-in endpoint missing
[  128.450473][ T1763] usb 5-1: new high-speed USB device number 22 using dummy_hcd
[  128.452583][  T385] usb 2-1: USB disconnect, device number 21
[  128.479335][   T19] usb 4-1: USB disconnect, device number 18
[  128.649283][ T1763] usb 5-1: Using ep0 maxpacket: 16
[  128.655625][ T1763] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  128.666602][ T1763] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  128.679523][ T1763] usb 5-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  128.688630][ T1763] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  128.697574][ T1763] usb 5-1: config 0 descriptor??
[  129.005997][ T1904] loop3: detected capacity change from 0 to 1024
[  129.033215][  T441] EXT4-fs (loop2): unmounting filesystem.
[  129.034040][ T1905] loop1: detected capacity change from 0 to 512
[  129.047895][ T1904] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  129.048228][ T1905] EXT4-fs: Ignoring removed mblk_io_submit option
[  129.056893][ T1904] ext4 filesystem being mounted at /84/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  129.063825][ T1905] EXT4-fs: Ignoring removed bh option
[  129.106977][ T1763] HID 045e:07da: Invalid code 65791 type 1
[  129.116116][ T1905] EXT4-fs (loop1): Test dummy encryption mode enabled
[  129.149675][ T1763] input: HID 045e:07da as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:045E:07DA.000A/input/input13
[  129.162161][ T1905] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  129.174267][ T1763] microsoft 0003:045E:07DA.000A: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.4-1/input0
[  129.211852][ T1905] EXT4-fs (loop1): 1 truncate cleaned up
[  129.224420][ T1905] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  129.349983][  T385] usb 4-1: new high-speed USB device number 19 using dummy_hcd
[  129.369249][   T19] usb 3-1: new high-speed USB device number 21 using dummy_hcd
[  129.539236][  T385] usb 4-1: Using ep0 maxpacket: 8
[  129.545750][  T385] usb 4-1: config 0 has an invalid interface number: 31 but max is 0
[  129.554312][  T385] usb 4-1: config 0 has no interface number 0
[  129.562521][  T385] usb 4-1: New USB device found, idVendor=046d, idProduct=08c3, bcdDevice=6b.16
[  129.572136][  T385] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  129.579208][   T19] usb 3-1: Using ep0 maxpacket: 16
[  129.580478][  T385] usb 4-1: Product: syz
[  129.586622][   T19] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  129.589925][  T385] usb 4-1: Manufacturer: syz
[  129.605456][  T385] usb 4-1: SerialNumber: syz
[  129.611951][  T385] usb 4-1: config 0 descriptor??
[  129.614401][   T19] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  129.629857][   T19] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  129.639009][   T19] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  129.654249][   T19] usb 3-1: config 0 descriptor??
[  129.732126][  T344] usb 5-1: USB disconnect, device number 22
[  129.929812][  T562] usb 6-1: USB disconnect, device number 18
[  129.935494][  T283] EXT4-fs (loop1): unmounting filesystem.
[  129.948956][ T1914] loop5: detected capacity change from 0 to 128
[  129.987753][ T1916] loop1: detected capacity change from 0 to 512
[  130.008311][ T1916] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 1 overlaps superblock
[  130.026246][ T1916] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 1 overlaps superblock
[  130.036452][ T1916] EXT4-fs (loop1): ext4_check_descriptors: Inode table for group 1 overlaps superblock
[  130.064156][ T1916] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  130.073727][ T1916] [EXT4 FS bs=4096, gc=2, bpg=34, ipg=32, mo=c042e01c, mo2=0000]
[  130.091542][ T1916] EXT4-fs (loop1): orphan cleanup on readonly fs
[  130.116528][ T1920] netlink: 12 bytes leftover after parsing attributes in process `syz.5.404'.
[  130.122871][ T1916] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.402: bg 0: block 34: padding at end of block bitmap is not set
[  130.128765][ T1920] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  130.169497][ T1916] Quota error (device loop1): write_blk: dquota write failed
[  130.186584][ T1916] Quota error (device loop1): qtree_write_dquot: Error -28 occurred while creating quota
[  130.197247][ T1916] EXT4-fs error (device loop1): ext4_acquire_dquot:6803: comm syz.1.402: Failed to acquire dquot type 1
[  130.210085][ T1916] EXT4-fs (loop1): 1 truncate cleaned up
[  130.218616][ T1916] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  130.359107][  T385] usb 4-1: Found UVC 0.04 device syz (046d:08c3)
[  130.365731][  T385] uvcvideo 4-1:0.31: Entity type for entity Output 6 was not initialized!
[  130.380739][  T385] usb 4-1: USB disconnect, device number 19
[  130.471972][ T1929] netlink: 4 bytes leftover after parsing attributes in process `syz.5.405'.
[  130.503706][ T1929] loop5: detected capacity change from 0 to 512
[  130.511641][ T1929] EXT4-fs: Ignoring removed nomblk_io_submit option
[  130.521411][ T1929] EXT4-fs (loop5): can't mount with journal_async_commit, fs mounted w/o journal
[  131.212938][  T283] EXT4-fs (loop1): unmounting filesystem.
[  131.715617][  T282] EXT4-fs (loop3): unmounting filesystem.
[  131.742009][ T1933] loop4: detected capacity change from 0 to 512
[  131.753526][ T1933] EXT4-fs: Ignoring removed mblk_io_submit option
[  131.767371][ T1933] EXT4-fs: Ignoring removed bh option
[  131.783446][ T1933] EXT4-fs (loop4): Test dummy encryption mode enabled
[  131.798039][ T1933] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  131.911380][ T1933] EXT4-fs (loop4): 1 truncate cleaned up
[  131.919260][ T1933] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  132.075299][ T1944] netlink: 4 bytes leftover after parsing attributes in process `syz.3.408'.
[  132.099919][ T1944] loop3: detected capacity change from 0 to 512
[  132.142251][ T1944] EXT4-fs: Ignoring removed nomblk_io_submit option
[  132.220185][ T1944] EXT4-fs (loop3): can't mount with journal_async_commit, fs mounted w/o journal
[  132.332206][  T852] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  132.699294][  T385] usb 2-1: new high-speed USB device number 22 using dummy_hcd
[  133.133683][ T1949] loop2: detected capacity change from 0 to 1024
[  133.204996][   T19] usbhid 3-1:0.0: can't add hid device: -71
[  133.211784][   T19] usbhid: probe of 3-1:0.0 failed with error -71
[  133.220355][   T19] usb 3-1: USB disconnect, device number 21
[  133.249222][ T1949] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  133.268104][ T1949] ext4 filesystem being mounted at /68/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  133.356047][ T1955] overlayfs: failed to resolve './bus': -2
[  133.362219][  T385] usb 2-1: Using ep0 maxpacket: 8
[  133.368915][  T385] usb 2-1: config 0 has an invalid interface number: 31 but max is 0
[  133.390201][  T385] usb 2-1: config 0 has no interface number 0
[  133.398465][  T385] usb 2-1: New USB device found, idVendor=046d, idProduct=08c3, bcdDevice=6b.16
[  133.408250][  T385] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  133.419479][  T385] usb 2-1: Product: syz
[  133.423726][  T385] usb 2-1: Manufacturer: syz
[  133.428361][  T385] usb 2-1: SerialNumber: syz
[  133.439047][  T385] usb 2-1: config 0 descriptor??
[  133.675609][ T1959] loop5: detected capacity change from 0 to 1024
[  133.687907][  T286] EXT4-fs (loop4): unmounting filesystem.
[  133.693838][   T19] usb 3-1: new high-speed USB device number 22 using dummy_hcd
[  133.709224][  T446] usb 4-1: new high-speed USB device number 20 using dummy_hcd
[  133.754326][ T1959] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  133.763037][ T1959] ext4 filesystem being mounted at /67/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  133.827600][  T385] usb 2-1: Found UVC 0.04 device syz (046d:08c3)
[  133.835252][  T385] uvcvideo 2-1:0.31: Entity type for entity Output 6 was not initialized!
[  133.856056][  T385] usb 2-1: USB disconnect, device number 22
[  133.899220][   T19] usb 3-1: Using ep0 maxpacket: 8
[  133.905495][   T19] usb 3-1: config 0 has an invalid interface number: 31 but max is 0
[  133.909396][  T446] usb 4-1: Using ep0 maxpacket: 16
[  133.929203][   T19] usb 3-1: config 0 has no interface number 0
[  133.935643][  T446] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  133.944851][   T19] usb 3-1: New USB device found, idVendor=046d, idProduct=08c3, bcdDevice=6b.16
[  133.951375][ T1969] loop4: detected capacity change from 0 to 128
[  133.965915][   T19] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  133.969293][  T446] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  133.976010][   T19] usb 3-1: Product: syz
[  134.001240][   T19] usb 3-1: Manufacturer: syz
[  134.005903][   T19] usb 3-1: SerialNumber: syz
[  134.019941][   T19] usb 3-1: config 0 descriptor??
[  134.094792][  T446] usb 4-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  134.104039][  T446] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  134.119626][  T446] usb 4-1: config 0 descriptor??
[  134.527849][  T446] HID 045e:07da: Invalid code 65791 type 1
[  134.543857][  T446] input: HID 045e:07da as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:045E:07DA.000B/input/input14
[  134.572740][  T446] microsoft 0003:045E:07DA.000B: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.3-1/input0
[  134.738769][  T683] EXT4-fs (loop5): unmounting filesystem.
[  134.786628][ T1988] loop5: detected capacity change from 0 to 512
[  134.800738][ T1983] loop1: detected capacity change from 0 to 512
[  134.810486][   T19] usb 3-1: Found UVC 0.04 device syz (046d:08c3)
[  134.819200][   T19] uvcvideo 3-1:0.31: Entity type for entity Output 6 was not initialized!
[  134.819469][ T1983] EXT4-fs: Ignoring removed mblk_io_submit option
[  134.835562][ T1983] EXT4-fs: Ignoring removed bh option
[  134.841770][ T1983] EXT4-fs (loop1): Test dummy encryption mode enabled
[  134.850810][   T19] usb 3-1: USB disconnect, device number 22
[  134.858425][ T1988] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 1 overlaps superblock
[  134.871592][ T1983] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  134.896197][ T1988] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 1 overlaps superblock
[  134.897558][ T1983] EXT4-fs (loop1): 1 truncate cleaned up
[  134.924512][ T1983] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  134.926429][ T1988] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 1 overlaps superblock
[  134.985569][ T1988] EXT4-fs (loop5): revision level too high, forcing read-only mode
[  135.009211][ T1988] [EXT4 FS bs=4096, gc=2, bpg=34, ipg=32, mo=c042e01c, mo2=0000]
[  135.029900][ T1988] EXT4-fs (loop5): orphan cleanup on readonly fs
[  135.047557][ T1988] EXT4-fs error (device loop5): ext4_validate_block_bitmap:438: comm syz.5.420: bg 0: block 34: padding at end of block bitmap is not set
[  135.084910][ T1988] Quota error (device loop5): write_blk: dquota write failed
[  135.092501][ T1988] Quota error (device loop5): qtree_write_dquot: Error -28 occurred while creating quota
[  135.102637][ T1988] EXT4-fs error (device loop5): ext4_acquire_dquot:6803: comm syz.5.420: Failed to acquire dquot type 1
[  135.114720][ T1988] EXT4-fs (loop5): 1 truncate cleaned up
[  135.130856][ T1988] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  135.225455][  T446] usb 4-1: USB disconnect, device number 20
[  135.350368][  T441] EXT4-fs (loop2): unmounting filesystem.
[  135.715052][  T283] EXT4-fs (loop1): unmounting filesystem.
[  135.941409][  T683] EXT4-fs (loop5): unmounting filesystem.
[  135.987739][ T2009] loop5: detected capacity change from 0 to 1024
[  136.000228][ T2009] EXT4-fs: Ignoring removed orlov option
[  136.006793][ T2006] loop3: detected capacity change from 0 to 512
[  136.023857][ T2006] EXT4-fs: Ignoring removed mblk_io_submit option
[  136.038733][ T2006] EXT4-fs: Ignoring removed bh option
[  136.039351][  T446] usb 2-1: new high-speed USB device number 23 using dummy_hcd
[  136.053691][ T2006] EXT4-fs (loop3): Test dummy encryption mode enabled
[  136.062451][ T2006] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  136.145875][ T2009] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  136.162448][ T2006] EXT4-fs (loop3): 1 truncate cleaned up
[  136.206084][ T2006] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  136.319223][  T446] usb 2-1: Using ep0 maxpacket: 16
[  136.325718][  T446] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  136.347372][  T446] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  136.360578][  T446] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  136.379219][  T446] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  136.448952][  T562] usb 5-1: new high-speed USB device number 23 using dummy_hcd
[  136.557942][ T2016] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:3836: comm syz.5.425: Allocating blocks 497-513 which overlap fs metadata
[  136.638325][  T446] usb 2-1: config 0 descriptor??
[  136.881285][  T282] EXT4-fs (loop3): unmounting filesystem.
[  136.893658][ T2009] EXT4-fs (loop5): pa ffff888117b0d0a8: logic 1360, phys. 177, len 21
[  136.901937][ T2009] EXT4-fs error (device loop5): ext4_mb_release_inode_pa:4876: group 0, free 0, pa_free 1
[  136.927590][  T683] EXT4-fs (loop5): unmounting filesystem.
[  136.933707][  T385] ==================================================================
[  136.941798][  T385] BUG: KASAN: use-after-free in kernfs_find_and_get_ns+0x3d/0x110
[  136.949766][  T385] Read of size 8 at addr ffff8881204cf008 by task kworker/1:5/385
[  136.957570][  T385] 
[  136.959922][  T385] CPU: 1 PID: 385 Comm: kworker/1:5 Not tainted syzkaller #0
[  136.967294][  T385] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  136.977351][  T385] Workqueue: events flush_stashed_error_work
[  136.983356][  T385] Call Trace:
[  136.986637][  T385]  <TASK>
[  136.989568][  T385]  __dump_stack+0x21/0x24
[  136.993900][  T385]  dump_stack_lvl+0xee/0x150
[  136.998495][  T385]  ? __cfi_dump_stack_lvl+0x8/0x8
[  137.003528][  T385]  ? preempt_schedule_irq+0xbb/0x110
[  137.008828][  T385]  ? __cfi_preempt_schedule_irq+0x10/0x10
[  137.014568][  T385]  ? kernfs_find_and_get_ns+0x3d/0x110
[  137.020053][  T385]  print_address_description+0x71/0x200
[  137.025625][  T385]  print_report+0x4a/0x60
[  137.029974][  T385]  kasan_report+0x122/0x150
[  137.034519][  T385]  ? kernfs_find_and_get_ns+0x3d/0x110
[  137.040097][  T385]  __asan_report_load8_noabort+0x14/0x20
[  137.045752][  T385]  kernfs_find_and_get_ns+0x3d/0x110
[  137.051151][  T385]  sysfs_notify+0x71/0xd0
[  137.055498][  T385]  ext4_notify_error_sysfs+0x25/0x30
[  137.060822][  T385]  flush_stashed_error_work+0x2cb/0x2f0
[  137.066378][  T385]  ? pwq_dec_nr_in_flight+0x18c/0x3c0
[  137.071752][  T385]  process_one_work+0x71f/0xc40
[  137.076785][  T385]  worker_thread+0xa29/0x11f0
[  137.081476][  T385]  kthread+0x281/0x320
[  137.085549][  T385]  ? __cfi_worker_thread+0x10/0x10
[  137.090660][  T385]  ? __cfi_kthread+0x10/0x10
[  137.095254][  T385]  ret_from_fork+0x1f/0x30
[  137.099702][  T385]  </TASK>
[  137.102725][  T385] 
[  137.105080][  T385] Allocated by task 2009:
[  137.109408][  T385]  kasan_set_track+0x4b/0x70
[  137.114009][  T385]  kasan_save_alloc_info+0x25/0x30
[  137.119131][  T385]  __kasan_slab_alloc+0x72/0x80
[  137.123990][  T385]  slab_post_alloc_hook+0x4f/0x2d0
[  137.129114][  T385]  kmem_cache_alloc+0x16e/0x330
[  137.133977][  T385]  __kernfs_new_node+0xdb/0x680
[  137.138847][  T385]  kernfs_new_node+0x150/0x260
[  137.143617][  T385]  kernfs_create_dir_ns+0x47/0x130
[  137.148737][  T385]  sysfs_create_dir_ns+0x11c/0x280
[  137.153856][  T385]  kobject_add_internal+0x6fc/0xc20
[  137.159063][  T385]  kobject_init_and_add+0x122/0x190
[  137.164283][  T385]  ext4_register_sysfs+0xbb/0x2c0
[  137.169329][  T385]  ext4_fill_super+0x6e14/0x7970
[  137.174267][  T385]  get_tree_bdev+0x444/0x680
[  137.178863][  T385]  ext4_get_tree+0x1c/0x20
[  137.183284][  T385]  vfs_get_tree+0x9a/0x270
[  137.187711][  T385]  do_new_mount+0x25a/0xa20
[  137.192310][  T385]  path_mount+0x675/0x1010
[  137.196739][  T385]  __se_sys_mount+0x318/0x380
[  137.201425][  T385]  __x64_sys_mount+0xbf/0xd0
[  137.206024][  T385]  x64_sys_call+0x65d/0x9a0
[  137.210534][  T385]  do_syscall_64+0x4c/0xa0
[  137.214965][  T385]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  137.220864][  T385] 
[  137.223187][  T385] Freed by task 683:
[  137.227084][  T385]  kasan_set_track+0x4b/0x70
[  137.231682][  T385]  kasan_save_free_info+0x31/0x50
[  137.236718][  T385]  ____kasan_slab_free+0x132/0x180
[  137.241835][  T385]  __kasan_slab_free+0x11/0x20
[  137.246608][  T385]  slab_free_freelist_hook+0xc2/0x190
[  137.251990][  T385]  kmem_cache_free+0x12d/0x300
[  137.256767][  T385]  kernfs_put+0x310/0x480
[  137.261107][  T385]  __kobject_del+0xf8/0x2f0
[  137.265613][  T385]  kobject_del+0x45/0x60
[  137.269861][  T385]  ext4_unregister_sysfs+0x91/0xa0
[  137.274976][  T385]  ext4_put_super+0x73/0xac0
[  137.279587][  T385]  generic_shutdown_super+0x15f/0x370
[  137.284968][  T385]  kill_block_super+0x7f/0xf0
[  137.289655][  T385]  deactivate_locked_super+0xb5/0x120
[  137.295037][  T385]  deactivate_super+0xaf/0xe0
[  137.299731][  T385]  cleanup_mnt+0x45f/0x4e0
[  137.304164][  T385]  __cleanup_mnt+0x19/0x20
[  137.308625][  T385]  task_work_run+0x1db/0x240
[  137.313231][  T385]  exit_to_user_mode_loop+0x9b/0xb0
[  137.318450][  T385]  exit_to_user_mode_prepare+0x5a/0xa0
[  137.323909][  T385]  syscall_exit_to_user_mode+0x1a/0x30
[  137.329379][  T385]  do_syscall_64+0x58/0xa0
[  137.333801][  T385]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  137.339703][  T385] 
[  137.342024][  T385] The buggy address belongs to the object at ffff8881204cf000
[  137.342024][  T385]  which belongs to the cache kernfs_node_cache of size 136
[  137.356686][  T385] The buggy address is located 8 bytes inside of
[  137.356686][  T385]  136-byte region [ffff8881204cf000, ffff8881204cf088)
[  137.369907][  T385] 
[  137.372243][  T385] The buggy address belongs to the physical page:
[  137.378654][  T385] page:ffffea00048133c0 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1204cf
[  137.388907][  T385] flags: 0x4000000000000200(slab|zone=1)
[  137.394568][  T385] raw: 4000000000000200 ffffea0004c2ed00 dead000000000007 ffff8881001ed800
[  137.403156][  T385] raw: 0000000000000000 0000000000140014 00000001ffffffff 0000000000000000
[  137.411765][  T385] page dumped because: kasan: bad access detected
[  137.418276][  T385] page_owner tracks the page as allocated
[  137.423993][  T385] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x112cc0(GFP_USER|__GFP_NOWARN|__GFP_NORETRY), pid 878, tgid 878 (kworker/0:6), ts 56195710050, free_ts 56188211296
[  137.441971][  T385]  post_alloc_hook+0x1f5/0x210
[  137.446755][  T385]  prep_new_page+0x1c/0x110
[  137.451268][  T385]  get_page_from_freelist+0x2c7b/0x2cf0
[  137.456830][  T385]  __alloc_pages+0x1c3/0x450
[  137.461431][  T385]  alloc_slab_page+0x6e/0xf0
[  137.466033][  T385]  new_slab+0x98/0x3d0
[  137.470115][  T385]  ___slab_alloc+0x6bd/0xb20
[  137.474711][  T385]  __slab_alloc+0x5e/0xa0
[  137.479047][  T385]  kmem_cache_alloc+0x1b0/0x330
[  137.483904][  T385]  __kernfs_new_node+0xdb/0x680
[  137.488787][  T385]  kernfs_new_node+0x150/0x260
[  137.493574][  T385]  __kernfs_create_file+0x4e/0x270
[  137.498700][  T385]  sysfs_add_file_mode_ns+0x1ce/0x270
[  137.504078][  T385]  sysfs_merge_group+0x174/0x300
[  137.509030][  T385]  dpm_sysfs_add+0xe0/0x290
[  137.513560][  T385]  device_add+0x6ce/0xef0
[  137.517913][  T385] page last free stack trace:
[  137.522589][  T385]  free_unref_page_prepare+0x742/0x750
[  137.528070][  T385]  free_unref_page+0x8f/0x530
[  137.532771][  T385]  __free_pages+0x67/0x100
[  137.537192][  T385]  free_pages+0x82/0x90
[  137.541357][  T385]  selinux_genfs_get_sid+0x20b/0x250
[  137.546656][  T385]  inode_doinit_with_dentry+0x86e/0xd70
[  137.552209][  T385]  selinux_d_instantiate+0x27/0x40
[  137.557326][  T385]  security_d_instantiate+0xb3/0x110
[  137.562731][  T385]  d_splice_alias+0x6d/0x390
[  137.567329][  T385]  kernfs_iop_lookup+0x2c2/0x310
[  137.572284][  T385]  __lookup_slow+0x2c7/0x3f0
[  137.576872][  T385]  lookup_slow+0x57/0x70
[  137.581116][  T385]  walk_component+0x2f4/0x420
[  137.585801][  T385]  path_lookupat+0x180/0x490
[  137.590397][  T385]  filename_lookup+0x1f0/0x500
[  137.595160][  T385]  vfs_statx+0x10b/0x660
[  137.599403][  T385] 
[  137.601725][  T385] Memory state around the buggy address:
[  137.607354][  T385]  ffff8881204cef00: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[  137.615415][  T385]  ffff8881204cef80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  137.623474][  T385] >ffff8881204cf000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  137.631620][  T385]                       ^
[  137.635947][  T385]  ffff8881204cf080: fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb
[  137.644004][  T385]  ffff8881204cf100: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc
[  137.652066][  T385] ==================================================================
[  137.660629][  T562] usb 5-1: Using ep0 maxpacket: 16
[  137.667469][  T385] Disabling lock debugging due to kernel taint
[  137.674308][ T2024] netlink: 4 bytes leftover after parsing attributes in process `syz.2.428'.
[  137.676968][   T28] audit: type=1400 audit(1759548503.104:231): avc:  denied  { read } for  pid=84 comm="syslogd" name="log" dev="sda1" ino=2010 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1
[  137.683745][  T385] general protection fault, probably for non-canonical address 0xe0eabc2b0000005f: 0000 [#1] PREEMPT SMP KASAN
[  137.705443][   T28] audit: type=1400 audit(1759548503.114:232): avc:  denied  { search } for  pid=84 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  137.716610][  T385] KASAN: maybe wild-memory-access in range [0x07560158000002f8-0x07560158000002ff]
[  137.716632][  T385] CPU: 1 PID: 385 Comm: kworker/1:5 Tainted: G    B              syzkaller #0
[  137.716651][  T385] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  137.716665][  T385] Workqueue: events flush_stashed_error_work
[  137.738381][   T19] usb 4-1: new high-speed USB device number 21 using dummy_hcd
[  137.747204][  T385] 
[  137.747216][  T385] RIP: 0010:kernfs_find_and_get_ns+0x54/0x110
[  137.747255][  T385] Code: 48 89 f8 48 c1 e8 03 42 80 3c 28 00 74 05 e8 03 64 d6 ff 49 8b 5c 24 08 48 85 db 49 0f 44 dc 48 83 c3 50 48 89 d8 48 c1 e8 03 <42> 80 3c 28 00 74 08 48 89 df e8 dd 63 d6 ff 48 8b 1b 48 83 c3 60
[  137.756849][   T28] audit: type=1400 audit(1759548503.114:233): avc:  denied  { write } for  pid=84 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  137.766244][  T385] RSP: 0018:ffffc9000e7c7c60 EFLAGS: 00010206
[  137.766266][  T385] RAX: 00eac02b0000005f RBX: 07560158000002fb RCX: ffff888113e73cc0
[  137.766281][  T385] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  137.766293][  T385] RBP: ffffc9000e7c7c88 R08: dffffc0000000000 R09: fffffbfff0f2d8fd
[  137.766307][  T385] R10: fffffbfff0f2d8fd R11: 1ffffffff0f2d8fc R12: ffff8881204cf000
[  137.766328][  T385] R13: dffffc0000000000 R14: 0000000000000000 R15: ffffffff8594ca20
[  137.773498][   T28] audit: type=1400 audit(1759548503.114:234): avc:  denied  { add_name } for  pid=84 comm="syslogd" name="messages" scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  137.779848][  T385] FS:  0000000000000000(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[  137.779869][  T385] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  137.779883][  T385] CR2: 00007f53c2f17d60 CR3: 0000000131a35000 CR4: 00000000003506a0
[  137.782549][   T28] audit: type=1400 audit(1759548503.114:235): avc:  denied  { create } for  pid=84 comm="syslogd" name="messages" scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  137.788314][  T385] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  137.788335][  T385] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  137.788349][  T385] Call Trace:
[  137.808834][   T28] audit: type=1400 audit(1759548503.114:236): avc:  denied  { append open } for  pid=84 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=5 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  137.829483][  T385]  <TASK>
[  137.829498][  T385]  sysfs_notify+0x71/0xd0
[  137.829525][  T385]  ext4_notify_error_sysfs+0x25/0x30
[  137.829551][  T385]  flush_stashed_error_work+0x2cb/0x2f0
[  137.829572][  T385]  ? pwq_dec_nr_in_flight+0x18c/0x3c0
[  137.829591][  T385]  process_one_work+0x71f/0xc40
[  137.836094][   T28] audit: type=1400 audit(1759548503.114:237): avc:  denied  { getattr } for  pid=84 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=5 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  137.843635][  T385]  worker_thread+0xa29/0x11f0
[  137.843668][  T385]  kthread+0x281/0x320
[  137.864203][ T2030] loop2: detected capacity change from 0 to 512
[  137.867628][  T385]  ? __cfi_worker_thread+0x10/0x10
[  137.876127][ T2030] EXT4-fs: Ignoring removed nomblk_io_submit option
[  137.896099][  T385]  ? __cfi_kthread+0x10/0x10
[  137.896134][  T385]  ret_from_fork+0x1f/0x30
[  137.896160][  T385]  </TASK>
[  137.896180][  T385] Modules linked in:
[  137.911340][ T2030] EXT4-fs (loop2): can't mount with journal_async_commit, fs mounted w/o journal
[  137.911687][  T385] 
[  137.912916][  T562] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  137.970438][   T19] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  137.982664][  T385] ---[ end trace 0000000000000000 ]---
[  137.985481][   T19] usb 4-1: config 0 has no interfaces?
[  137.989939][  T385] RIP: 0010:kernfs_find_and_get_ns+0x54/0x110
[  137.995775][   T19] usb 4-1: New USB device found, idVendor=056a, idProduct=0015, bcdDevice= 0.00
[  138.001167][  T385] Code: 48 89 f8 48 c1 e8 03 42 80 3c 28 00 74 05 e8 03 64 d6 ff 49 8b 5c 24 08 48 85 db 49 0f 44 dc 48 83 c3 50 48 89 d8 48 c1 e8 03 <42> 80 3c 28 00 74 08 48 89 df e8 dd 63 d6 ff 48 8b 1b 48 83 c3 60
[  138.006560][   T19] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  138.011334][  T385] RSP: 0018:ffffc9000e7c7c60 EFLAGS: 00010206
[  138.039575][   T19] usb 4-1: config 0 descriptor??
[  138.042871][  T385] 
[  138.176643][  T562] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  138.189493][  T562] usb 5-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  138.198583][  T562] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  138.207003][  T385] RAX: 00eac02b0000005f RBX: 07560158000002fb RCX: ffff888113e73cc0
[  138.215358][  T562] usb 5-1: config 0 descriptor??
[  138.220424][  T385] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  138.228442][  T385] RBP: ffffc9000e7c7c88 R08: dffffc0000000000 R09: fffffbfff0f2d8fd
[  138.237300][  T385] R10: fffffbfff0f2d8fd R11: 1ffffffff0f2d8fc R12: ffff8881204cf000
[  138.245404][  T385] R13: dffffc0000000000 R14: 0000000000000000 R15: ffffffff8594ca20
[  138.253560][  T385] FS:  0000000000000000(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[  138.262589][  T385] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  138.269232][  T385] CR2: 00007f53c2f17d60 CR3: 000000012f4da000 CR4: 00000000003506a0
[  138.277265][  T385] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  138.285352][  T385] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  138.293461][  T385] Kernel panic - not syncing: Fatal exception
[  138.299852][  T385] Kernel Offset: disabled
[  138.304184][  T385] Rebooting in 86400 seconds..