last executing test programs:

6.903991151s ago: executing program 1:
r0 = socket$inet6(0xa, 0x2, 0x3a)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast1}, 0x1c)

6.800863967s ago: executing program 1:
r0 = syz_usb_connect$hid(0x0, 0x3f, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x20, 0x1b96, 0xa, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x2d, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x5, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}, {{}, [{}]}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f0000000d40)={0x2c, &(0x7f0000000780)=ANY=[@ANYBLOB="00000700000007007673ed26b029a925ac675bd612d8ab87f051a10ee74893f24ccd9ce3e96e268eef4b136865aeac"], 0x0, 0x0, 0x0, 0x0}, 0x0)
mkdir(&(0x7f00000020c0)='./file0\x00', 0x0)
mount$incfs(&(0x7f0000000140)='./file0\x00', &(0x7f0000000100)='./file0\x00', &(0x7f0000000040), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
r2 = openat$incfs(r1, &(0x7f0000000180)='.pending_reads\x00', 0x0, 0x0)
ioctl$INCFS_IOC_CREATE_FILE(r2, 0xc058671e, &(0x7f0000000480)={{}, {}, 0x0, 0x0, 0x0, 0x0, &(0x7f00000002c0)='.\x00', 0x0, 0x0, 0x0, 0x0, 0x64})
ioctl$HIDIOCGRDESC(0xffffffffffffffff, 0x90044802, &(0x7f0000000500))
r3 = syz_open_dev$hidraw(&(0x7f0000000280), 0x0, 0x4a141)
write$hidraw(r3, &(0x7f0000000300)="952808db3f4ff2b2da91963a04f0c94fef08d1c158f12eefbe22233aa21a9ac4d8316a130788180471c3cfb56399d6bb5d84030c27345fd6bafca83753c3a560066e6abee916715bbfe2d079eda0b4889fe95cb159aac184270fa0d87e4bc342ad795397686d27979284a1158461fbbb7666a2b9354e7b5a93b25f2b0e2d010652ff11e08ee6e783cf561aa8309515584f", 0x91)
r4 = syz_open_dev$hidraw(&(0x7f0000000080), 0x5, 0x20001)
ioctl$HIDIOCGFEATURE(r4, 0xc0404807, &(0x7f00000000c0)={0x7f, "be3e815995830e16a128b578e3af9d546fd61d7a5683da229303c76a2df3948c831ebfb4e3a2c0c336fe8ce02d8dc9d583aebcb8beb9e08613ec0143508bd56f"})
r5 = syz_open_dev$hidraw(&(0x7f0000000940), 0x0, 0x0)
read$hidraw(r5, 0x0, 0x0)
write$hidraw(r5, 0x0, 0x0)
ioctl$HIDIOCGFEATURE(r3, 0xc0404807, &(0x7f0000000000)={0x4, "1cf250d2528722061e2daedcbbf930dedf4904d8f9e64f62c3d0e156e87ed3dbfac38f0c1faada797532454dd344c00c8a007369f5d86fe64007aa38577e4db7"})
r6 = syz_open_dev$hidraw(0x0, 0x0, 0x20001)
ioctl$HIDIOCGFEATURE(r6, 0xc0404807, &(0x7f00000000c0)={0x7f, "be3e815995830e16a128b578e3af9d546fd61d7a5683da229303c76a2df3948c831ebfb4e3a2c0c336fe8ce02d8dc9d583aebcb8beb9e08613ec0143508bd56f"})
write$hidraw(r6, &(0x7f00000018c0)="387a3e3a119c477b513636325d4cd15cd14fda97942dced7ba973cf5c8a0de", 0x1f)
ioctl$HIDIOCGRDESC(r3, 0x90044802, &(0x7f0000000d80)={0x660, "d719d3800e9c938a541ddda71d0515a9b976e809b8ac68c529cc9be214d4e89f01f8e1b4f07a1a9a88028b474d90b27b7e72cd879f7d5d316dd869c5b8a3cf676bc7b8b52ff5eb1fb9f153600a13e1fc216fe34b1563c542c048b5e34e61d0c0d85c2a96731afc8f3f6a421c475217fe764d1b0c9973ba609b8d9ef8e11442a41b65277d5e6149af2d8a06825bd12f13d501ab213648d7c914f422b0c5cc6aa420676417fe367fcb7ce1d10c6f8afdd6beade9ded72d346f64d23776da585cdbbc9f9dee0474f9d7b608e996b67a7b0f4507aed7f1066cec880ddb71b7aa5d50d9dd35842b650f34fa842d1870f36daa614c9b6663713d759b1d06ed646e84edcb2c7e24b9bbf3ad93dc0015a581d650166fc95439c6d47f8c3cabf2d843b71dd0cb33fa62e6fbc4eb3778f1b3d2969ca5f592f569f03e425b384705da14d9d6ea0575d5d06e8e0646d5d8df9fbff224851c8d9835d04313ce63fc0f691ac536db32c219bd2dc7ab6ba01ed2c36dfbf64e269ed45a0c66ead0df961993d9146771662fbfc60693bc41ea04deb77577b73d39af9fcda9f6c61feb7a20d4649af908a4bc03f9cbe9aeadc7c6adb3c1641ded96d5ec5c7b81b99d56b2abdfa878f4ad47be7af23474bd576bf2360aa862b7a55ceecedb466f029e2898310c1025e37637d375bd47467921c5587d221de3a961db8f6f0f517606e6f2bcc7713613c6d3f3620a2d42fd727f7bfaee664155a73aa685972e18d53bea0390ee7e510f36921ccfd9cbd09794f360efa9c89f2f9a0aa2b648118805b58ab6aa4c8b134be51992fe9caf8682ec2dc044eb435919399c4c7d203c5c48297e439a0a6b65daca3e599c9b34c95a9831ac0b1a157fc37eadc43c7bc525f2f078078233a6ab0cfdef2fda8e4f75a7efec5c26e4a9455493d93fedce3c23380194aaafbc8286dde37ef5efdf94b9c9b0b8734b8534b660bb68ecefd166bf0da9f663aa140e84823c7a182d4806590bc024df73fafef6a7ef42c95357edad94104af563d34b4c4d7d1dcdd94c2f25f59d8ca4aaf3023b23fbe421590abe94115b6d43761e498cc10310c5f38da68e1cf3e7b7fe2c516f0cd273bcd1393862b26145b7f1d547c21d1247d894890c28ef8c43d4994768f960553e41f4c1e038bc20a2cfd2a65326ef08773f27e1ad20bcff39b7ce1a40f9bead32b4f8610dedfb1e0a33aea85ac746e4651a7137db2f0adb057e583f8b41b5f13a07add6620948e7d4dc9ee35dcc9c944ae0be9e61c0e9dd27f0f936053d47b2f28225447f8db70227346101f8831b3e984f15bd3cca297ed66d894f7b75aa63ff0c8e24afd8cc9713b582b59ff9ed3cee2b05adff2d6a794914356d820a7bd06319ed87556d43dba0baf906d3135e195571891a5e8169d6fa4ed41a49c3048ab7cc6da7f625ec148907c57f579d342c9fa02553d5a742bf2233f12ae0aea9ae99e5b250092848b94a9a63ded4ca63ba193237c36eac1f09cd37eefc7ea97ac26e35a670d07c2a8db4db05a5578eddd68c12b7b10926b1dee6fa4cf4c337cf51e406af36332427a3f2f57e405053bf91a094bf26a40a5f7b9a052215eaaf6f818beab29f4fb16bf4de956dd7919b78480e09e178a6fa9e3c47c48567828c66a7360028d02767767394d23d844951226144f11ed5cb027ae5c26b1fa55b12bcb78b166f511984f4a8c27177f5b4563fe8bc9ca8c3ee0a70fe431ecf973462789a002ba6cad3f11de280cc47dc198e086a003ea73cfdfc5c3038c79fa24c27a638584240c53d9682fd80aa0b57a026a68380a6ab0160bfd6a588d58cf935b8589d188f728b12e3513923cd48ffaf62ea23c7c62eb8a914e86c99bd9461d57bb9a5846d89257003bd69ff300a3a48cb2798904882d696c519b7325fcf08e17b89c1f8e61c75461a821f215c199680853adf17d79456c550180f5af121d0af5d25334e71cef888566ca4338cdb69d807c1b6592074bfc83e3daec878ddd5d1f1f0b78a02cbc2b0621b400b1a6bd98d7295dde65de2d6f0e366af2b63ed7d7e07fe54163d522bc2c62085187114796da2f621d2fc4d4a812460f9261bb103376a4779f06a720acc37f145dae2022d64d1f6c37abfc9088bbccf45d379024d196140faec268327c9b4fe846499c8972667663f876dff7d906715596a0af986cc4b89a68f0ecb5bda2d57e95a0a8a2bf322f447c81e3d71b97d5c9b4e583bca0a2a334e3cb44e8426edf0892792c4677434940e170d87e8a6d9d9b8b8d44b54fd4d56de65fdf078fc82daa2bef8de27a516a828"})
ioctl$HIDIOCGRDESC(r3, 0x4030582a, &(0x7f0000000240)={0xc700})
syz_open_dev$hidraw(&(0x7f0000000140), 0x8001, 0x200)
r7 = syz_open_dev$hidraw(&(0x7f0000000940), 0x0, 0x4a141)
syz_usb_control_io(r0, &(0x7f00000009c0)={0x2c, &(0x7f00000007c0)={0x20, 0x22, 0x11, {0x11, 0xe, "61a1e9098e1c6b091eba835f260eb3"}}, &(0x7f0000000800)={0x0, 0x3, 0xaf, @string={0xaf, 0x3, "1e5b9f9331e033485033e0520918cb494bb86d38ce5e16ca4849dfae0947240a5b1b7034c46531a189703042a935ae0fd8fda9797a8bae1a593caab6d061aafdc7f3d030c0dc700f016da8d76e182a5e662b847a8aff60f95203313e2f05501d5e8b5312a98ff83df8a1b7bf495903e612e2332046bd7363ba5285955b3de0272fa26b9ebeb2473309b6be60a1e7ade927d3ae9d8363c00c66bdce899bffc3bca5f6ef05ebee1b5ac033e5f4cd"}}, &(0x7f00000008c0)={0x0, 0xf, 0x13, {0x5, 0xf, 0x13, 0x2, [@ptm_cap={0x3}, @wireless={0xb, 0x10, 0x1, 0x4, 0x28, 0x6, 0x8, 0x0, 0x4}]}}, &(0x7f0000000900)={0x20, 0x29, 0xf, {0xf, 0x29, 0x20, 0x0, 0x8, 0x8, "1378eecf", "453bc1a5"}}, &(0x7f0000000980)={0x20, 0x2a, 0xc, {0xc, 0x2a, 0x8, 0x60, 0x0, 0x80, 0x80, 0x9, 0xffff}}}, &(0x7f00000014c0)={0x84, &(0x7f0000000a00)={0x0, 0x11, 0x37, "32c72b53ca152e3d00486b311fdc5d08bca260a59603a7de62bebe955498953aad720f4019202005d1200092e27f89d8ea2ecefbdd91fe"}, &(0x7f0000000a40)={0x0, 0xa, 0x1, 0xff}, &(0x7f0000000a80)={0x0, 0x8, 0x1, 0x1}, &(0x7f0000000ac0)={0x20, 0x0, 0x4, {0x1}}, &(0x7f0000000b00)={0x20, 0x0, 0x8, {0x4, 0x4, [0x8700]}}, &(0x7f0000000b40)={0x40, 0x7, 0x2, 0x7111}, &(0x7f0000000b80)={0x40, 0x9, 0x1}, &(0x7f0000000bc0)={0x40, 0xb, 0x2, 'n+'}, &(0x7f0000000c00)={0x40, 0xf, 0x2, 0x20}, &(0x7f0000000c40)={0x40, 0x13, 0x6, @multicast}, &(0x7f0000000c80)={0x40, 0x17, 0x6, @local}, &(0x7f0000000cc0)={0x40, 0x19, 0x2, "d91c"}, &(0x7f0000000d00)={0x40, 0x1a, 0x2, 0x2}, &(0x7f0000001400)={0x40, 0x1c, 0x1, 0x4}, &(0x7f0000001440)={0x40, 0x1e, 0x1, 0x20}, &(0x7f0000001480)={0x40, 0x21, 0x1, 0x5}})
r8 = syz_open_dev$hidraw(&(0x7f0000000940), 0x0, 0x0)
read$hidraw(r8, 0x0, 0x0)
write$hidraw(r7, &(0x7f0000000180)="2c233130be3a88277fd8b448b34647d713dbc1c0aa4019c8b278699a8c467e85e4ca1febb85ebe5032d43f36156c3f233b37ffb4678611d10f812dd6281444943c808c30a0ca3930b57d882a4233aeccacb0995a74c9a582f6fa69d8c275af89c92bea6f0334bb18a4db855606f8e6", 0x6f)
write$hidraw(r8, &(0x7f00000002c0)="613d4d81744a0ed391b7b1c6", 0xc)

4.503310643s ago: executing program 0:
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x8000}, 0x4)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000040)={0x1, &(0x7f0000000340)=[{0x6, 0x0, 0x0, 0x67a}]}, 0x10)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r1, &(0x7f0000000240)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x3c}}, 0x10)
sendmmsg$inet(r1, &(0x7f0000000ec0)=[{{&(0x7f0000000080)={0x2, 0x4e25, @multicast2}, 0x10, 0x0}}, {{0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000100)="435d61e778eb38a7b38869e147b2bb2d8ea5f836c654c0d9d14ceca9529604eb9a1f8d24c87b2153413b8bc5d52b8aa671b64b2290f0d96afeaa40f60d23f9f9f7d8b4c37a6409abd84ddbe5264f73200c67d8f9742d0f51951f7bb8fe27a59cc395ba580c12f6e995b8a62901c58273c223abb6", 0x74}, {&(0x7f0000000180)="518cf9568a61ae870100000000000080b8e2d292b9e8", 0x16}, {&(0x7f0000000a80)="5132ac5e8205378f905fac4b0f7b0ad4ff080df00b5a6655e32124d51a45ebebdf4a86101587d502357bfc43f44098742b83caede42f6e007330dc8ab67371c65d39bc126b8f9bf17dce0ba9d14f263efa7056bb8a0291a4842e42342519a9e795b7d8aee13edfa09bd3f9ae3bdc4c2dccc274c0cf4fe85fa17f46ff8c017571490f296ef2ea1cf31486bd4167bb33cb9a5e1f96de2ee8af5074695ddf5d1ec4d17c9508cdd9e77ec5bc62a820e263a31521f0b9031c9e1e1491f0c99b44960df2aaee22480355aa20d280d1ed54ae539055ca1e20a57f81db185fa207", 0xdd}, {&(0x7f0000000280)="661da68e4cccac69431df174bbce91246fce262b3de6a53334d329a142ae0f304e4fbde8fab4d68bedcd182b41227278c65f7de3723a93dbbaeb901b447fb35a9f3f4b671a3e3929c119f9deec5e46cdbe5cac679cad88c9aa61bc7ffd219a18b36ef0bf5ca45da80aa46274c5cda17a4b8588c492dcdd43dee797fe7debf7c1143177d4f4b02255ca5a46", 0x8b}], 0x4}}, {{0x0, 0x0, &(0x7f0000000940)=[{&(0x7f0000000580)="1fdefa76cc6f846bf5a6f3b74b198bc42104000000000000004b2d", 0x1b}, {&(0x7f00000005c0)="925f1604a8e43b732be04c9b3ba6e8e512ca21f2a68d2366d2f3679f622fd951bfd4abf2bed0b25673e9b8c0e0424914f84c5e5e03d3f1aeeb1abe6160216a7874eb3e7eed3a822035c26a06e605ea5d2791de4914862f3bc38c533b7baaf2adf8e40ac99c6c6ea28a32a67a88c0f7", 0x6f}, {&(0x7f0000000b80)="838b2e5b060676ef306171965a928cb53cbfa1ee01273d0428fed6bb0d938639179c22c9f81ae72e37ec0c99f8796203f4e0aaf00ecd4a97ed24ee85652fa267e43c63920a323c2d064a3ac8628b182ba262154263b16cd5598a3269f5b92a5e7feb98082f6f7a53865140f59290fefb3b58d959fee7ccc4919527f7b6a7657a910f9d15dcc53db90e78a7f094b7e20580ee6a0e2cff5fd1de52be48698a4b42cf0b511407b87779fc26f834e43b150aca71af35a1b3a3d93eeecff8478ed6524bddf284c65a8458d5eafa2ca4c690b9fbb76cbf44c6f5345935ffb195f6861544621877de017d35351620ee8c4714f00a055026d668be499d15252262cab14dccb28ffb910beea73e0528e909723515e77f23ea12c5e1671a", 0x119}, {&(0x7f0000000680)="672733c5976ca6c31adb6c24db79c83e9b45d13a8e1ea257366fb3bfa96784a260fa004d3fc2b710bbd01b54290769b373e99fbfcd8ff00ddbab81d104994815c477e3cb64d14282eec0e67db26a5e0b4ec7a9c740d7e24b53c4b88993b3fb971ed3a457b112ff610555694c4c6232a3c6f9e064f57b9131499992d33412244750adf6e7a3e1bc4db5c02e1bddf4517245abcbb615f1d5ed6ba966ba86992a0a6d170ec160d68df28491389f9f292524216e554ad60419161754391a108b00000000000000", 0xc5}, {&(0x7f0000000cc0)="73fd54eece75adf471522adb56455da4275933a676262ee25f3714893cc16885c81f70ce1dc0b806d5f8cd24495a346f938f8e31ce3b3d263ea7b8ef7328610c89a78b640d210fa06330b6b7570b1c82dcd06fafc2eb84815086cf75bc72b37681c6b77916636c68e787b3598a5a3962343b4967ef2ee352d8ec30817dc9aded78e2e90f22307f571a93ba01b47f67e0f5fbada2250b984d31fc74837562e1abc215c8aabea27702f540cd715435ed5c39fe8189ccb185f5da9ffcc156d2da0800dbeab36134c23854bdfcf1e3ff0b13f49424ee4e5e68f7ab7c8aa9c2e0e54c57ec4c42ca9a6517c2ca860657e013cca20e3ea54b3c646dd9bad0e4f678af0263a02ff4b98146d9f8386dd3d4fe9af036ca8624490cee580bdc6fe7509e841cd6051f3dfefd6f5c0a599e38ec04eb77417ebf9c9111f17da0cdee266b96d89a6b0000", 0x143}, {&(0x7f0000000840)="bd1e34630b4ca292f82b84c4a2dda6012b5a520087c998", 0x17}, {&(0x7f0000000880)="4da150f029e9613e2b8b1926b973b69f8f02db2564aebceec83fb42f37acbce48d3985354b6058a4e0935af0aacf7e2d85f031fdd8c995e0a6dc363938f26220015e5e38cd3af42397b5a4d10974959a35960500000000000000483260430645e3bc8d30a586453126d6ce1a1510fb9a43ec66576977f6588373", 0x7a}], 0x7}}, {{0x0, 0x0, &(0x7f0000000e40)=[{&(0x7f0000001140)="084ffd3da07c337a96aebe60f2612f039b5f7e2f63598b654a09e75576e5f726dfed393f1cdbf39f6800f8364110bed3", 0x30}], 0x1}}], 0x4, 0x2000c044)
sendto$inet(r1, &(0x7f00000000c0)="c8", 0x1, 0x0, 0x0, 0x0)

4.199573649s ago: executing program 0:
r0 = open(&(0x7f0000000080)='./bus\x00', 0x400141042, 0x0)
mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x580000a, 0x13, r0, 0x0)
pwritev2(r0, &(0x7f0000000500)=[{&(0x7f0000000340)='\b', 0x1}, {&(0x7f00000011c0)='(', 0x1}], 0x2, 0x1ffffff, 0x0, 0x0)
pwritev2(0xffffffffffffffff, &(0x7f0000000480)=[{&(0x7f0000001200)="eeb95e64e21834f0106eb94bcd626a6789c81745e15ff249aadd77654438a384fab889f06452d966df253899e559cc37d9dad25ebbc731be12fcfad86be675ef0976b3083170fe6d502778a8d620c97db8576be047128828f9c135fa5385124d77aafff52f7624ce1d5251a4ca4a6e1d447e07589e74ce2222ac0ecabcc92b8b243d42f8120e50e4780fac053d67cc8bf77465b9551b350aae7e5083b45a622917a37363fab9cf8c30cfa503632427ef51ec8750ca2cfab470d3c36e20ae66df3b3123ca8ad13c52fd299884c8f60386f2a8b2a594211d986b39881eeecf5b817e5c594038967cbb08503aa6c0c31b6df8ca13f6d705c2d8185e8b7a91e94a041fda4a251f05c998b9407c6894325f945c2ca57c154136c7abd6b90c29cb4492d05ec96d0782ebb01cc8f8a268be8470cc4dc2024f93bde79167e8e8bd9d0e63700123c8f65c927531902a6c04b0026242c74721a6a4f40a602dcbad4b16ee1ca0bebd8b80d2130c4a62635d5520ec9b5e2e1e4ebb900f34c44e30ff0480418a129be2144d07173ec34128c7bdc1c587ebeee5af36d49cbe9655bf890503e31c1c6fdccedd8d4b83aed4968d469dad7ea34231b22686ee6621c8d14211cc183fb8df11f3c131e7e002fb3e2445380f9a8d7f3e0ba086afd10fc769ab5ad2632be5c42b8cbfb6f912c6c8dbfbfd72c5378571b115443bdeda4b3edac7598c3839abb949dec2799f73a74cf4ce0cb0de25215c14a37aa66a080689dd1b6aefcde0c564fc49c73193000f227593f7b19f8ca88afcf41268ee3b561050381e9191a6eada09ecd68d010a8c3851de3fb654a28a1a8651f175c94ebd3772b15a43e1f01ca12b2a39db94047819799910b67d77e5b7039fea721cbee9c2c8a796f9a5e654e71e82a095f6ee5afde71658d1b81a65e5f99ddc7ec5293abd1994ad33b1cffd9ff716203442ece60efd95a9ce809b74875023e166b64444e3cfea1258ea2528a33861294a540cb9736d9b8d80e95cbec038b0679054098c10c6fbee70c334d8cf785119f06a27e1bbcda613265e5ba04b7d81a7f4c0a791164b90555f9bdcdbf8d4acce13c70ea9f1413eec817b89253209130bbd2e10476abb147c728f195644269e74b6f868329f0da6126d76bf887709916be4c9fe3a9841636352331de801cb348b8e23f68b90b611fc39ff8a70fdd1e1f29866196918b2e2c78aba747dd53fa656bb0d828e39a007e3bad73e1dc11d416b6fa340db3226a26455484dd6ae250b21d6223886e26430661a6a723416ea6e155e7c885542e5a5b46735281b88adeffa6ef4f7ba652a1d45b096f39645c09eba143ea219b1bc49ab97eb20593112d1f6f57201a7a841240bfef3495446f1f3f1387f195ae973721cce0afcf7a1d585b77fce174bb5d883bdb4f8af22bd7fae25b5ae007da045d3a9f6437bca7d195b0ef3776f7c27a3912d03de3f1e0cabfa32bd7ae9d77b33520a04c134693726ca45f29d300c858f004c8b0d1d99954fc625248808309b4a687976995b84b404c84765f790c715933ed5288ab98e9a170f7069686e356557109d3573aa43badb935a920c0d665ee6bf92a6afdbd09178ba4dc1c4130c6c550af7b09a9da2190be472ff70b36250c51e5404e1f0d8d2a337730f117849d71b83c2f7c1544c3d03c0fc176909c0a621245b0909bf43a2da9f64c4bdb12e2c16856126a1b295c26ff97a4f19b7bc934accff280fd1d85dd0fd4312b35bc36f4fd81db1e4473073c99289e827d9164200cc43d4e86fe1f13fb2047da809d5644985b76e83f64e1ad4a0e268a2940f7b36eea12a91b7031ba1fbc1c437bc534b12b5ea182906e2566ed54587c9335d4416c1d2f4617ff5a1e78d5a9afc2a41d2807d7010bfe6ed11e668b6904b69c4fe425e8fd7d139a70235acbd080d88a613a6e99e710465b26346e5233777125f76a4439119bf99dd4ccee75188a353772172633122c00620f730ed71452af6b2191268776d702215acaa77c93cfeab4ca3b329708722caf1a3072ec696069c09ffe817bcc18132511e1ff6586231d3227389e8af167d86958349315a72464beacf34fa3f3964be74b203db691d8ff4e9e335af214776e580fe68f1d3664b3a3e289fb5f28723195e1ae2def006707d1bfbe7b43378fd04f88fe03a20f874626f00828e364e621a3c0eb98eb4210bbc46cbc4e1868d4aebe816ec97f034c6de6495701db4dd617d4dd34a5f0ec4a0241cd1b7338fddf05821ca279f0d29b247df19563e3169bfe2a36cbf0c1e6590c90a09d1ec55d2539cb6c05d449f347789b04aa5d3ec7cb022725d5d78a39d214e8d93c9ae48524d28d0031713d9eeb8afd80721bfef3f3f599b6fbe5511f94d5a92fd818bde10c9f4d71a74f2dcc0ccc5c1dfe28851fb40b16409b277972f053b02600f854d2f6cc5ec2db27988646f973108321c8f5ef24d170d3d96f21e8653b840d92caad9d707d7809776dadad1f145af0189b303384eb82336dc01e5df951159ab62adb4dc705762dadef6591031243c2043bd3d3841a6d22f45fedeaaa28f8585e4b4d701f7dcab0833deced8c74f9098c40a955e2348b91330aaa48f894db46d8ece982592f11665d348369db7661d9dfa07784dd249607c2b1cb53287ac299f0eacb5600dfd770ca274c0faa04440f77316e78a56b857bc1e09d6f1cad4c2008fec16839279e033a3ff6dd07e93a4549ca2a9d242c9b89172aed618fa82598492d0af252c6b81d775e55c631159d45c1163b04a70f70cc632fae94873d867c980f95561f314aaefd6af0f4164b2a6a4a19f0cc84912ba1403012bb8e7b8a36c643e4f65124547faaedc1d15396ccaa851991bfcecb382f761b2d9851d95f8d87211d6cd2af2c051fc730781e894fa7168242fe62d8e76583340272c32a4ad25cf593bc3cdc4f0048ab7452a9472c47fc41e199575aae08771516dc3c1ab8540b90c817bde21b1abe797f6deceb2ed6a6016f1b284acd3f556dab9b3b9b34dd1d173057c46622a9b9d249018a1882eb7d55c0ecf9c1cb606c1c47f7c406b09217d0061d2736ca4efac52cfb5565f45dfb46d4d94d066c3404267a091ed4f4ad7e37a9302f30df0579e9c601df813d997b6fc8f92c8992b8ef6da76266e1b2ac0b1e3b64d0131545066677272f8be7e3bb6fcaa78d35072239273d05dcff77c54edf3ec35994d2aceeef1badb91eeda635ba37ea90081039d0ba82978a736ee5687626310d4062775d3217f9f46fd7781296d52873133a537e82c78438349a480be9890f4d35a40efe198afbe5e3bd7c9b52e4b88dbdb0286f6a83d98e2d44bf02a9ef5206cf54257624b225f0870ac0ff4bc44d03301588daccc768bf0275d501814f26209e687b1ebb0eaead8f6d3908f0eab4623199170997bce33a8270d136cac5e05ac4824e9e5909c47ccd003ce2c135f841a2c80d59a50e258030acdd3ae4d92df85e7cc9788780557f70aed45df5cc8654c54891c7454cfe8c921b3e8446b5c9d8f40a6cd02b6d4166bae129dd6986d0d0559ed73593c583c47bbbe0d27cc7f3cf1b4841523ff444ff1734c19f797c52ffe51de9c7cc409b45eeb726d330bc8aa1582597882680c3bd17b93ffba38add407e0cd5a6fbc6af278adc6f87b7ece459bdb227be6f76dddf62aed451fcb61da068d6e43f10d50967701a73b0804935ecd23d5b06214be7604ad7d9d8a459be2d3efeda30a3bd13ff501481f20ca896fc2f3525400b44e5f20ea98c67447fb1ff07f3fbaf212dc1c8f851ca3eacad2790b131d1b27dea663a56ca7d2318541d3b08dcf963b52535ef25111bddbad8e3da6ccd7686c902fb10af0752de9a0ff178c58dc2372422bbf0a45dcbfb9e5d80ec877ef2741046c7170f8d88844523bf8ba464767918233148275d0909e376be079aa499ac628f2ae9c8c9b737a756050a3b5f5c67cc390319f3c4b2f938a99b93defa97c39dde102c838832969c39d914440105053f88f7a56fb3b45e37185ae065b3133c1e22f62b1f6e97cf425f6a2960dffb4eeb7553dd4727edb390c00fa27315b5d35ace8e185526503df86ae94e0d1c0e1598c8c65adf30404ffee5570e8fb64c0c489da173c6d82728d7351bba2672b3b8079f8d1a8c46b565e053cce79316f2053a1d13b58664fd1d13653ad540d9a14c465768838f15dd17126a6aec9f2e432e25db25cce9f60057a1f7dc23ffe5a8434e21c1fd868408d42db0208fd130ac8d35c2d04b5ded66ccd642bfc2759e788a20f3815987e0b4534a358e840df2f2cf82eca00e58643fca4fdbc850dfa7fe3eaa981f5b9695f49c10d54e537704d7e3e821b883c8c822a8c5bf0e60dc60c1dd008c6ab237b20c794c5602cd2ea0e1306280ffa28699811dd507e8a08f4ce8b70191f771e6f0310497461e8571b2222b4320647b0218b7672ff3cff4c05ced8213f6147ccf7bf980ea731c3163a49434965c85de041f3be3cadc25c50b655d47d2e7c52c50365fdf15bb9ed96c4e21233ee56eefc960a8b22bfdf435be874602da338493c00a258d6649421d12abefd2882db7b36b58ee7170d08799eb795ef6db39ca75d17bf81cf048f3fb692535b3982423c0a702fb5d53dfaf3883dcefcdbb079bc8ad181c0369fde371045750e674873dd8240503ccb767708750f756b7f4c8cbd51f6431eaa333a6352e562eb73195a8ce52e9749eac024e13e1493bfc06a4126ce184b3b10656ab85dfded4d223d7937a3fc046519d0bd1b721a52a0963a3d916ff9fa36494831f834518e95b362c8bb04b9e37e85aac4059d4ce19fe64564a683fc501f010bb879eef58207b60341297f4f20285bab397503278a9d3bd9df1f581b86d630c25cc8b882e916b7ad912d49ae805922e8fe50fa9679d1c9892b2b617a71439722ba0774b745a90d1685be9ba20381de84f875f2910b1789b4e8896f3aba8ed56d7df17502775a7848cbd915df894cf521bf31a7e1cdd4d43154ea0175c78eba120b7424f75d219eadebd123d9a352f7894d3244ab593a74ded1abcedf11c263712540fa5a", 0xe01}], 0x1, 0x0, 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
writev(r0, &(0x7f00000002c0)=[{&(0x7f00000000c0)='n', 0x1}], 0x1)
fadvise64(r0, 0x0, 0x4000, 0x4)

4.160517156s ago: executing program 0:
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
fstat(r0, &(0x7f0000000c80)={0x0, 0x0, 0x0, 0x0, <r1=>0x0, <r2=>0x0})
syz_mount_image$erofs(&(0x7f0000000800), &(0x7f0000000140)='./file0\x00', 0x1000801, &(0x7f0000000600)=ANY=[@ANYRES32=r2, @ANYRESOCT, @ANYRESOCT=r1, @ANYRESDEC, @ANYRES16=r2, @ANYRES16=r2, @ANYRES8, @ANYRESHEX, @ANYRES16, @ANYRES64, @ANYRES8, @ANYRESDEC], 0x0, 0x1d3, &(0x7f00000008c0)="$eJzsmb2vEkEUxc/M7oPnizGxsbDRxJeIEZbdRQ0NBSb2JuBXJ5GVoAsYWBMgsSA2NpYWJrb+AxYWVBZ2drZaqImJhZTWa2YYdsflQ4ghkrz7S5g9M3Nn5s4FTgEgCOLI8u3rry/PrxarWQDHcYi0Gv9hxDFci//88vHFF6Vrr958ev2+feLJOLkfAxCG659vAnhXNhCofhj+ufpQPavgkb4BjgtK3wKDpfRdcNxU2gPDHaUfaLpzTAnfs+51/Pr9pu/ZonFE44qmkMxvMmKoA9hX+TFtvjcYPqz5vtdNir1wds7c1KbiL/UzJ2WOklY/8X7dfvZ0JPqz2tha/RxwOEoXwFBRuog0LMuKS6Ld/7QZ72+sc/9dECdzq2KyO5Ahif8gWHJEfKGjkVOT8Yf5Vd+3mdjZ7V5ZGheAuamPB/+2c0qZwMKY2D+F5Z7X/MmEGflHPmg9yvcGw1yzVWt4Da/tuoUr9iXbvuzmpRFN2xX+ty/96UDbf29JbIql0K8FQdfpA0HXifrutNUct/K281Ou4dL/ODLnpnuIj4q8dnrxGUy9uHwKlTGWJk8QBEEQBEEQBEEQBEEQBLERZ8Dkr6Dqj6pwCe51Gf07AAD//8+DaM4=")
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f00000005c0)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
syz_mount_image$fuse(&(0x7f0000000000), &(0x7f0000000100)='./bus\x00', 0x100000, &(0x7f0000000200)=ANY=[], 0x1, 0x0, 0x0)
r3 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents(r3, 0x0, 0x0)

3.94183046s ago: executing program 3:
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000002c0)='mmap_lock_acquire_returned\x00', r0}, 0x10)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000000000), 0xfea7)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r1, 0x0)
pselect6(0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000002c0)={0x0})

3.870140101s ago: executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000740)=@framed, &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r0}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x19, 0x4, 0x4, 0x4}, 0x48)
unshare(0x400)
fremovexattr(r1, 0x0)

3.833111587s ago: executing program 3:
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000580)='./file1\x00', 0x40, &(0x7f0000000340), 0x1, 0x548, &(0x7f0000000b40)="$eJzs3U1oHGUYAOB3ZrPWttG0oKDSQ1GhQukm6Y9WT+lVLBR6ELzUZbMNIZtsyG5qE3JI70UsKCq91JsePCoePIgXj169KJ4F0aDQ9CCRye6mbf5ca5OtmeeB2f1+lrzfl5l3st8wQwLIraPZSxrxbERcSCIG7unri3bn0dbnlpcWKneWFipJrKxc/C2JJCJuLy1UOp9P2u8HI2IxIp6JiG+LEcfTjXEbc/MT5VqtOtOuDzYnpwcbc/MnxifLY9Wx6tSpV149c/b0meGTww9trtd/uvHu9e9fv3Xjs8+PLFY+KCcxEv3tvnvn8TC1fifFGFnXfnongvVQ0usB8EAK7TwvRsTTMRCFdtYDe9/KvogVIKcS+Q851fkekK1/O9tufv/49VxrAZLFXW5vrZ6+1rWJeHx1bXLgj+S+lUm23jy0mwNlT1q8FhFDfX0bj/+kffw9uKGHMUB21DfnWjtq4/5P184/scn5p79z7fQ/6pz/ljec/+7GL2xx/rvQZYy/3vr54y3jX4t4btP4yVr8ZJP4aUS83WX8m29+dXarvpVPIo7F5vE7ku2vDw9eHq9Vh1qvm8b4+tiR17ab/4Et4o9sM/+sbbrL+X/53RfPL24T/6UXtt//m8XfHxHvdRn/8O1P39iqL4s/usX8t4uftd3qMv7LI0d/7PKjAAAAAAAAAADAv5Cu3suWpKW1cpqWSq1neJ+KA2mt3mgev1yfnRpt3fN2KIpp506rgVY9yerD7ftxO/WT6+qnIuJwRLxf2L9aL1XqtdFeTx4AAAAAAAAAAAAAAAAAAAAeEQfXPf//Z6H1/D+QE/7lN+SX/If8uj//k56NA9h9/v5Dfsl/yC/5D/kl/yG/5D/kl/yH/JL/kF/yHwAAAAAAAAAAAAAAAAAAAAAAAAAAdsSF8+ezbeXO0kIlq49emZudqF85MVptTJQmZyulSn1mujRWr4/VqqVKffKffl6tXp8eiqnZq4PNaqM52JibvzRZn51qXhqfLI9VL1WLuzIrAAAAAAAAAAAAAAAAAAAA+H/pX92StBQR6Wo5TUuliCci4lAUk8vjtepQRDwZET8Uivuy+nCvBw0AAAAAAAAAAAAAAAAAAAB7TGNufqJcq1VnFDYWImLxERiGgkJPDn4AAAAAAAAAAAAAAAAAAGBX3X3ot9cjAQAAAAAAAAAAAAAAAAAAgDxLf0kiItuODbzYv773sWS5sPoeEe/cvPjh1XKzOTOctf++1t78qN1+shfjB7rVydNOHgMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB3NebmJ8q1WnVmBwu9niMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAg/g7AAD//4zf2Wg=")
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
mount$incfs(0x0, 0x0, &(0x7f0000000480), 0x67ccbf614e272b48, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000780)={&(0x7f0000000100)={0x2, 0x0, @rand_addr=0x64010100}, 0x10, 0x0, 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="06000000f6f7ff190100000007000000070bd7eafc5254"], 0x20}, 0x20000011)
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000})
r1 = syz_usb_connect(0x0, 0x24, &(0x7f0000000cc0)=ANY=[@ANYBLOB="120100004f92b90857152077ebb7000000010902120001000000000904"], 0x0)
syz_usb_control_io(r1, 0x0, &(0x7f0000000f80)={0x84, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e00)={0x40, 0x13, 0x6, @local}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r1, 0x0, &(0x7f0000001740)={0x84, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001600)={0x40, 0x19, 0x2, "b3f0"}, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ncm(r1, 0x0, &(0x7f0000000d00)={0x44, &(0x7f0000000300)=ANY=[@ANYBLOB="000001000000aa"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$printer(0xffffffffffffffff, 0x0, 0x0)
syz_usb_control_io$hid(0xffffffffffffffff, 0x0, &(0x7f0000000480)={0x2c, 0x0, 0x0, 0x0, 0x0, 0x0})
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0xb, 0x5, &(0x7f00000040c0)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff4070000000000000400000000000e1ff95000000000000002ba76bb3019c1341056bd8174b79603123751c4e345c652fbc1626cca2a2ad75806150ae0209e62751ee00ba19ce670d25010000020000040000009fc40400d2532e764975f03f1cbf9b0a4def23d410f6accd3641110bec4e90a6341965dac05c04683712a0b09ec39e9ef8f6e396ad200a011ea665c45a3449abe802f5ab3e89cf40b858e217ce740068720000074e468eea3fcfcf498278ad15f5f87e1c26433a8acdc0e65888b2007f00000000000000000100000000000000010000000000000053350000000034a70c2ab40c7cf5691db43a5c00000000000000000000e75a89faff01210cce39bf405f1e846c1242000000000040cad326ad7add65873d9f87463ad6f7c2e8ee1a39"], &(0x7f0000000140)='GPL\x00'}, 0x90)
r2 = dup(r0)
ioctl$TIOCL_SETSEL(r2, 0x541c, &(0x7f0000000100)={0x2, {0x2, 0x0, 0x0, 0xd72}})
ioctl$TIOCL_SETSEL(r2, 0x541c, &(0x7f0000001900)={0x2, {0x2, 0x0, 0x0, 0x101}})

3.597379373s ago: executing program 0:
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x3, 0x5}, 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x3c, 0x3c, 0x2, [@struct={0x0, 0x2, 0x0, 0x4, 0x0, 0x8, [{0x0, 0x3}, {0x0, 0x2}]}, @ptr, @restrict={0x0, 0x0, 0x0, 0x4}]}}, 0x0, 0x56}, 0x20)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000017c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, r3, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00'}, 0x10)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
dup2(r4, 0xffffffffffffffff)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
fsopen(&(0x7f0000000100)='ramfs\x00', 0x0)
symlinkat(0x0, 0xffffffffffffffff, &(0x7f0000000140)='./file0\x00')
renameat2(0xffffffffffffffff, &(0x7f0000000040)='./file0/../file0\x00', 0xffffffffffffffff, &(0x7f0000000300)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
renameat2(0xffffffffffffff9c, 0x0, 0xffffffffffffff9c, 0x0, 0x0)

3.075824584s ago: executing program 4:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x10, 0xffffffffffffffff, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x601c2, 0x0)
ftruncate(r1, 0x8800000)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000280)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
recvmmsg(r3, &(0x7f00000034c0)=[{{0x0, 0x0, &(0x7f0000001e40)=[{&(0x7f0000000b80)=""/4096, 0x20001b80}, {&(0x7f0000001b80)=""/112, 0x70}], 0x2, 0x0, 0xa0028cb4}}], 0x40000000000013c, 0x700, 0x0)
sendfile(r2, r1, 0x0, 0x578410e9)
sendfile(r2, r1, 0x0, 0x100000000)

2.694971923s ago: executing program 0:
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x256c, 0x6d, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000001440)={0xfffffffffffffd87, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="e221050000000ae90000005f530b376c50bce839b15678a4ae455c1235b1a46867ed6eefedd7de976463650d74e3148c08f453f7767a1f74d758036d40fb627e75b4b90ffc36891cd6269a2bcec7c02607993d544edbcd9ec08be499f04484d3424e60c735e72541d6b151eb02de618a78c725a26928f26d538c3f9765e39700c23e10afa9bb0525777e7c0000000000000000"], 0x0}, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000900)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}, {@index_on}, {@metacopy_on}]})
mknodat$loop(0xffffffffffffffff, &(0x7f0000001600)='./file1\x00', 0x0, 0x0)
chdir(&(0x7f00000003c0)='./bus\x00')
r1 = open(&(0x7f0000000040)='./file0\x00', 0x40c5, 0x0)
r2 = open$dir(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
write$9p(r1, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r1, r2, 0x0, 0xe065)

2.179934983s ago: executing program 4:
unshare(0x600)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x0, &(0x7f00000002c0)={[{@user_xattr}, {@errors_continue}, {@sysvgroups}, {@norecovery}, {@errors_continue}, {@abort}, {@quota}, {@noauto_da_alloc}, {@lazytime}]}, 0x3, 0x56a, &(0x7f0000000ec0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH")
r0 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file1\x00', 0x0, 0x0)
fstat(r0, 0x0)

2.075244569s ago: executing program 4:
r0 = open(&(0x7f0000000080)='./bus\x00', 0x400141042, 0x0)
mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x580000a, 0x13, r0, 0x0)
pwritev2(r0, &(0x7f0000000500)=[{&(0x7f0000000340)='\b', 0x1}, {&(0x7f00000011c0)='(', 0x1}], 0x2, 0x1ffffff, 0x0, 0x0)
pwritev2(0xffffffffffffffff, &(0x7f0000000480)=[{&(0x7f0000001200)="eeb95e64e21834f0106eb94bcd626a6789c81745e15ff249aadd77654438a384fab889f06452d966df253899e559cc37d9dad25ebbc731be12fcfad86be675ef0976b3083170fe6d502778a8d620c97db8576be047128828f9c135fa5385124d77aafff52f7624ce1d5251a4ca4a6e1d447e07589e74ce2222ac0ecabcc92b8b243d42f8120e50e4780fac053d67cc8bf77465b9551b350aae7e5083b45a622917a37363fab9cf8c30cfa503632427ef51ec8750ca2cfab470d3c36e20ae66df3b3123ca8ad13c52fd299884c8f60386f2a8b2a594211d986b39881eeecf5b817e5c594038967cbb08503aa6c0c31b6df8ca13f6d705c2d8185e8b7a91e94a041fda4a251f05c998b9407c6894325f945c2ca57c154136c7abd6b90c29cb4492d05ec96d0782ebb01cc8f8a268be8470cc4dc2024f93bde79167e8e8bd9d0e63700123c8f65c927531902a6c04b0026242c74721a6a4f40a602dcbad4b16ee1ca0bebd8b80d2130c4a62635d5520ec9b5e2e1e4ebb900f34c44e30ff0480418a129be2144d07173ec34128c7bdc1c587ebeee5af36d49cbe9655bf890503e31c1c6fdccedd8d4b83aed4968d469dad7ea34231b22686ee6621c8d14211cc183fb8df11f3c131e7e002fb3e2445380f9a8d7f3e0ba086afd10fc769ab5ad2632be5c42b8cbfb6f912c6c8dbfbfd72c5378571b115443bdeda4b3edac7598c3839abb949dec2799f73a74cf4ce0cb0de25215c14a37aa66a080689dd1b6aefcde0c564fc49c73193000f227593f7b19f8ca88afcf41268ee3b561050381e9191a6eada09ecd68d010a8c3851de3fb654a28a1a8651f175c94ebd3772b15a43e1f01ca12b2a39db94047819799910b67d77e5b7039fea721cbee9c2c8a796f9a5e654e71e82a095f6ee5afde71658d1b81a65e5f99ddc7ec5293abd1994ad33b1cffd9ff716203442ece60efd95a9ce809b74875023e166b64444e3cfea1258ea2528a33861294a540cb9736d9b8d80e95cbec038b0679054098c10c6fbee70c334d8cf785119f06a27e1bbcda613265e5ba04b7d81a7f4c0a791164b90555f9bdcdbf8d4acce13c70ea9f1413eec817b89253209130bbd2e10476abb147c728f195644269e74b6f868329f0da6126d76bf887709916be4c9fe3a9841636352331de801cb348b8e23f68b90b611fc39ff8a70fdd1e1f29866196918b2e2c78aba747dd53fa656bb0d828e39a007e3bad73e1dc11d416b6fa340db3226a26455484dd6ae250b21d6223886e26430661a6a723416ea6e155e7c885542e5a5b46735281b88adeffa6ef4f7ba652a1d45b096f39645c09eba143ea219b1bc49ab97eb20593112d1f6f57201a7a841240bfef3495446f1f3f1387f195ae973721cce0afcf7a1d585b77fce174bb5d883bdb4f8af22bd7fae25b5ae007da045d3a9f6437bca7d195b0ef3776f7c27a3912d03de3f1e0cabfa32bd7ae9d77b33520a04c134693726ca45f29d300c858f004c8b0d1d99954fc625248808309b4a687976995b84b404c84765f790c715933ed5288ab98e9a170f7069686e356557109d3573aa43badb935a920c0d665ee6bf92a6afdbd09178ba4dc1c4130c6c550af7b09a9da2190be472ff70b36250c51e5404e1f0d8d2a337730f117849d71b83c2f7c1544c3d03c0fc176909c0a621245b0909bf43a2da9f64c4bdb12e2c16856126a1b295c26ff97a4f19b7bc934accff280fd1d85dd0fd4312b35bc36f4fd81db1e4473073c99289e827d9164200cc43d4e86fe1f13fb2047da809d5644985b76e83f64e1ad4a0e268a2940f7b36eea12a91b7031ba1fbc1c437bc534b12b5ea182906e2566ed54587c9335d4416c1d2f4617ff5a1e78d5a9afc2a41d2807d7010bfe6ed11e668b6904b69c4fe425e8fd7d139a70235acbd080d88a613a6e99e710465b26346e5233777125f76a4439119bf99dd4ccee75188a353772172633122c00620f730ed71452af6b2191268776d702215acaa77c93cfeab4ca3b329708722caf1a3072ec696069c09ffe817bcc18132511e1ff6586231d3227389e8af167d86958349315a72464beacf34fa3f3964be74b203db691d8ff4e9e335af214776e580fe68f1d3664b3a3e289fb5f28723195e1ae2def006707d1bfbe7b43378fd04f88fe03a20f874626f00828e364e621a3c0eb98eb4210bbc46cbc4e1868d4aebe816ec97f034c6de6495701db4dd617d4dd34a5f0ec4a0241cd1b7338fddf05821ca279f0d29b247df19563e3169bfe2a36cbf0c1e6590c90a09d1ec55d2539cb6c05d449f347789b04aa5d3ec7cb022725d5d78a39d214e8d93c9ae48524d28d0031713d9eeb8afd80721bfef3f3f599b6fbe5511f94d5a92fd818bde10c9f4d71a74f2dcc0ccc5c1dfe28851fb40b16409b277972f053b02600f854d2f6cc5ec2db27988646f973108321c8f5ef24d170d3d96f21e8653b840d92caad9d707d7809776dadad1f145af0189b303384eb82336dc01e5df951159ab62adb4dc705762dadef6591031243c2043bd3d3841a6d22f45fedeaaa28f8585e4b4d701f7dcab0833deced8c74f9098c40a955e2348b91330aaa48f894db46d8ece982592f11665d348369db7661d9dfa07784dd249607c2b1cb53287ac299f0eacb5600dfd770ca274c0faa04440f77316e78a56b857bc1e09d6f1cad4c2008fec16839279e033a3ff6dd07e93a4549ca2a9d242c9b89172aed618fa82598492d0af252c6b81d775e55c631159d45c1163b04a70f70cc632fae94873d867c980f95561f314aaefd6af0f4164b2a6a4a19f0cc84912ba1403012bb8e7b8a36c643e4f65124547faaedc1d15396ccaa851991bfcecb382f761b2d9851d95f8d87211d6cd2af2c051fc730781e894fa7168242fe62d8e76583340272c32a4ad25cf593bc3cdc4f0048ab7452a9472c47fc41e199575aae08771516dc3c1ab8540b90c817bde21b1abe797f6deceb2ed6a6016f1b284acd3f556dab9b3b9b34dd1d173057c46622a9b9d249018a1882eb7d55c0ecf9c1cb606c1c47f7c406b09217d0061d2736ca4efac52cfb5565f45dfb46d4d94d066c3404267a091ed4f4ad7e37a9302f30df0579e9c601df813d997b6fc8f92c8992b8ef6da76266e1b2ac0b1e3b64d0131545066677272f8be7e3bb6fcaa78d35072239273d05dcff77c54edf3ec35994d2aceeef1badb91eeda635ba37ea90081039d0ba82978a736ee5687626310d4062775d3217f9f46fd7781296d52873133a537e82c78438349a480be9890f4d35a40efe198afbe5e3bd7c9b52e4b88dbdb0286f6a83d98e2d44bf02a9ef5206cf54257624b225f0870ac0ff4bc44d03301588daccc768bf0275d501814f26209e687b1ebb0eaead8f6d3908f0eab4623199170997bce33a8270d136cac5e05ac4824e9e5909c47ccd003ce2c135f841a2c80d59a50e258030acdd3ae4d92df85e7cc9788780557f70aed45df5cc8654c54891c7454cfe8c921b3e8446b5c9d8f40a6cd02b6d4166bae129dd6986d0d0559ed73593c583c47bbbe0d27cc7f3cf1b4841523ff444ff1734c19f797c52ffe51de9c7cc409b45eeb726d330bc8aa1582597882680c3bd17b93ffba38add407e0cd5a6fbc6af278adc6f87b7ece459bdb227be6f76dddf62aed451fcb61da068d6e43f10d50967701a73b0804935ecd23d5b06214be7604ad7d9d8a459be2d3efeda30a3bd13ff501481f20ca896fc2f3525400b44e5f20ea98c67447fb1ff07f3fbaf212dc1c8f851ca3eacad2790b131d1b27dea663a56ca7d2318541d3b08dcf963b52535ef25111bddbad8e3da6ccd7686c902fb10af0752de9a0ff178c58dc2372422bbf0a45dcbfb9e5d80ec877ef2741046c7170f8d88844523bf8ba464767918233148275d0909e376be079aa499ac628f2ae9c8c9b737a756050a3b5f5c67cc390319f3c4b2f938a99b93defa97c39dde102c838832969c39d914440105053f88f7a56fb3b45e37185ae065b3133c1e22f62b1f6e97cf425f6a2960dffb4eeb7553dd4727edb390c00fa27315b5d35ace8e185526503df86ae94e0d1c0e1598c8c65adf30404ffee5570e8fb64c0c489da173c6d82728d7351bba2672b3b8079f8d1a8c46b565e053cce79316f2053a1d13b58664fd1d13653ad540d9a14c465768838f15dd17126a6aec9f2e432e25db25cce9f60057a1f7dc23ffe5a8434e21c1fd868408d42db0208fd130ac8d35c2d04b5ded66ccd642bfc2759e788a20f3815987e0b4534a358e840df2f2cf82eca00e58643fca4fdbc850dfa7fe3eaa981f5b9695f49c10d54e537704d7e3e821b883c8c822a8c5bf0e60dc60c1dd008c6ab237b20c794c5602cd2ea0e1306280ffa28699811dd507e8a08f4ce8b70191f771e6f0310497461e8571b2222b4320647b0218b7672ff3cff4c05ced8213f6147ccf7bf980ea731c3163a49434965c85de041f3be3cadc25c50b655d47d2e7c52c50365fdf15bb9ed96c4e21233ee56eefc960a8b22bfdf435be874602da338493c00a258d6649421d12abefd2882db7b36b58ee7170d08799eb795ef6db39ca75d17bf81cf048f3fb692535b3982423c0a702fb5d53dfaf3883dcefcdbb079bc8ad181c0369fde371045750e674873dd8240503ccb767708750f756b7f4c8cbd51f6431eaa333a6352e562eb73195a8ce52e9749eac024e13e1493bfc06a4126ce184b3b10656ab85dfded4d223d7937a3fc046519d0bd1b721a52a0963a3d916ff9fa36494831f834518e95b362c8bb04b9e37e85aac4059d4ce19fe64564a683fc501f010bb879eef58207b60341297f4f20285bab397503278a9d3bd9df1f581b86d630c25cc8b882e916b7ad912d49ae805922e8fe50fa9679d1c9892b2b617a71439722ba0774b745a90d1685be9ba20381de84f875f2910b1789b4e8896f3aba8ed56d7df17502775a7848cbd915df894cf521bf31a7e1cdd4d43154ea0175c78eba120b7424f75d219eadebd123d9a352f7894d3244ab593a74ded1abcedf11c263712540fa5a", 0xe01}], 0x1, 0x0, 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
writev(r0, &(0x7f00000002c0)=[{&(0x7f00000000c0)='n', 0x1}], 0x1)
fadvise64(r0, 0x0, 0x4000, 0x4)

2.021349737s ago: executing program 4:
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f00000021c0)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000000040)={0x50, 0x0, r1, {0x7, 0x1f}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f0000006380)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0)
r3 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r2, &(0x7f0000000180))
socket$inet_udp(0x2, 0x2, 0x0)
pselect6(0x40, &(0x7f0000000400)={0xfc}, 0x0, 0x0, 0x0, 0x0)
close(r0)

1.824384637s ago: executing program 4:
r0 = epoll_create1(0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r1, &(0x7f0000000180)=@file={0x1, './file0\x00'}, 0x6e)
listen(r1, 0x0)
shutdown(r1, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000c85000))
epoll_ctl$EPOLL_CTL_MOD(r0, 0x3, r1, &(0x7f0000f2cff4)={0x775409470d9a1685})
epoll_wait(r0, &(0x7f0000000000)=[{}], 0x1, 0x0)

1.80923004s ago: executing program 4:
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000380)={'#! ', '', [], 0xa, "d6a10f8ecfbcbf1e2dfc7f10ccac0af13f00dc3f987b7ac16eba001772f716fc1720a547f33709a7dfccd3742e34fe03cd7d18521912eaaa274ac38953ddbf49ab71bc413b673594ccc1e75339496f584d7d8427"}, 0x58)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r0, 0x0)
dup(0xffffffffffffffff)
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, 0x0)
r1 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000180)=ANY=[@ANYBLOB="12010100000000105801000100000000000109022400010000002009040000010300000009210000000122dc0109058903"], 0x0)
syz_usb_control_io$hid(r1, 0x0, 0x0)
syz_usb_connect$printer(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="120110030000"], 0x0)
syz_usb_control_io(r1, &(0x7f0000000340)={0x2c, &(0x7f0000000000)=ANY=[], 0x0, 0x0, 0x0, 0x0}, 0x0)

1.787793953s ago: executing program 3:
r0 = syz_open_dev$loop(&(0x7f0000000000), 0x0, 0x0)
ioctl$BLKPG(r0, 0x1269, &(0x7f0000000080)={0x0, 0x0, 0x98, &(0x7f0000000140)={0x0, 0x1000000, 0x4}})

1.766640306s ago: executing program 3:
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='mm_page_alloc\x00', r0}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x2, 0x16, &(0x7f00000005c0)=ANY=[@ANYBLOB="61128c000000000061134c0000000000bf200000000000002600020007ffffffbd0310000000000095002000000000006916000000000000bf6700000000000004070000b964b01a4607feff00207000540700000ee61e00bf150000000000000f5700000000000065070000d23700002c030000000000001f75000000000000bf54000000000000070000000400f9ffad430100000000007c000000000000000500000000000000950000000000000032ed3c5be95e5db67754bb12dc8c4ed68ecf264e0f84f9f17d3c30e3c7bdd2d17f2f175455000078af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd390700000500000000f18c30907d7bee45a0100000fe9de56c9d05000000c6c60bef0d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cac3f1d5af65727546e7c955ccefa1f6ab689ffffff7f63ede202fa4e0a2127b8b83c71a51445dc8dfd13ff15f852a39e5b2ab7bcb8f512036a5ba6d04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916fcecc8158f0200000000c8fb735fd552bdc268694aeb0743e326c819b6cf5c8ac86f8a297dff0445a13d0045fb3cda30a673a6037ed8c85f21ec2c081bdce431e56723888fb126a19bc1172b84b3ebe174aba210d739a018f9bbec63222d20cecac4d03723f1c921b5bbf7949632cacfdd32b3a6aa57f1ad2e99e0e67a993716dbf580469f0f53acbb400001e3738270b315d362ed834f2af97787f696649a462e7e090000000000000045eac1f2014f720e83b7838e3eede14308d582685e1becd6f35154bcb4000000000000000000000000000000bc3af2b170ad3e2b26539cebca8f4ddc211bc3ccf0bd9d42ca019dd5d022cf74686e9fbe2562979eaed840a7afaab43176e65ec1118d46d1e827f3472f4445d353887a5ad103649afa1769080584f800031e03a651bb04000000ab04871bc47287cd31cc43ea0ffb567b4040c1458d0320ce7d0000413a0000000000000000005f37983f84e98a523d80bd56a57fa82b82f639601ae899a559949702e119e36418f6cfc1cb26a0f6a5480a55d624a0c544ba0dc828c22fe30000aa391598000000437d57fcf8295f63a70837f5cd4e5e77964522dc7ca3aa3476b7f2d851d27fd4de6eabb43e0799dc8d9fb7dc6c523ffbd74a6a40e4acb1ac872ade9d1f2ab779b8dbe843aeeda0426c767c00327b8c95b2bb6ddb55117669d9598c0f3598073f3a921c76beceff7e4fbf909a2cabf5b8ea5011db9020823b83abe54346c7af0a99fa077ffe7000feb9e44023a1749eb1d0d572b77d6e0d0fcd74031c8ef2629f5ecff4626746d6abe98a255e92c3c4f79bfcd0d91741380000cfeb73dec68ed56b5d3dfdf0cb8b71ad79000000000000000000000000000000dd434a25e95d0ec29d3adaccf89d0888031ecdfdb4dfbe444673be099ece7e4009c76c7108ef0a7e59fd6d906fbc3c9b412e0478cfee4485f423c63f49db43833c92eeeb647cebd4d7a93a17bcbb6bae5ff876375d4fe39cc2d292691672cc18ca372104ceb83a35ecedd97fc191d8f64d2b1d60c6d12911aada66c26aa4802c3514c3d92ec905000000b13f4a2575fbe943a6c40000000000000000000000000000028026b80c3899543223a6079ee96198b9a326db3be3a48af415ca28ca68c502550044ed8e29af8d763ef9b1f31befcad2ce5394601c7cdc233bff7f0000000000009fb3ad650f77e339768924dfdbeead13b88371154d743544a6091ec93e0d3fd5b4dc42911c1ba322fd4d6fbf19e617d51f964727bfd5cc5ba15370f6e1141d2271eded0b15e4316a1e4623272beb249a0928c417720be14c898f397411c88a7bcf3df46ab3efe7cd5e160c2afd3cc945f75011a102d952c7ad17a58d9be691c334ea35bae71e76e160cc2260bd028162917807ce89e11b5f261052ee0dde18efa1d802af2b7bcf6f8af419bccf64ca1c81045153eafbefdb91fbdff9ee3307d4a1837963b2dc2a3698d90e7915b098f19392e792adaea86052f4e948184001b6494e906925a092483adc7e9c8f7a29d226763c100aecae7f00619c36bceb9fb6dd7e55487d8485e498fdfc377fd3d266d21d46ab2f6b2ce22cd0aebba9b0ffbfe8ec3143c3734967c90b16ebbeeae1ce2baaae05aed6bf0f40c8a323f9235dc99698bd0b800067a983fe171fe71fdbc38064627616bb01a79daada03cc77e74feb98b1586946b452764ff917a8ecc10e529c5bea49cad70e22df522c2803b6ef65df70223c6e22c3433e322d8dbd6e9b040065a9d6b3d5ae276cffe935d559bea88e1aa36b4e6c19e78457904297e77370e013b705a96548d47c609a93c45f4d1382b39c05dcc07d5b49ad75ddb3ce5b5b9416e03995da04647aa5e6fc1a6f5d663380967ccef9de49a90ced031335e3219ebd9d06c257a50497ec523f5ff7361261ccfe239d603364a42e2e81fc068fcbb9792b673827fe7018a988fbce55bb74cdb327ced4b77b8743fb3cb72cc280b9f62e4f92f46a19600b802cba88b7d0a938d9e0e6cfe5d66b874c9a0c6c04b96360d6f499d004179e5b6025c0e1050faec7ecd9de190a975db2f8c06a551236278c4766d7e22e3b85168c9851de6266c791252f919b4f8b257b5a786734e5142e4666c67aef5b7b2f88c6640995434aa8636993089c73f196c54ae829ad4307132655b075ae534fa7f1ea9a17e62357b0bd2bd1d62d34bfc1364640250136729ba4f763ff25c33e8acc806611792add8254e705fefd2a44d5b15e3b36f6b75c97c9c04c511d8cf9e24c61c8284a913a381cb1a5628878040000000000000017b68afd95d4abf7920de9ebe1c89661f4adc3d83d72b1b778e30c2bf2efbbcd054cf51f4205ebf9a98a0d9f18135cb1d8d567c3436fa697b72c3b0200000000000079c0b3339debc78352b2e65299223d7ef2bd540e78167b3ac92a4c4f826f6d0e5c4ebf4f7a70c03e2f5ddbebf168586360c3663531eb5995d228f011a10ffc8b17d716b0c528dab6d0c4fe2ee402348104bc5d4012babedee898c6d3e1017be2e9bc759d3ab4d615f5000000000000000000000000000000000000000000007fff0000000000e693e314adf7dc9f517d04f1e6ca367d30d31d3647c6059db6e1e9529eb1623ef99e2d9ac2ab4872f8e784b07a31110bef6d000000a6f9e89e6d50ee06ce716f94da60f1f22d9669560d296287c13c92070000ee7553eb2df17839542fa88d09f000e88a90cf4406b9000000000000000000000000f441d6a6f516c235c6f5863e7f454ee0e16b9aa2593eb31fa3836703e7765aaeb77a8770e518efaa6d3dd85e03b3b133eb749057cea9af75a0e6f633532f2891b8e263cb6eecea691842827bc7c8c0130187081c8d320642389f5f0c42dba0ff75a257310f2d92cb1d1e16468949f5675262ee318e735930b01d8f586e34537bcff7d6196f494cdcf3a712078d745db0f5687a78ee6d000b3d171a0f08299b52d207f32e9da311ca090000003a42732808515eec574f892622c5be497fc3d9ca122d7c18b9e54637812c8debc61f0e42d838e44a819b74bce1a56108bb0fde97a02475920532309c55b2c9ae9f281391ec5cc72a5e94cca1cbf1ff01000000000000bdb537a0c52bd45a9f966c25616cec30c3ea3246cb8e6aac7cf273638e6656a3e4ccadc348f0172028c99cc5f6d5c6d09ed65aa54549e73c28b7c8ad06ad3c5e3c27eec0eff1a6c84f1189919eefcee8072d1f88cb781e4cdb04af00ac92f1080211c4bee74381a0e31021918f27863fdbafb50f70857d52a1f7df51935a80b1980a4778d35f183ea517f55a98095305701ab3f3ae43f06e91bc7d85e3800b46926944fba9805a985e63e53a62232fcd3f01dbe1728f300e247a7ebe344f9749818ff3961b2a42664ccd680a90bbb6ab400e286acc8f9febef64594777f848ed1cf980a3da2f0f7745760a05887d0c28060d613dd6539d392fc21fee0b5131609664b821d7a994e6c5965a4fa1ec1790c54e54586907dcc5e8bac16e79da9c2444420900000000000000f888a94365b99b72796fca1b922fc9aefaf1546c17cbb1d2d2fd12cb1a49cad501a3ca218c595b667b634606c57987ebfb0783a4948e4561d5cda158fe74453ff4a837beeedba483842c57d6005b544b4f80003386edfd3d4a88a667bd41eefe0d808abed0ab29e6bc370a80cc0366fb4080bfbaaa946fd47ab662c794846e403950bbc3a48bb276cbb08a8eab145c06221ef16a238e3d50ad18aea9a2cec97d3c2d0569caabe2bffe02506bc9cb7294c5d020536dd5e7a6351642112df3b55d0215aaec7e45598995e79699e47567e353e68b03f82be860b188554b734e1192f9c1a867b815ef52cdc3307c0cc9be05a40fde69c350e59f11f1d26a4d04d8c8b2c4a4d23ec931d14bc7807db773a614b670acf46f83f7c65a0f8d43c5f64705f0d27c46d4b686e867e9b0be76a7978a8f962bb5a070df97f2bf7612115cfe5ebdc7ad0bc5a5f3ace25347d0e5c347279d55aa67a967380000000000000000000000000000000000000000000000ed0942d980c754c6c69ef65c375ad018824f78b260d5f51bc3feba504408a8c8141d84f3f417603b5081680f346ff0ffbe4ae19e936511966965ce268b6345a0001c0f26a32e0a999fc869292e939dcf89b9bfd794f9c12d41959a00688cca43015a9eec58f647796adea520cd2abeb0b55c22949d10e5a05fee4543fdc1e02554a55b5fef2427a6e5708edc38fac53c2f961945a3f83cdf01979939b49bc6b1aef8c733401bbe473de8d64efbe0d123739f387d1c0d9e74f2175c174ada1678c7db79492e8dd0f34e2ccf419cf7f14ffa408b50a52685b36aed14aa22ad928191d5a2697646edc52a1c0c5d720ae690add2b34aed161f51cc1cb424f76098e1e1921e5a405f9d298a8461f2da30e47b7c6ed7c95c84c745f58723e4cddffae3b53b5b947f9435e589f9ae55b30ecd3827b2de5df31976870823da8058c2538c04e397f3d0ef90c11c74da984fa558697ecb57224ce8fa6f79aadbd7dbf3678e74d790bc2ee72769a3ada1dd504f8e4133ce1effd446bc9a2f139e65cc4bd83912af3122352506c7c2191b3705116b2f4fc20d4e93882bdd6ccea97f3a08d3565b0000000000000000000000000000d35fb97c2d7a9374294dcec3da3df9a13c4fc63b00426682534d894caee0b963a30000000000000000000000b1c83ad1d04447d3551f4000746f6642dd581af20e1015f9b7d3d3ca2271f4b6549c30a1bdebee75585e17f8e8ec50da4cf7f502e721c84eb4d9feeb732f511bfdc1bbeb446f0dfb918a172f6c005ea6508f8419e0a682aef2c6dae67a275cba2a7f8706a6ec15183d9fc965ae187495e5124d07e5f421c51139d3deba29d41fcdc1ee3d852eeb6e912f41e6921b20beb606b8e9487684ab719666fb7455f578e0106e5846ede204f9df02efae33821c9a0d493245abb7afa4fa6c34b79e7f1bb0b68d041ee6a0bd56d462cd5f6db8dd34e4f53ef5c6389f36df4a7d23bcab141613a0c0296a89638e8b4bb063ff4e964de9c7d22f821a8b2588d524e0a5f09c52b892e41765930301c1913c135f664e3280f07dff262d95d35dafac2d9c609344280e838281bd2a59802ace5f3a8c94ac5f8fd153bc7b79b14803000bb262cf6031b6e3b79b0e2536443e351048451a2754e4859f472f8816d33608713b383d70"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffffffffffe50}, 0x48)

1.220297311s ago: executing program 2:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x10, 0xffffffffffffffff, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x601c2, 0x0)
ftruncate(r1, 0x8800000)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000280)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
recvmmsg(r3, &(0x7f00000034c0)=[{{0x0, 0x0, &(0x7f0000001e40)=[{&(0x7f0000000b80)=""/4096, 0x20001b80}, {&(0x7f0000001b80)=""/112, 0x70}], 0x2, 0x0, 0xa0028cb4}}], 0x40000000000013c, 0x700, 0x0)
sendfile(r2, r1, 0x0, 0x578410e9)
sendfile(r2, r1, 0x0, 0x100000000)

910.122899ms ago: executing program 3:
unshare(0x600)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x0, &(0x7f00000002c0)={[{@user_xattr}, {@errors_continue}, {@sysvgroups}, {@norecovery}, {@errors_continue}, {@abort}, {@quota}, {@noauto_da_alloc}, {@lazytime}]}, 0x3, 0x56a, &(0x7f0000000ec0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH")
r0 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file1\x00', 0x0, 0x0)
fstat(r0, 0x0)

815.649544ms ago: executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b703000000000000850000007200000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000240)='kfree\x00', r0}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x1e7d, 0x30d4, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x7}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r1, 0x0, 0x0)
syz_usb_control_io$hid(r1, &(0x7f0000000080)={0x24, 0x0, 0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB='\x00\"\a'], 0x0}, 0x0)
syz_usb_control_io(r1, 0x0, &(0x7f0000000740)={0x84, &(0x7f0000000000)={0x0, 0x0, 0x2, 'u,'}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

317.823771ms ago: executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000240)={0x1, 0x0, [{0x1, 0x0, 0x0, 0x0, 0x0, 0xffff}]})
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000000)={0x1, 0x0, [{0x48c, 0x0, 0x2}]})

312.875682ms ago: executing program 2:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000740)=@framed, &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r0}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x19, 0x4, 0x4, 0x4}, 0x48)
unshare(0x400)
fremovexattr(r1, 0x0)

274.780478ms ago: executing program 1:
r0 = epoll_create1(0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r1, &(0x7f0000000180)=@file={0x1, './file0\x00'}, 0x6e)
listen(r1, 0x0)
shutdown(r1, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000c85000))
epoll_ctl$EPOLL_CTL_MOD(r0, 0x3, r1, &(0x7f0000f2cff4)={0x775409470d9a1685})
epoll_wait(r0, &(0x7f0000000000)=[{}], 0x1, 0x0)

265.812069ms ago: executing program 2:
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007d", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = socket$inet(0x2, 0x2, 0x1)
sendmsg$inet(r2, &(0x7f0000000100)={&(0x7f0000000000)={0x2, 0x0, @loopback}, 0x10, &(0x7f0000000400)=[{&(0x7f00000002c0)='\b\x00', 0x2}, {&(0x7f0000000800)="a4d14c4661d0", 0x6}], 0x2, &(0x7f0000000040)=ANY=[@ANYRES8], 0x48}, 0x0)

262.74567ms ago: executing program 1:
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f0000000280)={[{@noblock_validity}, {}, {@sysvgroups}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@errors_continue}, {@noauto_da_alloc}, {@nomblk_io_submit}]}, 0x3, 0x56a, &(0x7f0000000680)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH")
chdir(&(0x7f0000000000)='./file0\x00')
creat(&(0x7f0000000040)='./bus\x00', 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = open(&(0x7f0000000080)='./bus\x00', 0x185102, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2, 0x28011, r0, 0x0)
readv(0xffffffffffffffff, &(0x7f0000001f80)=[{0x0}, {0x0}, {0xffffffffffffffff}], 0x3)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0)

251.874381ms ago: executing program 2:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
write$binfmt_elf64(r2, 0x0, 0x40)
fsmount(0xffffffffffffffff, 0x0, 0x0)
getsockname$packet(r2, &(0x7f00000002c0)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000600)=ANY=[@ANYBLOB="2000000014002101000000000000000002170000", @ANYRES32=r3, @ANYBLOB="08000200ac1414aa"], 0x20}}, 0x0)
sendmsg$nl_route(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=@ipv4_newaddr={0x28, 0x14, 0x121, 0x0, 0x0, {0x2, 0x0, 0x0, 0xfe, r3}, [@IFA_LOCAL={0x8, 0x2, @local}, @IFA_BROADCAST={0x8, 0x4, @multicast1}]}, 0x28}}, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000180)=@ipv4_deladdr={0x18, 0x15, 0x1, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, r3}}, 0x18}}, 0x0)

231.320785ms ago: executing program 2:
r0 = openat$rtc(0xffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$BTRFS_IOC_TREE_SEARCH(r0, 0x7005, 0x0)
readv(r0, &(0x7f0000000000)=[{&(0x7f0000000080)=""/193, 0x8}], 0x1)

212.961937ms ago: executing program 2:
syz_genetlink_get_family_id$devlink(0x0, 0xffffffffffffffff)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x0, 0x13, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
symlink(&(0x7f00000005c0)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', &(0x7f00000002c0)='.\x02\x00')
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000200)=ANY=[@ANYBLOB], 0x42)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000100)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x15)
mlock2(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0)
mlock2(&(0x7f0000006000/0x1000)=nil, 0x1000, 0x0)
mremap(&(0x7f000000a000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffc000/0x1000)=nil)
mlock2(&(0x7f0000001000/0x4000)=nil, 0x4000, 0x1)

0s ago: executing program 1:
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
fstat(r0, &(0x7f0000000c80)={0x0, 0x0, 0x0, 0x0, <r1=>0x0, <r2=>0x0})
syz_mount_image$erofs(&(0x7f0000000800), &(0x7f0000000140)='./file0\x00', 0x1000801, &(0x7f0000000600)=ANY=[@ANYRES32=r2, @ANYRESOCT, @ANYRESOCT=r1, @ANYRESDEC, @ANYRES16=r2, @ANYRES16=r2, @ANYRES8, @ANYRESHEX, @ANYRES16, @ANYRES64, @ANYRES8, @ANYRESDEC], 0x0, 0x1d3, &(0x7f00000008c0)="$eJzsmb2vEkEUxc/M7oPnizGxsbDRxJeIEZbdRQ0NBSb2JuBXJ5GVoAsYWBMgsSA2NpYWJrb+AxYWVBZ2drZaqImJhZTWa2YYdsflQ4ghkrz7S5g9M3Nn5s4FTgEgCOLI8u3rry/PrxarWQDHcYi0Gv9hxDFci//88vHFF6Vrr958ev2+feLJOLkfAxCG659vAnhXNhCofhj+ufpQPavgkb4BjgtK3wKDpfRdcNxU2gPDHaUfaLpzTAnfs+51/Pr9pu/ZonFE44qmkMxvMmKoA9hX+TFtvjcYPqz5vtdNir1wds7c1KbiL/UzJ2WOklY/8X7dfvZ0JPqz2tha/RxwOEoXwFBRuog0LMuKS6Ld/7QZ72+sc/9dECdzq2KyO5Ahif8gWHJEfKGjkVOT8Yf5Vd+3mdjZ7V5ZGheAuamPB/+2c0qZwMKY2D+F5Z7X/MmEGflHPmg9yvcGw1yzVWt4Da/tuoUr9iXbvuzmpRFN2xX+ty/96UDbf29JbIql0K8FQdfpA0HXifrutNUct/K281Ou4dL/ODLnpnuIj4q8dnrxGUy9uHwKlTGWJk8QBEEQBEEQBEEQBEEQBLERZ8Dkr6Dqj6pwCe51Gf07AAD//8+DaM4=")
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f00000005c0)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
syz_mount_image$fuse(&(0x7f0000000000), &(0x7f0000000100)='./bus\x00', 0x100000, &(0x7f0000000200)=ANY=[], 0x1, 0x0, 0x0)
r3 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents(r3, 0x0, 0x0)

kernel console output (not intermixed with test programs):

Warning: Permanently added '10.128.0.53' (ED25519) to the list of known hosts.
2024/06/15 23:47:51 fuzzer started
2024/06/15 23:47:51 dialing manager at 10.128.0.163:30000
[   20.684459][   T23] audit: type=1400 audit(1718495271.280:66): avc:  denied  { node_bind } for  pid=344 comm="syz-fuzzer" saddr=::1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1
[   20.691279][   T23] audit: type=1400 audit(1718495271.280:67): avc:  denied  { name_bind } for  pid=344 comm="syz-fuzzer" src=6060 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1
[   20.735262][   T23] audit: type=1400 audit(1718495271.330:68): avc:  denied  { mounton } for  pid=353 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=1925 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1
[   20.738302][  T353] cgroup1: Unknown subsys name 'net'
[   20.764110][  T353] cgroup1: Unknown subsys name 'net_prio'
[   20.771519][  T353] cgroup1: Unknown subsys name 'devices'
[   20.780275][   T23] audit: type=1400 audit(1718495271.330:69): avc:  denied  { mount } for  pid=353 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   20.802795][   T23] audit: type=1400 audit(1718495271.380:71): avc:  denied  { unmount } for  pid=353 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   20.804184][  T361] SELinux:  Context root:object_r:swapfile_t is not valid (left unmapped).
[   20.823012][   T23] audit: type=1400 audit(1718495271.380:72): avc:  denied  { setattr } for  pid=357 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=879 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   20.854253][   T23] audit: type=1400 audit(1718495271.360:70): avc:  denied  { mounton } for  pid=356 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1
[   20.879205][   T23] audit: type=1400 audit(1718495271.380:73): avc:  denied  { mount } for  pid=356 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1
[   20.902427][   T23] audit: type=1400 audit(1718495271.440:74): avc:  denied  { relabelto } for  pid=361 comm="mkswap" name="swap-file" dev="sda1" ino=1927 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[   20.902755][  T358] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   20.927909][   T23] audit: type=1400 audit(1718495271.440:75): avc:  denied  { write } for  pid=361 comm="mkswap" path="/root/swap-file" dev="sda1" ino=1927 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[   20.965313][  T353] cgroup1: Unknown subsys name 'hugetlb'
[   20.971029][  T353] cgroup1: Unknown subsys name 'rlimit'
2024/06/15 23:47:51 starting 5 executor processes
[   21.533842][  T369] bridge0: port 1(bridge_slave_0) entered blocking state
[   21.540807][  T369] bridge0: port 1(bridge_slave_0) entered disabled state
[   21.548670][  T369] device bridge_slave_0 entered promiscuous mode
[   21.563666][  T374] bridge0: port 1(bridge_slave_0) entered blocking state
[   21.570633][  T374] bridge0: port 1(bridge_slave_0) entered disabled state
[   21.578099][  T374] device bridge_slave_0 entered promiscuous mode
[   21.584566][  T369] bridge0: port 2(bridge_slave_1) entered blocking state
[   21.591553][  T369] bridge0: port 2(bridge_slave_1) entered disabled state
[   21.598874][  T369] device bridge_slave_1 entered promiscuous mode
[   21.614659][  T374] bridge0: port 2(bridge_slave_1) entered blocking state
[   21.621513][  T374] bridge0: port 2(bridge_slave_1) entered disabled state
[   21.628948][  T374] device bridge_slave_1 entered promiscuous mode
[   21.645915][  T372] bridge0: port 1(bridge_slave_0) entered blocking state
[   21.652753][  T372] bridge0: port 1(bridge_slave_0) entered disabled state
[   21.660350][  T372] device bridge_slave_0 entered promiscuous mode
[   21.683629][  T372] bridge0: port 2(bridge_slave_1) entered blocking state
[   21.690475][  T372] bridge0: port 2(bridge_slave_1) entered disabled state
[   21.697948][  T372] device bridge_slave_1 entered promiscuous mode
[   21.779589][  T373] bridge0: port 1(bridge_slave_0) entered blocking state
[   21.786419][  T373] bridge0: port 1(bridge_slave_0) entered disabled state
[   21.793853][  T373] device bridge_slave_0 entered promiscuous mode
[   21.800382][  T371] bridge0: port 1(bridge_slave_0) entered blocking state
[   21.807206][  T371] bridge0: port 1(bridge_slave_0) entered disabled state
[   21.814483][  T371] device bridge_slave_0 entered promiscuous mode
[   21.821278][  T371] bridge0: port 2(bridge_slave_1) entered blocking state
[   21.828122][  T371] bridge0: port 2(bridge_slave_1) entered disabled state
[   21.835484][  T371] device bridge_slave_1 entered promiscuous mode
[   21.853093][  T373] bridge0: port 2(bridge_slave_1) entered blocking state
[   21.860216][  T373] bridge0: port 2(bridge_slave_1) entered disabled state
[   21.867546][  T373] device bridge_slave_1 entered promiscuous mode
[   22.031603][  T372] bridge0: port 2(bridge_slave_1) entered blocking state
[   22.038450][  T372] bridge0: port 2(bridge_slave_1) entered forwarding state
[   22.045632][  T372] bridge0: port 1(bridge_slave_0) entered blocking state
[   22.052477][  T372] bridge0: port 1(bridge_slave_0) entered forwarding state
[   22.063260][  T374] bridge0: port 2(bridge_slave_1) entered blocking state
[   22.070107][  T374] bridge0: port 2(bridge_slave_1) entered forwarding state
[   22.077207][  T374] bridge0: port 1(bridge_slave_0) entered blocking state
[   22.084007][  T374] bridge0: port 1(bridge_slave_0) entered forwarding state
[   22.119058][  T371] bridge0: port 2(bridge_slave_1) entered blocking state
[   22.125913][  T371] bridge0: port 2(bridge_slave_1) entered forwarding state
[   22.133066][  T371] bridge0: port 1(bridge_slave_0) entered blocking state
[   22.139900][  T371] bridge0: port 1(bridge_slave_0) entered forwarding state
[   22.159452][  T369] bridge0: port 2(bridge_slave_1) entered blocking state
[   22.166304][  T369] bridge0: port 2(bridge_slave_1) entered forwarding state
[   22.173454][  T369] bridge0: port 1(bridge_slave_0) entered blocking state
[   22.180283][  T369] bridge0: port 1(bridge_slave_0) entered forwarding state
[   22.214388][  T373] bridge0: port 2(bridge_slave_1) entered blocking state
[   22.221236][  T373] bridge0: port 2(bridge_slave_1) entered forwarding state
[   22.228389][  T373] bridge0: port 1(bridge_slave_0) entered blocking state
[   22.235216][  T373] bridge0: port 1(bridge_slave_0) entered forwarding state
[   22.265216][  T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   22.273398][  T124] bridge0: port 1(bridge_slave_0) entered disabled state
[   22.280962][  T124] bridge0: port 2(bridge_slave_1) entered disabled state
[   22.288297][  T124] bridge0: port 1(bridge_slave_0) entered disabled state
[   22.295251][  T124] bridge0: port 2(bridge_slave_1) entered disabled state
[   22.302546][  T124] bridge0: port 1(bridge_slave_0) entered disabled state
[   22.309520][  T124] bridge0: port 2(bridge_slave_1) entered disabled state
[   22.316557][  T124] bridge0: port 1(bridge_slave_0) entered disabled state
[   22.323662][  T124] bridge0: port 1(bridge_slave_0) entered disabled state
[   22.330721][  T124] bridge0: port 2(bridge_slave_1) entered disabled state
[   22.337761][  T124] bridge0: port 2(bridge_slave_1) entered disabled state
[   22.367795][  T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   22.375465][  T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   22.383669][  T107] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   22.392218][  T107] bridge0: port 1(bridge_slave_0) entered blocking state
[   22.399068][  T107] bridge0: port 1(bridge_slave_0) entered forwarding state
[   22.407585][  T107] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   22.415565][  T107] bridge0: port 2(bridge_slave_1) entered blocking state
[   22.422423][  T107] bridge0: port 2(bridge_slave_1) entered forwarding state
[   22.449165][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   22.456538][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   22.464895][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   22.473120][   T24] bridge0: port 1(bridge_slave_0) entered blocking state
[   22.479962][   T24] bridge0: port 1(bridge_slave_0) entered forwarding state
[   22.487483][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   22.495285][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   22.503236][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   22.511510][   T24] bridge0: port 1(bridge_slave_0) entered blocking state
[   22.518351][   T24] bridge0: port 1(bridge_slave_0) entered forwarding state
[   22.525486][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   22.533468][   T24] bridge0: port 1(bridge_slave_0) entered blocking state
[   22.540298][   T24] bridge0: port 1(bridge_slave_0) entered forwarding state
[   22.547496][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   22.555514][   T24] bridge0: port 2(bridge_slave_1) entered blocking state
[   22.562353][   T24] bridge0: port 2(bridge_slave_1) entered forwarding state
[   22.569521][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   22.577590][   T24] bridge0: port 2(bridge_slave_1) entered blocking state
[   22.584408][   T24] bridge0: port 2(bridge_slave_1) entered forwarding state
[   22.594431][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   22.602553][   T24] bridge0: port 2(bridge_slave_1) entered blocking state
[   22.609452][   T24] bridge0: port 2(bridge_slave_1) entered forwarding state
[   22.633173][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   22.640776][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   22.648773][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   22.656834][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   22.667050][   T24] bridge0: port 1(bridge_slave_0) entered blocking state
[   22.673895][   T24] bridge0: port 1(bridge_slave_0) entered forwarding state
[   22.681429][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   22.689681][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   22.697712][   T24] bridge0: port 2(bridge_slave_1) entered blocking state
[   22.704523][   T24] bridge0: port 2(bridge_slave_1) entered forwarding state
[   22.725410][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   22.733533][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   22.741569][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   22.750534][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   22.778244][  T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   22.786230][  T107] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   22.795412][  T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   22.803608][  T107] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   22.811982][  T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   22.820102][  T107] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   22.828277][  T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   22.836162][  T107] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   22.843965][  T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   22.851952][  T107] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   22.859876][  T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   22.868167][  T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   22.887653][  T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   22.895564][  T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   22.903634][  T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   22.911606][  T124] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   22.949087][  T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   22.956781][  T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   22.965709][  T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   22.973890][  T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   22.981568][  T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   22.989590][  T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   22.997930][  T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   23.006039][  T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   23.014456][  T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   23.022864][  T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   23.030850][  T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   23.038800][  T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   23.057236][  T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   23.065502][  T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   23.088624][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   23.096593][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   23.104679][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   23.112494][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   23.120604][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   23.128791][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   23.136435][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   23.161896][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   23.170516][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   23.179307][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   23.187677][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   23.196075][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   23.204297][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   23.212647][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   23.220895][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   23.229271][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   23.237297][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   23.248232][  T107] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   23.256401][  T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   23.294668][  T362] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   23.303791][  T362] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   23.331025][  T400] netlink: 'syz-executor.2': attribute type 1 has an invalid length.
[   23.346539][  T124] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   23.365948][  T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   23.375552][  T124] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   23.385028][  T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   23.403829][  T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   23.412232][  T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   23.448672][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   23.456831][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   23.500000][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   23.517809][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   23.599377][  T410]  loop3: p4 < >
[   23.660673][  T410] syz-executor.3 (410) used greatest stack depth: 21176 bytes left
[   23.685281][  T429] netlink: 'syz-executor.3': attribute type 1 has an invalid length.
[   23.775337][  T416] udevd[416]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory
[   23.798644][  T439] process 'syz-executor.2' launched './file1' with NULL argv: empty string added
[   23.811872][  T404] F2FS-fs (loop0): Found nat_bits in checkpoint
[   23.911555][  T404] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[   23.996185][  T374] attempt to access beyond end of device
[   23.996185][  T374] loop0: rw=2049, want=45104, limit=40427
[   24.021732][  T465] netlink: 'syz-executor.3': attribute type 1 has an invalid length.
[   24.050565][  T467] xt_l2tp: missing protocol rule (udp|l2tpip)
[   24.353127][  T373] syz-executor.2 (373) used greatest stack depth: 20760 bytes left
[   24.506389][  T490] bridge0: port 1(bridge_slave_0) entered blocking state
[   24.513931][  T490] bridge0: port 1(bridge_slave_0) entered disabled state
[   24.521474][  T490] device bridge_slave_0 entered promiscuous mode
[   24.535726][  T490] bridge0: port 2(bridge_slave_1) entered blocking state
[   24.542653][  T490] bridge0: port 2(bridge_slave_1) entered disabled state
[   24.550236][  T490] device bridge_slave_1 entered promiscuous mode
[   24.558398][  T492]  loop0: p4 < >
[   24.583873][  T426] syz-executor.4 (426) used greatest stack depth: 20664 bytes left
[   24.598204][  T484] F2FS-fs (loop3): Found nat_bits in checkpoint
[   24.639993][  T504] netlink: 'syz-executor.1': attribute type 1 has an invalid length.
[   24.676438][  T507] xt_l2tp: missing protocol rule (udp|l2tpip)
[   24.717714][  T484] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[   24.741739][  T445] udevd[445]: inotify_add_watch(7, /dev/loop0p4, 10) failed: No such file or directory
[   24.802857][  T369] attempt to access beyond end of device
[   24.802857][  T369] loop3: rw=2049, want=45104, limit=40427
[   24.820251][  T513] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,usrjquota=,errors=remount-ro,norecovery,auto_da_alloc,noquota,grpquota,barrier=0x0000000000000000,grpjquota=,jqfmt=vfsold,
[   24.850347][  T513] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm syz-executor.0: bg 0: block 234: padding at end of block bitmap is not set
[   24.869736][  T513] EXT4-fs (loop0): Remounting filesystem read-only
[   24.889994][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   24.897580][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   24.909168][    T7] device bridge_slave_1 left promiscuous mode
[   24.915104][    T7] bridge0: port 2(bridge_slave_1) entered disabled state
[   24.930038][    T7] device bridge_slave_0 left promiscuous mode
[   24.939421][    T7] bridge0: port 1(bridge_slave_0) entered disabled state
[   25.068365][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   25.077143][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   25.085725][   T18] bridge0: port 1(bridge_slave_0) entered blocking state
[   25.092604][   T18] bridge0: port 1(bridge_slave_0) entered forwarding state
[   25.101479][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   25.115860][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   25.125672][   T18] bridge0: port 2(bridge_slave_1) entered blocking state
[   25.132547][   T18] bridge0: port 2(bridge_slave_1) entered forwarding state
[   25.150744][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   25.160764][  T536] syz-executor.3 (pid 536) is setting deprecated v1 encryption policy; recommend upgrading to v2.
[   25.175992][  T536] fscrypt: Adiantum using implementation "adiantum(xchacha12-simd,aes-aesni,nhpoly1305-generic)"
[   25.178479][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   25.197128][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   25.219117][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   25.239882][  T392] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   25.256368][  T392] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   25.264949][  T392] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   25.274779][  T392] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   25.292542][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   25.301805][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   25.369995][  T544] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[   25.400671][  T544] EXT4-fs error (device loop2): ext4_orphan_get:1236: inode #17: comm syz-executor.2: iget: bad i_size value: -6917529027641081756
[   25.421893][  T544] EXT4-fs error (device loop2): ext4_orphan_get:1240: comm syz-executor.2: couldn't read orphan inode 17 (err -117)
[   25.436311][  T544] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[   25.493500][  T544] EXT4-fs error (device loop2): ext4_validate_block_bitmap:418: comm syz-executor.2: bg 0: block 65: padding at end of block bitmap is not set
[   25.559481][  T554] netlink: 'syz-executor.3': attribute type 1 has an invalid length.
[   25.583468][  T558] xt_l2tp: missing protocol rule (udp|l2tpip)
[   25.662543][  T552]  loop2: p4 < >
[   25.728766][  T572] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[   25.731784][  T571] request_module fs-autofs succeeded, but still no fs?
[   25.739247][   T23] kauditd_printk_skb: 240 callbacks suppressed
[   25.739261][   T23] audit: type=1400 audit(1718495276.330:314): avc:  denied  { write } for  pid=567 comm="syz-executor.1" name="softnet_stat" dev="proc" ino=4026532387 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1
[   25.772167][   T23] audit: type=1400 audit(1718495276.340:315): avc:  denied  { name_bind } for  pid=567 comm="syz-executor.1" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1
[   25.799825][   T23] audit: type=1400 audit(1718495276.360:316): avc:  denied  { connect } for  pid=570 comm="syz-executor.3" lport=58 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   25.821955][   T23] audit: type=1400 audit(1718495276.360:317): avc:  denied  { write } for  pid=570 comm="syz-executor.3" laddr=fe80::a8aa:aaff:feaa:aa16 lport=58 faddr=ff02::1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   25.861121][   T23] audit: type=1326 audit(1718495276.460:318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=582 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff1f89ddea9 code=0x0
[   25.886579][  T580] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[   25.921587][  T580] EXT4-fs error (device loop2): ext4_orphan_get:1236: inode #17: comm syz-executor.2: iget: bad i_size value: -6917529027641081756
[   25.935205][   T23] audit: type=1326 audit(1718495276.530:319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=576 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82e5d59ea9 code=0x7ffc0000
[   25.960144][  T580] EXT4-fs error (device loop2): ext4_orphan_get:1240: comm syz-executor.2: couldn't read orphan inode 17 (err -117)
[   25.972812][   T23] audit: type=1400 audit(1718495276.530:321): avc:  denied  { read write } for  pid=584 comm="syz-executor.0" name="vhost-vsock" dev="devtmpfs" ino=9251 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   25.998734][  T580] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[   26.009020][   T23] audit: type=1400 audit(1718495276.530:322): avc:  denied  { open } for  pid=584 comm="syz-executor.0" path="/dev/vhost-vsock" dev="devtmpfs" ino=9251 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   26.034202][  T595] xt_l2tp: missing protocol rule (udp|l2tpip)
[   26.045589][   T23] audit: type=1400 audit(1718495276.530:323): avc:  denied  { ioctl } for  pid=584 comm="syz-executor.0" path="/dev/vhost-vsock" dev="devtmpfs" ino=9251 ioctlcmd=0xaf01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   26.047627][  T580] EXT4-fs error (device loop2): ext4_validate_block_bitmap:418: comm syz-executor.2: bg 0: block 65: padding at end of block bitmap is not set
[   26.076754][   T23] audit: type=1326 audit(1718495276.530:320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=576 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f82e5d59ea9 code=0x7ffc0000
[   26.497514][  T393] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[   26.523515][  T609]  loop0: p4 < >
[   26.698623][  T613] F2FS-fs (loop4): Invalid Fs Meta Ino: node(0) meta(2) root(0)
[   26.706268][  T613] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[   26.715651][  T625] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[   26.732635][  T613] F2FS-fs (loop4): invalid crc value
[   26.760881][  T631] xt_l2tp: missing protocol rule (udp|l2tpip)
[   26.768860][  T613] F2FS-fs (loop4): Found nat_bits in checkpoint
[   26.825905][  T613] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[   26.832941][  T613] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4
[   26.857994][  T372] attempt to access beyond end of device
[   26.857994][  T372] loop4: rw=2049, want=45104, limit=40427
[   26.870484][  T625] kvm: emulating exchange as write
[   26.917584][  T393] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   26.928386][  T393] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   26.937968][  T393] usb 3-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 8
[   26.954732][  T637] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[   27.177889][  T393] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[   27.188491][  T637] EXT4-fs error (device loop3): ext4_orphan_get:1236: inode #17: comm syz-executor.3: iget: bad i_size value: -6917529027641081756
[   27.203003][  T637] EXT4-fs error (device loop3): ext4_orphan_get:1240: comm syz-executor.3: couldn't read orphan inode 17 (err -117)
[   27.209545][  T393] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   27.224384][  T393] usb 3-1: Product: syz
[   27.226906][  T637] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[   27.228953][  T393] usb 3-1: Manufacturer: syz
[   27.241810][  T393] usb 3-1: SerialNumber: syz
[   27.251964][  T637] EXT4-fs error (device loop3): ext4_validate_block_bitmap:418: comm syz-executor.3: bg 0: block 65: padding at end of block bitmap is not set
[   27.439711][  T646] EXT4-fs warning (device loop3): read_mmp_block:111: Error -117 while reading MMP block 0
[   27.451911][  T642] F2FS-fs (loop1): Found nat_bits in checkpoint
[   27.488703][  T605] raw-gadget gadget: fail, usb_ep_enable returned -22
[   27.495698][  T642] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[   27.559596][  T371] attempt to access beyond end of device
[   27.559596][  T371] loop1: rw=2049, want=45104, limit=40427
[   27.639279][  T661] EXT4-fs (loop4): mounted filesystem without journal. Opts: dioread_lock,usrjquota=,errors=remount-ro,norecovery,auto_da_alloc,noquota,grpquota,barrier=0x0000000000000000,grpjquota=,jqfmt=vfsold,
[   27.662519][  T661] EXT4-fs error (device loop4): ext4_validate_block_bitmap:418: comm syz-executor.4: bg 0: block 234: padding at end of block bitmap is not set
[   27.677327][  T661] EXT4-fs (loop4): Remounting filesystem read-only
[   28.148015][  T605] raw-gadget gadget: fail, usb_ep_enable returned -22
[   28.189329][  T678] F2FS-fs (loop4): Invalid Fs Meta Ino: node(0) meta(2) root(0)
[   28.196970][  T678] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[   28.206686][  T678] F2FS-fs (loop4): invalid crc value
[   28.214506][  T678] F2FS-fs (loop4): Found nat_bits in checkpoint
[   28.272652][  T678] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[   28.281228][  T678] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4
[   28.308715][  T372] attempt to access beyond end of device
[   28.308715][  T372] loop4: rw=2049, want=45104, limit=40427
[   28.377644][  T393] cdc_ncm 3-1:1.0: bind() failure
[   28.385621][  T393] cdc_ncm 3-1:1.1: bind() failure
[   28.819099][  T694] F2FS-fs (loop3): Found nat_bits in checkpoint
[   28.841891][  T617] usb 3-1: USB disconnect, device number 2
[   28.861645][  T694] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[   28.896451][  T369] attempt to access beyond end of device
[   28.896451][  T369] loop3: rw=2049, want=45104, limit=40427
[   28.922703][  T704] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,usrjquota=,errors=remount-ro,norecovery,auto_da_alloc,noquota,grpquota,barrier=0x0000000000000000,grpjquota=,jqfmt=vfsold,
[   28.945753][  T704] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm syz-executor.0: bg 0: block 234: padding at end of block bitmap is not set
[   28.960652][  T704] EXT4-fs (loop0): Remounting filesystem read-only
[   29.599375][  T747] EXT4-fs (loop2): mounted filesystem without journal. Opts: dioread_lock,usrjquota=,errors=remount-ro,norecovery,auto_da_alloc,noquota,grpquota,barrier=0x0000000000000000,grpjquota=,jqfmt=vfsold,
[   29.621848][  T747] EXT4-fs error (device loop2): ext4_validate_block_bitmap:418: comm syz-executor.2: bg 0: block 234: padding at end of block bitmap is not set
[   29.636592][  T747] EXT4-fs (loop2): Remounting filesystem read-only
[   29.667496][  T392] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[   29.818299][  T752] ======================================================
[   29.818299][  T752] WARNING: the mand mount option is being deprecated and
[   29.818299][  T752]          will be removed in v5.15!
[   29.818299][  T752] ======================================================
[   29.844486][  T752] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[   29.852038][  T752] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[   29.861532][  T752] F2FS-fs (loop2): invalid crc value
[   29.875958][  T756] netlink: 168 bytes leftover after parsing attributes in process `syz-executor.0'.
[   29.881489][  T752] F2FS-fs (loop2): Found nat_bits in checkpoint
[   29.917483][  T392] usb 2-1: Using ep0 maxpacket: 32
[   29.928893][  T752] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[   29.935811][  T752] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[   30.002434][  T490] attempt to access beyond end of device
[   30.002434][  T490] loop2: rw=2051, want=53248, limit=40427
[   30.013774][  T490] attempt to access beyond end of device
[   30.013774][  T490] loop2: rw=2051, want=81920, limit=40427
[   30.025198][  T490] F2FS-fs (loop2): Issue discard(6144, 6144, 512) failed, ret: -5
[   30.025216][  T490] F2FS-fs (loop2): Issue discard(9728, 9728, 512) failed, ret: -5
[   30.037557][  T392] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[   30.059959][  T392] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[   30.072281][  T392] usb 2-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[   30.081372][  T392] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   30.092155][  T392] usb 2-1: config 0 descriptor??
[   30.107722][  T736] raw-gadget gadget: fail, usb_ep_enable returned -22
[   30.128066][  T392] hub 2-1:0.0: USB hub found
[   30.177486][  T406] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[   30.442684][  T736] EXT4-fs (loop1): mounted filesystem without journal. Opts: resuid=0x0000000000000000,,errors=continue
[   30.454910][  T736] ext4 filesystem being mounted at /root/syzkaller-testdir1746931612/syzkaller.FAzT6h/17/file1 supports timestamps until 2038 (0x7fffffff)
[   30.677596][  T392] hub 2-1:0.0: config failed, can't read hub descriptor (err -22)
[   30.737618][  T406] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   30.748524][  T406] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   30.758331][  T406] usb 1-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 8
[   30.787609][  T392] usbhid 2-1:0.0: can't add hid device: -71
[   30.793494][  T392] usbhid: probe of 2-1:0.0 failed with error -71
[   30.827973][  T392] usb 2-1: USB disconnect, device number 2
[   30.937530][  T406] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[   30.946432][  T406] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   30.954428][  T406] usb 1-1: Product: syz
[   30.958590][  T406] usb 1-1: Manufacturer: syz
[   30.962994][  T406] usb 1-1: SerialNumber: syz
[   31.088165][  T796] netlink: 168 bytes leftover after parsing attributes in process `syz-executor.1'.
[   31.208214][  T762] raw-gadget gadget: fail, usb_ep_enable returned -22
[   31.265058][   T23] kauditd_printk_skb: 319 callbacks suppressed
[   31.265069][   T23] audit: type=1400 audit(1718495281.860:639): avc:  denied  { create } for  pid=818 comm="syz-executor.4" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[   31.291674][   T23] audit: type=1400 audit(1718495281.870:640): avc:  denied  { setopt } for  pid=818 comm="syz-executor.4" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[   31.323155][   T23] audit: type=1400 audit(1718495281.920:641): avc:  denied  { read } for  pid=823 comm="syz-executor.4" name="binder0" dev="binder" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[   31.345955][   T23] audit: type=1400 audit(1718495281.920:642): avc:  denied  { open } for  pid=823 comm="syz-executor.4" path="/dev/binderfs/binder0" dev="binder" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[   31.370174][   T23] audit: type=1400 audit(1718495281.930:643): avc:  denied  { ioctl } for  pid=823 comm="syz-executor.4" path="/dev/binderfs/binder0" dev="binder" ino=4 ioctlcmd=0x620d scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[   31.395672][   T23] audit: type=1400 audit(1718495281.930:644): avc:  denied  { set_context_mgr } for  pid=823 comm="syz-executor.4" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[   31.410342][  T828] netlink: 168 bytes leftover after parsing attributes in process `syz-executor.2'.
[   31.416296][   T23] audit: type=1400 audit(1718495281.930:645): avc:  denied  { map } for  pid=823 comm="syz-executor.4" path="/dev/binderfs/binder0" dev="binder" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[   31.452660][   T23] audit: type=1400 audit(1718495281.930:646): avc:  denied  { call } for  pid=823 comm="syz-executor.4" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[   31.471849][   T23] audit: type=1400 audit(1718495281.930:647): avc:  denied  { transfer } for  pid=823 comm="syz-executor.4" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[   31.647469][  T392] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[   31.877711][  T762] raw-gadget gadget: fail, usb_ep_enable returned -22
[   31.974649][  T836] fscrypt: AES-256-CTS-CBC using implementation "cts(cbc-aes-aesni)"
[   32.007668][  T392] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   32.018427][  T392] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[   32.031481][  T392] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[   32.040328][  T392] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   32.049168][  T392] usb 5-1: config 0 descriptor??
[   32.107828][  T406] cdc_ncm 1-1:1.0: bind() failure
[   32.173235][  T406] cdc_ncm 1-1:1.1: bind() failure
[   32.399497][  T406] usb 1-1: USB disconnect, device number 2
[   32.569234][  T392] plantronics 0003:047F:FFFF.0001: unknown main item tag 0x0
[   32.577963][  T392] plantronics 0003:047F:FFFF.0001: No inputs registered, leaving
[   32.588216][  T392] plantronics 0003:047F:FFFF.0001: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[   32.681232][   T23] audit: type=1400 audit(1718495283.280:648): avc:  denied  { mount } for  pid=856 comm="syz-executor.2" name="/" dev="pstore" ino=9271 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:pstore_t tclass=filesystem permissive=1
[   32.817631][  T863] netlink: 168 bytes leftover after parsing attributes in process `syz-executor.2'.
[   32.838292][  T406] usb 5-1: USB disconnect, device number 2
[   32.874583][  T865] FAT-fs (loop2): Directory bread(block 64) failed
[   32.881902][  T865] FAT-fs (loop2): Directory bread(block 65) failed
[   32.888277][  T865] FAT-fs (loop2): Directory bread(block 66) failed
[   32.894543][  T865] FAT-fs (loop2): Directory bread(block 67) failed
[   32.900990][  T865] FAT-fs (loop2): Directory bread(block 68) failed
[   32.907219][  T865] FAT-fs (loop2): Directory bread(block 69) failed
[   32.913655][  T865] FAT-fs (loop2): Directory bread(block 70) failed
[   32.920239][  T865] FAT-fs (loop2): Directory bread(block 71) failed
[   32.926954][  T865] FAT-fs (loop2): Directory bread(block 72) failed
[   32.933318][  T865] FAT-fs (loop2): Directory bread(block 73) failed
[   33.613183][  T893] netlink: 168 bytes leftover after parsing attributes in process `syz-executor.2'.
[   33.827685][  T902] FAT-fs (loop1): Directory bread(block 64) failed
[   33.837572][  T902] FAT-fs (loop1): Directory bread(block 65) failed
[   33.844108][  T902] FAT-fs (loop1): Directory bread(block 66) failed
[   33.857501][  T902] FAT-fs (loop1): Directory bread(block 67) failed
[   33.864006][  T902] FAT-fs (loop1): Directory bread(block 68) failed
[   33.888487][  T902] FAT-fs (loop1): Directory bread(block 69) failed
[   33.895125][  T902] FAT-fs (loop1): Directory bread(block 70) failed
[   33.907497][  T902] FAT-fs (loop1): Directory bread(block 71) failed
[   33.913860][  T902] FAT-fs (loop1): Directory bread(block 72) failed
[   33.937498][  T902] FAT-fs (loop1): Directory bread(block 73) failed
[   34.018658][  T889] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[   34.026326][  T889] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[   34.036539][  T889] F2FS-fs (loop4): invalid crc value
[   34.043483][  T889] F2FS-fs (loop4): Found nat_bits in checkpoint
[   34.096238][  T889] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[   34.103420][  T889] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[   34.170219][  T916] F2FS-fs (loop0): invalid crc value
[   34.176856][  T916] F2FS-fs (loop0): Found nat_bits in checkpoint
[   34.227285][  T916] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[   34.254050][  T372] attempt to access beyond end of device
[   34.254050][  T372] loop4: rw=2051, want=53248, limit=40427
[   34.265306][  T372] attempt to access beyond end of device
[   34.265306][  T372] loop4: rw=2051, want=81920, limit=40427
[   34.277682][  T372] F2FS-fs (loop4): Issue discard(6144, 6144, 512) failed, ret: -5
[   34.277701][  T372] F2FS-fs (loop4): Issue discard(9728, 9728, 512) failed, ret: -5
[   34.357462][  T124] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[   34.727568][  T124] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   34.739075][  T124] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[   34.752400][  T124] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[   34.775185][  T124] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   34.785537][  T124] usb 2-1: config 0 descriptor??
[   34.872866][  T956] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[   34.881565][  T956] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[   34.898258][  T956] F2FS-fs (loop4): invalid crc value
[   34.914093][  T956] F2FS-fs (loop4): Found nat_bits in checkpoint
[   34.977921][  T956] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[   34.984845][  T956] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[   35.019480][  T972] EXT4-fs: Invalid sb specification: sb=0x000000000000009d"delalloc,resuid=0x0000000000000000,inode_readahead_blks=0x0000000002000002,dioread_nolock,sysvgroups,nomblk_io_submit,noauto_da_alloc,bsdgroups,journal_dev=0x0000000000008001,,errors=continue
[   35.044303][  T972] EXT4-fs (loop2): Unrecognized mount option "sb=0x000000000000009d"delalloc" or missing value
[   35.098980][  T372] attempt to access beyond end of device
[   35.098980][  T372] loop4: rw=2051, want=53248, limit=40427
[   35.110271][  T372] attempt to access beyond end of device
[   35.110271][  T372] loop4: rw=2051, want=81920, limit=40427
[   35.121549][  T372] F2FS-fs (loop4): Issue discard(6144, 6144, 512) failed, ret: -5
[   35.121569][  T372] F2FS-fs (loop4): Issue discard(9728, 9728, 512) failed, ret: -5
[   35.258779][  T124] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0
[   35.274779][  T124] plantronics 0003:047F:FFFF.0002: No inputs registered, leaving
[   35.536795][  T124] plantronics 0003:047F:FFFF.0002: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[   35.552823][  T124] usb 2-1: USB disconnect, device number 3
[   35.718935][  T991] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[   35.738176][  T991] EXT4-fs (loop3): invalid journal inode
[   35.743689][  T991] EXT4-fs (loop3): can't get journal size
[   35.752211][  T991] EXT4-fs (loop3): 1 truncate cleaned up
[   35.757955][  T991] EXT4-fs (loop3): mounted filesystem without journal. Opts: norecovery,,errors=continue
[   35.816463][ T1007] cgroup: syz-executor.3 (1007) created nested cgroup for controller "memory" which has incomplete hierarchy support. Nested cgroups may change behavior in the future.
[   35.833057][ T1007] cgroup: "memory" requires setting use_hierarchy to 1 on the root
[   36.503503][ T1025] input: syz0 as /devices/virtual/input/input4
[   36.512628][   T23] kauditd_printk_skb: 15 callbacks suppressed
[   36.512717][   T23] audit: type=1400 audit(1718495287.100:664): avc:  denied  { ioctl } for  pid=1022 comm="syz-executor.4" path="/dev/uinput" dev="devtmpfs" ino=883 ioctlcmd=0x5569 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[   36.563768][  T617] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[   36.807472][  T617] usb 2-1: Using ep0 maxpacket: 16
[   36.838732][ T1035] EXT4-fs: Invalid sb specification: sb=0x000000000000009d"delalloc,resuid=0x0000000000000000,inode_readahead_blks=0x0000000002000002,dioread_nolock,sysvgroups,nomblk_io_submit,noauto_da_alloc,bsdgroups,journal_dev=0x0000000000008001,,errors=continue
[   36.863259][ T1035] EXT4-fs (loop3): Unrecognized mount option "sb=0x000000000000009d"delalloc" or missing value
[   36.937586][  T617] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x89 has an invalid bInterval 0, changing to 7
[   36.948307][  T617] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[   36.957854][  T617] usb 2-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[   36.966662][  T617] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   36.975286][  T617] usb 2-1: config 0 descriptor??
[   37.038837][ T1039] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[   37.047815][ T1039] EXT4-fs (loop3): invalid journal inode
[   37.053307][ T1039] EXT4-fs (loop3): can't get journal size
[   37.060201][ T1039] EXT4-fs (loop3): 1 truncate cleaned up
[   37.065692][ T1039] EXT4-fs (loop3): mounted filesystem without journal. Opts: norecovery,,errors=continue
[   37.180482][ T1047] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[   37.190083][ T1047] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 1 overlaps superblock
[   37.199660][ T1047] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 1 not in group (block 0)!
[   37.209628][ T1047] EXT4-fs (loop3): group descriptors corrupted!
[   37.263188][   T23] audit: type=1400 audit(1718495287.860:665): avc:  denied  { read } for  pid=1051 comm="syz-executor.4" name="usbmon7" dev="devtmpfs" ino=873 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[   37.286941][   T23] audit: type=1400 audit(1718495287.860:666): avc:  denied  { open } for  pid=1051 comm="syz-executor.4" path="/dev/usbmon7" dev="devtmpfs" ino=873 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[   37.311091][   T23] audit: type=1400 audit(1718495287.860:667): avc:  denied  { write } for  pid=1051 comm="syz-executor.4" name="usbmon7" dev="devtmpfs" ino=873 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[   37.437892][ T1019] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[   37.457499][  T124] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[   37.461809][  T617] hid-generic 0003:0158:0100.0003: unexpected long global item
[   37.474101][  T617] hid-generic: probe of 0003:0158:0100.0003 failed with error -22
[   37.659119][ T1071] erofs: (device loop0): mounted with opts: , root inode @ nid 36.
[   37.667574][  T406] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[   37.675137][   T23] audit: type=1400 audit(1718495288.270:668): avc:  denied  { execute } for  pid=1070 comm="syz-executor.0" name="file2" dev="loop0" ino=89 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   37.678532][  T617] usb 2-1: USB disconnect, device number 4
[   37.698746][   T23] audit: type=1400 audit(1718495288.270:669): avc:  denied  { execute_no_trans } for  pid=1070 comm="syz-executor.0" path="/root/syzkaller-testdir3426764565/syzkaller.qRo5jx/36/file1/file2" dev="loop0" ino=89 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   37.703743][ T1071] erofs: (device loop0): z_erofs_lz4_decompress: failed to decompress, in[46, 4050] out[9000]
[   37.741718][ T1071] ------------[ cut here ]------------
[   37.746900][ T1071] WARNING: CPU: 1 PID: 1071 at fs/erofs/decompressor.c:170 z_erofs_lz4_decompress+0x910/0xc70
[   37.756940][ T1071] Modules linked in:
[   37.760677][ T1071] CPU: 1 PID: 1071 Comm: syz-executor.0 Not tainted 5.4.274-syzkaller-00002-g6f97bd951d82 #0
[   37.770657][ T1071] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[   37.780565][ T1071] RIP: 0010:z_erofs_lz4_decompress+0x910/0xc70
[   37.786541][ T1071] Code: b6 04 03 84 c0 0f 85 da 02 00 00 45 8b 0f 48 89 ef 48 c7 c6 b2 f9 5a 85 48 c7 c2 20 c1 f7 84 44 89 e9 45 89 f0 e8 80 ec fe ff <0f> 0b 44 89 e8 48 c7 c7 80 c1 f7 84 48 c7 c6 a0 c1 f7 84 ba 02 00
[   37.805981][ T1071] RSP: 0018:ffff8881e05d6b58 EFLAGS: 00010246
[   37.811883][ T1071] RAX: 50ae052a8fb6fc00 RBX: 1ffff1103c0bae28 RCX: 50ae052a8fb6fc00
[   37.819834][ T1071] RDX: ffffc90001146000 RSI: 000000000003ffff RDI: 0000000000040000
[   37.827593][ T1071] RBP: ffff8881e1778000 R08: ffffffff814d5cd2 R09: ffffed103edea9b8
[   37.835490][ T1071] R10: 0000000000000000 R11: dffffc0000000001 R12: ffff8881e162bfd2
[   37.843299][ T1071] R13: 000000000000002e R14: 0000000000000fd2 R15: ffff8881e05d7140
[   37.847561][  T124] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   37.851120][ T1071] FS:  00007fda6bc336c0(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000
[   37.851128][ T1071] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   37.851135][ T1071] CR2: 0000001b32a34000 CR3: 00000001e3f22000 CR4: 00000000003406a0
[   37.851160][ T1071] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   37.862032][  T124] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[   37.870561][ T1071] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   37.870565][ T1071] Call Trace:
[   37.870583][ T1071]  ? __warn+0x162/0x250
[   37.870596][ T1071]  ? report_bug+0x3a1/0x4e0
[   37.870609][ T1071]  ? z_erofs_lz4_decompress+0x910/0xc70
[   37.870631][ T1071]  ? z_erofs_lz4_decompress+0x910/0xc70
[   37.879170][  T124] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[   37.884805][ T1071]  ? do_invalid_op+0x6e/0x110
[   37.884824][ T1071]  ? invalid_op+0x1e/0x30
[   37.893089][  T124] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   37.905533][ T1071]  ? wake_up_klogd+0xb2/0xf0
[   37.905548][ T1071]  ? z_erofs_lz4_decompress+0x910/0xc70
[   37.905560][ T1071]  ? z_erofs_lz4_decompress+0x910/0xc70
[   37.905576][ T1071]  ? z_erofs_lz4_prepare_destpages+0x690/0x690
[   37.905587][ T1071]  z_erofs_decompress+0xba6/0xfc0
[   37.905604][ T1071]  z_erofs_vle_unzip_all+0x1147/0x1bf0
[   37.905625][ T1071]  ? z_erofs_onlinepage_endio+0x140/0x140
[   37.905661][ T1071]  ? _raw_spin_lock_irqsave+0xf9/0x210
[   37.915292][  T124] usb 3-1: config 0 descriptor??
[   37.916457][ T1071]  ? _raw_spin_lock+0x1b0/0x1b0
[   37.916469][ T1071]  ? prepare_to_wait_event+0x3c1/0x420
[   37.916488][ T1071]  ? autoremove_wake_function+0xf0/0xf0
[   38.023208][ T1071]  ? finish_wait+0xa5/0x1a0
[   38.027545][ T1071]  z_erofs_submit_and_unzip+0x12d2/0x13d0
[   38.033100][ T1071]  ? z_erofs_attach_page+0x4d7/0x710
[   38.038225][ T1071]  ? z_erofs_do_read_page+0x2580/0x2580
[   38.043609][ T1071]  ? init_wait_entry+0xd0/0xd0
[   38.048202][ T1071]  ? z_erofs_vle_normalaccess_readpages+0xc70/0xc70
[   38.054632][ T1071]  ? check_preemption_disabled+0x153/0x320
[   38.057582][  T406] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   38.060364][ T1071]  z_erofs_vle_normalaccess_readpages+0x901/0xc70
[   38.060387][ T1071]  ? z_erofs_vle_normalaccess_readpage+0x630/0x630
[   38.071338][  T406] usb 4-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[   38.077295][ T1071]  ? setup_fault_attr+0x3d0/0x3d0
[   38.077315][ T1071]  ? bpf_probe_read+0x54/0x80
[   38.084713][  T406] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   38.092475][ T1071]  ? common_lsm_audit+0x1412/0x17e0
[   38.092493][ T1071]  ? z_erofs_vle_normalaccess_readpage+0x630/0x630
[   38.092504][ T1071]  read_pages+0x119/0x400
[   38.092517][ T1071]  ? __do_page_cache_readahead+0x4f0/0x4f0
[   38.092537][ T1071]  ? find_get_entry+0x569/0x600
[   38.099071][  T406] usb 4-1: config 0 descriptor??
[   38.101851][ T1071]  __do_page_cache_readahead+0x448/0x4f0
[   38.101871][ T1071]  ? read_cache_pages_invalidate_pages+0x1b0/0x1b0
[   38.152100][ T1071]  generic_file_read_iter+0x673/0x21f0
[   38.157384][ T1071]  ? avc_denied+0x15c/0x1d0
[   38.161749][ T1071]  ? find_get_pages_range_tag+0xae0/0xae0
[   38.167283][ T1071]  ? get_vfs_caps_from_disk+0x163/0x760
[   38.172667][ T1071]  ? iov_iter_init+0x82/0x160
[   38.177175][ T1071]  __vfs_read+0x5cd/0x730
[   38.181346][ T1071]  ? rw_verify_area+0x360/0x360
[   38.186034][ T1071]  ? __fsnotify_update_child_dentry_flags+0x290/0x290
[   38.192722][ T1071]  ? security_file_permission+0x1dc/0x2f0
[   38.198269][ T1071]  vfs_read+0x148/0x360
[   38.202258][ T1071]  kernel_read+0xa2/0xf0
[   38.206336][ T1071]  prepare_binprm+0x5c5/0x780
[   38.210854][ T1071]  ? install_exec_creds+0x130/0x130
[   38.215880][ T1071]  ? bprm_mm_init+0x3d7/0x450
[   38.220410][ T1071]  __do_execve_file+0x8b9/0x10d0
[   38.225263][ T1071]  ? do_execve_file+0x40/0x40
[   38.229773][ T1071]  __x64_sys_execveat+0xcf/0xe0
[   38.234456][ T1071]  do_syscall_64+0xca/0x1c0
[   38.238797][ T1071]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[   38.244523][ T1071] RIP: 0033:0x7fda6c8b8ea9
[   38.248775][ T1071] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[   38.268217][ T1071] RSP: 002b:00007fda6bc330c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000142
[   38.276636][ T1071] RAX: ffffffffffffffda RBX: 00007fda6c9eff80 RCX: 00007fda6c8b8ea9
[   38.284442][ T1071] RDX: 0000000000000000 RSI: 0000000020000000 RDI: ffffffffffffff9c
[   38.292251][ T1071] RBP: 00007fda6c927ff4 R08: 0000000000000000 R09: 0000000000000000
[   38.300062][ T1071] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   38.307877][ T1071] R13: 000000000000000b R14: 00007fda6c9eff80 R15: 00007ffc5031cdd8
[   38.315692][ T1071] ---[ end trace f18d63f30a301435 ]---
[   38.340949][   T23] audit: type=1400 audit(1718495288.940:670): avc:  denied  { remove_name } for  pid=144 comm="syslogd" name="messages" dev="tmpfs" ino=9280 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[   38.366191][   T23] audit: type=1400 audit(1718495288.940:671): avc:  denied  { rename } for  pid=144 comm="syslogd" name="messages" dev="tmpfs" ino=9280 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   38.389089][   T23] audit: type=1400 audit(1718495288.940:672): avc:  denied  { create } for  pid=144 comm="syslogd" name="messages" scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   38.410542][  T124] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0
[   38.418269][  T124] plantronics 0003:047F:FFFF.0004: No inputs registered, leaving
[   38.427329][  T124] plantronics 0003:047F:FFFF.0004: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[   38.449003][ T1075] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[   38.457754][ T1075] ext4 filesystem being mounted at /root/syzkaller-testdir3044919168/syzkaller.yEc9DI/48/file1 supports timestamps until 2038 (0x7fffffff)
[   38.479239][ T1080] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.0'.
[   38.600614][  T406] keytouch 0003:0926:3333.0005: fixing up Keytouch IEC report descriptor
[   38.620471][  T406] input: HID 0926:3333 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:0926:3333.0005/input/input5
[   38.689661][  T617] usb 3-1: USB disconnect, device number 3
[   38.711867][  T406] keytouch 0003:0926:3333.0005: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.3-1/input0
[   39.005133][ T1100] FAT-fs (loop0): Directory bread(block 64) failed
[   39.011547][ T1100] FAT-fs (loop0): Directory bread(block 65) failed
[   39.019187][ T1100] FAT-fs (loop0): Directory bread(block 66) failed
[   39.025544][ T1100] FAT-fs (loop0): Directory bread(block 67) failed
[   39.032117][ T1100] FAT-fs (loop0): Directory bread(block 68) failed
[   39.039519][ T1100] FAT-fs (loop0): Directory bread(block 69) failed
[   39.045968][ T1100] FAT-fs (loop0): Directory bread(block 70) failed
[   39.052466][ T1100] FAT-fs (loop0): Directory bread(block 71) failed
[   39.059592][ T1100] FAT-fs (loop0): Directory bread(block 72) failed
[   39.065949][ T1100] FAT-fs (loop0): Directory bread(block 73) failed
[   39.206860][ T1085] F2FS-fs (loop4): Wrong segment_count / block_count (65567 > 16384)
[   39.217515][ T1085] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[   39.229348][ T1085] F2FS-fs (loop4): Found nat_bits in checkpoint
[   39.259882][  T406] usb 4-1: USB disconnect, device number 2
[   39.266545][ T1106] FAT-fs (loop0): Directory bread(block 64) failed
[   39.273179][ T1106] FAT-fs (loop0): Directory bread(block 65) failed
[   39.279833][ T1106] FAT-fs (loop0): Directory bread(block 66) failed
[   39.284941][ T1085] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[   39.286711][ T1106] FAT-fs (loop0): Directory bread(block 67) failed
[   39.294387][ T1085] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[   39.299859][ T1106] FAT-fs (loop0): Directory bread(block 68) failed
[   39.314195][ T1106] FAT-fs (loop0): Directory bread(block 69) failed
[   39.322232][ T1106] FAT-fs (loop0): Directory bread(block 70) failed
[   39.328642][ T1106] FAT-fs (loop0): Directory bread(block 71) failed
[   39.333042][   T23] audit: type=1400 audit(1718495289.940:673): avc:  denied  { rename } for  pid=1084 comm="syz-executor.4" name="file0" dev="loop4" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=chr_file permissive=1
[   39.335054][ T1106] FAT-fs (loop0): Directory bread(block 72) failed
[   39.364319][ T1106] FAT-fs (loop0): Directory bread(block 73) failed
[   39.408054][ T1106] attempt to access beyond end of device
[   39.408054][ T1106] loop0: rw=2049, want=1320, limit=256
[   40.608651][ T1141] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[   40.690601][ T1141] EXT4-fs (loop1): invalid journal inode
[   40.696071][ T1141] EXT4-fs (loop1): can't get journal size
[   40.705782][ T1141] EXT4-fs (loop1): 1 truncate cleaned up
[   40.711470][ T1141] EXT4-fs (loop1): mounted filesystem without journal. Opts: norecovery,,errors=continue
[   40.759013][ T1134] F2FS-fs (loop0): Wrong CP boundary, start(512) end(198144) blocks(1024)
[   40.776954][ T1134] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock
[   40.799264][ T1134] F2FS-fs (loop0): invalid crc value
[   40.818482][ T1134] F2FS-fs (loop0): Found nat_bits in checkpoint
[   40.891639][ T1134] F2FS-fs (loop0): Try to recover 2th superblock, ret: 0
[   40.900818][ T1134] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4
[   41.127496][  T406] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[   41.135973][ T1164] erofs: (device loop4): mounted with opts: , root inode @ nid 36.
[   41.147309][ T1164] erofs: (device loop4): erofs_fill_dentries: bogus dirent @ nid 36
[   41.167525][  T124] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[   41.399147][ T1167] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[   41.407558][  T124] usb 2-1: Using ep0 maxpacket: 32
[   41.407976][ T1167] ext4 filesystem being mounted at /root/syzkaller-testdir3044919168/syzkaller.yEc9DI/55/file1 supports timestamps until 2038 (0x7fffffff)
[   41.428680][ T1150] F2FS-fs (loop3): Wrong segment_count / block_count (65567 > 16384)
[   41.436951][ T1150] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[   41.447081][ T1167] capability: warning: `syz-executor.4' uses deprecated v2 capabilities in a way that may be insecure
[   41.451225][ T1150] F2FS-fs (loop3): Found nat_bits in checkpoint
[   41.491376][ T1150] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[   41.498464][ T1150] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[   41.517564][  T406] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   41.528338][  T406] usb 3-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[   41.537218][  T406] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   41.547663][  T124] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   41.558987][   T23] kauditd_printk_skb: 140 callbacks suppressed
[   41.558999][   T23] audit: type=1326 audit(1718495292.170:814): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1172 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda6c8b8ea9 code=0x7ffc0000
[   41.597476][  T124] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   41.607013][  T124] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x2 has an invalid bInterval 0, changing to 7
[   41.623428][   T23] audit: type=1326 audit(1718495292.170:815): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1172 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda6c8b8ea9 code=0x7ffc0000
[   41.634766][  T124] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[   41.647628][   T23] audit: type=1326 audit(1718495292.170:816): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1172 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fda6c8b8ea9 code=0x7ffc0000
[   41.656953][  T406] usb 3-1: config 0 descriptor??
[   41.680729][   T23] audit: type=1326 audit(1718495292.170:817): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1172 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fda6c8b8ee3 code=0x7ffc0000
[   41.685237][  T124] usb 2-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 5
[   41.720382][   T23] audit: type=1326 audit(1718495292.170:818): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1172 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fda6c8b7bef code=0x7ffc0000
[   41.721403][  T124] usb 2-1: New USB device found, idVendor=1b96, idProduct=000a, bcdDevice= 0.00
[   41.753457][  T124] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   41.763199][  T124] usb 2-1: config 0 descriptor??
[   41.768180][   T23] audit: type=1326 audit(1718495292.200:819): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1172 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7fda6c8b8f37 code=0x7ffc0000
[   41.791996][   T23] audit: type=1326 audit(1718495292.200:820): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1172 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fda6c8b7aa0 code=0x7ffc0000
[   41.816638][   T23] audit: type=1326 audit(1718495292.200:821): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1172 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fda6c8b8c0b code=0x7ffc0000
[   41.840529][   T23] audit: type=1326 audit(1718495292.220:822): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1172 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fda6c8b7d9a code=0x7ffc0000
[   41.864101][   T23] audit: type=1326 audit(1718495292.220:823): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1172 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fda6c8b7d9a code=0x7ffc0000
[   41.907482][  T392] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[   42.269658][  T406] keytouch 0003:0926:3333.0006: fixing up Keytouch IEC report descriptor
[   42.281932][  T406] input: HID 0926:3333 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:0926:3333.0006/input/input6
[   42.293233][  T124] ntrig 0003:1B96:000A.0007: hidraw0: USB HID v0.00 Device [HID 1b96:000a] on usb-dummy_hcd.1-1/input0
[   42.327472][  T392] usb 5-1: Using ep0 maxpacket: 8
[   42.371944][  T406] keytouch 0003:0926:3333.0006: input,hidraw1: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.2-1/input0
[   42.447628][  T392] usb 5-1: config 0 has an invalid interface number: 171 but max is 0
[   42.455701][  T392] usb 5-1: config 0 has no interface number 0
[   42.462075][  T392] usb 5-1: too many endpoints for config 0 interface 171 altsetting 190: 149, using maximum allowed: 30
[   42.473106][  T392] usb 5-1: config 0 interface 171 altsetting 190 has 0 endpoint descriptors, different from the interface descriptor's value: 149
[   42.476280][ T1160] incfs_lookup_dentry err:-13
[   42.489067][  T392] usb 5-1: config 0 interface 171 has no altsetting 0
[   42.497413][  T392] usb 5-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[   42.506620][  T392] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   42.515399][  T392] usb 5-1: config 0 descriptor??
[   42.603744][ T1196] syz-executor.3[1196] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   42.603823][ T1196] syz-executor.3[1196] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   42.659121][ T1198] EXT4-fs: Invalid sb specification: sb=0x000000000000009d"delalloc,resuid=0x0000000000000000,inode_readahead_blks=0x0000000002000002,dioread_nolock,sysvgroups,nomblk_io_submit,noauto_da_alloc,bsdgroups,journal_dev=0x0000000000008001,,errors=continue
[   42.694666][ T1198] EXT4-fs (loop3): Unrecognized mount option "sb=0x000000000000009d"delalloc" or missing value
[   42.837979][  T617] usb 3-1: USB disconnect, device number 4
[   42.847478][    C0] keytouch 0003:0926:3333.0006: usb_submit_urb(ctrl) failed: -19
[   42.867521][  T392] usb 5-1: string descriptor 0 read error: -71
[   42.887623][  T392] asix 5-1:0.171 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71
[   42.907642][  T392] asix: probe of 5-1:0.171 failed with error -71
[   42.914758][  T392] usb 5-1: USB disconnect, device number 3
[   43.101407][ T1208] F2FS-fs (loop0): invalid crc value
[   43.108241][ T1208] F2FS-fs (loop0): Found nat_bits in checkpoint
[   43.153391][ T1208] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[   43.397728][ T1217] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[   43.600574][ T1232] syz-executor.4[1232] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   43.600669][ T1232] syz-executor.4[1232] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   43.639314][ T1229] erofs: (device loop0): mounted with opts: , root inode @ nid 36.
[   43.795902][ T1229] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36
[   44.162159][ T1246] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[   44.171122][ T1246] ext4 filesystem being mounted at /root/syzkaller-testdir3591813658/syzkaller.krURhu/68/file1 supports timestamps until 2038 (0x7fffffff)
[   44.186669][ T1253] EXT4-fs (loop2): Ignoring removed orlov option
[   44.192876][ T1253] EXT4-fs (loop2): Ignoring removed nomblk_io_submit option
[   44.386030][ T1253] EXT4-fs (loop2): mounted filesystem without journal. Opts: noblock_validity,bsddf,sysvgroups,norecovery,debug_want_extra_isize=0x0000000000000080,orlov,errors=continue,noauto_da_alloc,nomblk_io_submit,,errors=continue
[   44.414458][ T1253] EXT4-fs error (device loop2): get_max_inline_xattr_value_size:68: inode #12: comm syz-executor.2: corrupt xattr in inline inode
[   44.427973][ T1253] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2221: inode #12: comm syz-executor.2: corrupted in-inode xattr
[   44.527579][    T5] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[   44.837703][    T5] usb 4-1: Using ep0 maxpacket: 8
[   44.997509][    T5] usb 4-1: config 0 has an invalid interface number: 171 but max is 0
[   45.005521][    T5] usb 4-1: config 0 has no interface number 0
[   45.012161][    T5] usb 4-1: too many endpoints for config 0 interface 171 altsetting 190: 149, using maximum allowed: 30
[   45.023318][    T5] usb 4-1: config 0 interface 171 altsetting 190 has 0 endpoint descriptors, different from the interface descriptor's value: 149
[   45.036722][    T5] usb 4-1: config 0 interface 171 has no altsetting 0
[   45.043510][    T5] usb 4-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[   45.052684][    T5] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   45.061606][    T5] usb 4-1: config 0 descriptor??
[   45.170002][ T1268] F2FS-fs (loop2): Test dummy encryption mode enabled
[   45.178150][ T1268] F2FS-fs (loop2): invalid crc value
[   45.184989][ T1268] F2FS-fs (loop2): Found nat_bits in checkpoint
[   45.216981][ T1268] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[   45.257521][  T392] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[   45.417553][    T5] usb 4-1: string descriptor 0 read error: -71
[   45.437570][    T5] asix 4-1:0.171 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71
[   45.453114][    T5] asix: probe of 4-1:0.171 failed with error -71
[   45.460636][    T5] usb 4-1: USB disconnect, device number 3
[   45.579580][ T1284] EXT4-fs (loop4): mounted filesystem without journal. Opts: user_xattr,errors=continue,sysvgroups,norecovery,errors=continue,abort,quota,noauto_da_alloc,lazytime,,errors=continue
[   45.637572][  T392] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   45.648633][  T392] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   45.658921][  T392] usb 1-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[   45.667790][  T392] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   45.676315][  T392] usb 1-1: config 0 descriptor??
[   45.682278][ T1290] erofs: (device loop2): mounted with opts: , root inode @ nid 36.
[   45.694943][ T1290] erofs: (device loop2): erofs_fill_dentries: bogus dirent @ nid 36
[   45.809048][ T1297] EXT4-fs (loop2): Ignoring removed orlov option
[   45.815220][ T1297] EXT4-fs (loop2): Ignoring removed nomblk_io_submit option
[   45.829198][ T1297] EXT4-fs (loop2): mounted filesystem without journal. Opts: noblock_validity,bsddf,sysvgroups,norecovery,debug_want_extra_isize=0x0000000000000080,orlov,errors=continue,noauto_da_alloc,nomblk_io_submit,,errors=continue
[   45.863850][ T1297] EXT4-fs error (device loop2): get_max_inline_xattr_value_size:68: inode #12: comm syz-executor.2: corrupt xattr in inline inode
[   45.877322][ T1297] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2221: inode #12: comm syz-executor.2: corrupted in-inode xattr
[   46.163941][  T107] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[   46.677488][  T107] usb 5-1: Using ep0 maxpacket: 16
[   46.797562][  T107] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x89 has an invalid bInterval 0, changing to 7
[   46.808288][  T107] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[   46.817830][  T107] usb 5-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[   46.826675][  T107] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   46.835260][  T107] usb 5-1: config 0 descriptor??
[   46.839966][ T1325] EXT4-fs (loop3): mounted filesystem without journal. Opts: user_xattr,errors=continue,sysvgroups,norecovery,errors=continue,abort,quota,noauto_da_alloc,lazytime,,errors=continue
[   47.177485][    T5] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[   47.307864][ T1306] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[   47.331610][  T107] hid-generic 0003:0158:0100.0008: unexpected long global item
[   47.339535][  T107] hid-generic: probe of 0003:0158:0100.0008 failed with error -22
[   47.366009][  T124] usb 2-1: USB disconnect, device number 5
[   47.439058][ T1343] EXT4-fs (loop1): Ignoring removed orlov option
[   47.445367][ T1343] EXT4-fs (loop1): Ignoring removed nomblk_io_submit option
[   47.454745][   T23] kauditd_printk_skb: 196 callbacks suppressed
[   47.454755][   T23] audit: type=1400 audit(1718495298.050:1020): avc:  denied  { read } for  pid=1347 comm="syz-executor.2" name="rtc0" dev="devtmpfs" ino=884 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[   47.484272][   T23] audit: type=1400 audit(1718495298.050:1021): avc:  denied  { open } for  pid=1347 comm="syz-executor.2" path="/dev/rtc0" dev="devtmpfs" ino=884 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[   47.486218][ T1343] EXT4-fs (loop1): mounted filesystem without journal. Opts: noblock_validity,bsddf,sysvgroups,norecovery,debug_want_extra_isize=0x0000000000000080,orlov,errors=continue,noauto_da_alloc,nomblk_io_submit,,errors=continue
[   47.508046][   T23] audit: type=1400 audit(1718495298.060:1022): avc:  denied  { ioctl } for  pid=1347 comm="syz-executor.2" path="/dev/rtc0" dev="devtmpfs" ino=884 ioctlcmd=0x7005 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[   47.561203][  T617] usb 5-1: USB disconnect, device number 4
[   47.567570][    T5] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   47.568386][   T23] audit: type=1400 audit(1718495298.150:1023): avc:  denied  { mount } for  pid=1342 comm="syz-executor.1" name="/" dev="loop1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[   47.595769][    T5] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   47.609686][    T5] usb 4-1: New USB device found, idVendor=1e7d, idProduct=30d4, bcdDevice= 0.00
[   47.618592][    T5] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   47.627279][    T5] usb 4-1: config 0 descriptor??
[   47.635597][ T1343] EXT4-fs error (device loop1): get_max_inline_xattr_value_size:68: inode #12: comm syz-executor.1: corrupt xattr in inline inode
[   47.657643][ T1343] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2221: inode #12: comm syz-executor.1: corrupted in-inode xattr
[   47.681515][  T371] ==================================================================
[   47.689402][  T371] BUG: KASAN: use-after-free in ext4_xattr_delete_inode+0xc1f/0xc30
[   47.697207][  T371] Read of size 4 at addr ffff8881cc0e0000 by task syz-executor.1/371
[   47.705094][  T371] 
[   47.707274][  T371] CPU: 0 PID: 371 Comm: syz-executor.1 Tainted: G        W         5.4.274-syzkaller-00002-g6f97bd951d82 #0
[   47.718548][  T371] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[   47.728441][  T371] Call Trace:
[   47.731577][  T371]  dump_stack+0x1d8/0x241
[   47.735744][  T371]  ? nf_ct_l4proto_log_invalid+0x258/0x258
[   47.741470][  T371]  ? printk+0xd1/0x111
[   47.745375][  T371]  ? ext4_xattr_delete_inode+0xc1f/0xc30
[   47.750841][  T371]  print_address_description+0x8c/0x600
[   47.756227][  T371]  ? ext4_xattr_delete_inode+0xc1f/0xc30
[   47.761689][  T371]  __kasan_report+0xf3/0x120
[   47.766116][  T371]  ? ext4_xattr_delete_inode+0xc1f/0xc30
[   47.771583][  T371]  kasan_report+0x30/0x60
[   47.775748][  T371]  ext4_xattr_delete_inode+0xc1f/0xc30
[   47.781047][  T371]  ? check_preemption_disabled+0x9f/0x320
[   47.786599][  T371]  ? ext4_expand_extra_isize_ea+0x1bb0/0x1bb0
[   47.792505][  T371]  ? __ext4_journal_start_sb+0x295/0x460
[   47.797967][  T371]  ext4_evict_inode+0x1378/0x1ac0
[   47.802833][  T371]  ? ext4_truncate_restart_trans+0xe0/0xe0
[   47.808470][  T371]  ? wb_io_lists_depopulated+0x85/0x170
[   47.813852][  T371]  ? ext4_truncate_restart_trans+0xe0/0xe0
[   47.819496][  T371]  evict+0x29b/0x6a0
[   47.823226][  T371]  vfs_rmdir+0x24b/0x3c0
[   47.827303][  T371]  do_rmdir+0x2c1/0x580
[   47.831301][  T371]  ? d_delete_notify+0xc0/0xc0
[   47.835897][  T371]  ? _raw_spin_unlock_irq+0x4a/0x60
[   47.840932][  T371]  do_syscall_64+0xca/0x1c0
[   47.845272][  T371]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[   47.850999][  T371] RIP: 0033:0x7f82e5d59687
[   47.855337][  T371] Code: 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 07 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[   47.874775][  T371] RSP: 002b:00007fffee1fd1e8 EFLAGS: 00000207 ORIG_RAX: 0000000000000107
[   47.883035][  T371] RAX: ffffffffffffffda RBX: 0000000000000065 RCX: 00007f82e5d59687
[   47.890834][  T371] RDX: 0000000000000200 RSI: 00007fffee1fe390 RDI: 00000000ffffff9c
[   47.898663][  T371] RBP: 00007f82e5db6636 R08: 0000000000000000 R09: 0000000000000000
[   47.906456][  T371] R10: 0000000000000100 R11: 0000000000000207 R12: 00007fffee1fe390
[   47.914266][  T371] R13: 00007f82e5db6636 R14: 000000000000b92b R15: 0000000000000008
[   47.922078][  T371] 
[   47.924244][  T371] The buggy address belongs to the page:
[   47.929730][  T371] page:ffffea0007303800 refcount:0 mapcount:-128 mapping:0000000000000000 index:0x1
[   47.938915][  T371] flags: 0x8000000000000000()
[   47.943435][  T371] raw: 8000000000000000 ffffea00073b0e08 ffffea0007322e08 0000000000000000
[   47.951852][  T371] raw: 0000000000000001 0000000000000002 00000000ffffff7f 0000000000000000
[   47.960266][  T371] page dumped because: kasan: bad access detected
[   47.966521][  T371] page_owner tracks the page as freed
[   47.971727][  T371] page last allocated via order 0, migratetype Movable, gfp_mask 0x1100dca(GFP_HIGHUSER_MOVABLE|__GFP_ZERO|0x1000000)
[   47.983888][  T371]  prep_new_page+0x18f/0x370
[   47.988306][  T371]  get_page_from_freelist+0x2d13/0x2d90
[   47.993682][  T371]  __alloc_pages_nodemask+0x393/0x840
[   47.998892][  T371]  handle_mm_fault+0x236e/0x4990
[   48.003666][  T371]  __do_page_fault+0x509/0xbb0
[   48.008265][  T371]  page_fault+0x2f/0x40
[   48.012258][  T371]  copy_user_enhanced_fast_string+0xe/0x30
[   48.017900][  T371]  _copy_to_iter+0x2a8/0xd50
[   48.022326][  T371]  __skb_datagram_iter+0x2ca/0x740
[   48.027272][  T371]  skb_copy_datagram_iter+0x41/0x1e0
[   48.032410][  T371]  unix_stream_read_actor+0x6c/0xa0
[   48.037441][  T371]  unix_stream_read_generic+0xb27/0x2060
[   48.042898][  T371]  unix_stream_recvmsg+0x166/0x1e0
[   48.047840][  T371]  ___sys_recvmsg+0x6a7/0xa60
[   48.052354][  T371]  do_recvmmsg+0x418/0x940
[   48.056608][  T371]  __x64_sys_recvmmsg+0x195/0x240
[   48.061460][  T371] page last free stack trace:
[   48.065981][  T371]  free_unref_page_prepare+0x297/0x380
[   48.071276][  T371]  free_unref_page_list+0x10a/0x590
[   48.076311][  T371]  release_pages+0xad8/0xb20
[   48.080734][  T371]  tlb_flush_mmu+0xc8/0x170
[   48.085073][  T371]  unmap_page_range+0x1d29/0x2620
[   48.089939][  T371]  unmap_vmas+0x355/0x4b0
[   48.094099][  T371]  exit_mmap+0x2bc/0x520
[   48.098196][  T371]  __mmput+0x8e/0x2c0
[   48.101996][  T371]  do_exit+0xc08/0x2bc0
[   48.105992][  T371]  do_group_exit+0x138/0x300
[   48.110418][  T371]  __x64_sys_exit_group+0x3b/0x40
[   48.115278][  T371]  do_syscall_64+0xca/0x1c0
[   48.119617][  T371]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[   48.125340][  T371] 
[   48.127510][  T371] Memory state around the buggy address:
[   48.132992][  T371]  ffff8881cc0dff00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   48.140880][  T371]  ffff8881cc0dff80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   48.148778][  T371] >ffff8881cc0e0000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   48.156672][  T371]                    ^
[   48.160584][  T371]  ffff8881cc0e0080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   48.168478][  T371]  ffff8881cc0e0100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   48.176373][  T371] ==================================================================
[   48.184272][  T371] Disabling lock debugging due to kernel taint
2024/06/15 23:48:18 SYZFATAL: failed to recv *flatrpc.HostMessageRaw: EOF
[   48.204736][   T23] audit: type=1400 audit(1718495298.280:1024): avc:  denied  { unmount } for  pid=371 comm="syz-executor.1" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[   48.240541][ T1317] syz-executor.0 (1317) used greatest stack depth: 20568 bytes left
[   48.307528][  T392] usbhid 1-1:0.0: can't add hid device: -71
[   48.313332][  T392] usbhid: probe of 1-1:0.0 failed with error -71
[   48.328349][  T392] usb 1-1: USB disconnect, device number 3