last executing test programs:

3.594144695s ago: executing program 3 (id=215):
r0 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f00000000c0), 0x1, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x17, 0x3, &(0x7f0000000240)=@framed, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x0, 0x0)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000000)={r3, r4, 0x12}, 0x10)
write$tcp_congestion(r0, 0x0, 0x0)

3.568047508s ago: executing program 1 (id=217):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xb, &(0x7f0000000140)=@framed={{}, [@printk={@p, {}, {}, {}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x5}, {}, {0x85, 0x0, 0x0, 0x73}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='ext4_writepages_result\x00', r0}, 0x10)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000100)='./bus\x00', 0xe, &(0x7f0000000400)={[{@nodelalloc}, {@resuid}, {@debug_want_extra_isize}, {@lazytime}, {@dax}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x5}}]}, 0x3, 0x450, &(0x7f0000000dc0)="$eJzs3M9rHFUcAPDvzCbR/jKx1h/9oUbrj+KPpEmr9uCloiCiIOihHmOSltq0kSaCLUGjSD1Kwbt4FPwLPNmLqCfBqx68SaFILq09rczOTJNsN0mzbjLa/Xxgtu/NvOW97755u2/mdRJA1xrMXpKI7RHxW0T059nlBQbzf64tzI3/vTA3nkS9/tZfSaPc1YW58bJo+b5tReZAGpF+lsTeFvXOnDt/amxqavJskR+ePf3+8My588+ePD12YvLE5JnRI0cOHxp54fnR5zoSZxbX1T0fTe/b/eo7F98YP3bx3Z++TRqhXe/NSyzG0SGDqx18vF7vcHXV2rEknfRU2BDWpRYRWXf1NsZ/f9RisfP645VPK20csKHqhRUOz9eB21gSVbcAqEb5Q59dx5fb5s0+qnflaL0/T82NX1vItzzfE2lRprfp+raTBiPi2Pz1r7Itmu6nAABshO+PRsQzreZ/ady3pNxdxRrKQETcHRE7I+KeiNgVEfdGNMreHxEPrLP+5kWSm+c/6eW2ArtFV45GvFisbS2f/5WzvxioFbkdjfh7k+MnpyYP5sfms5csP7JKHZde/vWLlY4tnf9lW1Z/ORcs2nG5547l75kYmx1rN95mVz6J2NPTKv7kxkpAEhG7I2JPm3WcfOqbfSsdWzv+VXRgnan+dcSTef/PR1P8pWT19cnhO2Nq8uDwkrOiyc+/XHhzpfr/VfwdkPX/1pbn/434B5Kl67Uz66/jwu+fr3hN0+7535e83Uj3Ffs+HJudPTsS0Ze8njc6e3ktyfePLr63zJfls/gP7G89/nfG4iexNyKyk/jBiHgoIh4u2v5IRDwaEftXif/Hlx57b434y4+7kv6fWFf/Lyb6onlP60Tt1A/fLat04Kb41+j/w43UgWJP4/svWT2uW2lXe2czAAAA/P+kEbE9knToRjpNh4by/8O/K7amU9Mzs08fn/7gzET+jMBA9Kblna7+JfdDR4rL+jI/2pQ/VNw3/rK2pZEfGp+emqg6eOhy21YY/5k/a1W3DthwnteC7mX8Q/cy/qF7Gf/QvVqM/y1VtAPYfK1+/z+OiEtPVNAYYFM1jX/LftBFXP9D9zL+oXvdwvj/4/b6c9VARMxsibUfkt/YRC2qrF2izUSk/4lmSGxQoupvJgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgM74JwAA//8Yr+ab")
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f00000003c0)='./file0\x00', 0x1008008, &(0x7f0000000740), 0x1, 0x51a, &(0x7f0000001200)="$eJzs3U9sI1cZAPBvJsnam6ZNCj0AKnQphQWt1k68bVT1QjlVCFVC9MhhGxInimLHUeyUJuwhe+SORCVOcOLMAYkDUk/ckTjAjUs5IBVYgRokJFx5bGedP06sbGJv499PGvnNvLG/93Y071mfN/MCGFu3ImI/Im5ExLsRMds5nnS2eLO9tc775NGD5YNHD5aTaDbf+WeS1beORc97Wp7pfGY+In7wVsSPkmNB/xRR393bWKpUytudQ8VGdatY3927u15dWiuvlTdLpcWFxfnX771WurS+vlT9zcc3I+L3v/vyR3/c/9ZPWs2a6dT19uMytbs+dRinZTIivncVwUZgotOfGxd584XexGVKI+JzEfFydv/PxkR2NY86epm+PcTWAQBXodmcjeZs7z4AcN2lWQ4sSQudXMBMpGmh0M7hvRDTaaVWb9xZre1srrRzZXMxla6uV8rznVzhXEwlq+uT5YWs3N2vlEvH9u9FxPMR8bPczWy/sFyrrIzyiw8AjLFnjs3//8m1538A4JrLPy7mRtkOAGB48qNuAAAwdOZ/ABg/5n8AGD/mfwAYP+Z/ABg/5n8AGCvff/vt1tY86Dz/euW93Z2N2nt3V8r1jUJ1Z7mwXNveKqzVamvZM3uq531epVbbWng1dt4vNsr1RrG+u3e/WtvZbNzPnut9vzw1lF4BAGd5/qUP/5JExP4bN7Mtep73f+5c/eJVtw64SumoGwCMzMSoGwCMzMnVvoBxIR8P4+v/zWYzetbujYiHh6Weh4H2/S9CHwwUJrVuKDx9bn/xCfL/wGea/D+Mr4vl/32Xh+tA/h/GV7OZWPMfAMaMHD+QnFPf+/v/fLNnZ7Df/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBamsm2JC101gKfiTQtFCKejYi5mEpW1yvl+Yh4LiL+nJvKtfYXIsK6QQDwWZb+Pems/3V79pWZ47U3cv/NZa8R8eNfvPPz95caje2FiBvJvw6PNz7oHC+Nov0AwHm683R3Hu/65NGD5e42zPZ8/J324qKtuAedrV0zGZPZaz7LNUz/O+nst7W+r0xcQvz9hxHxhdP6n2S5kbnOyqfH47diPzvU+OmR+GlW135t/Vt8/hLaAuPmw9b48+Zp918at7LX0+//fDZCPbnu+HdwYvxLD8e/iT7j361BY7z6h++eONicbdc9jPjSZMRB98N7xp9u/KRP/FcGjP/XF7/ycr+65i8jbsdp/U+OxCo2qlvF+u7e3fXq0lp5rbxZKi0uLM6/fu+1UjHLURe7meqT/vHGnef6xW/1f7pP/Pw5/f/6gP3/1f/e/eFXz4j/za+dfv1fOCN+a078xoDxl6Z/m+9X14q/0qf/513/OwPG/+hveysDngoADEF9d29jqVIpbz95IX/mOellhBigkETsX3GIx4Xcr3/61vkn54bWngsWol/VxNPSwmtTyD0dzRigMOqRCbhqj2/6UbcEAAAAAAAAAAAAAADoZxh/TjTqPgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHB9fRoAAP//j4/W2A==")
creat(&(0x7f0000000240)='./bus\x00', 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x0)
write(r1, &(0x7f0000004200)='t', 0x1)

3.450913328s ago: executing program 1 (id=218):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000580)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f00090581", @ANYRES16], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000100)={0xffffffffffffffff, 0x18000000000002a0, 0xe40, 0x0, &(0x7f00000002c0)="f6ea090003000060009ba538a44cc2", 0x0, 0x0, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r1, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000d"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
syz_usb_control_io$hid(r0, &(0x7f0000000000)={0x24, 0x0, 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="00220f000000a3"], 0x0}, 0x0)

3.450018248s ago: executing program 3 (id=220):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x6e, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4040aea0, &(0x7f0000000080))
ioctl$KVM_RUN(r3, 0xae80, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

3.214628408s ago: executing program 3 (id=221):
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
r1 = socket$unix(0x1, 0x2, 0x0)
bind$unix(r1, &(0x7f0000000080)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
r2 = socket$unix(0x1, 0x2, 0x0)
r3 = socket$unix(0x1, 0x2, 0x0)
connect$unix(r3, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
sendmmsg(r3, &(0x7f0000002dc0), 0x307017fdb7a66cb, 0x3ec0)
connect$unix(r2, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
ppoll(&(0x7f0000000240)=[{r2, 0x4602}, {r0}], 0x2, 0x0, 0x0, 0x0)
close(r1)

3.19531076s ago: executing program 3 (id=222):
r0 = socket$packet(0x11, 0x3, 0x300)
recvmmsg(r0, &(0x7f0000000ec0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r2 = openat$cgroup_procs(r1, &(0x7f0000000480)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r2, &(0x7f00000000c0), 0x12)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r4 = openat$cgroup_procs(r3, &(0x7f0000000100)='cgroup.procs\x00', 0x2, 0x0)
readv(r4, &(0x7f0000000340)=[{&(0x7f0000001740)=""/153, 0x99}], 0x1)
sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0)

2.985634749s ago: executing program 2 (id=223):
openat$tun(0xffffffffffffff9c, &(0x7f0000000680), 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000a80)={@map, 0xffffffffffffffff, 0x15, 0x0, 0x0, @prog_id}, 0x20)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./bus\x00', 0x200000, &(0x7f0000000180), 0xfc, 0x57c, &(0x7f00000013c0)="$eJzs3U1rG9caAOB3xnbifNxrB0K4t4tiyKIpaaTY7kcKXaTL0oYG2n0qbMUEy1Gw5BC7gSaLZtNNCYVSGijtvvsuQ/9Af0WgDYQSTLvoxmXkkaPEki078kei54Gxz5kZ+ZxXM+/xGY2EAuhbY9mPNOL/EfF1EjHSsm0w8o1jq/stP745lS1JrKx88mcSSb6uuX+S/z6SV/4XEb9+GXE6Xd9ubXFptlSplOfzejGSa8Xa4tKZK3OlmfJM+erE5OS5tyYn3n3n7Z7F+vrFv7/7+P4H5746ufztzw+P3U3ifBzNt7XG8RxutVbGYix/Tobi/DM7jvegsf0k2esOsC0DeZ4PRTYGjMRAnvVtrYzsZteAHfZFltZAn0rkP/Sp5jygeW3fo+vgF8aj91cvgNbHP7j62kgMN66NDi8nT10ZZde7oz1oP2vjlz/u3c2W6N3rEACbunU7Is4ODq4f/5J8/Nu+s13s82wbxj/YPfez+c8b7eY/6dr8J9rMf460yd3t2Dz/04c9aKajbP73Xtv579pNq9GBvPafxpxvKLl8pVLOxrb/RsSpGDqY1Te4n/NZuvxgpdPG1vlftmTtN+eCeT8eDh58+jHTpXrpuYJu8eh2xCtt57/J2vFP2hz/7Pm42GUbJ8r3Xu20bfP4d9bKjxGvtT3+T+5oZaVifa7T/cli43woNs+K9f66c+K3Tu3vdfzZ8T+8cfyjSev92trW2/hh+J9yp23bPf8PJJ82ygfydTdK9fr8eMSB5KP16yeePLZZb+6fxX/q5MbjX7vz/1CW2F3Gf+f4ndZdh7cW/87K4p/e0vHfeuHBh59/36n97o7/m43SqXxNN+Nftx18nucOAAAAAAAA9ps0Io5GkhbWymlaKKy+v+N4HE4r1Vr99OXqwtXpaHxWdjSG0uad7pGW90OM5++HbdYnnqlPRsSxiPhm4FCjXpiqVqb3OngAAAAAAAAAAAAAAAAAAADYJ45EDLf7/H/m94G97h2w4zb4ym/gJdc5//MtvfimJ2Bfas3/g3vYD2D3mf9D/+oi/9Pd6Aew+/z/h/4l/6F/yX/oX/If+tdW8v+nCzvYEQAAAAAAAAAAAAAAAAAAAAAAAAAAAHg5XLxwIVtWlh/fnMrq09cXF2ar189Ml2uzhbmFqcJUdf5aYaZanamUC1PVuc3+XqVavTY+EQs3ivVyrV6sLS5dmqsuXK1fujJXmilfKg/tSlQAAAAAAAAAAAAAAAAAAADwYqktLs2WKpXyvILCtgqD+6MbnQppfqLvl/68MIU9HpgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoMW/AQAA//+LGzah")
openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x0, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x60142, 0x0)
mount(&(0x7f00000004c0)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x14113e, 0x0)
write$binfmt_script(r0, &(0x7f0000000280), 0x208e24b)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x0)
pwritev2(r1, &(0x7f0000000100)=[{&(0x7f0000000080)="ff", 0x94}], 0x1, 0x0, 0x0, 0x0)

2.906271126s ago: executing program 4 (id=224):
socket$inet6_udplite(0xa, 0x2, 0x88)
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000080)=@generic={0x0}, 0x18)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r1 = memfd_create(&(0x7f0000000200)='\x103q}2\x9a\xce\xaf\x03\xdfy[\xd9\xffR8\xf4\x1c\bi\xe4^\xd5\xfd\xa9\r\xac7A\x94\xa0\x00\x00\x00\x90+\xd6\x05\r\x84\x87\x1c\b\xdb\xe2\x00\x00A\x90m\xb6&\xd0\x9d\x00\x00\xc5\xb8,\f\xd4s\xb2\x99/\xc0\x9a\xf2O\xdb\x00\x00\x00\x00\x00\x00\r\x1b\xd3\xff<\x83z\x80\x8fQ|\xf5d\x10\x10\xd7\x01M\x7fML\x18\'\x1a<\xfee7{l\x16}\xa0I\x7f\xb5)l\xbb\x02\xfa\xb7\xb6\xa0]\xda8\xe0~\x1c \x91\t\x8b\xbd\x1f\xb3834d1i\x9b\x94\xa6\\\x0e\xe2\xfa\xe5!\xd3\xcf\xfc\xce\xba\xe2\x9f\x05xgL5\x14Y+\xb3\x1axi)<\xf7\x98\xc1\xba\xf4|\xe7|\xc4\xd7\x03\x00\x00\x00\x04D\x15E^7%8\x94y\x98\xf0l\xa0\'Q%\xd4\xda\xee\x81}\xcc\xfd\xa2\xe3M~x\x96\xe3]\xd70\xa2\x17\xca\xde\x1b\xaa\xe0l\xfc\x85\x8fc\x1c{|e\x8bs\xb0\x85E\xce;p)\xf8\xa6\xaa&QC4V\x81\x04\xcf\xd2\x81\xdc\xdf\xd7<\x9f\x93\x8bX\xd4\xea\xb2\xff\b\x92\xc7\x00\xef\xff\x00\x93\x1f\x92\xa7dcY\x9c\x9e9O-\xfcF\xbb\xbd{:IR\xea\xd8$\xe2\xa0\xc2\x8b\x1a\xead\xb8\xe1:6\x15M\x1d\xdak\x8c\x909\xd8\xb3\x02\xe0\x04\x9c\xc2\x06|\xf0\x0f\xa6Y&r\x9b\xc7\x1d\xe7jDf\x87@\x8fg\x15RJwe\xe2\xdcunu\xff`\xa40\xce\xffB%\xe4k\xff\x8d\x06\x0e\x89\xd9DC\x9fF\x9c[M=\xe0^\xa8\xed)\xe8Z\xe8\x99&\x87\x04\xa4\t\xaa\xd8\xd6\xd5pG\xcb\xc4\x8b\xf7\xb8#\xcb\xd8|\xa5\xa6S\x8b\x8cv\xb7)\x02k\xf3L\x03\xbb\xfa\xe1\\\xf1\x8cUj\xd5\xa5\x88GL\xe7_\xfd\x17C=G\x0f\xe9u\x1d\xfeg\xfex\xcd\xaa\xad\x906\xd0sy\xc6T\x93\xae\xd5r\xc8G\xc5\xfdS\xff\x04:`\x1e\xe3;l\xcd&\xd4\xf4\x8eum\x04\x00~\xfa\x05', 0x0)
ftruncate(r1, 0x80079a0)
mmap(&(0x7f0000200000/0x400000)=nil, 0x400000, 0xb, 0x2012, r1, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
lseek(r1, 0x0, 0x4)

2.832899232s ago: executing program 2 (id=225):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000040)={[{0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfc, 0x12, 0x0, 0x0, 0xfd, 0x1ff}, {0x6, 0x1, 0x0, 0x3}]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000180)="66ba4300b006ee0f01c40f009b27000000b9800000c00f3235008000000f30b80e0000000f23d80f21f835800000a00f23f8c9b9490300000f60b932c00a000000328fe858b660002fb90d090000b800680000ba000000000f30", 0x5a}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

2.750063109s ago: executing program 2 (id=226):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280))
pipe(&(0x7f00000000c0))
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10041, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, 0x0, 0x0}, 0x20)
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="6e6f6e756d7461696c3d302c64656275672c6572726f72733d72656d6f756e742d726f2c757466383d302c73686f72746e616d653d6c6f7765722c73686f72746e616d653d77696e6e742c756e695f786c6174653d302c636865636b3d72656c617865642c757466383d302c726f6469722c726f6469722c00bd11a3d82e3cc8e94a1ac3169cb253bc51dceb1a3c8675eef705933dac0549813c420584251b8849a95afa9de1a80dcc7f9d4e26116050410b89f88108d551843f6115dded9b54fcb36a3a7bab7fb11d2c7265fa11a3ff2f3ca1c0df2142ff9ce532341817f2bb2fef3428793728d4daa090c5becbb74d00c95f965afa83e5bb562620ea9e99853533ca4ef0702dad548503917329f0f431d87efa28137d3f0e0fa2906cb9e236094a2d7a9ce877c1d8509500"/315], 0x1, 0x219, &(0x7f0000000b40)="$eJzs3TFrE2EYB/CnttVQkHQQiiJ44uIUGsU9RSqIAUXJoJPFpihNLBgI6NC6+SX0K+joKjiIq19ABKmCi906CJF6sbFtYiM1OTG/35KH3Pu/93kvIUeGvLl9sr68uNJY2thYj1xuLCZKUYrNsZiOQzEeqccBAPxPNlut+NpKZd0LADAc7v8AMHr6vP9fG2JLAMCA+f4PAKPnxs1bV+bK5fnrSZKLqD9pVpqV9DE9PrcU96IW1ZiNfHyLaG1L60uXy/OzyZZP01Gpr7Xza83K+M58MfIx3T1fTFI785Mx1c6/n4pqnIt8HOuSz7UXsid/OM6e+WX+QuTj3Z1YiVosxla2M/9qMUkuXi3vyh/5MQ4AAAAAAAAAAAAAAAAAAAAAAAahkGzrun9PodDreJrvf3+g3fvzTMSJiWzXDgAAAAAAAAAAAAAAAAAAAP+KxsNHywu1WvXB74r7b5+/3m9Mn8VYe96DnufgxdHTH5/2GjP+Z9fn7xavTmV5Wfos3qzfPX6+MXMhszYmI2LvMz3fWl/yEQPq50Wmr8XPVe87eOZZaeHl6ofP/Z556B9FAAAAAAAAAAAAAAAAAAAw8jo/+s26EwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADITuf//wdXZL1GAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4HgAA//9YApxH")
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cgroup.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000080)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r1, 0x0)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCL_GETKMSGREDIRECT(r2, 0x541c, &(0x7f0000000000))

2.702433994s ago: executing program 4 (id=228):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={<r1=>0xffffffffffffffff})
pipe(&(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
splice(r1, 0x0, r3, 0x0, 0x800008ec0, 0x0)
syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f0000000740)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f00000006c0), 0xfe, 0x246, &(0x7f0000000ac0)="$eJzs3T9oM2UcB/DvXRJf+75BXnURxD8gIloor5vg8rooFKQUEUGFioiL0gq1xa1xcnHQWaWTSxE3q6N0KS6K4FS1Q10ELQ4WBx0iybVS24ja1Jz0Ph+43l3vee73HLnvkyyXBGisq0muJ2klmU7SSVIcb3B3tVw93F2f2l5I+v0nfiqG7ar9ylG/K0l6SR5KslUWeamdrG4+s/fLzmP3vbnSuff9zaenJnqRh/b3dh8/eG/ujY9mH1z94qsf5opcT/dP13X+ihH/axfJLf9Fsf+Jol33CPgn5l/78OtB7m9Ncs8w/52UqV68t5Zv2OrkgXf/qu/bP355+yTHCpy/fr8zeA/s9YHGKZN0U5QzSartspyZqT7Df9O6XL68tPzq9ItLK4sv1D1TAeelm+w++smlj6+cyP/3rSr/wMU1yP+T8xvfDrYPWnWPBpiIO6rVIP/Tz63dH/mHxpF/aC75h+aSf2gu+Yfmkn9oLvmHC6xztNEbeVj+obnkH5pL/qG5jucfAGiW/qW6n0AG6lL3/AMAAAAAAAAAAAAAAAAAAJy2PrW9cLRMquZn7yT7jyRpj6rfGv4ecXLj8O/ln4tBsz8UVbexPHvXmCcY0wc1P31903f11v/8znrrry0mvdeTXGu3T99/xeH9d3Y3/83xzvNjFviXihP7Dz812fon/bZRb/3ZneTTwfxzbdT8U+a24Xr0/NM9/hXLZ/TKr2OeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIn5PQAA//8PK23M")
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)
read$FUSE(r2, &(0x7f000000b800)={0x2020}, 0xe80)
write$binfmt_elf64(r3, &(0x7f00000001c0)=ANY=[], 0xfffffe14)

2.330914087s ago: executing program 3 (id=229):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000001040)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xe, &(0x7f0000000440), 0x3, 0x440, &(0x7f00000006c0)="$eJzs28tvG8UfAPDvrpP019cvoZRHH0CgICIeSZMW6IEDIJA4FAkJDnCMkrQqdRvUBIlWFRSEygkhJO6II/8CJ7ggxAmJK9xRpQr10paT0dq7ie3YbuLaNcWfj7TtzO5sZr7eHXtmxw5gaE1m/yQRuyLi94gYr2UbC0zW/rtx7eLCzWsXF5KoVN76K6mWu37t4kJRtDhvZ56ZSiPSz5I40KLelfMXTs+Xy0vn8vzM6pn3Z1bOX3j21Jn5k0snl87OHTt29MjsC8/PPdeTOLM2Xd//0fLBfa+/+9Ubx79oiL8pjh6Z7HTwiUqlx9UN1u66dDIywIawJaWIyC7XaLX/j0cp1i/eeLz26UAbB/RVpVKp7Gx/+FIF+A9LojGvy8OwKD7os/lvsTUPAl7q3/Bj4K6+XJsAZXHfyLfakZFI8zKjTfPbXpqMiHcu/f1NtkV/nkMAADT4IRv/PNNq/JfG/XXl/p+vDU1ExD0RsSci7o2IvRFxX0S17AMR8eAW629eJNk4/kmvdBXYJmXjvxfzta3G8V8x+ouJUp7bXY1/NDlxqrx0OH9NpmJ0W5af7VDHj6/+9mW7Y/Xjv2zL6i/Ggnk7roxsazxncX51/nZirnf1k4j9I63iT9ZWApKI2BcR+7us49RT3x1sd+zW8XfQg3WmyrcRT9au/6Voir+QdF6fnPlflJcOzxR3xUa//Hr5zXb131b8PZBd/x0t7/+1+CeS+vXala3XcfmPz9vOabq9/8eSt6vpsXzfh/Orq+dmI8aS47VG1++fWz+3yBfls/inDrXu/3ti/ZU4EBHZTfxQRDwcEY/kbX80Ih6LiEMd4v/5lcff6z7+/sriX9zS9V9PjEXzntaJ0umfvm+odGJD/Dc7X/+j1dRUvmcz73+baVd3dzMAAADcfdKI2BVJOr2WTtPp6dr35ffGjrS8vLL69InlD84u1n4jMBGjafGka7zueehsPq0v8nNR+2pBkT+SPzf+urS9mp9eWC4vDjp4GHI72/T/zJ+lQbcO6Du/14Lhpf/D8NL/YXjp/zC8WvT/7YNoB3Dntfr8/3gA7QDuvKb+b9kPhoj5Pwwv/R+Gl/4PQ2lle9z6R/IdE8Vf6vJ0ibs0Eem/ohkSfUoM9n0JAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgV/4JAAD//3sE4iY=")
creat(&(0x7f0000000040)='./bus\x00', 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = open(&(0x7f0000000240)='./bus\x00', 0x18d142, 0xc4)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2, 0x28011, r0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
syz_usb_connect(0x0, 0x3e, &(0x7f0000001100)=ANY=[@ANYBLOB="1201000020dafb2099041010f5050102030109022c00010000000009040000016f2bae000819020100000000092402020000000000090585"], 0x0)
socket$packet(0x11, 0x0, 0x300)
socket$key(0xf, 0x3, 0x2)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)

2.135064073s ago: executing program 2 (id=227):
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_SET_PIT2(0xffffffffffffffff, 0x4188aec6, &(0x7f0000000240)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}]})
syz_mount_image$vfat(&(0x7f0000000240), &(0x7f0000000040)='./file2\x00', 0x10502, &(0x7f0000001b80)=ANY=[], 0x1, 0x11f3, &(0x7f0000002580)="$eJzs3E+LW1UYB+C3cWrHqfNHrdV2oQfduLo0s3AlSJApyASU2gitINw6NxpyTUJuGIiI1ZVbP4e4dCeIX2A2fgZ3s3HZhXiFpLVNTdUuOpH6PJv7kvf8cu8hEDjhnBy/8c2n/W6VdfNJNE6disYoIt1KkaIRd7y0P79eu77farf3rqR0uXW1+XpKaevlHz/4/LtXfpqcff/7rR/OxNHOh8e/7v5ydP7owvHvVz/pValXpcFwkvJ0Yzic5DfKIh30qn6W0rtlkVdF6g2qYrzQ75bD0Wia8sHB5sZoXFRVygfT1C+maTJMk/E05R/nvUHKsixtbgQPdPqfh3S+vVXXdURdn44no67r+qnYiLPxdGzGVnwZEc/Es/FcnIvn43y8EC/Ghdmok3h8AAAAAAAAAAAAAAAAAAAA+P/4u/P/27Hj/D8AAAAAAAAAAAAAAAAAAACcgPeuXd9vtdt7V1Jajyi/PuwcdubXeb/VjV6UUcSl2I7fYnb6f25eX367vXcpzezEV+XN2/mbh50nFvPN2d8J3M6vzXp38s15Pi3mz8TGvfnd2I5zy++/uzS/Hq+9ek8+i+34+aMYRhkHs3vfzX/RTOmtd9r35S/OxgEAAMDjIEt/Wrp+z7IH9ef5h/h94L719VpcXFvt3Imopp/187IsxovF+l9eUfz7ovGI3rkR/5EJKh7/YtXfTJyEux/6qp8EAAAAAAAAAACAh/GIdxGuxZKdZW+uZqoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB/sAPHAgAAAADC/K3T6NgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgqAAD//99CzUo=")
r0 = open(&(0x7f0000000200)='./bus\x00', 0x1c507e, 0x0)
r1 = creat(&(0x7f00000000c0)='./bus\x00', 0x0)
lseek(r1, 0x7ffffb, 0x0)
write$binfmt_elf64(r1, &(0x7f0000000240)=ANY=[], 0xfd14)
sendfile(r0, r0, 0x0, 0x100000000)
open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)

1.852592778s ago: executing program 4 (id=230):
socket(0x28, 0x2, 0x400)
sched_setaffinity(0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000000e00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
r3 = socket(0x1e, 0x4, 0x0)
connect$tipc(r3, &(0x7f0000000040)=@id, 0x10)
sendmmsg$unix(r3, &(0x7f0000004400), 0x400000000000203, 0x0)

1.536230256s ago: executing program 0 (id=231):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xb, &(0x7f0000000140)=@framed={{}, [@printk={@p, {}, {}, {}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x5}, {}, {0x85, 0x0, 0x0, 0x73}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='ext4_writepages_result\x00', r0}, 0x10)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000100)='./bus\x00', 0xe, &(0x7f0000000400)={[{@nodelalloc}, {@resuid}, {@debug_want_extra_isize}, {@lazytime}, {@dax}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x5}}]}, 0x3, 0x450, &(0x7f0000000dc0)="$eJzs3M9rHFUcAPDvzCbR/jKx1h/9oUbrj+KPpEmr9uCloiCiIOihHmOSltq0kSaCLUGjSD1Kwbt4FPwLPNmLqCfBqx68SaFILq09rczOTJNsN0mzbjLa/Xxgtu/NvOW97755u2/mdRJA1xrMXpKI7RHxW0T059nlBQbzf64tzI3/vTA3nkS9/tZfSaPc1YW58bJo+b5tReZAGpF+lsTeFvXOnDt/amxqavJskR+ePf3+8My588+ePD12YvLE5JnRI0cOHxp54fnR5zoSZxbX1T0fTe/b/eo7F98YP3bx3Z++TRqhXe/NSyzG0SGDqx18vF7vcHXV2rEknfRU2BDWpRYRWXf1NsZ/f9RisfP645VPK20csKHqhRUOz9eB21gSVbcAqEb5Q59dx5fb5s0+qnflaL0/T82NX1vItzzfE2lRprfp+raTBiPi2Pz1r7Itmu6nAABshO+PRsQzreZ/ady3pNxdxRrKQETcHRE7I+KeiNgVEfdGNMreHxEPrLP+5kWSm+c/6eW2ArtFV45GvFisbS2f/5WzvxioFbkdjfh7k+MnpyYP5sfms5csP7JKHZde/vWLlY4tnf9lW1Z/ORcs2nG5547l75kYmx1rN95mVz6J2NPTKv7kxkpAEhG7I2JPm3WcfOqbfSsdWzv+VXRgnan+dcSTef/PR1P8pWT19cnhO2Nq8uDwkrOiyc+/XHhzpfr/VfwdkPX/1pbn/434B5Kl67Uz66/jwu+fr3hN0+7535e83Uj3Ffs+HJudPTsS0Ze8njc6e3ktyfePLr63zJfls/gP7G89/nfG4iexNyKyk/jBiHgoIh4u2v5IRDwaEftXif/Hlx57b434y4+7kv6fWFf/Lyb6onlP60Tt1A/fLat04Kb41+j/w43UgWJP4/svWT2uW2lXe2czAAAA/P+kEbE9knToRjpNh4by/8O/K7amU9Mzs08fn/7gzET+jMBA9Kblna7+JfdDR4rL+jI/2pQ/VNw3/rK2pZEfGp+emqg6eOhy21YY/5k/a1W3DthwnteC7mX8Q/cy/qF7Gf/QvVqM/y1VtAPYfK1+/z+OiEtPVNAYYFM1jX/LftBFXP9D9zL+oXvdwvj/4/b6c9VARMxsibUfkt/YRC2qrF2izUSk/4lmSGxQoupvJgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgM74JwAA//8Yr+ab")
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f00000003c0)='./file0\x00', 0x1008008, &(0x7f0000000740), 0x1, 0x51a, &(0x7f0000001200)="$eJzs3U9sI1cZAPBvJsnam6ZNCj0AKnQphQWt1k68bVT1QjlVCFVC9MhhGxInimLHUeyUJuwhe+SORCVOcOLMAYkDUk/ckTjAjUs5IBVYgRokJFx5bGedP06sbGJv499PGvnNvLG/93Y071mfN/MCGFu3ImI/Im5ExLsRMds5nnS2eLO9tc775NGD5YNHD5aTaDbf+WeS1beORc97Wp7pfGY+In7wVsSPkmNB/xRR393bWKpUytudQ8VGdatY3927u15dWiuvlTdLpcWFxfnX771WurS+vlT9zcc3I+L3v/vyR3/c/9ZPWs2a6dT19uMytbs+dRinZTIivncVwUZgotOfGxd584XexGVKI+JzEfFydv/PxkR2NY86epm+PcTWAQBXodmcjeZs7z4AcN2lWQ4sSQudXMBMpGmh0M7hvRDTaaVWb9xZre1srrRzZXMxla6uV8rznVzhXEwlq+uT5YWs3N2vlEvH9u9FxPMR8bPczWy/sFyrrIzyiw8AjLFnjs3//8m1538A4JrLPy7mRtkOAGB48qNuAAAwdOZ/ABg/5n8AGD/mfwAYP+Z/ABg/5n8AGCvff/vt1tY86Dz/euW93Z2N2nt3V8r1jUJ1Z7mwXNveKqzVamvZM3uq531epVbbWng1dt4vNsr1RrG+u3e/WtvZbNzPnut9vzw1lF4BAGd5/qUP/5JExP4bN7Mtep73f+5c/eJVtw64SumoGwCMzMSoGwCMzMnVvoBxIR8P4+v/zWYzetbujYiHh6Weh4H2/S9CHwwUJrVuKDx9bn/xCfL/wGea/D+Mr4vl/32Xh+tA/h/GV7OZWPMfAMaMHD+QnFPf+/v/fLNnZ7Df/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBamsm2JC101gKfiTQtFCKejYi5mEpW1yvl+Yh4LiL+nJvKtfYXIsK6QQDwWZb+Pems/3V79pWZ47U3cv/NZa8R8eNfvPPz95caje2FiBvJvw6PNz7oHC+Nov0AwHm683R3Hu/65NGD5e42zPZ8/J324qKtuAedrV0zGZPZaz7LNUz/O+nst7W+r0xcQvz9hxHxhdP6n2S5kbnOyqfH47diPzvU+OmR+GlW135t/Vt8/hLaAuPmw9b48+Zp918at7LX0+//fDZCPbnu+HdwYvxLD8e/iT7j361BY7z6h++eONicbdc9jPjSZMRB98N7xp9u/KRP/FcGjP/XF7/ycr+65i8jbsdp/U+OxCo2qlvF+u7e3fXq0lp5rbxZKi0uLM6/fu+1UjHLURe7meqT/vHGnef6xW/1f7pP/Pw5/f/6gP3/1f/e/eFXz4j/za+dfv1fOCN+a078xoDxl6Z/m+9X14q/0qf/513/OwPG/+hveysDngoADEF9d29jqVIpbz95IX/mOellhBigkETsX3GIx4Xcr3/61vkn54bWngsWol/VxNPSwmtTyD0dzRigMOqRCbhqj2/6UbcEAAAAAAAAAAAAAADoZxh/TjTqPgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHB9fRoAAP//j4/W2A==")
creat(&(0x7f0000000240)='./bus\x00', 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x0)
write(r1, &(0x7f0000004200)='t', 0x1)

1.478139341s ago: executing program 1 (id=232):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f00000005c0)={[{@noblock_validity}, {}, {@sysvgroups}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@nogrpid}, {@noauto_da_alloc}, {@acl}]}, 0x3, 0x56a, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH")
chdir(&(0x7f0000000000)='./file0\x00')
creat(&(0x7f0000000040)='./bus\x00', 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = open(&(0x7f0000000080)='./bus\x00', 0x185102, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='pids.current\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2, 0x28011, r0, 0x0)
syz_mount_image$exfat(&(0x7f0000000040), &(0x7f0000000180)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0xa1000a, &(0x7f00000003c0)=ANY=[@ANYRES8, @ANYRES8, @ANYRESHEX, @ANYRES64, @ANYRES8, @ANYRESDEC=0x0], 0x21, 0x1507, &(0x7f0000001b00)="$eJzs3Au4TtX2MPAx5pyLTdKb5D7HHIs3bUyXJLkkySVJkiNJbgkhSZKQ3G9JSELuSe4huYXkfr/lniRJkiQkJJnf45zO1zmn8//39f/3fZ7vv8fvedbzzvGud8w15h5773ettZ93f9NhSOW6VSrUZmb4b8G/PXQHgBQA6A8A1wFABAAlspTIcmV/Bo3d/3sHEX+uh6Zf7QrE1ST9T9uk/2mb9D9tk/6nbdL/tE36n7ZJ/9M26b8Qadn2GTmvly3tbnL/Py2T9///QY4WHvvFxsI3dvwDKdL/tE36n7ZJ/9M26X/aJv1P26T/aZv0P22T/guRlv3X7x3L3w7+J2xX+/tPCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIUTacCH8ygDA38dXuy4hhBBCCCGEEEL8eUL6q12BEEIIIYQQQggh/u9DUKDBQATpID2kQAbICNdAJrgWMsN1kIDrIQvcAFnhRsgG2SEH5IRckBvygAUCBwwx5IV8kISbID/cDKlQAApCIfBQGIpAUSgGt0BxuBVKwG1QEm6HUlAaykBZuAPKwZ1QHu6CCnA3VIRKUBmqwD1QFe6FanAfVIf7oQY8ADXhQagFf4Ha8BDUgYehLjwC9eBRqA8NoCE0gsb/pfwXoAu8CF2hG3SHHtATekFv6AN9oR/0h5dgALwMA+EVGASDYQi8CkPhNRgGr8NwGAEj4Q0YBaNhDIyFcTAeJsCbMBHegknwNkyGKTAVpsF0mAEz4R2YBbNhDrwLc+E9mAfzYQEshEXwPiyGJbAUPoBl8CEshxWwElbBalgDa2EdrIcNsBE2wWbYAlthG2yHj2AH7IRdsBv2wF7YBx/DfvgEDsCncBA++4P55/8lvyMCAipUaNBgOkyHKZiCGTEjZsJMmBkzYwITmAWzYFbMitkwG+bAHJgLc2EezIOEhIyMeTEvJjGJ+TE/pmIqFsSC6NFjESyCxfAWLI7FsQSWwJJYEkthaSyNZbEslsNyWB7LYwWsgBWxIlbGyngP3oP3YjWshtWxOtbAGlgTa2ItrIW1sTbWwTpYF+tiPayH9bE+NsSG2BgbYxNsgk2xKTbH5tgCW2ArbIWtsTW2wTbYFttiO2yH7bE9dsAO2BE7YSd8AV/AF/FF7IYVVQ/siT2xN/bGvtgP++FLOABfxpfxFRyEg3EIvoqv4ms4DM/hcByBI3EkllOjcQyORVbjcQJOwIk4ESfhJJyMU3AKTsPpOANn4kychbNxNr6Lc/E9fA/n43xciItwES7GJbgUl+IyPI/LcQWuxFW4GtfgalyH63EdbsRNuBG34BbchtvwI/wId+JO3I27cS8aAPwYP8FPcBAexIN4CA/hYTyMR/AIHsWjeAyP4XE8jifwBJ7Ek3gKT+MZPI1n8Syew/N4AS/gRbyIl/C5XF/V2VtgwyBQVxhlVDqVTqWoFJVRZVSZVCaVWWVWCZVQWVQWlVVlVdlUNpVD5VC5VC6VR+VRpEixilVelVclVVLlV/lVqkpVBVVB5ZVXRVQRVUwVU8VVcVVC3aZKqttVKVVaNfNlVVlVTjX35dVdqoKqoCqqSqqyqqKqqKqqqqqmqqnqqrqqoWqomupBVUv1wL74kLrSmbpqMNZTQ7C+aqAaqkbqNXxMNVHDsKlqppqrJ9QIHI6tVBPfWj2l2qgx2FY9o8bis6q9Go8d1POqo+qkOqsXVBfV1HdV3dRk7KF6qmnYW/VRfVU/NQsrqSsdq6xeUYPUYDVEvaoW4mtqmHpdDVcj1Ej1hhqlRqsxaqwap8arCepNNVG9pSapt9VkNUVNVdPUdDVDzVTvqFlqtpqj3lVz1XtqnpqvFqiFapF6Xy1WS9RS9YFapj5Uy9UKtVKtUqvVGrVWrVPr1Qa1UW1Sm9UWtVVtU9vVR2qH2ql2qd1qj9qr9qmP1X71iTqgPlUH1WfqkPpcHVZfqCPqS3VUfaWOqa/VcfWNOqG+VSfVd+qUOq3OqO/VWfWDOqfOqwvqR3VR/aQuqZ/VZRUUaNRKa210pNPp9DpFZ9AZ9TU6k75WZ9bX6YS+XmfRN+is+kadTWfXOXROnUvn1nm01aSdZh3rvDqfTuqbdH59s07VBXRBXUh7XVgX0UV1MX2LLq5v1SX0bbqkvl2X0qV1GV1W36HL6Tt1eX2XrqDv1hV1JV1ZV9H36Kr6Xl1N36er6/t1Df2Arqkf1LX0X3Rt/ZCuox/WdfUjup5+VNfXDXRD3Ug31o/pJvpx3VQ30831E7qFbqlb6Sd1a/2UbqOf1m31M7qdfla318/pDvp53VF30p31z/qyDrqr7qa76x66p+6le+s+uq/up/vrl/QA/bIeqF/Rg/RgPUS/qofq1/Qw/boerkfokfoNPUqP1mP0WD1Oj9cT9Jt6on5LT9Jv68l6ip6qp+npeobu+8tMc/4P8t/6N/kD/3r0bXq7/kjv0Dv1Lr1b79F79T69T+/X+/UBfUAf1Af1IX1IH9aH9RF9RB/VR/UxfUwf18f1CX1Cn9Qn9Sl9Wv+ov9dn9Q/6nD6vz+sf9UV9UV/65WsABo0y2hgTmXQmvUkxGUxGc43JZK41mc11JmGuN1nMDSarudFkM9lNDpPT5DK5TR5jDRln2MQmr8lnkuYm/OWEwhQ0hYw3hU0RU/SP5Jv85maTagr8U/7v1dfYNDZNTBPT1DQ1zU1z08K0MK1MK9PatDZtTBvT1rQ17Uw70960Nx1MB9PRdDSdTWfTxXQxXU1X0910Nz1NL9Pb9DF9TT/T37xkBpgBZqAZaAaZQWaIGWKGmqFmmBlmhpvhZqQZaUaZUWaMGWPGmXFmgplgJpqJZpKZZCabyWaqmWqmm+lmpplpZplZZo6ZY+aauWaemWcWmAVmkVlkFpvFZqlZapaZZWa5WWFWmFVmlVlj1ph1Zp3ZYDaYTWaT2WK2mOVmu9ludpgdZpfZZfaYPWaf2Wf2m/3mgDlgDpqD5pA5ZA6bw+aIOWKOmqPmmDlmjpvj5oQ5YU6ak+aUOWXOmDPmrDlrzplz5oK5YC6ai+aSuWQum8tXTvsiFanIRCZKF6WLUqKUKGOUMcoUZYoyR5mjRJSIskRZoqzRjVG2KHuUI8oZ5YpyR3kiG1HkIo7iKG+UL0pGN0X5o5uj1KhAVDAqFPmocFQkKhoVi26Jike3RiWi26KS0e1Rqah0VCYqG90RlYvujMpHd0UVorujilGlqHJUJbonqhrdG1WL7ouqR/dHNaIHoprRg1Gt6C9R7eihqE70cFQ3eiSqFz0a1Y8aRA2jRlHjP3X+EM5lf9x3td1sd9vD9rS9bG/bx/a1/Wx/+5IdYF+2A+0rdpAdbIfYV+1Q+5odZl+3w+0IO9K+YUfZ0XaMHWvH2fF2gn3TTrRv2Un2bTvZTrFT7TQ73c6wM+07dpadbefYd+1c+56dZ+fbBXahXWTft4vtErvUfmCX2Q/tcrvCrrSr7Gq7xq616+x6u8FutJvsZrvFbrXb7Hb7kd1hd9pddrfdY/faffZju99+Yg/YT+1B+5k9ZD+3h+0X9oj90h61X9lj9mt73H5jT9hv7Un7nT1lT9sz9nt71v5gz9nz9oL90V60P9lL9md72YYrJ/dX3t7JkKF0lI5SKIUyUkbKRJkoM2WmBCUoC2WhrJSVslE2ykE5KBflojyUh65gYspLeSlJScpP+SmVUqkgFSRPnopQESpGxag4FacSVIJKUkkqRaWoDJWhO+gOupPupLvoLrqb7qZKVImqUBWqSlWpGlWj6lSdalANqkk1qRbVotpUm+pQHapLdake1aP6VJ8aUkNqTI2pCTWhptSUmlNzakEtqBW1otbUmtpQG2pLbakdtaP21J46UAfqSB2pM3WmLtSFulJX6k7dqSf1pN7Um/pSX+pP/WkADaCBNJAG0SAaQkNoKA2lYTSMhtMIGklv0CgaTWNoLI2j8TSBJtBEmkiTaBJNpsk0labSdJpOM2kmzaJZNIfm0FyaS/NoHi2gBbSIFtFiWkxLaSkto2W0nJbTSlpJq2k1raW1tJ7W00baSJtpM22lrbSdttMO2kG7aBftoT20j/bRftpPB+gAHaSDdIgOBQSgI3SEjtJROkbH6DgdpxN0gk7SSTpFp+gMnaGzdJbO0Tm6QBfoIv1El+hnukyBUlwGl9Fd4zK5a11md5371ziHy+lyudwuj7Mum8v+TzE551JdAVfw75eYrqhLTbnyWMh5V9gVcUVdKVfalXFl3R2unLvTlf9NXNXd66q5+1x1d7+r4u75p7iGe8DVdI+4Wu5RV9s1cHVcI1fXPeLquUddfdfANXSNXAvX0rVyT7rW7inXxj39m3ixW+LWuw1uo9vk9rtP3AX3ozvuvnEX3U+uq+vm+ruX3AD3shvoXnGD3ODfxCPdG26UG+3GuLFunBv/m3iqm+amuxlupnvHzXKzfxMvcu+7uW6pm+fmuwVu4V/jKzUtdR+4Ze5Dt9ytcCvdKrfarXFr3br/Xesqt8VtddvcPvex2+F2ul1ut9vj9v41vrKOA+5Td9B95o65r91h94U74k64o+6rv8ZX1nfCfetOuu/cKXfanXHfu7PuB3fOnb+y/nBl7d+7n91lFxwwsmLNhiNOx+k5hTNwRr6GM/G1nJmv4wRfz1n4Bs7KN3I2zs45OCfn4tychy0TO2aOOS/n4yTfxPn5Zk7lAlyQC7HnwlyEi3IxvoWL861cgm/jknw7l+LSXIbL8h1cju/k8nwXV+C7uSJX4spche/hqnwvV+P7uDrfzzX4Aa7JD3It/gvX5oe4Dj/MdfkRrsePcn1uwA25ETfmx7gJP85NuRk35ye4BbfkVvwkt+anuA0/zW35GW7Hz3J7fo478PPckTtxZ36Bu/CL3JW7cXfuwT25F/fmPtyX+3F/fokH8Ms8kF/hQTyYh/CrPJRf42H8Og/nETyS3+BRPJrH8Fgex+N5Ar/JE/ktnsRv82SewlN5Gk/nGTyT3+FZPJvn8Ls8l9/jeTyfF/BCXsTv82Jewkv5A17GH/JyXsEreRWv5jW8ltfxet7AG3kTb+YtvJW38Xb+iHfwTt7Fu3kP7+V9/DHv5wy//MB9xof4cz7MX/AR/pKP8ld8jL/m4/wNn+Bv+SR/x6f4NJ/h7/ks/8Dn+Dxf4B/5Iv/El/hnvsyBIcZYxTo2cRSni9PHKXGGOGN8TZwpvjbOHF8XJ+Lr4yzxDXHW+MY4W5w9zhHnjHPFueM8sY0pdjHHcZw3zhcn45vi/PHNcWpcIC4YF4p9XDguEheNi8W3xMXjW+MS8W1xyfj2uFRcOn7k/rLxHXG5+M64fHxXXCG+O64YV4orx1Xie+Kq8b1xtfi+uHp8f1w8fiCuGT8Ywy+fV6kTPxzXjR+J68WPxvXjBnHDuFHcOH4sbhI/HjeNm8XN4yfiFnHLuFX8ZNw6fipuEz/9u/u7xz3innGvuFccwn16QXJhclHy/eTi5JLk0uQHyWXJD5PLkyuSK5OrkquTa5Jrk+uS65MbkhuTm5Kbk1uSW5PbkiFUSQ8evfLaGx/5dD69T/EZfEZ/jc/kr/WZ/XU+4a/3WfwNPqu/0Wfz2X0On9Pn8rl9Hm89eefZxz6vz+eT/iaf39/sU30BX9AX8t4X9kV8I9/YN/ZN/OO+qW/mm/sn/BO+pW/pn/RP+qd8G/+0b+uf8e38s769f84/55/3HX0n39m/4Lv4F31X38139919T9/T9/a9fV/f1/f3/f0AP8AP9AP9ID/ID/FD/FA/1A/zw/xwP9yP9CP9KD/Kj/Fj/Dg/zk/wE/xEP9FP8pN8BABT/VQ/3U/3M/1MP8vP8nP8HD83da6f5+f5BX6BX+QX+cV+sV/ql/plfplf7pf7lX6lX+1X+7V+rV/v1/uNfqPf7Df7rX6r3+63+x1+h9/ld/k9fo/f5/f5/X6/P+AP+IP+oD/kD/nD/rA/4r/0R/1X/pj/2h/33/gT/lt/0n/nT/nT/oz/3p/1P/hz/ry/4H/0F/1P/pL/2V/2wU9IvJmYmHgrMSnxdmJyYkpiamJaYnpiRmJm4p3ErMTsxJzEu4m5ifcS8xLzEwsSCxOLEu8nFieWJJYmPkgsS3yYWJ5YkViZWJVYnVhjIOTeEYe8IV9IhptC/nBzSA0FQsFQKPhQOBQJRUOxcEsoHm4NJcJtoWS4PZQKpUOZ8GioHxqEhqFRaBweC03C46FpaBaahydCi9AytApPhtbhqdAmPB3ahmdCu/BsaB+eCx3C86Fj6BQ6hxdCl/Bi6Bq6he6hR+gZeoXeoU/oG/qF/uGlMCC8HAaGV8KgMDgMCa+GoeG1MCy8HoaHEWFkeCOMCqPDmDA2jAvjw4TwZpgY3gqTwtthcpgSpoZpYXqYEWaGd8KsMDvMCe+GueG9MC/MDwvCwrAovB8WhyVhafggLAsfhuVhRVgZVoXVYU1YG9aF9WFD2Bg2hc1hS9gatoXt4aOwI+wMu8LusCfsDfvCx2F/+CQcCJ+Gg+GzcCh8Hg6HL8KR8GU4Gr4Kx8LX4Xj4JpwI34aT4btwKpwOZ8L34Wz4IZwL58OF8GO4GH4Kl8LP4fIf/MxapT/zFroQQgghxP9Hev3O/h7/5jkDAOqX8U8hhGt35jz6j/s1AGzO9rdxH5WrRQIAnurW4aG/bxUrdu/e/ZfXLtcQ5ZsPAIl/OcAv8QpoDi2hNTSDYv+2vj6q00X+nfmTtwFk/IecFPg1/nX+z/+D+R97YuTikvGFLP/J/PMBUvP9mnPlKvzv8QpofmU10AyK/wfzZ2/yO/Vn+GICQNN/yMkEAE0z/Gv9ReBxeBpa/9MrhRBCCCGEEEKIv+mjyrT7vevnK9fnucyvOenh1/j3rs+FEEIIIYQQQghx9T3bqfOTj7Vu3aydDGQggzQ2aPmfvOZq/2YSQgghhBBC/Nl+Pen/9bkMV7MgIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBAiDfp/8Z/GrvYahRBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCiKvtfwUAAP//D5g3fQ==")
syz_mount_image$fuse(0x0, &(0x7f0000000080)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
setreuid(0xee01, 0xee01)

1.478010801s ago: executing program 2 (id=233):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x6e, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4040aea0, &(0x7f0000000080))
ioctl$KVM_RUN(r3, 0xae80, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

1.454262983s ago: executing program 0 (id=234):
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
open(&(0x7f00000000c0)='./bus\x00', 0x40004c141, 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x63d014, 0x0)
r1 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./bus\x00', 0x200000, &(0x7f0000000180), 0xfc, 0x57c, &(0x7f00000013c0)="$eJzs3U1rG9caAOB3xnbifNxrB0K4t4tiyKIpaaTY7kcKXaTL0oYG2n0qbMUEy1Gw5BC7gSaLZtNNCYVSGijtvvsuQ/9Af0WgDYQSTLvoxmXkkaPEki078kei54Gxz5kZ+ZxXM+/xGY2EAuhbY9mPNOL/EfF1EjHSsm0w8o1jq/stP745lS1JrKx88mcSSb6uuX+S/z6SV/4XEb9+GXE6Xd9ubXFptlSplOfzejGSa8Xa4tKZK3OlmfJM+erE5OS5tyYn3n3n7Z7F+vrFv7/7+P4H5746ufztzw+P3U3ifBzNt7XG8RxutVbGYix/Tobi/DM7jvegsf0k2esOsC0DeZ4PRTYGjMRAnvVtrYzsZteAHfZFltZAn0rkP/Sp5jygeW3fo+vgF8aj91cvgNbHP7j62kgMN66NDi8nT10ZZde7oz1oP2vjlz/u3c2W6N3rEACbunU7Is4ODq4f/5J8/Nu+s13s82wbxj/YPfez+c8b7eY/6dr8J9rMf460yd3t2Dz/04c9aKajbP73Xtv579pNq9GBvPafxpxvKLl8pVLOxrb/RsSpGDqY1Te4n/NZuvxgpdPG1vlftmTtN+eCeT8eDh58+jHTpXrpuYJu8eh2xCtt57/J2vFP2hz/7Pm42GUbJ8r3Xu20bfP4d9bKjxGvtT3+T+5oZaVifa7T/cli43woNs+K9f66c+K3Tu3vdfzZ8T+8cfyjSev92trW2/hh+J9yp23bPf8PJJ82ygfydTdK9fr8eMSB5KP16yeePLZZb+6fxX/q5MbjX7vz/1CW2F3Gf+f4ndZdh7cW/87K4p/e0vHfeuHBh59/36n97o7/m43SqXxNN+Nftx18nucOAAAAAAAA9ps0Io5GkhbWymlaKKy+v+N4HE4r1Vr99OXqwtXpaHxWdjSG0uad7pGW90OM5++HbdYnnqlPRsSxiPhm4FCjXpiqVqb3OngAAAAAAAAAAAAAAAAAAADYJ45EDLf7/H/m94G97h2w4zb4ym/gJdc5//MtvfimJ2Bfas3/g3vYD2D3mf9D/+oi/9Pd6Aew+/z/h/4l/6F/yX/oX/If+tdW8v+nCzvYEQAAAAAAAAAAAAAAAAAAAAAAAAAAAHg5XLxwIVtWlh/fnMrq09cXF2ar189Ml2uzhbmFqcJUdf5aYaZanamUC1PVuc3+XqVavTY+EQs3ivVyrV6sLS5dmqsuXK1fujJXmilfKg/tSlQAAAAAAAAAAAAAAAAAAADwYqktLs2WKpXyvILCtgqD+6MbnQppfqLvl/68MIU9HpgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoMW/AQAA//+LGzah")
r2 = open(&(0x7f0000000100)='./bus\x00', 0x107502, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
fadvise64(r1, 0x0, 0x0, 0x4)

1.275647819s ago: executing program 1 (id=235):
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r0 = socket$inet6(0xa, 0x800000000000002, 0x0)
close(r0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000080)=0x400000001, 0x4)
setsockopt$inet6_tcp_int(r1, 0x6, 0x22, &(0x7f0000356000)=0x1, 0x4)
connect$inet6(r1, &(0x7f0000000340)={0xa, 0x0, 0x0, @loopback}, 0x1c)
r2 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r2, &(0x7f00000014c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB="020d00001400000000000000000000000800120000000200000000000000000006000000000000000000000000000000e0000002000000000000000000000000ff02000000000000000000000000000105000500008000000a00000000000000fe8000000000000000000000000000aa000000000000000005000600004700000a0000000000000000000000000000000000ff"], 0xa0}}, 0x0)
sendto$inet6(r0, 0x0, 0x4, 0x0, 0x0, 0x0)

1.1421361s ago: executing program 1 (id=236):
syz_mount_image$ext4(&(0x7f0000000740)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1a10716, &(0x7f0000000580)={[{@prjquota}, {@mblk_io_submit}, {@grpjquota_path}, {@resuid}, {@prjquota}, {@usrjquota}, {@usrjquota}, {@inode_readahead_blks}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x2}}]}, 0xff, 0x46d, &(0x7f0000001bc0)="$eJzs289vVEUcAPDve7sFBGUrIgqCVNGk8UdLCyoHE6PRxIMmJnrAY20LQRZqaE2ENFqNwaMh8W48mvgXePJk1JOJVzyaGBKixAT04pq3+17pLrullYXddD+fZGFm3+zMfPvevJ2d2Q1gYI1k/yQRd0fExYioNLLNBUYa/127sjj995XF6SRqtTf/SOrlrl5ZnK7litdty+scTSPST5O8kRhaWe382XMnp6rV2TN5fnzh1Hvj82fPPX3i1NTx2eOzpyePHDl8aOK5ZyefadPr3y6sN84svqt7Ppzbu/vVty+8Pn30wjs/fpP1d9e+xvEsjvXWeTMjWeB/Nv42rcce73ZjPfZv7XqcSbnXvWGtShFRzgfnxahEKa6fvEq88klPOwfcVtk9e3Pnw0s1YANLotc9AHqjeKPPPv8Wjzs09egLl19sfADK4r6WPxpHypE2Pho1L1x02UhEHF3658vsES3rELU26wYAALfqu2z+81S7+V8au1aU257vDQ1HxL0RsSMi7ouInRFxf0S97AMR8WCnhjpMokZa8jfOP9NL/zu4Ncjmf8/ne1vN87+0KDJcynP31OMfSo6dqM4ezP8mozG0OctPtKu8qOLlXz7v1P7K+V/2yNov5oJ5JZfKjQW6LcUzM1MLU92alF7+OGJPuV38yfJOQBIRuyNiz/qq3l4kTjzx9d5OhW4e/yq6sM9U+6qoZHEpWuIvJKvvT45vierswfHiqrjRTz+ff6NT+7cUfxdk539r8/XfUqLyV7Jyv3Z++cALa23j/K+fdfxMWV779b8su/43JW/V93Q35c99MLWwcGYiYlPyWj3f9Pzk9dcW+aJ8Fv/ogfbjf0f+miz+hyIiu4j3RcTDEbE/P3ePRMSjEXFglfh/eOmxdzsd64fzP9P2/rd8/Q83n//1J0onv/+2U/tru/8drqdG82fq97+b6Nyd4jbacjUDAADABpbWvxufpGPL6TQdG2t8h39nbE2rc/MLTx6be//0TOM79MMxlBYrXZUV66ETyVJeYyM/ma8VF8cP5evGX5TuqufHpueqMz2OHQbdtg7jP/N7qde9A247v9eCwdU6/tMe9QO487z/w+Ay/mFwGf8wuNqN/49a8vYCYCOqVXrdA6B3zP9hcBn/MLiMfxhIt/K7/tuVKK/y632JfklE2hfd6JvE/j4aTeUujO4e35gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC65L8AAAD///Uk+Ss=")
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mkdir(&(0x7f0000000080)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
syz_mount_image$fuse(&(0x7f0000000000), &(0x7f0000000100)='./bus\x00', 0x100000, &(0x7f0000000380)=ANY=[], 0x1, 0x0, 0x0)
r0 = creat(&(0x7f0000000500)='./file0\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x6000)
io_setup(0x1, &(0x7f0000000200)=<r1=>0x0)
io_submit(r1, 0x9f, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0x0, 0x6, 0x1, 0x0, r0, &(0x7f0000000000), 0x4000}])

1.074233756s ago: executing program 2 (id=238):
syz_usb_connect(0x1, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="1a0100005c6b4408070a64006e4001020303090224002af62300000904000002ca744d0009053f034d00"], &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x0, 0x0}]})
capset(0x0, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x5, &(0x7f0000000040)=@framed={{0x66, 0xa, 0x0, 0x0, 0x0, 0x61, 0x11, 0x10}, [@initr0]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
setsockopt$inet6_int(r0, 0x29, 0x3, &(0x7f0000004240)=0x40000006, 0x4)
recvmmsg(r0, &(0x7f0000000040), 0x400000000000284, 0x2, 0x0)
setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f0000000580)=ANY=[], 0x8)
setsockopt$inet6_int(r0, 0x29, 0x8, &(0x7f0000000000)=0x7f, 0x4)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)

960.106346ms ago: executing program 4 (id=239):
syz_mount_image$vfat(&(0x7f0000003880), &(0x7f0000000000)='./file1\x00', 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="6e6f6e756d7461696c3d302c636865636b3d7374726963742c756d61736b3d30303030303030303030303030303030303133363033302c756e695f786c6174653d312c756e695f786c6174653d302c666d61736b3d30303030303030303030303030303030303030303034302c757466383d302c6e6f6e756d7461696c3d302c73686f72746e616d653d77696e39352c73686f72746e616d653d6c6f7765722c73686f72746e616d653d77696e6e742c756e695f786c6174653d312c74696d655f6f66667365743d3078303030303030303030303030303166622c666c7573682c756e69df786c6174653d302c73686f72746e616d653d77696e39352c00"], 0x6, 0x2a6, &(0x7f0000000440)="$eJzs3T9rW1cUAPDzbFlS20EaOpVCH7RDJ2N77SJTbDDV1KKh7dCa2oZiiYINhv6hqqeuXTr2ExQC2fIlsmTIHsgayBYPhhee9F4kO7JsBcvOn99v8fV999x77vXFxoPO+/Hj3v5OGnvHfzyKej2JhVa04iSJZixE6a84o/VPAABvspMsi6fZ0CxxSUTU55cWADBHM//9vzv3lACAOfvm2+++Wm+3N75O03ps9v4+6uT/2edfh8/X9+Ln6MZurEQjTiOyF4btzSzL+pU014zPev2jTh7Z++F+Mf/6k4hB/Go0ojnoOhu/1d5YTYfG4vt5Hu8X67fy+LVoxIcT1t9qb6xNiI9ONT7/dCz/5WjEg5/il+jGziCJUfyfq2n6Zfbvs9+/z9PL45P+Uac2GDeSLd7wjwYAAAAAAAAAAAAAAAAAAAAAgLfYclE7pxaD+j15V1F/Z/E0/2Yp0lLzbH2eYXxSTnSuPlA/i//K+joraZpmxcBRfCU+qkTldnYNAAAAAAAAAAAAAAAAAAAAr5fDX3/b3+52dw+upVFWAyg/1v+q87TGej6J6YNro7UWiuaUmWOxHJNETE0j38Q1Hctljfcuyvn/O7NOWL98zNK087meRnm79reTyWdYi7KnXl6Se+NjqnHFtaoXPcpmun7ViY8aM++9+sGg0Z8yJpJpiX3xeHhyRU9yfhfVwalODF8qGmPh5+7GTPf55d8ViWodAAAAAAAAAAAAAAAAAAAwV6MP/U54eHxB0MOt4Uv+a3NODgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABuyOj9/zM0+kXwFQZX4+DwlrcIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAO+B5AAAA///S9mga")
syz_usb_control_io$hid(0xffffffffffffffff, 0x0, &(0x7f00000004c0)={0x2c, 0x0, 0x0, 0x0, 0x0, 0x0})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x182, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000200)="f7790066baa00066b86b4266ef66ba420066b8e20066ef0f29902cbb0000c4e2b1ba8c88d9000000666666440f38826b410f7842280f07b8010000000f01d9c4033921820f47a753fd", 0x49}], 0x1, 0x43, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000000c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000140))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

828.046228ms ago: executing program 0 (id=240):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0x4, 0xc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
unshare(0x60600)
mount$incfs(&(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='./file0\x00', &(0x7f0000000180), 0x0, 0x0)
mount$incfs(&(0x7f0000000140)='./file0\x00', &(0x7f0000000100)='./file0\x00', &(0x7f0000000040), 0x0, 0x0)
openat(r2, &(0x7f0000000140)='./file0/file0\x00', 0xa4b40, 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x0)

756.295024ms ago: executing program 0 (id=241):
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_SET_PIT2(0xffffffffffffffff, 0x4188aec6, &(0x7f0000000240)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}]})
syz_mount_image$vfat(&(0x7f0000000240), &(0x7f0000000040)='./file2\x00', 0x10502, &(0x7f0000001b80)=ANY=[], 0x1, 0x11f3, &(0x7f0000002580)="$eJzs3E+LW1UYB+C3cWrHqfNHrdV2oQfduLo0s3AlSJApyASU2gitINw6NxpyTUJuGIiI1ZVbP4e4dCeIX2A2fgZ3s3HZhXiFpLVNTdUuOpH6PJv7kvf8cu8hEDjhnBy/8c2n/W6VdfNJNE6disYoIt1KkaIRd7y0P79eu77farf3rqR0uXW1+XpKaevlHz/4/LtXfpqcff/7rR/OxNHOh8e/7v5ydP7owvHvVz/pValXpcFwkvJ0Yzic5DfKIh30qn6W0rtlkVdF6g2qYrzQ75bD0Wia8sHB5sZoXFRVygfT1C+maTJMk/E05R/nvUHKsixtbgQPdPqfh3S+vVXXdURdn44no67r+qnYiLPxdGzGVnwZEc/Es/FcnIvn43y8EC/Ghdmok3h8AAAAAAAAAAAAAAAAAAAA+P/4u/P/27Hj/D8AAAAAAAAAAAAAAAAAAACcgPeuXd9vtdt7V1Jajyi/PuwcdubXeb/VjV6UUcSl2I7fYnb6f25eX367vXcpzezEV+XN2/mbh50nFvPN2d8J3M6vzXp38s15Pi3mz8TGvfnd2I5zy++/uzS/Hq+9ek8+i+34+aMYRhkHs3vfzX/RTOmtd9r35S/OxgEAAMDjIEt/Wrp+z7IH9ef5h/h94L719VpcXFvt3Imopp/187IsxovF+l9eUfz7ovGI3rkR/5EJKh7/YtXfTJyEux/6qp8EAAAAAAAAAACAh/GIdxGuxZKdZW+uZqoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB/sAPHAgAAAADC/K3T6NgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgqAAD//99CzUo=")
r0 = open(&(0x7f0000000200)='./bus\x00', 0x1c507e, 0x0)
r1 = creat(&(0x7f00000000c0)='./bus\x00', 0x0)
lseek(r1, 0x7ffffb, 0x0)
write$binfmt_elf64(r1, &(0x7f0000000240)=ANY=[], 0xfd14)
sendfile(r0, r0, 0x0, 0x100000000)
open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)

440.994762ms ago: executing program 3 (id=242):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={<r1=>0xffffffffffffffff})
pipe(&(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
splice(r1, 0x0, r3, 0x0, 0x800008ec0, 0x0)
syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f0000000740)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f00000006c0), 0xfe, 0x246, &(0x7f0000000ac0)="$eJzs3T9oM2UcB/DvXRJf+75BXnURxD8gIloor5vg8rooFKQUEUGFioiL0gq1xa1xcnHQWaWTSxE3q6N0KS6K4FS1Q10ELQ4WBx0iybVS24ja1Jz0Ph+43l3vee73HLnvkyyXBGisq0muJ2klmU7SSVIcb3B3tVw93F2f2l5I+v0nfiqG7ar9ylG/K0l6SR5KslUWeamdrG4+s/fLzmP3vbnSuff9zaenJnqRh/b3dh8/eG/ujY9mH1z94qsf5opcT/dP13X+ihH/axfJLf9Fsf+Jol33CPgn5l/78OtB7m9Ncs8w/52UqV68t5Zv2OrkgXf/qu/bP355+yTHCpy/fr8zeA/s9YHGKZN0U5QzSartspyZqT7Df9O6XL68tPzq9ItLK4sv1D1TAeelm+w++smlj6+cyP/3rSr/wMU1yP+T8xvfDrYPWnWPBpiIO6rVIP/Tz63dH/mHxpF/aC75h+aSf2gu+Yfmkn9oLvmHC6xztNEbeVj+obnkH5pL/qG5jucfAGiW/qW6n0AG6lL3/AMAAAAAAAAAAAAAAAAAAJy2PrW9cLRMquZn7yT7jyRpj6rfGv4ecXLj8O/ln4tBsz8UVbexPHvXmCcY0wc1P31903f11v/8znrrry0mvdeTXGu3T99/xeH9d3Y3/83xzvNjFviXihP7Dz812fon/bZRb/3ZneTTwfxzbdT8U+a24Xr0/NM9/hXLZ/TKr2OeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIn5PQAA//8PK23M")
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)
read$FUSE(r2, &(0x7f000000b800)={0x2020}, 0xe80)
write$binfmt_elf64(r3, &(0x7f00000001c0)=ANY=[], 0xfffffe14)

417.561564ms ago: executing program 0 (id=243):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = dup(r1)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@textreal={0x8, &(0x7f00000000c0)="2ef30f9c451c660f38202ef44f660f38804099b800018ec0ff59f066b9800000c00f326635001000000f3066b96c0a000066b80000000066ba000000800f30d3ca0fc71c6467670f01c8", 0x4a}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0xd000})
ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'wg0\x00'})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

132.951929ms ago: executing program 4 (id=244):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r1 = eventfd(0x0)
r2 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000000))
ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r1)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x0, 0x1, 0x0, &(0x7f00000000c0)=""/87, 0x0})
read$eventfd(r1, &(0x7f0000000180), 0x8)
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000940))
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x20000)

108.370901ms ago: executing program 0 (id=245):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f00000005c0)={[{@noblock_validity}, {}, {@sysvgroups}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@nogrpid}, {@noauto_da_alloc}, {@acl}]}, 0x3, 0x56a, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH")
chdir(&(0x7f0000000000)='./file0\x00')
creat(&(0x7f0000000040)='./bus\x00', 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = open(&(0x7f0000000080)='./bus\x00', 0x185102, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='pids.current\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2, 0x28011, r0, 0x0)
syz_mount_image$exfat(&(0x7f0000000040), &(0x7f0000000180)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0xa1000a, &(0x7f00000003c0)=ANY=[@ANYRES8, @ANYRES8, @ANYRESHEX, @ANYRES64, @ANYRES8, @ANYRESDEC=0x0], 0x21, 0x1507, &(0x7f0000001b00)="$eJzs3Au4TtX2MPAx5pyLTdKb5D7HHIs3bUyXJLkkySVJkiNJbgkhSZKQ3G9JSELuSe4huYXkfr/lniRJkiQkJJnf45zO1zmn8//39f/3fZ7vv8fvedbzzvGud8w15h5773ettZ93f9NhSOW6VSrUZmb4b8G/PXQHgBQA6A8A1wFABAAlspTIcmV/Bo3d/3sHEX+uh6Zf7QrE1ST9T9uk/2mb9D9tk/6nbdL/tE36n7ZJ/9M26b8Qadn2GTmvly3tbnL/Py2T9///QY4WHvvFxsI3dvwDKdL/tE36n7ZJ/9M26X/aJv1P26T/aZv0P22T/guRlv3X7x3L3w7+J2xX+/tPCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIUTacCH8ygDA38dXuy4hhBBCCCGEEEL8eUL6q12BEEIIIYQQQggh/u9DUKDBQATpID2kQAbICNdAJrgWMsN1kIDrIQvcAFnhRsgG2SEH5IRckBvygAUCBwwx5IV8kISbID/cDKlQAApCIfBQGIpAUSgGt0BxuBVKwG1QEm6HUlAaykBZuAPKwZ1QHu6CCnA3VIRKUBmqwD1QFe6FanAfVIf7oQY8ADXhQagFf4Ha8BDUgYehLjwC9eBRqA8NoCE0gsb/pfwXoAu8CF2hG3SHHtATekFv6AN9oR/0h5dgALwMA+EVGASDYQi8CkPhNRgGr8NwGAEj4Q0YBaNhDIyFcTAeJsCbMBHegknwNkyGKTAVpsF0mAEz4R2YBbNhDrwLc+E9mAfzYQEshEXwPiyGJbAUPoBl8CEshxWwElbBalgDa2EdrIcNsBE2wWbYAlthG2yHj2AH7IRdsBv2wF7YBx/DfvgEDsCncBA++4P55/8lvyMCAipUaNBgOkyHKZiCGTEjZsJMmBkzYwITmAWzYFbMitkwG+bAHJgLc2EezIOEhIyMeTEvJjGJ+TE/pmIqFsSC6NFjESyCxfAWLI7FsQSWwJJYEkthaSyNZbEslsNyWB7LYwWsgBWxIlbGyngP3oP3YjWshtWxOtbAGlgTa2ItrIW1sTbWwTpYF+tiPayH9bE+NsSG2BgbYxNsgk2xKTbH5tgCW2ArbIWtsTW2wTbYFttiO2yH7bE9dsAO2BE7YSd8AV/AF/FF7IYVVQ/siT2xN/bGvtgP++FLOABfxpfxFRyEg3EIvoqv4ms4DM/hcByBI3EkllOjcQyORVbjcQJOwIk4ESfhJJyMU3AKTsPpOANn4kychbNxNr6Lc/E9fA/n43xciItwES7GJbgUl+IyPI/LcQWuxFW4GtfgalyH63EdbsRNuBG34BbchtvwI/wId+JO3I27cS8aAPwYP8FPcBAexIN4CA/hYTyMR/AIHsWjeAyP4XE8jifwBJ7Ek3gKT+MZPI1n8Syew/N4AS/gRbyIl/C5XF/V2VtgwyBQVxhlVDqVTqWoFJVRZVSZVCaVWWVWCZVQWVQWlVVlVdlUNpVD5VC5VC6VR+VRpEixilVelVclVVLlV/lVqkpVBVVB5ZVXRVQRVUwVU8VVcVVC3aZKqttVKVVaNfNlVVlVTjX35dVdqoKqoCqqSqqyqqKqqKqqqqqmqqnqqrqqoWqomupBVUv1wL74kLrSmbpqMNZTQ7C+aqAaqkbqNXxMNVHDsKlqppqrJ9QIHI6tVBPfWj2l2qgx2FY9o8bis6q9Go8d1POqo+qkOqsXVBfV1HdV3dRk7KF6qmnYW/VRfVU/NQsrqSsdq6xeUYPUYDVEvaoW4mtqmHpdDVcj1Ej1hhqlRqsxaqwap8arCepNNVG9pSapt9VkNUVNVdPUdDVDzVTvqFlqtpqj3lVz1XtqnpqvFqiFapF6Xy1WS9RS9YFapj5Uy9UKtVKtUqvVGrVWrVPr1Qa1UW1Sm9UWtVVtU9vVR2qH2ql2qd1qj9qr9qmP1X71iTqgPlUH1WfqkPpcHVZfqCPqS3VUfaWOqa/VcfWNOqG+VSfVd+qUOq3OqO/VWfWDOqfOqwvqR3VR/aQuqZ/VZRUUaNRKa210pNPp9DpFZ9AZ9TU6k75WZ9bX6YS+XmfRN+is+kadTWfXOXROnUvn1nm01aSdZh3rvDqfTuqbdH59s07VBXRBXUh7XVgX0UV1MX2LLq5v1SX0bbqkvl2X0qV1GV1W36HL6Tt1eX2XrqDv1hV1JV1ZV9H36Kr6Xl1N36er6/t1Df2Arqkf1LX0X3Rt/ZCuox/WdfUjup5+VNfXDXRD3Ug31o/pJvpx3VQ30831E7qFbqlb6Sd1a/2UbqOf1m31M7qdfla318/pDvp53VF30p31z/qyDrqr7qa76x66p+6le+s+uq/up/vrl/QA/bIeqF/Rg/RgPUS/qofq1/Qw/boerkfokfoNPUqP1mP0WD1Oj9cT9Jt6on5LT9Jv68l6ip6qp+npeobu+8tMc/4P8t/6N/kD/3r0bXq7/kjv0Dv1Lr1b79F79T69T+/X+/UBfUAf1Af1IX1IH9aH9RF9RB/VR/UxfUwf18f1CX1Cn9Qn9Sl9Wv+ov9dn9Q/6nD6vz+sf9UV9UV/65WsABo0y2hgTmXQmvUkxGUxGc43JZK41mc11JmGuN1nMDSarudFkM9lNDpPT5DK5TR5jDRln2MQmr8lnkuYm/OWEwhQ0hYw3hU0RU/SP5Jv85maTagr8U/7v1dfYNDZNTBPT1DQ1zU1z08K0MK1MK9PatDZtTBvT1rQ17Uw70960Nx1MB9PRdDSdTWfTxXQxXU1X0910Nz1NL9Pb9DF9TT/T37xkBpgBZqAZaAaZQWaIGWKGmqFmmBlmhpvhZqQZaUaZUWaMGWPGmXFmgplgJpqJZpKZZCabyWaqmWqmm+lmpplpZplZZo6ZY+aauWaemWcWmAVmkVlkFpvFZqlZapaZZWa5WWFWmFVmlVlj1ph1Zp3ZYDaYTWaT2WK2mOVmu9ludpgdZpfZZfaYPWaf2Wf2m/3mgDlgDpqD5pA5ZA6bw+aIOWKOmqPmmDlmjpvj5oQ5YU6ak+aUOWXOmDPmrDlrzplz5oK5YC6ai+aSuWQum8tXTvsiFanIRCZKF6WLUqKUKGOUMcoUZYoyR5mjRJSIskRZoqzRjVG2KHuUI8oZ5YpyR3kiG1HkIo7iKG+UL0pGN0X5o5uj1KhAVDAqFPmocFQkKhoVi26Jike3RiWi26KS0e1Rqah0VCYqG90RlYvujMpHd0UVorujilGlqHJUJbonqhrdG1WL7ouqR/dHNaIHoprRg1Gt6C9R7eihqE70cFQ3eiSqFz0a1Y8aRA2jRlHjP3X+EM5lf9x3td1sd9vD9rS9bG/bx/a1/Wx/+5IdYF+2A+0rdpAdbIfYV+1Q+5odZl+3w+0IO9K+YUfZ0XaMHWvH2fF2gn3TTrRv2Un2bTvZTrFT7TQ73c6wM+07dpadbefYd+1c+56dZ+fbBXahXWTft4vtErvUfmCX2Q/tcrvCrrSr7Gq7xq616+x6u8FutJvsZrvFbrXb7Hb7kd1hd9pddrfdY/faffZju99+Yg/YT+1B+5k9ZD+3h+0X9oj90h61X9lj9mt73H5jT9hv7Un7nT1lT9sz9nt71v5gz9nz9oL90V60P9lL9md72YYrJ/dX3t7JkKF0lI5SKIUyUkbKRJkoM2WmBCUoC2WhrJSVslE2ykE5KBflojyUh65gYspLeSlJScpP+SmVUqkgFSRPnopQESpGxag4FacSVIJKUkkqRaWoDJWhO+gOupPupLvoLrqb7qZKVImqUBWqSlWpGlWj6lSdalANqkk1qRbVotpUm+pQHapLdake1aP6VJ8aUkNqTI2pCTWhptSUmlNzakEtqBW1otbUmtpQG2pLbakdtaP21J46UAfqSB2pM3WmLtSFulJX6k7dqSf1pN7Um/pSX+pP/WkADaCBNJAG0SAaQkNoKA2lYTSMhtMIGklv0CgaTWNoLI2j8TSBJtBEmkiTaBJNpsk0labSdJpOM2kmzaJZNIfm0FyaS/NoHi2gBbSIFtFiWkxLaSkto2W0nJbTSlpJq2k1raW1tJ7W00baSJtpM22lrbSdttMO2kG7aBftoT20j/bRftpPB+gAHaSDdIgOBQSgI3SEjtJROkbH6DgdpxN0gk7SSTpFp+gMnaGzdJbO0Tm6QBfoIv1El+hnukyBUlwGl9Fd4zK5a11md5371ziHy+lyudwuj7Mum8v+TzE551JdAVfw75eYrqhLTbnyWMh5V9gVcUVdKVfalXFl3R2unLvTlf9NXNXd66q5+1x1d7+r4u75p7iGe8DVdI+4Wu5RV9s1cHVcI1fXPeLquUddfdfANXSNXAvX0rVyT7rW7inXxj39m3ixW+LWuw1uo9vk9rtP3AX3ozvuvnEX3U+uq+vm+ruX3AD3shvoXnGD3ODfxCPdG26UG+3GuLFunBv/m3iqm+amuxlupnvHzXKzfxMvcu+7uW6pm+fmuwVu4V/jKzUtdR+4Ze5Dt9ytcCvdKrfarXFr3br/Xesqt8VtddvcPvex2+F2ul1ut9vj9v41vrKOA+5Td9B95o65r91h94U74k64o+6rv8ZX1nfCfetOuu/cKXfanXHfu7PuB3fOnb+y/nBl7d+7n91lFxwwsmLNhiNOx+k5hTNwRr6GM/G1nJmv4wRfz1n4Bs7KN3I2zs45OCfn4tychy0TO2aOOS/n4yTfxPn5Zk7lAlyQC7HnwlyEi3IxvoWL861cgm/jknw7l+LSXIbL8h1cju/k8nwXV+C7uSJX4spche/hqnwvV+P7uDrfzzX4Aa7JD3It/gvX5oe4Dj/MdfkRrsePcn1uwA25ETfmx7gJP85NuRk35ye4BbfkVvwkt+anuA0/zW35GW7Hz3J7fo478PPckTtxZ36Bu/CL3JW7cXfuwT25F/fmPtyX+3F/fokH8Ms8kF/hQTyYh/CrPJRf42H8Og/nETyS3+BRPJrH8Fgex+N5Ar/JE/ktnsRv82SewlN5Gk/nGTyT3+FZPJvn8Ls8l9/jeTyfF/BCXsTv82Jewkv5A17GH/JyXsEreRWv5jW8ltfxet7AG3kTb+YtvJW38Xb+iHfwTt7Fu3kP7+V9/DHv5wy//MB9xof4cz7MX/AR/pKP8ld8jL/m4/wNn+Bv+SR/x6f4NJ/h7/ks/8Dn+Dxf4B/5Iv/El/hnvsyBIcZYxTo2cRSni9PHKXGGOGN8TZwpvjbOHF8XJ+Lr4yzxDXHW+MY4W5w9zhHnjHPFueM8sY0pdjHHcZw3zhcn45vi/PHNcWpcIC4YF4p9XDguEheNi8W3xMXjW+MS8W1xyfj2uFRcOn7k/rLxHXG5+M64fHxXXCG+O64YV4orx1Xie+Kq8b1xtfi+uHp8f1w8fiCuGT8Ywy+fV6kTPxzXjR+J68WPxvXjBnHDuFHcOH4sbhI/HjeNm8XN4yfiFnHLuFX8ZNw6fipuEz/9u/u7xz3innGvuFccwn16QXJhclHy/eTi5JLk0uQHyWXJD5PLkyuSK5OrkquTa5Jrk+uS65MbkhuTm5Kbk1uSW5PbkiFUSQ8evfLaGx/5dD69T/EZfEZ/jc/kr/WZ/XU+4a/3WfwNPqu/0Wfz2X0On9Pn8rl9Hm89eefZxz6vz+eT/iaf39/sU30BX9AX8t4X9kV8I9/YN/ZN/OO+qW/mm/sn/BO+pW/pn/RP+qd8G/+0b+uf8e38s769f84/55/3HX0n39m/4Lv4F31X38139919T9/T9/a9fV/f1/f3/f0AP8AP9AP9ID/ID/FD/FA/1A/zw/xwP9yP9CP9KD/Kj/Fj/Dg/zk/wE/xEP9FP8pN8BABT/VQ/3U/3M/1MP8vP8nP8HD83da6f5+f5BX6BX+QX+cV+sV/ql/plfplf7pf7lX6lX+1X+7V+rV/v1/uNfqPf7Df7rX6r3+63+x1+h9/ld/k9fo/f5/f5/X6/P+AP+IP+oD/kD/nD/rA/4r/0R/1X/pj/2h/33/gT/lt/0n/nT/nT/oz/3p/1P/hz/ry/4H/0F/1P/pL/2V/2wU9IvJmYmHgrMSnxdmJyYkpiamJaYnpiRmJm4p3ErMTsxJzEu4m5ifcS8xLzEwsSCxOLEu8nFieWJJYmPkgsS3yYWJ5YkViZWJVYnVhjIOTeEYe8IV9IhptC/nBzSA0FQsFQKPhQOBQJRUOxcEsoHm4NJcJtoWS4PZQKpUOZ8GioHxqEhqFRaBweC03C46FpaBaahydCi9AytApPhtbhqdAmPB3ahmdCu/BsaB+eCx3C86Fj6BQ6hxdCl/Bi6Bq6he6hR+gZeoXeoU/oG/qF/uGlMCC8HAaGV8KgMDgMCa+GoeG1MCy8HoaHEWFkeCOMCqPDmDA2jAvjw4TwZpgY3gqTwtthcpgSpoZpYXqYEWaGd8KsMDvMCe+GueG9MC/MDwvCwrAovB8WhyVhafggLAsfhuVhRVgZVoXVYU1YG9aF9WFD2Bg2hc1hS9gatoXt4aOwI+wMu8LusCfsDfvCx2F/+CQcCJ+Gg+GzcCh8Hg6HL8KR8GU4Gr4Kx8LX4Xj4JpwI34aT4btwKpwOZ8L34Wz4IZwL58OF8GO4GH4Kl8LP4fIf/MxapT/zFroQQgghxP9Hev3O/h7/5jkDAOqX8U8hhGt35jz6j/s1AGzO9rdxH5WrRQIAnurW4aG/bxUrdu/e/ZfXLtcQ5ZsPAIl/OcAv8QpoDi2hNTSDYv+2vj6q00X+nfmTtwFk/IecFPg1/nX+z/+D+R97YuTikvGFLP/J/PMBUvP9mnPlKvzv8QpofmU10AyK/wfzZ2/yO/Vn+GICQNN/yMkEAE0z/Gv9ReBxeBpa/9MrhRBCCCGEEEKIv+mjyrT7vevnK9fnucyvOenh1/j3rs+FEEIIIYQQQghx9T3bqfOTj7Vu3aydDGQggzQ2aPmfvOZq/2YSQgghhBBC/Nl+Pen/9bkMV7MgIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBAiDfp/8Z/GrvYahRBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCiKvtfwUAAP//D5g3fQ==")
syz_mount_image$fuse(0x0, &(0x7f0000000080)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
setreuid(0xee01, 0xee01)

64.011255ms ago: executing program 1 (id=237):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0x2000000000000046, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000049c0)='ext4_unlink_enter\x00', r1}, 0x10)
syz_mount_image$ext4(&(0x7f00000005c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x2008002, &(0x7f0000000080), 0x1, 0x53d, &(0x7f0000000a80)="$eJzs3c9vHFcdAPDvjH82TesEeoAKSIBCQFF2400bVb20uYBQVQlRcUAcUmNvLJNdr/GuS20s4f4NIIHECf4EDkgckHriwI0jEgeEVA5IASxQjATSopkdO1t7TZbsepd6Px9pMvPmzcz3vWxm39u3m3kBTKyrEbEXEbMR8VZELBT7k2KJ1zpLdtzD/d3lg/3d5STa7Tf/muT52b7oOifzdHHN+Yj42pcjvpWcjNvc3rm/VKtVN4t0uVXfKDe3d26s1ZdWq6vV9Url9uLtmy/feqkytLpeqf/8wZfWXv/6r375yfd/u/fF72XFuljkdddjmDpVnzmKk5mOiNfPItgYTBXr2TGXgyeTRsRHIuIz+f2/EFP5v04A4DxrtxeivdCdBgDOuzQfA0vSUkSkadEJKHXG8J6LC2mt0Wxdv9fYWl/pjJVdipn03lqtevPy3O+/kx88k2TpxTwvz8/TlWPpWxFxOSJ+OPdUni4tN2or4+nyAMDEe7q7/Y+If8ylaanU16k9vtUDAD405sddAABg5LT/ADB5tP8AMHn6aP+LL/v3zrwsAMBo+PwPAJNH+w8Ak0f7DwAT5atvvJEt7YPi+dcrb29v3W+8fWOl2rxfqm8tl5Ybmxul1UZjNX9mT/1x16s1GhuLL8bWO+VWtdkqN7d37tYbW+utu/lzve9WZ0ZSKwDgv7l85b3fJRGx98pT+RJdczloq+F8S8ddAGBspgY5WQcBPtTM9gWTq68mPO8k/ObMywKMR8+Hec/33PygH/8PQfzOCP6vXPt4/+P/5niG88X4P0yuJxv/f3Xo5QBGz/g/TK52Ozk+5//sURYAcC4N8BO+9veH1QkBxupxk3kP5ft/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOGcuRsS3I0lL+VzgafZnWipFPBMRl2ImubdWq96MiGfjSkTMzGXpxXEXGgAYUPrnpJj/69rCCxeP584m/5zL1xHx3Z+8+aN3llqtzcVs/9+O9s8dTh9WeXTeAPMKAgBDlrfflWLd9UH+4f7u8uEyyvI8uBP/LqYiXj7Y382XTs50ZDsj5vO+xIW/JzFdnDMfEc9HxNQQ4u+9GxEf61X/JB8buVTMfNodP4rYz4w0fvqB+Gme11lnna+PDqEsMGneuxMRr/W6/9K4mq973//z+TvU4B7c6Vzs8L3voCv+dBFpqkf87J6/2m+MF3/9lRM72wudvHcjnp/uFT85ip+cEv+FPuP/4ROf+sGrp+S1fxpxLXrH745VbtU3ys3tnRtr9aXV6mp1vVK5vXj75su3XqqU8zHq8uFI9Ul/eeX6s6eVLav/hVPiz/es/+zRuZ/rs/4/+9db3/z0o+Tc8fhf+Gzv1/+5nvE7sjbx833GX7rwi1On787ir5xS/8e9/tf7jP/+n3ZW+jwUABiB5vbO/aVarbo50Eb2KXQY1zmxkRWxv4MPu4uDBf1jnEUtnnBj5qz+Vs98Y/qorzjcK38ju+KIq5MOvRYDbTwcVazxvScBo/Hoph93SQAAAAAAAAAAAAAAgNOM4r8ujbuOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnF//CQAA//+zi8zo")
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000040)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x982073, 0x0, 0xfc, 0x0, &(0x7f00000000c0))
mkdir(&(0x7f0000000280)='./file0\x00', 0x2)
syz_mount_image$fuse(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000001c0)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f0000000180)='./bus\x00', &(0x7f0000000400), 0x0, &(0x7f0000000300)={[{@workdir={'workdir', 0x3d, './bus'}}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file1'}}]})

0s ago: executing program 4 (id=246):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x6cb, 0x81a7, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000000)={0xffffffffffffffff, 0xe0, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r1=>0x0, 0x0, 0x0, 0x0, 0xfffffffffffffdb4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffe15, 0x5, 0x0, 0x0, 0x0, 0x0, 0x8, 0xffffffffffffff4b, 0x0}}, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r2, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r2, <r3=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r4}, 0x10)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000740)={r2, &(0x7f0000000000), &(0x7f00000000c0)=""/109}, 0x20)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f00000001c0)={0x2c, &(0x7f00000008c0)=ANY=[@ANYRES16=r3, @ANYRES32=r4, @ANYRES16=r1], 0x0, 0x0, 0x0, 0x0}, 0x0)

kernel console output (not intermixed with test programs):

Warning: Permanently added '10.128.1.29' (ED25519) to the list of known hosts.
[   28.825393][   T28] audit: type=1400 audit(1726020886.972:66): avc:  denied  { mounton } for  pid=287 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=1925 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1
[   28.827284][  T287] cgroup: Unknown subsys name 'net'
[   28.847878][   T28] audit: type=1400 audit(1726020886.972:67): avc:  denied  { mount } for  pid=287 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   28.874790][   T28] audit: type=1400 audit(1726020887.002:68): avc:  denied  { unmount } for  pid=287 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   28.874948][  T287] cgroup: Unknown subsys name 'devices'
[   29.015777][  T287] cgroup: Unknown subsys name 'hugetlb'
[   29.021251][  T287] cgroup: Unknown subsys name 'rlimit'
[   29.121788][   T28] audit: type=1400 audit(1726020887.262:69): avc:  denied  { setattr } for  pid=287 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=166 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   29.144923][   T28] audit: type=1400 audit(1726020887.262:70): avc:  denied  { mounton } for  pid=287 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1
[   29.169631][   T28] audit: type=1400 audit(1726020887.262:71): avc:  denied  { mount } for  pid=287 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1
[   29.179310][  T290] SELinux:  Context root:object_r:swapfile_t is not valid (left unmapped).
Setting up swapspace version 1, size = 127995904 bytes
[   29.201886][   T28] audit: type=1400 audit(1726020887.352:72): avc:  denied  { relabelto } for  pid=290 comm="mkswap" name="swap-file" dev="sda1" ino=1928 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[   29.227148][   T28] audit: type=1400 audit(1726020887.352:73): avc:  denied  { write } for  pid=290 comm="mkswap" path="/root/swap-file" dev="sda1" ino=1928 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[   29.257508][   T28] audit: type=1400 audit(1726020887.402:74): avc:  denied  { read } for  pid=287 comm="syz-executor" name="swap-file" dev="sda1" ino=1928 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[   29.258077][  T287] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   29.283148][   T28] audit: type=1400 audit(1726020887.402:75): avc:  denied  { open } for  pid=287 comm="syz-executor" path="/root/swap-file" dev="sda1" ino=1928 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[   29.808514][  T297] bridge0: port 1(bridge_slave_0) entered blocking state
[   29.815550][  T297] bridge0: port 1(bridge_slave_0) entered disabled state
[   29.822742][  T297] device bridge_slave_0 entered promiscuous mode
[   29.841842][  T297] bridge0: port 2(bridge_slave_1) entered blocking state
[   29.848757][  T297] bridge0: port 2(bridge_slave_1) entered disabled state
[   29.856183][  T297] device bridge_slave_1 entered promiscuous mode
[   29.879756][  T298] bridge0: port 1(bridge_slave_0) entered blocking state
[   29.886694][  T298] bridge0: port 1(bridge_slave_0) entered disabled state
[   29.893974][  T298] device bridge_slave_0 entered promiscuous mode
[   29.916760][  T298] bridge0: port 2(bridge_slave_1) entered blocking state
[   29.923676][  T298] bridge0: port 2(bridge_slave_1) entered disabled state
[   29.930866][  T298] device bridge_slave_1 entered promiscuous mode
[   30.062596][  T299] bridge0: port 1(bridge_slave_0) entered blocking state
[   30.069497][  T299] bridge0: port 1(bridge_slave_0) entered disabled state
[   30.076765][  T299] device bridge_slave_0 entered promiscuous mode
[   30.094096][  T299] bridge0: port 2(bridge_slave_1) entered blocking state
[   30.100939][  T299] bridge0: port 2(bridge_slave_1) entered disabled state
[   30.108286][  T299] device bridge_slave_1 entered promiscuous mode
[   30.123477][  T304] bridge0: port 1(bridge_slave_0) entered blocking state
[   30.130377][  T304] bridge0: port 1(bridge_slave_0) entered disabled state
[   30.137613][  T304] device bridge_slave_0 entered promiscuous mode
[   30.146010][  T304] bridge0: port 2(bridge_slave_1) entered blocking state
[   30.152852][  T304] bridge0: port 2(bridge_slave_1) entered disabled state
[   30.160231][  T304] device bridge_slave_1 entered promiscuous mode
[   30.196415][  T302] bridge0: port 1(bridge_slave_0) entered blocking state
[   30.203314][  T302] bridge0: port 1(bridge_slave_0) entered disabled state
[   30.210607][  T302] device bridge_slave_0 entered promiscuous mode
[   30.232642][  T302] bridge0: port 2(bridge_slave_1) entered blocking state
[   30.239625][  T302] bridge0: port 2(bridge_slave_1) entered disabled state
[   30.247161][  T302] device bridge_slave_1 entered promiscuous mode
[   30.328612][  T297] bridge0: port 2(bridge_slave_1) entered blocking state
[   30.335484][  T297] bridge0: port 2(bridge_slave_1) entered forwarding state
[   30.342658][  T297] bridge0: port 1(bridge_slave_0) entered blocking state
[   30.349460][  T297] bridge0: port 1(bridge_slave_0) entered forwarding state
[   30.405895][  T298] bridge0: port 2(bridge_slave_1) entered blocking state
[   30.412746][  T298] bridge0: port 2(bridge_slave_1) entered forwarding state
[   30.419963][  T298] bridge0: port 1(bridge_slave_0) entered blocking state
[   30.426741][  T298] bridge0: port 1(bridge_slave_0) entered forwarding state
[   30.457784][  T299] bridge0: port 2(bridge_slave_1) entered blocking state
[   30.464668][  T299] bridge0: port 2(bridge_slave_1) entered forwarding state
[   30.471777][  T299] bridge0: port 1(bridge_slave_0) entered blocking state
[   30.478578][  T299] bridge0: port 1(bridge_slave_0) entered forwarding state
[   30.492857][  T304] bridge0: port 2(bridge_slave_1) entered blocking state
[   30.499751][  T304] bridge0: port 2(bridge_slave_1) entered forwarding state
[   30.506858][  T304] bridge0: port 1(bridge_slave_0) entered blocking state
[   30.513620][  T304] bridge0: port 1(bridge_slave_0) entered forwarding state
[   30.525797][  T309] bridge0: port 1(bridge_slave_0) entered disabled state
[   30.532979][  T309] bridge0: port 2(bridge_slave_1) entered disabled state
[   30.540185][  T309] bridge0: port 1(bridge_slave_0) entered disabled state
[   30.547734][  T309] bridge0: port 2(bridge_slave_1) entered disabled state
[   30.555838][  T309] bridge0: port 1(bridge_slave_0) entered disabled state
[   30.562862][  T309] bridge0: port 2(bridge_slave_1) entered disabled state
[   30.569971][  T309] bridge0: port 1(bridge_slave_0) entered disabled state
[   30.577075][  T309] bridge0: port 2(bridge_slave_1) entered disabled state
[   30.585522][  T309] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   30.592749][  T309] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   30.628502][  T309] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   30.636594][  T309] bridge0: port 1(bridge_slave_0) entered blocking state
[   30.643420][  T309] bridge0: port 1(bridge_slave_0) entered forwarding state
[   30.650664][  T309] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   30.658720][  T309] bridge0: port 2(bridge_slave_1) entered blocking state
[   30.665590][  T309] bridge0: port 2(bridge_slave_1) entered forwarding state
[   30.694009][  T320] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   30.701831][  T320] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   30.724863][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   30.732245][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   30.744016][  T300] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   30.751319][  T300] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   30.759743][  T300] bridge0: port 1(bridge_slave_0) entered blocking state
[   30.766609][  T300] bridge0: port 1(bridge_slave_0) entered forwarding state
[   30.773840][  T300] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   30.781757][  T300] bridge0: port 2(bridge_slave_1) entered blocking state
[   30.788603][  T300] bridge0: port 2(bridge_slave_1) entered forwarding state
[   30.803739][  T320] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   30.811088][  T320] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   30.818478][  T320] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   30.826608][  T320] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   30.834655][  T320] bridge0: port 1(bridge_slave_0) entered blocking state
[   30.841488][  T320] bridge0: port 1(bridge_slave_0) entered forwarding state
[   30.848715][  T320] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   30.856899][  T320] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   30.864939][  T320] bridge0: port 2(bridge_slave_1) entered blocking state
[   30.871761][  T320] bridge0: port 2(bridge_slave_1) entered forwarding state
[   30.887402][  T309] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   30.895580][  T309] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   30.903757][  T309] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   30.911703][  T309] bridge0: port 1(bridge_slave_0) entered blocking state
[   30.918550][  T309] bridge0: port 1(bridge_slave_0) entered forwarding state
[   30.925861][  T309] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   30.934070][  T309] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   30.942030][  T309] bridge0: port 2(bridge_slave_1) entered blocking state
[   30.948889][  T309] bridge0: port 2(bridge_slave_1) entered forwarding state
[   30.956143][  T309] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   30.964333][  T309] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   30.972248][  T309] bridge0: port 1(bridge_slave_0) entered blocking state
[   30.979000][  T309] bridge0: port 1(bridge_slave_0) entered forwarding state
[   30.997201][  T320] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   31.005359][  T320] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   31.013285][  T320] bridge0: port 2(bridge_slave_1) entered blocking state
[   31.020153][  T320] bridge0: port 2(bridge_slave_1) entered forwarding state
[   31.027350][  T320] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   31.035563][  T320] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   31.043279][  T320] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   31.054240][  T300] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   31.062625][  T300] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   31.083618][  T309] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   31.091621][  T309] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   31.100112][  T309] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   31.108033][  T309] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   31.115768][  T309] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   31.123606][  T309] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   31.131317][  T309] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   31.139216][  T309] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   31.146965][  T309] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   31.155157][  T309] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   31.170805][  T297] device veth0_vlan entered promiscuous mode
[   31.187851][  T320] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   31.195790][  T320] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   31.203053][  T320] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   31.210423][  T320] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   31.218385][  T320] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   31.226242][  T320] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   31.234353][  T320] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   31.242103][  T320] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   31.249930][  T320] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   31.257807][  T320] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   31.266038][  T320] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   31.276364][  T298] device veth0_vlan entered promiscuous mode
[   31.283879][  T320] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   31.291200][  T320] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   31.299990][  T320] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   31.308078][  T320] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   31.316032][  T320] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   31.323302][  T320] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   31.335136][  T299] device veth0_vlan entered promiscuous mode
[   31.348124][  T309] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   31.356401][  T309] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   31.368300][  T309] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   31.380619][  T298] device veth1_macvtap entered promiscuous mode
[   31.389457][  T300] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   31.397846][  T300] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   31.405355][  T300] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   31.413272][  T300] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   31.421941][  T297] device veth1_macvtap entered promiscuous mode
[   31.429247][  T299] device veth1_macvtap entered promiscuous mode
[   31.445937][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   31.453384][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   31.461700][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   31.478838][  T304] device veth0_vlan entered promiscuous mode
[   31.486597][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   31.494761][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   31.502884][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   31.511303][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   31.519665][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   31.527805][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   31.535994][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   31.543821][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   31.551654][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   31.560059][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   31.568404][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   31.575825][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   31.585150][  T302] device veth0_vlan entered promiscuous mode
[   31.593884][  T309] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   31.601754][  T309] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   31.610413][  T309] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   31.618699][  T309] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   31.626834][  T309] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   31.646255][  T309] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   31.653826][  T309] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   31.669081][  T304] device veth1_macvtap entered promiscuous mode
[   31.681926][  T321] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   31.702392][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   31.715773][  T302] device veth1_macvtap entered promiscuous mode
[   31.733333][  T309] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   31.752182][  T309] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   31.752489][  T309] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   31.752744][  T309] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   31.759744][  T328] loop2: detected capacity change from 0 to 1024
[   31.779779][  T300] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   31.780060][  T300] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   31.781635][  T321] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   31.781916][  T321] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   31.807507][  T328] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[   31.871722][  T338] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[   31.890866][  T328] EXT4-fs (loop2): re-mounted. Quota mode: writeback.
[   31.912057][  T297] EXT4-fs (loop2): unmounting filesystem.
[   32.050595][  T359] Illegal XDP return value 4294967274 on prog  (id 13) dev N/A, expect packet loss!
[   32.052158][  T357] tipc: Failed to remove unknown binding: 66,1,1/0:141141484/141141486
[   32.072597][  T357] tipc: Failed to remove unknown binding: 66,1,1/0:141141484/141141486
[   32.094139][  T357] syz.3.14 (357) used greatest stack depth: 21800 bytes left
[   32.107831][  T363] loop1: detected capacity change from 0 to 1024
[   32.120996][  T363] =======================================================
[   32.120996][  T363] WARNING: The mand mount option has been deprecated and
[   32.120996][  T363]          and is ignored by this kernel. Remove the mand
[   32.120996][  T363]          option from the mount to silence this warning.
[   32.120996][  T363] =======================================================
[   32.168282][  T363] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[   32.176888][  T363] ext4 filesystem being mounted at /3/file1 supports timestamps until 2038 (0x7fffffff)
[   32.189107][  T363] EXT4-fs error (device loop1): ext4_xattr_block_get:546: inode #15: comm syz.1.16: corrupted xattr block 128
[   32.207615][  T363] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop1 ino=15
[   32.218865][  T363] EXT4-fs error (device loop1): ext4_xattr_block_get:546: inode #15: comm syz.1.16: corrupted xattr block 128
[   32.231083][  T363] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop1 ino=15
[   32.240341][  T363] EXT4-fs error (device loop1): ext4_xattr_block_get:546: inode #15: comm syz.1.16: corrupted xattr block 128
[   32.260517][  T302] EXT4-fs (loop1): unmounting filesystem.
[   32.337320][  T380] loop3: detected capacity change from 0 to 512
[   32.344070][  T380] EXT4-fs: Ignoring removed i_version option
[   32.349924][  T380] EXT4-fs: Ignoring removed nobh option
[   32.356022][  T380] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[   32.369084][  T380] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   32.384644][  T380] EXT4-fs (loop3): 1 truncate cleaned up
[   32.390250][  T380] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[   32.406637][  T383] netlink: 12 bytes leftover after parsing attributes in process `syz.1.22'.
[   32.416105][  T383] tipc: Started in network mode
[   32.420847][  T383] tipc: Node identity cgroup.pn, cluster identity 8
[   32.429301][  T298] EXT4-fs (loop3): unmounting filesystem.
[   32.483608][  T320] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[   32.723587][  T320] usb 1-1: Using ep0 maxpacket: 8
[   32.763696][   T19] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[   32.846445][  T320] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   32.933783][  T320] usb 1-1: New USB device found, idVendor=05ac, idProduct=8501, bcdDevice=20.9d
[   32.942654][  T320] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=105
[   32.951397][  T320] usb 1-1: SerialNumber: syz
[   32.957138][  T320] usb 1-1: config 0 descriptor??
[   32.994463][  T320] usb 1-1: Found UVC 0.00 device <unnamed> (05ac:8501)
[   33.001284][  T320] uvcvideo 1-1:0.0: Entity type for entity Output 255 was not initialized!
[   33.009760][  T320] usb 1-1: Failed to create links for entity 255
[   33.015941][  T320] usb 1-1: Failed to register entities (-22).
[   33.183607][  T309] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[   33.193674][   T19] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   33.204956][  T321] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[   33.213037][   T19] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   33.222826][   T19] usb 4-1: New USB device found, idVendor=1d34, idProduct=000a, bcdDevice= 0.00
[   33.231811][   T19] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   33.240638][   T19] usb 4-1: config 0 descriptor??
[   33.248643][  T320] usb 1-1: USB disconnect, device number 2
[   33.453589][  T321] usb 3-1: Using ep0 maxpacket: 8
[   33.481708][  T418] loop1: detected capacity change from 0 to 512
[   33.489430][  T418] EXT4-fs (loop1): filesystem is read-only
[   33.563725][  T309] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   33.574798][  T309] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   33.583775][  T321] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   33.584731][  T309] usb 5-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[   33.596758][  T321] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   33.604349][  T309] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   33.613738][  T321] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[   33.624903][  T309] usb 5-1: config 0 descriptor??
[   33.635092][  T302] syz-executor (302) used greatest stack depth: 21520 bytes left
[   33.647268][   T10] tipc: Left network mode
[   33.648599][  T321] usb 3-1: New USB device found, idVendor=04d8, idProduct=c002, bcdDevice= 0.00
[   33.660502][  T321] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   33.669912][  T321] usb 3-1: config 0 descriptor??
[   33.715265][   T19] hid-led 0003:1D34:000A.0001: unknown main item tag 0x0
[   33.786012][  T420] bridge0: port 1(bridge_slave_0) entered blocking state
[   33.792895][  T420] bridge0: port 1(bridge_slave_0) entered disabled state
[   33.800455][  T420] device bridge_slave_0 entered promiscuous mode
[   33.809504][  T420] bridge0: port 2(bridge_slave_1) entered blocking state
[   33.816385][  T420] bridge0: port 2(bridge_slave_1) entered disabled state
[   33.823744][  T420] device bridge_slave_1 entered promiscuous mode
[   33.875738][  T420] bridge0: port 2(bridge_slave_1) entered blocking state
[   33.882588][  T420] bridge0: port 2(bridge_slave_1) entered forwarding state
[   33.889736][  T420] bridge0: port 1(bridge_slave_0) entered blocking state
[   33.896488][  T420] bridge0: port 1(bridge_slave_0) entered forwarding state
[   33.920933][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   33.929031][   T19] hid-led 0003:1D34:000A.0001: hidraw0: USB HID v0.00 Device [HID 1d34:000a] on usb-dummy_hcd.3-1/input0
[   33.940526][    T6] bridge0: port 1(bridge_slave_0) entered disabled state
[   33.949186][    T6] bridge0: port 2(bridge_slave_1) entered disabled state
[   33.957057][   T19] hid-led 0003:1D34:000A.0001: Dream Cheeky Webmail Notifier initialized
[   33.984750][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   33.992772][   T19] bridge0: port 1(bridge_slave_0) entered blocking state
[   33.999627][   T19] bridge0: port 1(bridge_slave_0) entered forwarding state
[   34.007495][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   34.015528][   T19] bridge0: port 2(bridge_slave_1) entered blocking state
[   34.022372][   T19] bridge0: port 2(bridge_slave_1) entered forwarding state
[   34.029578][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   34.033604][   T40] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[   34.037537][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   34.056813][  T320] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   34.069008][  T420] device veth0_vlan entered promiscuous mode
[   34.076728][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   34.084993][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   34.092250][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   34.106945][  T420] device veth1_macvtap entered promiscuous mode
[   34.113795][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   34.126680][  T320] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   34.140797][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   34.149776][  T321] hid-picolcd 0003:04D8:C002.0003: unknown main item tag 0x0
[   34.157683][  T321] hid-picolcd 0003:04D8:C002.0003: unknown main item tag 0x0
[   34.166964][  T426] usb 4-1: USB disconnect, device number 2
[   34.196099][  T431] loop1: detected capacity change from 0 to 1024
[   34.209094][  T431] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[   34.220637][   T28] kauditd_printk_skb: 74 callbacks suppressed
[   34.220652][   T28] audit: type=1400 audit(1726020892.372:150): avc:  denied  { create } for  pid=430 comm="syz.1.48" name="bus" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[   34.246495][   T28] audit: type=1400 audit(1726020892.372:151): avc:  denied  { mounton } for  pid=430 comm="syz.1.48" path="/0/file1/bus" dev="loop1" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[   34.251197][  T420] EXT4-fs error (device loop1): ext4_empty_dir:3087: inode #11: comm syz-executor: invalid size
[   34.268843][   T28] audit: type=1400 audit(1726020892.372:152): avc:  denied  { write } for  pid=430 comm="syz.1.48" name="bus" dev="loop1" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[   34.279487][  T321] hid-picolcd 0003:04D8:C002.0003: No report with id 0x11 found
[   34.301101][  T420] EXT4-fs error (device loop1): ext4_empty_dir:3087: inode #11: comm syz-executor: invalid size
[   34.315540][   T28] audit: type=1400 audit(1726020892.372:153): avc:  denied  { add_name } for  pid=430 comm="syz.1.48" name="work" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[   34.320003][  T420] EXT4-fs error (device loop1): ext4_empty_dir:3087: inode #11: comm syz-executor: invalid size
[   34.338929][   T10] device bridge_slave_1 left promiscuous mode
[   34.353894][  T309] usb 5-1: language id specifier not provided by device, defaulting to English
[   34.354238][   T28] audit: type=1400 audit(1726020892.372:154): avc:  denied  { setattr } for  pid=430 comm="syz.1.48" name="work" dev="loop1" ino=19 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[   34.373439][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[   34.384523][   T28] audit: type=1400 audit(1726020892.372:155): avc:  denied  { remove_name } for  pid=430 comm="syz.1.48" name="#5" dev="loop1" ino=21 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[   34.402223][  T420] EXT4-fs error (device loop1): ext4_empty_dir:3087: inode #11: comm syz-executor: invalid size
[   34.412859][   T28] audit: type=1400 audit(1726020892.372:156): avc:  denied  { rename } for  pid=430 comm="syz.1.48" name="#5" dev="loop1" ino=21 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   34.431053][  T426] usb 3-1: USB disconnect, device number 2
[   34.444698][   T28] audit: type=1400 audit(1726020892.372:157): avc:  denied  { unlink } for  pid=430 comm="syz.1.48" name="#5" dev="loop1" ino=22 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=chr_file permissive=1
[   34.472016][  T420] EXT4-fs error (device loop1): ext4_empty_dir:3087: inode #11: comm syz-executor: invalid size
[   34.473705][   T40] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   34.482817][  T420] EXT4-fs error (device loop1): ext4_empty_dir:3087: inode #11: comm syz-executor: invalid size
[   34.503307][   T40] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   34.503333][   T40] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[   34.503368][   T40] usb 1-1: New USB device found, idVendor=04d9, idProduct=a070, bcdDevice= 0.00
[   34.503391][   T40] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   34.517703][   T10] device bridge_slave_0 left promiscuous mode
[   34.529880][   T40] usb 1-1: config 0 descriptor??
[   34.548292][   T28] audit: type=1400 audit(1726020892.372:158): avc:  denied  { unlink } for  pid=430 comm="syz.1.48" name="#6" dev="loop1" ino=21 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   34.558123][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[   34.582405][  T420] EXT4-fs error (device loop1): ext4_empty_dir:3087: inode #11: comm syz-executor: invalid size
[   34.597292][  T420] EXT4-fs error (device loop1): ext4_empty_dir:3087: inode #11: comm syz-executor: invalid size
[   34.600045][   T28] audit: type=1400 audit(1726020892.372:159): avc:  denied  { write } for  pid=430 comm="syz.1.48" name="/" dev="overlay" ino=11 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   34.608639][  T420] EXT4-fs error (device loop1): ext4_empty_dir:3087: inode #11: comm syz-executor: invalid size
[   34.640090][  T420] EXT4-fs error (device loop1): ext4_empty_dir:3087: inode #11: comm syz-executor: invalid size
[   34.650511][   T10] device veth1_macvtap left promiscuous mode
[   34.656589][   T10] device veth0_vlan left promiscuous mode
[   34.807941][  T309] input: HID 256c:006d Pen as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:256C:006D.0002/input/input4
[   34.820731][  T309] input: HID 256c:006d Pad as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:256C:006D.0002/input/input5
[   34.833605][  T309] input: HID 256c:006d Touch Strip as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:256C:006D.0002/input/input6
[   34.847464][  T309] input: HID 256c:006d Dial as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:256C:006D.0002/input/input7
[   34.861149][  T309] uclogic 0003:256C:006D.0002: input,hiddev96,hidraw0: USB HID v0.00 Keypad [HID 256c:006d] on usb-dummy_hcd.4-1/input0
[   34.896432][  T420] EXT4-fs (loop1): unmounting filesystem.
[   35.034438][   T40] holtek_mouse 0003:04D9:A070.0004: item fetching failed at offset 1/5
[   35.049868][   T40] holtek_mouse 0003:04D9:A070.0004: hid parse failed: -22
[   35.058281][   T40] holtek_mouse: probe of 0003:04D9:A070.0004 failed with error -22
[   35.073767][   T40] usb 5-1: USB disconnect, device number 2
[   35.080864][  T447] bridge0: port 1(bridge_slave_0) entered blocking state
[   35.088179][  T447] bridge0: port 1(bridge_slave_0) entered disabled state
[   35.095717][  T447] device bridge_slave_0 entered promiscuous mode
[   35.102928][  T447] bridge0: port 2(bridge_slave_1) entered blocking state
[   35.110527][  T447] bridge0: port 2(bridge_slave_1) entered disabled state
[   35.117907][  T447] device bridge_slave_1 entered promiscuous mode
[   35.177728][  T447] bridge0: port 2(bridge_slave_1) entered blocking state
[   35.184621][  T447] bridge0: port 2(bridge_slave_1) entered forwarding state
[   35.191707][  T447] bridge0: port 1(bridge_slave_0) entered blocking state
[   35.198614][  T447] bridge0: port 1(bridge_slave_0) entered forwarding state
[   35.223884][  T428] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   35.231537][  T428] bridge0: port 1(bridge_slave_0) entered disabled state
[   35.239300][  T428] bridge0: port 2(bridge_slave_1) entered disabled state
[   35.252450][    T6] usb 1-1: USB disconnect, device number 3
[   35.262453][  T428] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   35.271210][  T428] bridge0: port 1(bridge_slave_0) entered blocking state
[   35.278102][  T428] bridge0: port 1(bridge_slave_0) entered forwarding state
[   35.285315][  T428] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   35.293272][  T428] bridge0: port 2(bridge_slave_1) entered blocking state
[   35.300231][  T428] bridge0: port 2(bridge_slave_1) entered forwarding state
[   35.307772][  T428] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   35.318769][  T321] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   35.333728][  T427] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   35.345874][  T447] device veth0_vlan entered promiscuous mode
[   35.353865][  T321] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   35.361766][  T321] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   35.369914][  T321] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   35.384039][  T321] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   35.393469][  T447] device veth1_macvtap entered promiscuous mode
[   35.403493][  T309] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   35.414156][  T427] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   35.457706][  T464] loop1: detected capacity change from 0 to 512
[   35.496614][  T429] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[   35.499477][  T464] loop1: detected capacity change from 0 to 128
[   35.506188][  T429] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   35.521079][  T429] Buffer I/O error on dev loop1, logical block 0, async page read
[   35.694392][   T10] device bridge_slave_1 left promiscuous mode
[   35.700443][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[   35.708148][   T10] device bridge_slave_0 left promiscuous mode
[   35.714239][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[   35.722441][   T10] device veth1_macvtap left promiscuous mode
[   35.728732][   T10] device veth0_vlan left promiscuous mode
[   35.796676][  T474] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   35.803255][  T473] kvm: pic: non byte read
[   35.907187][  T480] loop0: detected capacity change from 0 to 128
[   35.915560][  T480] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[   35.924121][  T480] ext4 filesystem being mounted at /7/mnt supports timestamps until 2038 (0x7fffffff)
[   35.941623][  T480] fscrypt: AES-256-CTS-CBC using implementation "cts-cbc-aes-aesni"
[   35.951258][  T480] fscrypt: loop0: 1 inode(s) still busy after removing key with identifier 69b2f6edeee720cce0577937eb8a6751, including ino 12
[   35.969985][  T299] EXT4-fs (loop0): unmounting filesystem.
[   35.987007][  T485] input: syz0 as /devices/virtual/input/input8
[   36.163569][  T309] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[   36.197345][  T500] device pim6reg1 entered promiscuous mode
[   36.311256][  T513] device syzkaller0 entered promiscuous mode
[   36.320397][  T513] PF_CAN: dropped non conform CAN FD skbuff: dev type 280, len 65487
[   36.343663][  T427] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[   36.524700][  T309] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   36.535568][  T309] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   36.545188][  T309] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[   36.557995][  T309] usb 4-1: New USB device found, idVendor=11c2, idProduct=2208, bcdDevice= 0.00
[   36.566920][  T309] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   36.576341][  T309] usb 4-1: config 0 descriptor??
[   36.583594][  T427] usb 3-1: Using ep0 maxpacket: 32
[   36.603894][  T412] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[   36.723839][  T427] usb 3-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   36.743557][  T427] usb 3-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   36.893651][  T427] usb 3-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[   36.912655][  T427] usb 3-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0
[   36.921213][  T427] usb 3-1: Product: syz
[   36.933764][  T427] usb 3-1: Manufacturer: syz
[   36.973832][  T412] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   36.985342][  T427] hub 3-1:4.0: USB hub found
[   37.003916][  T412] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   37.023590][  T412] usb 1-1: New USB device found, idVendor=1e7d, idProduct=319c, bcdDevice= 0.00
[   37.032495][  T412] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   37.045427][  T412] usb 1-1: config 0 descriptor??
[   37.054587][  T309] betop 0003:11C2:2208.0005: item fetching failed at offset 4/5
[   37.065555][  T309] betop 0003:11C2:2208.0005: parse failed
[   37.077688][  T309] betop: probe of 0003:11C2:2208.0005 failed with error -22
[   37.193663][  T427] hub 3-1:4.0: config failed, hub doesn't have any ports! (err -19)
[   37.254734][  T526] loop1: detected capacity change from 0 to 2048
[   37.258350][  T309] usb 4-1: USB disconnect, device number 3
[   37.261236][  T526] EXT4-fs: Ignoring removed mblk_io_submit option
[   37.277836][  T526] EXT4-fs: Ignoring removed mblk_io_submit option
[   37.288821][  T526] EXT4-fs: Ignoring removed i_version option
[   37.305521][  T526] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[   37.513678][  T321] usb 3-1: USB disconnect, device number 3
[   37.547021][  T412] isku 0003:1E7D:319C.0006: hidraw0: USB HID v0.00 Device [HID 1e7d:319c] on usb-dummy_hcd.0-1/input0
[   37.578617][  T447] EXT4-fs error (device loop1): ext4_readdir:260: inode #11: block 34: comm syz-executor: path /4/file0/lost+found: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=0, rec_len=1025, size=2048 fake=0
[   37.599367][  T447] EXT4-fs (loop1): Remounting filesystem read-only
[   37.616432][  T447] EXT4-fs error (device loop1): ext4_lookup:1855: inode #14: comm syz-executor: iget: bad extra_isize 1056 (inode size 256)
[   37.630418][  T447] EXT4-fs error (device loop1): ext4_lookup:1855: inode #14: comm syz-executor: iget: bad extra_isize 1056 (inode size 256)
[   37.686724][  T447] EXT4-fs (loop1): unmounting filesystem.
[   37.763663][  T412] isku 0003:1E7D:319C.0006: couldn't init struct isku_device
[   37.774015][  T412] isku 0003:1E7D:319C.0006: couldn't install keyboard
[   37.789804][  T412] isku: probe of 0003:1E7D:319C.0006 failed with error -5
[   37.813811][  T540] netlink: 40 bytes leftover after parsing attributes in process `syz.3.79'.
[   37.878230][  T543] bridge0: port 1(bridge_slave_0) entered blocking state
[   37.885828][  T543] bridge0: port 1(bridge_slave_0) entered disabled state
[   37.893003][  T543] device bridge_slave_0 entered promiscuous mode
[   37.901720][  T543] bridge0: port 2(bridge_slave_1) entered blocking state
[   37.908859][  T543] bridge0: port 2(bridge_slave_1) entered disabled state
[   37.921181][  T543] device bridge_slave_1 entered promiscuous mode
[   37.968233][  T427] usb 1-1: USB disconnect, device number 4
[   38.004493][  T548] futex_wake_op: syz.2.82 tries to shift op by -1; fix this program
[   38.021519][  T543] bridge0: port 2(bridge_slave_1) entered blocking state
[   38.028416][  T543] bridge0: port 2(bridge_slave_1) entered forwarding state
[   38.035520][  T543] bridge0: port 1(bridge_slave_0) entered blocking state
[   38.042277][  T543] bridge0: port 1(bridge_slave_0) entered forwarding state
[   38.073902][  T428] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[   38.080667][  T321] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   38.089670][  T321] bridge0: port 1(bridge_slave_0) entered disabled state
[   38.097000][  T321] bridge0: port 2(bridge_slave_1) entered disabled state
[   38.115060][   T40] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   38.123095][   T40] bridge0: port 1(bridge_slave_0) entered blocking state
[   38.129989][   T40] bridge0: port 1(bridge_slave_0) entered forwarding state
[   38.134883][  T412] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[   38.137925][   T40] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   38.152402][   T40] bridge0: port 2(bridge_slave_1) entered blocking state
[   38.159273][   T40] bridge0: port 2(bridge_slave_1) entered forwarding state
[   38.174033][  T320] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   38.182072][  T320] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   38.202726][  T543] device veth0_vlan entered promiscuous mode
[   38.209856][   T40] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   38.218655][   T40] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   38.227666][   T40] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   38.235258][   T40] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   38.243605][  T453] device bridge_slave_1 left promiscuous mode
[   38.249690][  T453] bridge0: port 2(bridge_slave_1) entered disabled state
[   38.257302][  T453] device bridge_slave_0 left promiscuous mode
[   38.263329][  T453] bridge0: port 1(bridge_slave_0) entered disabled state
[   38.271760][  T453] device veth1_macvtap left promiscuous mode
[   38.277713][  T453] device veth0_vlan left promiscuous mode
[   38.309759][  T553] loop2: detected capacity change from 0 to 40427
[   38.316152][  T428] usb 5-1: Using ep0 maxpacket: 8
[   38.318763][  T553] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[   38.328979][  T553] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[   38.338117][  T553] F2FS-fs (loop2): invalid crc value
[   38.344887][  T553] F2FS-fs (loop2): Found nat_bits in checkpoint
[   38.391408][  T553] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[   38.398300][  T553] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[   38.405745][  T412] usb 4-1: Using ep0 maxpacket: 32
[   38.422773][  T553] syz.2.84: attempt to access beyond end of device
[   38.422773][  T553] loop2: rw=2049, sector=45096, nr_sectors = 128 limit=40427
[   38.433698][  T428] usb 5-1: config 0 has an invalid descriptor of length 255, skipping remainder of the config
[   38.441447][  T553] syz.2.84: attempt to access beyond end of device
[   38.441447][  T553] loop2: rw=34817, sector=45096, nr_sectors = 128 limit=40427
[   38.467255][  T543] device veth1_macvtap entered promiscuous mode
[   38.467472][  T553] syz.2.84: attempt to access beyond end of device
[   38.467472][  T553] loop2: rw=2049, sector=45096, nr_sectors = 128 limit=40427
[   38.474765][  T321] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   38.488448][  T553] syz.2.84: attempt to access beyond end of device
[   38.488448][  T553] loop2: rw=2049, sector=77824, nr_sectors = 416 limit=40427
[   38.517814][  T321] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   38.523843][  T428] usb 5-1: New USB device found, idVendor=05ac, idProduct=8501, bcdDevice=20.9d
[   38.526576][  T321] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   38.543709][  T428] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=105
[   38.551729][  T428] usb 5-1: SerialNumber: syz
[   38.562354][  T428] usb 5-1: config 0 descriptor??
[   38.563810][  T412] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[   38.578560][  T412] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[   38.580955][   T10] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[   38.589839][  T412] usb 4-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[   38.599317][   T10] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[   38.607294][  T412] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   38.630024][  T412] usb 4-1: config 0 descriptor??
[   38.653642][  T542] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[   38.674288][  T412] hub 4-1:0.0: USB hub found
[   38.773643][  T309] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[   38.838434][  T570] loop2: detected capacity change from 0 to 2048
[   38.855141][  T428] usb 5-1: USB disconnect, device number 3
[   38.858826][  T570] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   38.883740][  T412] hub 4-1:0.0: 1 port detected
[   38.890361][  T297] EXT4-fs (loop2): unmounting filesystem.
[   38.903668][   T40] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[   39.133666][  T309] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   39.144497][  T309] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   39.154155][  T309] usb 1-1: New USB device found, idVendor=18b1, idProduct=0037, bcdDevice= 0.00
[   39.163028][  T309] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   39.171524][  T309] usb 1-1: config 0 descriptor??
[   39.263684][   T40] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   39.375736][   T28] kauditd_printk_skb: 45 callbacks suppressed
[   39.375752][   T28] audit: type=1400 audit(1726020897.522:205): avc:  denied  { ioctl } for  pid=585 comm="syz.4.94" path="socket:[16913]" dev="sockfs" ino=16913 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   39.406529][   T28] audit: type=1400 audit(1726020897.522:206): avc:  denied  { write } for  pid=585 comm="syz.4.94" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   39.443753][   T40] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[   39.452667][   T40] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   39.453712][  T412] hub 4-1:0.0: set hub depth failed
[   39.468989][   T40] usb 2-1: Product: syz
[   39.473032][   T40] usb 2-1: Manufacturer: syz
[   39.481379][   T40] usb 2-1: SerialNumber: syz
[   39.495586][  T412] usb 4-1: USB disconnect, device number 4
[   39.724753][  T309] petalynx 0003:18B1:0037.0007: collection stack underflow
[   39.731811][  T309] petalynx 0003:18B1:0037.0007: item 0 1 0 12 parsing failed
[   39.739290][  T309] petalynx 0003:18B1:0037.0007: parse failed
[   39.745146][  T309] petalynx: probe of 0003:18B1:0037.0007 failed with error -22
[   39.786037][   T28] audit: type=1400 audit(1726020897.932:207): avc:  denied  { setattr } for  pid=593 comm="syz.2.98" name="/" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   39.813722][  T321] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[   39.928285][  T309] usb 1-1: USB disconnect, device number 5
[   39.997802][   T28] audit: type=1400 audit(1726020898.142:208): avc:  denied  { read } for  pid=601 comm="syz.3.101" name="binder0" dev="binder" ino=7 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[   40.020076][   T28] audit: type=1400 audit(1726020898.142:209): avc:  denied  { open } for  pid=601 comm="syz.3.101" path="/dev/binderfs/binder0" dev="binder" ino=7 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[   40.050687][   T28] audit: type=1400 audit(1726020898.192:210): avc:  denied  { read write } for  pid=601 comm="syz.3.101" name="vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[   40.075636][   T28] audit: type=1400 audit(1726020898.192:211): avc:  denied  { open } for  pid=601 comm="syz.3.101" path="/dev/vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[   40.125751][  T608] device pim6reg1 entered promiscuous mode
[   40.157641][  T610] syzkaller0: mtu greater than device maximum
[   40.214826][   T28] audit: type=1400 audit(1726020898.362:212): avc:  denied  { ioctl } for  pid=611 comm="syz.2.105" path="anon_inode:[userfaultfd]" dev="anon_inodefs" ino=16979 ioctlcmd=0xaa3f scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[   40.263624][  T321] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   40.274446][  T321] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   40.284347][  T321] usb 5-1: New USB device found, idVendor=1e7d, idProduct=30d4, bcdDevice= 0.00
[   40.293204][  T321] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   40.304743][  T321] usb 5-1: config 0 descriptor??
[   40.407588][   T28] audit: type=1400 audit(1726020898.552:213): avc:  denied  { write } for  pid=617 comm="syz.2.107" name="/" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   40.428922][   T28] audit: type=1400 audit(1726020898.552:214): avc:  denied  { add_name } for  pid=617 comm="syz.2.107" name="bus" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   40.603902][  T635] netlink: 24 bytes leftover after parsing attributes in process `syz.0.115'.
[   40.617987][  T635] Zero length message leads to an empty skb
[   40.643966][   T40] cdc_ncm 2-1:1.0: failed to get mac address
[   40.784585][  T321] arvo 0003:1E7D:30D4.0008: item fetching failed at offset 5/7
[   40.792260][  T321] arvo 0003:1E7D:30D4.0008: parse failed
[   40.803666][  T321] arvo: probe of 0003:1E7D:30D4.0008 failed with error -22
[   40.859410][  T648] sch_fq: defrate 0 ignored.
[   40.863723][   T40] cdc_ncm 2-1:1.0: bind() failure
[   40.883955][   T40] cdc_ncm: probe of 2-1:1.1 failed with error -71
[   40.903598][   T40] cdc_mbim: probe of 2-1:1.1 failed with error -71
[   40.903626][    T6] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[   40.911634][   T40] usb 2-1: USB disconnect, device number 2
[   40.986731][  T309] usb 5-1: USB disconnect, device number 4
[   41.143584][  T321] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[   41.183590][    T6] usb 3-1: Using ep0 maxpacket: 16
[   41.333738][    T6] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   41.367760][  T653] loop1: detected capacity change from 0 to 512
[   41.376226][  T653] EXT4-fs error (device loop1): ext4_read_inode_bitmap:140: comm syz.1.122: Invalid inode bitmap blk 4 in block_group 0
[   41.388858][  T653] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[   41.459765][  T543] EXT4-fs (loop1): unmounting filesystem.
[   41.523635][    T6] usb 3-1: New USB device found, idVendor=045e, idProduct=0721, bcdDevice=90.c4
[   41.532515][    T6] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   41.543751][  T321] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   41.554474][  T321] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   41.571148][    T6] usb 3-1: Product: syz
[   41.575853][  T321] usb 4-1: New USB device found, idVendor=1fd2, idProduct=6007, bcdDevice= 0.00
[   41.585103][    T6] usb 3-1: Manufacturer: syz
[   41.589746][    T6] usb 3-1: SerialNumber: syz
[   41.596486][  T321] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   41.610546][    T6] usb 3-1: config 0 descriptor??
[   41.622066][  T321] usb 4-1: config 0 descriptor??
[   41.712844][  T658] loop1: detected capacity change from 0 to 40427
[   41.720883][  T658] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[   41.728895][  T658] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[   41.738223][  T658] F2FS-fs (loop1): invalid crc value
[   41.745293][  T658] F2FS-fs (loop1): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 39874397669)
[   41.785270][  T658] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[   41.792400][  T658] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[   41.865522][  T658] syz.1.123: attempt to access beyond end of device
[   41.865522][  T658] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[   41.938733][  T658] syz.1.123: attempt to access beyond end of device
[   41.938733][  T658] loop1: rw=0, sector=45096, nr_sectors = 8 limit=40427
[   41.971632][  T543] syz-executor: attempt to access beyond end of device
[   41.971632][  T543] loop1: rw=2049, sector=40960, nr_sectors = 8 limit=40427
[   42.096651][  T700] loop4: detected capacity change from 0 to 2048
[   42.104949][  T321] hid-multitouch 0003:1FD2:6007.0009: unknown main item tag 0x0
[   42.112451][  T321] hid-multitouch 0003:1FD2:6007.0009: unknown main item tag 0x0
[   42.115797][  T700] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[   42.121028][  T321] hid-multitouch 0003:1FD2:6007.0009: unknown main item tag 0x0
[   42.135900][  T321] hid-multitouch 0003:1FD2:6007.0009: unknown main item tag 0x0
[   42.143420][  T321] hid-multitouch 0003:1FD2:6007.0009: unknown main item tag 0x0
[   42.152511][  T321] hid-multitouch 0003:1FD2:6007.0009: hidraw0: USB HID v0.00 Device [HID 1fd2:6007] on usb-dummy_hcd.3-1/input0
[   42.167475][  T700] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   42.182496][  T700] EXT4-fs (loop4): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 16 with error 28
[   42.194831][  T700] EXT4-fs (loop4): This should not happen!! Data will be lost
[   42.194831][  T700] 
[   42.203697][    T6] usb 3-1: Found UVC 0.00 device syz (045e:0721)
[   42.204865][  T700] EXT4-fs (loop4): Total free blocks count 0
[   42.210586][    T6] usb 3-1: No valid video chain found.
[   42.216375][  T700] EXT4-fs (loop4): Free/Dirty block details
[   42.223323][    T6] usb 3-1: USB disconnect, device number 4
[   42.229458][  T700] EXT4-fs (loop4): free_blocks=2415919104
[   42.238784][  T700] EXT4-fs (loop4): dirty_blocks=16
[   42.243793][  T700] EXT4-fs (loop4): Block reservation details
[   42.249535][  T700] EXT4-fs (loop4): i_reserved_data_blocks=1
[   42.269157][  T304] EXT4-fs (loop4): unmounting filesystem.
[   42.309573][  T428] usb 4-1: USB disconnect, device number 5
[   42.353624][  T309] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[   42.563599][   T40] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[   42.593605][  T309] usb 2-1: Using ep0 maxpacket: 32
[   42.723619][  T309] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   42.736627][  T309] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   42.746289][  T309] usb 2-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[   42.755284][  T309] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   42.768546][  T309] usb 2-1: config 0 descriptor??
[   42.804191][  T309] hub 2-1:0.0: USB hub found
[   42.882390][  T734] loop0: detected capacity change from 0 to 1024
[   42.894541][  T734] EXT4-fs error (device loop0): __ext4_fill_super:5386: inode #2: comm syz.0.152: casefold flag without casefold feature
[   42.907655][  T734] EXT4-fs (loop0): warning: mounting fs with errors, running e2fsck is recommended
[   42.919413][  T734] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[   42.929455][   T40] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   42.940365][   T40] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   42.950200][   T40] usb 5-1: New USB device found, idVendor=0419, idProduct=0600, bcdDevice= 0.00
[   42.959261][   T40] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   42.967819][   T40] usb 5-1: config 0 descriptor??
[   42.996837][  T299] EXT4-fs (loop0): unmounting filesystem.
[   43.013189][  T744] netlink: 12 bytes leftover after parsing attributes in process `syz.0.156'.
[   43.023583][  T309] hub 2-1:0.0: 1 port detected
[   43.049265][  T746] loop2: detected capacity change from 0 to 1024
[   43.068406][  T746] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   43.123626][  T566] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[   43.215415][  T754] input: syz0 as /devices/virtual/input/input9
[   43.333600][  T756] IPv6: addrconf: prefix option has invalid lifetime
[   43.363605][  T566] usb 4-1: Using ep0 maxpacket: 16
[   43.454498][   T40] samsung 0003:0419:0600.000A: unknown main item tag 0x0
[   43.461456][   T40] samsung 0003:0419:0600.000A: unknown main item tag 0x0
[   43.483689][  T566] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0xD has invalid wMaxPacketSize 0
[   43.493343][   T40] samsung 0003:0419:0600.000A: unknown main item tag 0x0
[   43.503619][   T40] samsung 0003:0419:0600.000A: unknown main item tag 0x0
[   43.510491][   T40] samsung 0003:0419:0600.000A: unknown main item tag 0x0
[   43.518871][   T40] samsung 0003:0419:0600.000A: hidraw0: USB HID v0.00 Device [HID 0419:0600] on usb-dummy_hcd.4-1/input0
[   43.551930][  T297] EXT4-fs (loop2): unmounting filesystem.
[   43.567997][  T764] loop2: detected capacity change from 0 to 128
[   43.576203][  T764] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   43.584781][  T764] ext4 filesystem being mounted at /38/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff)
[   43.620680][  T764] syz.2.163 (pid 764) is setting deprecated v1 encryption policy; recommend upgrading to v2.
[   43.639281][  T297] EXT4-fs (loop2): unmounting filesystem.
[   43.645044][  T566] usb 4-1: New USB device found, idVendor=4752, idProduct=0011, bcdDevice=32.4f
[   43.666136][  T566] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   43.675909][  T566] usb 4-1: Product: syz
[   43.679898][  T566] usb 4-1: Manufacturer: syz
[   43.684481][  T566] usb 4-1: SerialNumber: syz
[   43.689408][  T566] usb 4-1: config 0 descriptor??
[   43.694281][   T40] hub 2-1:0.0: activate --> -90
[   43.698994][   T40] usb 5-1: USB disconnect, device number 5
[   43.723611][    T6] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[   43.734393][  T566] hub 4-1:0.0: bad descriptor, ignoring hub
[   43.740286][  T566] hub: probe of 4-1:0.0 failed with error -5
[   43.747968][  T566] snd-usb-audio: probe of 4-1:0.0 failed with error -2
[   43.759856][  T429] udevd[429]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[   43.838358][  T773] loop2: detected capacity change from 0 to 1024
[   43.845001][  T773] EXT4-fs: Ignoring removed orlov option
[   43.851005][  T773] EXT4-fs (loop2): Test dummy encryption mode enabled
[   43.859476][  T773] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[   43.881798][  T297] EXT4-fs (loop2): unmounting filesystem.
[   43.935836][  T780] device syzkaller0 entered promiscuous mode
[   43.983579][    T6] usb 1-1: Using ep0 maxpacket: 32
[   44.063685][  T321] usb 4-1: USB disconnect, device number 6
[   44.123674][    T6] usb 1-1: config 0 has no interfaces?
[   44.129387][  T782] loop2: detected capacity change from 0 to 40427
[   44.136231][  T782] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[   44.144149][  T782] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[   44.152860][  T782] F2FS-fs (loop2): invalid crc value
[   44.159506][  T782] F2FS-fs (loop2): Found nat_bits in checkpoint
[   44.209794][  T782] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[   44.212444][  T790] loop4: detected capacity change from 0 to 128
[   44.216869][  T782] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[   44.244960][  T790] syz.4.173: attempt to access beyond end of device
[   44.244960][  T790] loop4: rw=2049, sector=128, nr_sectors = 1 limit=128
[   44.258430][  T790] Buffer I/O error on dev loop4, logical block 128, lost async page write
[   44.267634][  T790] syz.4.173: attempt to access beyond end of device
[   44.267634][  T790] loop4: rw=2049, sector=145, nr_sectors = 10 limit=128
[   44.283758][  T790] syz.4.173: attempt to access beyond end of device
[   44.283758][  T790] loop4: rw=2049, sector=145, nr_sectors = 10 limit=128
[   44.297630][    T8] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[   44.306520][    T6] usb 1-1: New USB device found, idVendor=1557, idProduct=8150, bcdDevice=29.ed
[   44.306901][    T8] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[   44.324082][    T6] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   44.324108][    T6] usb 1-1: Product: syz
[   44.324123][    T6] usb 1-1: Manufacturer: syz
[   44.351248][    T6] usb 1-1: SerialNumber: syz
[   44.362933][    T6] usb 1-1: config 0 descriptor??
[   44.456370][   T28] kauditd_printk_skb: 20 callbacks suppressed
[   44.456385][   T28] audit: type=1400 audit(1726020902.602:235): avc:  denied  { create } for  pid=796 comm="syz.3.176" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[   44.481827][   T28] audit: type=1400 audit(1726020902.602:236): avc:  denied  { write } for  pid=796 comm="syz.3.176" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[   44.563079][   T28] audit: type=1400 audit(1726020902.702:237): avc:  denied  { create } for  pid=799 comm="syz.3.177" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[   44.618680][   T19] usb 1-1: USB disconnect, device number 6
[   44.624480][  T321] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[   44.703621][    T6] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[   44.763647][  T309] hub 2-1:0.0: hub_ext_port_status failed (err = -71)
[   44.770437][  T309] usb 2-1-port1: connect-debounce failed
[   44.776023][  T566] usb 2-1: USB disconnect, device number 3
[   44.983641][  T321] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   44.994566][  T321] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   45.004315][  T321] usb 5-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[   45.013483][  T321] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   45.022255][  T321] usb 5-1: config 0 descriptor??
[   45.103653][    T6] usb 3-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33
[   45.112608][    T6] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   45.121075][    T6] usb 3-1: config 0 descriptor??
[   45.229393][   T28] audit: type=1400 audit(1726020903.372:238): avc:  denied  { ioctl } for  pid=806 comm="syz.0.180" path="/dev/binderfs/binder0" dev="binder" ino=10 ioctlcmd=0x620d scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[   45.254476][   T28] audit: type=1400 audit(1726020903.372:239): avc:  denied  { map } for  pid=806 comm="syz.0.180" path="/dev/binderfs/binder0" dev="binder" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[   45.282282][  T807] binder: 806:807 ioctl c0306201 20000380 returned -14
[   45.454699][  T820] syz.3.185[820] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   45.454778][  T820] syz.3.185[820] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   45.469134][  T822] serio: Serial port pts0
[   45.470404][  T820] device pim6reg1 entered promiscuous mode
[   45.555023][  T825] loop3: detected capacity change from 0 to 256
[   45.563589][  T309] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[   45.577909][  T825] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[   45.588124][  T825] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[   45.598361][  T825] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[   45.608612][  T825] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[   45.618687][  T825] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[   45.628791][  T824] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[   45.638850][  T824] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[   45.648879][  T825] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[   45.658927][  T824] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[   45.668952][  T825] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[   45.727016][  T321] usb 5-1: string descriptor 0 read error: -22
[   45.924231][  T309] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   45.943611][  T309] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   45.945875][  T842] loop0: detected capacity change from 0 to 256
[   45.959500][  T309] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[   45.982451][  T309] usb 2-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00
[   45.991484][   T28] audit: type=1400 audit(1726020904.122:240): avc:  denied  { read write open } for  pid=841 comm="syz.0.193" path=2F35312FE91F7189591E9233614B2F66696C6532 dev="loop0" ino=1048614 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   46.017679][  T309] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   46.026133][   T28] audit: type=1400 audit(1726020904.142:241): avc:  denied  { remove_name } for  pid=841 comm="syz.0.193" name="file1" dev="loop0" ino=1048616 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   46.050741][   T28] audit: type=1400 audit(1726020904.142:242): avc:  denied  { rename } for  pid=841 comm="syz.0.193" name="file1" dev="loop0" ino=1048616 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   46.052169][  T321] input: HID 256c:006d Pen as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:256C:006D.000B/input/input10
[   46.075242][  T309] usb 2-1: config 0 descriptor??
[   46.105361][   T28] audit: type=1400 audit(1726020904.142:243): avc:  denied  { rmdir } for  pid=841 comm="syz.0.193" name="bus" dev="loop0" ino=1048615 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   46.144011][  T321] uclogic 0003:256C:006D.000B: input,hiddev96,hidraw0: USB HID v0.00 Device [HID 256c:006d] on usb-dummy_hcd.4-1/input0
[   46.244769][   T40] usb 5-1: USB disconnect, device number 6
[   46.373569][  T428] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[   46.504520][  T854] netlink: 'syz.3.198': attribute type 10 has an invalid length.
[   46.512125][  T854] netlink: 132 bytes leftover after parsing attributes in process `syz.3.198'.
[   46.585193][  T309] acrux 0003:1A34:0802.000C: hidraw0: USB HID v0.00 Device [HID 1a34:0802] on usb-dummy_hcd.1-1/input0
[   46.596184][  T309] acrux 0003:1A34:0802.000C: no inputs found
[   46.601985][  T309] acrux 0003:1A34:0802.000C: Failed to enable force feedback support, error: -19
[   46.613588][  T428] usb 1-1: Using ep0 maxpacket: 8
[   46.733664][  T428] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   46.744548][  T428] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   46.754040][  T428] usb 1-1: New USB device found, idVendor=04e7, idProduct=0009, bcdDevice= 0.00
[   46.763019][  T428] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   46.772165][  T428] usb 1-1: config 0 descriptor??
[   46.842155][  T566] usb 2-1: USB disconnect, device number 4
[   47.053610][  T309] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[   47.254458][  T428] elo 0003:04E7:0009.000D: unknown main item tag 0x0
[   47.261023][  T428] elo 0003:04E7:0009.000D: unknown main item tag 0x0
[   47.267649][  T428] elo 0003:04E7:0009.000D: item fetching failed at offset 2/7
[   47.275073][  T428] elo 0003:04E7:0009.000D: parse failed
[   47.280438][  T428] elo: probe of 0003:04E7:0009.000D failed with error -22
[   47.293576][  T309] usb 5-1: Using ep0 maxpacket: 16
[   47.393807][    T6] usb 3-1: Cannot set autoneg
[   47.398478][    T6] MOSCHIP usb-ethernet driver: probe of 3-1:0.0 failed with error -71
[   47.407748][    T6] usb 3-1: USB disconnect, device number 5
[   47.413754][  T309] usb 5-1: config 0 has an invalid interface number: 2 but max is 0
[   47.421693][  T309] usb 5-1: config 0 has no interface number 0
[   47.427804][  T309] usb 5-1: config 0 interface 2 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0
[   47.439480][  T309] usb 5-1: config 0 interface 2 altsetting 0 bulk endpoint 0xB has invalid maxpacket 0
[   47.458472][   T19] usb 1-1: USB disconnect, device number 7
[   47.524271][  T866] syz.1.203 (866) used greatest stack depth: 20528 bytes left
[   47.563856][  T309] usb 5-1: New USB device found, idVendor=0582, idProduct=0005, bcdDevice= 0.88
[   47.572771][  T309] usb 5-1: New USB device strings: Mfr=0, Product=2, SerialNumber=3
[   47.580585][  T309] usb 5-1: Product: syz
[   47.584568][  T309] usb 5-1: SerialNumber: syz
[   47.589763][  T309] usb 5-1: config 0 descriptor??
[   47.653806][  T321] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[   47.876797][  T309] snd-usb-audio: probe of 5-1:0.2 failed with error -12
[   47.884382][  T309] usb 5-1: USB disconnect, device number 7
[   47.908523][  T323] udevd[323]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.2/sound/card0/controlC0/../uevent} for writing: No such file or directory
[   47.933747][  T566] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[   47.996839][  T878] loop0: detected capacity change from 0 to 2048
[   48.015066][  T878] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[   48.023358][  T878] ext4 filesystem being mounted at /55/bus supports timestamps until 2038 (0x7fffffff)
[   48.038106][  T878] EXT4-fs error (device loop0): ext4_find_dest_de:2112: inode #2: block 16: comm syz.0.208: bad entry in directory: rec_len is smaller than minimal - offset=108, inode=646161, rec_len=0, size=4096 fake=0
[   48.063701][  T321] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   48.064002][  T299] EXT4-fs (loop0): unmounting filesystem.
[   48.074745][  T321] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   48.089964][  T321] usb 4-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[   48.105013][  T321] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   48.113473][  T321] usb 4-1: config 0 descriptor??
[   48.163599][  T428] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[   48.303653][  T566] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   48.314429][  T566] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   48.324197][  T566] usb 2-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[   48.333069][  T566] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   48.341815][  T566] usb 2-1: config 0 descriptor??
[   48.363625][  T320] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[   48.403653][  T428] usb 3-1: Using ep0 maxpacket: 16
[   48.584946][  T321] hid (null): bogus close delimiter
[   48.603793][  T320] usb 1-1: Using ep0 maxpacket: 32
[   48.663649][   T40] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[   48.683811][  T428] usb 3-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 9.00
[   48.692694][  T428] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   48.700730][  T428] usb 3-1: Product: syz
[   48.704850][  T428] usb 3-1: Manufacturer: syz
[   48.709261][  T428] usb 3-1: SerialNumber: syz
[   48.714359][  T428] usb 3-1: config 0 descriptor??
[   48.733682][  T320] usb 1-1: config 0 interface 0 altsetting 30 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   48.744529][  T320] usb 1-1: config 0 interface 0 altsetting 30 endpoint 0x81 has invalid wMaxPacketSize 0
[   48.754851][  T428] ftdi_sio 3-1:0.0: FTDI USB Serial Device converter detected
[   48.762424][  T428] usb 3-1: Detected FT232H
[   48.766717][  T320] usb 1-1: config 0 interface 0 has no altsetting 0
[   48.773092][  T320] usb 1-1: New USB device found, idVendor=2006, idProduct=0118, bcdDevice= 0.00
[   48.782032][  T320] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   48.790472][  T320] usb 1-1: config 0 descriptor??
[   48.803661][  T321] usb 4-1: string descriptor 0 read error: -22
[   48.973649][  T428] ftdi_sio ttyUSB0: Unable to read latency timer: -32
[   49.023623][   T40] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 16
[   49.033248][   T40] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 64
[   49.043621][  T566] usb 2-1: string descriptor 0 read error: -22
[   49.193712][   T40] usb 5-1: New USB device found, idVendor=0a46, idProduct=9621, bcdDevice=4f.32
[   49.202729][   T40] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   49.210503][   T40] usb 5-1: Product: syz
[   49.214609][   T40] usb 5-1: Manufacturer: syz
[   49.219004][   T40] usb 5-1: SerialNumber: syz
[   49.224116][   T40] usb 5-1: config 0 descriptor??
[   49.243648][  T888] raw-gadget.4 gadget.4: fail, usb_ep_enable returned -22
[   49.250697][  T888] raw-gadget.4 gadget.4: fail, usb_ep_enable returned -22
[   49.258139][  T321] input: HID 256c:006d Pen as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:256C:006D.000E/input/input11
[   49.261516][  T320] hkems 0003:2006:0118.0010: unbalanced delimiter at end of report description
[   49.280349][  T320] hkems 0003:2006:0118.0010: parse failed
[   49.286386][  T566] input: HID 256c:006d Pen as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:256C:006D.000F/input/input12
[   49.298034][  T320] hkems: probe of 0003:2006:0118.0010 failed with error -22
[   49.306287][  T321] uclogic 0003:256C:006D.000E: input,hiddev96,hidraw0: USB HID v0.00 Device [HID 256c:006d] on usb-dummy_hcd.3-1/input0
[   49.306569][  T566] input: HID 256c:006d Pad as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:256C:006D.000F/input/input13
[   49.347930][  T566] input: HID 256c:006d Touch Strip as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:256C:006D.000F/input/input14
[   49.361375][  T566] input: HID 256c:006d Dial as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:256C:006D.000F/input/input15
[   49.381731][  T566] uclogic 0003:256C:006D.000F: input,hiddev97,hidraw1: USB HID v0.00 Keypad [HID 256c:006d] on usb-dummy_hcd.1-1/input0
[   49.434668][  T428] usb 3-1: FTDI USB Serial Device converter now attached to ttyUSB0
[   49.461164][  T321] usb 1-1: USB disconnect, device number 8
[   49.461436][  T428] usb 4-1: USB disconnect, device number 7
[   49.474798][  T888] raw-gadget.4 gadget.4: fail, usb_ep_enable returned -22
[   49.485465][  T888] raw-gadget.4 gadget.4: fail, usb_ep_enable returned -22
[   49.494983][   T19] usb 2-1: USB disconnect, device number 5
[   49.637742][    T6] usb 3-1: USB disconnect, device number 6
[   49.644985][    T6] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[   49.654373][    T6] ftdi_sio 3-1:0.0: device disconnected
[   50.058728][  T904] loop1: detected capacity change from 0 to 512
[   50.067292][  T904] EXT4-fs: Invalid want_extra_isize 0
[   50.100924][  T904] loop1: detected capacity change from 0 to 512
[   50.115218][  T904] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[   50.124190][  T904] ext4 filesystem being mounted at /12/file0 supports timestamps until 2038 (0x7fffffff)
[   50.151954][  T543] EXT4-fs (loop1): unmounting filesystem.
[   50.155309][   T40] dm9601 5-1:0.0 (unnamed net_device) (uninitialized): Error reading chip ID
[   50.170090][   T40] usb 5-1: USB disconnect, device number 8
[   50.238033][  T914] loop2: detected capacity change from 0 to 1024
[   50.253319][   T28] kauditd_printk_skb: 5 callbacks suppressed
[   50.253364][   T28] audit: type=1400 audit(1726020908.392:249): avc:  denied  { mounton } for  pid=909 comm="syz.2.219" path="/49/bus" dev="devtmpfs" ino=116 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   50.283652][    T6] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[   50.295086][  T914] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   50.305414][  T914] EXT4-fs (loop2): unmounting filesystem.
[   50.320252][   T28] audit: type=1400 audit(1726020908.462:250): avc:  denied  { append } for  pid=909 comm="syz.2.219" name="loop2" dev="devtmpfs" ino=116 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   50.343754][   T28] audit: type=1400 audit(1726020908.462:251): avc:  denied  { map } for  pid=909 comm="syz.2.219" path="/49/bus" dev="devtmpfs" ino=116 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   50.411604][   T28] audit: type=1400 audit(1726020908.552:252): avc:  denied  { read } for  pid=921 comm="syz.3.222" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   50.453616][   T19] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[   50.624570][  T925] loop2: detected capacity change from 0 to 1024
[   50.635567][  T925] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   50.673680][    T6] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   50.695308][    T6] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   50.708510][    T6] usb 1-1: New USB device found, idVendor=1e7d, idProduct=319c, bcdDevice= 0.00
[   50.717527][    T6] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   50.727039][  T925] EXT4-fs error (device loop2): ext4_xattr_ibody_get:603: inode #15: comm syz.2.223: corrupted in-inode xattr
[   50.729851][    T6] usb 1-1: config 0 descriptor??
[   50.739298][  T925] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2213: inode #15: comm syz.2.223: corrupted in-inode xattr
[   50.763722][  T297] EXT4-fs error (device loop2): ext4_readdir:260: inode #2: block 16: comm syz-executor: path /50/bus: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[   50.789731][  T297] EXT4-fs (loop2): unmounting filesystem.
[   50.823739][   T19] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   50.835096][   T19] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[   50.864145][   T19] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[   50.873027][   T19] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   50.889285][   T19] usb 2-1: config 0 descriptor??
[   50.953099][  T936] loop4: detected capacity change from 0 to 128
[   50.964424][  T936] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[   50.973104][  T936] ext4 filesystem being mounted at /38/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff)
[   51.019477][  T935] bridge0: port 1(bridge_slave_0) entered blocking state
[   51.026506][  T935] bridge0: port 1(bridge_slave_0) entered disabled state
[   51.034070][  T935] device bridge_slave_0 entered promiscuous mode
[   51.040864][  T935] bridge0: port 2(bridge_slave_1) entered blocking state
[   51.047923][  T935] bridge0: port 2(bridge_slave_1) entered disabled state
[   51.055231][  T935] device bridge_slave_1 entered promiscuous mode
[   51.111162][  T935] bridge0: port 2(bridge_slave_1) entered blocking state
[   51.118040][  T935] bridge0: port 2(bridge_slave_1) entered forwarding state
[   51.125155][  T935] bridge0: port 1(bridge_slave_0) entered blocking state
[   51.131905][  T935] bridge0: port 1(bridge_slave_0) entered forwarding state
[   51.156498][  T321] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   51.164235][  T321] bridge0: port 1(bridge_slave_0) entered disabled state
[   51.171304][  T321] bridge0: port 2(bridge_slave_1) entered disabled state
[   51.198130][  T321] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   51.207190][  T321] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   51.215246][  T321] bridge0: port 1(bridge_slave_0) entered blocking state
[   51.222087][  T321] bridge0: port 1(bridge_slave_0) entered forwarding state
[   51.229399][  T321] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   51.237537][  T321] bridge0: port 2(bridge_slave_1) entered blocking state
[   51.244409][  T321] bridge0: port 2(bridge_slave_1) entered forwarding state
[   51.252176][  T321] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   51.260419][  T321] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   51.270648][  T935] device veth0_vlan entered promiscuous mode
[   51.281853][  T309] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   51.284656][    T6] isku 0003:1E7D:319C.0011: item fetching failed at offset 5/7
[   51.292238][  T309] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   51.304133][    T6] isku 0003:1E7D:319C.0011: parse failed
[   51.306181][  T943] loop3: detected capacity change from 0 to 512
[   51.309604][    T6] isku: probe of 0003:1E7D:319C.0011 failed with error -22
[   51.316554][  T309] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   51.332450][  T943] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   51.340760][  T935] device veth1_macvtap entered promiscuous mode
[   51.359192][  T412] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   51.361181][  T943] EXT4-fs (loop3): 1 truncate cleaned up
[   51.367634][  T412] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   51.372744][  T943] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[   51.381875][   T19] plantronics 0003:047F:FFFF.0012: unknown main item tag 0x0
[   51.403666][  T412] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   51.411920][   T19] plantronics 0003:047F:FFFF.0012: unknown main item tag 0x0
[   51.419201][   T19] plantronics 0003:047F:FFFF.0012: unknown main item tag 0x0
[   51.427785][   T19] plantronics 0003:047F:FFFF.0012: unknown main item tag 0x0
[   51.435315][   T19] plantronics 0003:047F:FFFF.0012: No inputs registered, leaving
[   51.444252][   T19] plantronics 0003:047F:FFFF.0012: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[   51.474584][   T10] device bridge_slave_1 left promiscuous mode
[   51.480609][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[   51.489248][   T10] device bridge_slave_0 left promiscuous mode
[   51.495493][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[   51.504129][   T10] device veth1_macvtap left promiscuous mode
[   51.510065][   T10] device veth0_vlan left promiscuous mode
[   51.519911][  T947] loop2: detected capacity change from 0 to 8192
[   51.539419][  T947] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   51.554884][   T19] usb 1-1: USB disconnect, device number 9
[   51.595187][  T412] usb 2-1: USB disconnect, device number 6
[   51.673588][  T566] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[   51.747182][  T304] EXT4-fs (loop4): unmounting filesystem.
[   51.880266][   T28] audit: type=1400 audit(1726020910.022:253): avc:  denied  { connect } for  pid=950 comm="syz.4.230" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   51.923600][  T566] usb 4-1: Using ep0 maxpacket: 32
[   52.043800][  T566] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x85 has an invalid bInterval 255, changing to 11
[   52.054846][  T566] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x85 has invalid maxpacket 59391, setting to 1024
[   52.072475][  T955] loop0: detected capacity change from 0 to 512
[   52.079063][  T955] EXT4-fs: Invalid want_extra_isize 0
[   52.088371][  T955] loop0: detected capacity change from 0 to 512
[   52.105861][  T955] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[   52.114660][  T955] ext4 filesystem being mounted at /58/file0 supports timestamps until 2038 (0x7fffffff)
[   52.145028][  T961] loop1: detected capacity change from 0 to 1024
[   52.145725][  T299] EXT4-fs (loop0): unmounting filesystem.
[   52.156083][  T961] EXT4-fs: Ignoring removed orlov option
[   52.178320][  T961] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[   52.223886][  T566] usb 4-1: New USB device found, idVendor=0499, idProduct=1010, bcdDevice= 5.f5
[   52.230876][  T961] EXT4-fs error (device loop1): ext4_find_dest_de:2112: inode #12: block 7: comm syz.1.232: bad entry in directory: directory entry overrun - offset=0, inode=1793120026, rec_len=34652, size=56 fake=0
[   52.260141][  T566] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   52.278954][  T566] usb 4-1: Product: syz
[   52.279411][  T543] EXT4-fs error (device loop1): ext4_lookup:1855: inode #11: comm syz-executor: iget: bad extra_isize 62855 (inode size 256)
[   52.283301][  T566] usb 4-1: Manufacturer: syz
[   52.297399][  T543] EXT4-fs error (device loop1): ext4_lookup:1855: inode #11: comm syz-executor: iget: bad extra_isize 62855 (inode size 256)
[   52.316943][  T968] loop0: detected capacity change from 0 to 1024
[   52.334705][  T566] usb 4-1: SerialNumber: syz
[   52.341672][  T968] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[   52.345319][  T566] usb 4-1: config 0 descriptor??
[   52.350864][  T968] EXT4-fs (loop0): unmounting filesystem.
[   52.373731][  T943] raw-gadget.2 gadget.3: fail, usb_ep_enable returned -22
[   52.389020][  T543] EXT4-fs (loop1): unmounting filesystem.
[   52.624952][  T309] usb 4-1: USB disconnect, device number 8
[   52.656824][  T978] loop4: detected capacity change from 0 to 256
[   52.726682][  T976] bridge0: port 1(bridge_slave_0) entered blocking state
[   52.736417][  T978] kvm: vcpu 0: requested 88 ns lapic timer period limited to 200000 ns
[   52.744623][  T976] bridge0: port 1(bridge_slave_0) entered disabled state
[   52.751965][  T976] device bridge_slave_0 entered promiscuous mode
[   52.777510][  T976] bridge0: port 2(bridge_slave_1) entered blocking state
[   52.786169][  T976] bridge0: port 2(bridge_slave_1) entered disabled state
[   52.793616][  T566] usb 3-1: new low-speed USB device number 7 using dummy_hcd
[   52.801169][  T976] device bridge_slave_1 entered promiscuous mode
[   52.816180][   T28] audit: type=1400 audit(1726020910.962:254): avc:  denied  { mounton } for  pid=983 comm="syz.0.240" path="/60/file0" dev="incremental-fs" ino=344 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   52.888110][  T986] loop0: detected capacity change from 0 to 8192
[   52.900504][  T986] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   52.917984][  T453] device bridge_slave_1 left promiscuous mode
[   52.924290][  T453] bridge0: port 2(bridge_slave_1) entered disabled state
[   52.931857][  T453] device bridge_slave_0 left promiscuous mode
[   52.938494][  T453] bridge0: port 1(bridge_slave_0) entered disabled state
[   52.948629][  T453] device veth1_macvtap left promiscuous mode
[   52.954561][  T453] device veth0_vlan left promiscuous mode
[   53.121664][  T309] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   53.133195][  T309] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   53.148392][  T412] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   53.161399][  T298] EXT4-fs (loop3): unmounting filesystem.
[   53.164244][  T412] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   53.174820][  T566] usb 3-1: config 246 has too many interfaces: 42, using maximum allowed: 32
[   53.181451][  T412] bridge0: port 1(bridge_slave_0) entered blocking state
[   53.190254][  T412] bridge0: port 1(bridge_slave_0) entered forwarding state
[   53.197659][  T566] usb 3-1: config 246 has an invalid descriptor of length 0, skipping remainder of the config
[   53.212395][  T412] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   53.217847][  T566] usb 3-1: config 246 has 1 interface, different from the descriptor's value: 42
[   53.225848][  T412] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   53.233246][  T566] usb 3-1: config 246 interface 0 altsetting 0 has an invalid endpoint with address 0x3F, skipping
[   53.238193][  T412] bridge0: port 2(bridge_slave_1) entered blocking state
[   53.249579][  T566] usb 3-1: config 246 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[   53.254709][  T412] bridge0: port 2(bridge_slave_1) entered forwarding state
[   53.271558][  T994] loop3: detected capacity change from 0 to 128
[   53.281097][  T321] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   53.285984][  T994] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[   53.290237][  T321] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   53.297207][  T994] ext4 filesystem being mounted at /41/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff)
[   53.304817][  T321] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   53.359017][  T976] device veth0_vlan entered promiscuous mode
[   53.365978][  T412] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   53.373806][  T566] usb 3-1: config 246 has too many interfaces: 42, using maximum allowed: 32
[   53.374526][  T412] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   53.382657][  T566] usb 3-1: config 246 has an invalid descriptor of length 0, skipping remainder of the config
[   53.390794][  T412] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   53.407119][  T566] usb 3-1: config 246 has 1 interface, different from the descriptor's value: 42
[   53.409011][  T412] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   53.416755][  T566] usb 3-1: config 246 interface 0 altsetting 0 has an invalid endpoint with address 0x3F, skipping
[   53.433765][  T566] usb 3-1: config 246 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[   53.451746][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   53.461446][  T976] device veth1_macvtap entered promiscuous mode
[   53.474451][  T428] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   53.496574][  T321] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   53.506531][ T1003] loop0: detected capacity change from 0 to 1024
[   53.519679][ T1003] EXT4-fs: Ignoring removed orlov option
[   53.525421][  T566] usb 3-1: config 246 has too many interfaces: 42, using maximum allowed: 32
[   53.535349][  T566] usb 3-1: config 246 has an invalid descriptor of length 0, skipping remainder of the config
[   53.553007][ T1006] loop1: detected capacity change from 0 to 512
[   53.558250][ T1003] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[   53.559856][  T566] usb 3-1: config 246 has 1 interface, different from the descriptor's value: 42
[   53.579152][  T566] usb 3-1: config 246 interface 0 altsetting 0 has an invalid endpoint with address 0x3F, skipping
[   53.593215][  T566] usb 3-1: config 246 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[   53.614588][ T1006] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[   53.623485][ T1003] ==================================================================
[   53.623561][ T1006] ext4 filesystem being mounted at /0/file0 supports timestamps until 2038 (0x7fffffff)
[   53.631390][ T1003] BUG: KASAN: use-after-free in ext4_search_dir+0xf7/0x1b0
[   53.647962][ T1003] Read of size 1 at addr ffff888132d9b900 by task syz.0.245/1003
[   53.653924][ T1006] EXT4-fs error (device loop1): ext4_do_update_inode:5212: inode #2: comm syz.1.237: corrupted inode contents
[   53.655502][ T1003] 
[   53.655520][ T1003] CPU: 1 PID: 1003 Comm: syz.0.245 Not tainted 6.1.93-syzkaller-00002-gd02968a02321 #0
[   53.667410][ T1006] EXT4-fs error (device loop1): ext4_dirty_inode:6074: inode #2: comm syz.1.237: mark_inode_dirty error
[   53.669128][ T1003] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[   53.669154][ T1003] Call Trace:
[   53.696492][ T1006] EXT4-fs error (device loop1): ext4_do_update_inode:5212: inode #2: comm syz.1.237: corrupted inode contents
[   53.699420][ T1003]  <TASK>
[   53.699431][ T1003]  dump_stack_lvl+0x151/0x1b7
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[   53.702862][ T1006] EXT4-fs error (device loop1): __ext4_ext_dirty:202: inode #2: comm syz.1.237: mark_inode_dirty error
[   53.714005][ T1003]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[   53.714037][ T1003]  ? _printk+0xd1/0x111
[   53.714066][ T1003]  ? __virt_addr_valid+0x242/0x2f0
[   53.746384][ T1003]  print_report+0x158/0x4e0
[   53.750721][ T1003]  ? 0xffffffffa0000674
[   53.754709][ T1003]  ? __virt_addr_valid+0x242/0x2f0
[   53.759659][ T1003]  ? kasan_addr_to_slab+0xd/0x80
[   53.764434][ T1003]  ? ext4_search_dir+0xf7/0x1b0
[   53.769121][ T1003]  kasan_report+0x13c/0x170
[   53.773454][ T1003]  ? ext4_search_dir+0xf7/0x1b0
[   53.778147][ T1003]  __asan_report_load1_noabort+0x14/0x20
[   53.783620][ T1003]  ext4_search_dir+0xf7/0x1b0
[   53.788128][ T1003]  ext4_find_inline_entry+0x4b6/0x5e0
[   53.793335][ T1003]  ? ext4_try_create_inline_dir+0x320/0x320
[   53.799059][ T1003]  ? kasan_save_alloc_info+0x1f/0x30
[   53.804176][ T1003]  ? __kasan_slab_alloc+0x6c/0x80
[   53.809055][ T1003]  ? slab_post_alloc_hook+0x53/0x2c0
[   53.814158][ T1003]  ? kmem_cache_alloc_lru+0x102/0x220
[   53.819364][ T1003]  ? __d_alloc+0x34/0x700
[   53.823533][ T1003]  __ext4_find_entry+0x2b0/0x1af0
[   53.828397][ T1003]  ? ext4_fname_setup_ci_filename+0x70/0x480
[   53.834207][ T1003]  ? ext4_ci_compare+0x660/0x660
[   53.838978][ T1003]  ? memcpy+0x56/0x70
[   53.842800][ T1003]  ? ext4_fname_prepare_lookup+0x3b5/0x4e0
[   53.848536][ T1003]  ? kasan_save_alloc_info+0x1f/0x30
[   53.853645][ T1003]  ? generic_set_encrypted_ci_d_ops+0x91/0xf0
[   53.859551][ T1003]  ext4_lookup+0x176/0x740
[   53.863807][ T1003]  ? ext4_add_entry+0xed0/0xed0
[   53.868486][ T1003]  ? _raw_spin_lock+0xa4/0x1b0
[   53.873110][ T1003]  ? _raw_spin_unlock+0x4c/0x70
[   53.877774][ T1003]  ? d_alloc+0x199/0x1d0
[   53.881856][ T1003]  lookup_one_qstr_excl+0x143/0x290
[   53.886888][ T1003]  filename_create+0x28e/0x530
[   53.891488][ T1003]  ? kern_path_create+0x1a0/0x1a0
[   53.896348][ T1003]  ? kasan_save_alloc_info+0x1f/0x30
[   53.901472][ T1003]  do_mkdirat+0xbd/0x450
[   53.905556][ T1003]  ? strncpy_from_user+0x169/0x2b0
[   53.910494][ T1003]  ? vfs_mkdir+0x570/0x570
[   53.914747][ T1003]  ? getname_flags+0x1fd/0x520
[   53.919349][ T1003]  __x64_sys_mkdirat+0x89/0xa0
[   53.923948][ T1003]  x64_sys_call+0x6c6/0x9a0
[   53.928287][ T1003]  do_syscall_64+0x3b/0xb0
[   53.932542][ T1003]  ? clear_bhb_loop+0x55/0xb0
[   53.937054][ T1003]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[   53.942780][ T1003] RIP: 0033:0x7ffb2937c797
[   53.947040][ T1003] Code: 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 02 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   53.966475][ T1003] RSP: 002b:00007ffb2a0d7e68 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[   53.974727][ T1003] RAX: ffffffffffffffda RBX: 00007ffb2a0d7ef0 RCX: 00007ffb2937c797
[   53.982538][ T1003] RDX: 00000000000001ff RSI: 0000000020000080 RDI: 00000000ffffff9c
[   53.990353][ T1003] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   53.998155][ T1003] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000020000080
[   54.006058][ T1003] R13: 00007ffb2a0d7eb0 R14: 0000000000000000 R15: 0000000000000000
[   54.013976][ T1003]  </TASK>
[   54.016826][ T1003] 
[   54.018997][ T1003] The buggy address belongs to the physical page:
[   54.025259][ T1003] page:ffffea0004cb66c0 refcount:0 mapcount:-128 mapping:0000000000000000 index:0x1 pfn:0x132d9b
[   54.035592][ T1003] flags: 0x4000000000000000(zone=1)
[   54.040619][ T1003] raw: 4000000000000000 ffffea0004cb6748 ffffea0004cb7548 0000000000000000
[   54.049034][ T1003] raw: 0000000000000001 0000000000000000 00000000ffffff7f 0000000000000000
[   54.057446][ T1003] page dumped because: kasan: bad access detected
[   54.063709][ T1003] page_owner tracks the page as freed
[   54.068902][ T1003] page last allocated via order 0, migratetype Movable, gfp_mask 0x140cca(GFP_HIGHUSER_MOVABLE|__GFP_COMP), pid 929, tgid 928 (syz.4.224), ts 50686059196, free_ts 50842690612
[   54.086000][ T1003]  post_alloc_hook+0x213/0x220
[   54.090600][ T1003]  prep_new_page+0x1b/0x110
[   54.094939][ T1003]  get_page_from_freelist+0x27ea/0x2870
[   54.100319][ T1003]  __alloc_pages+0x3a1/0x780
[   54.104746][ T1003]  __folio_alloc+0x15/0x40
[   54.108997][ T1003]  do_fault+0x4d8/0x1bf0
[   54.113081][ T1003]  handle_mm_fault+0x189f/0x30e0
[   54.117850][ T1003]  __get_user_pages+0x377/0xf20
[   54.122539][ T1003]  __mm_populate+0x375/0x570
[   54.127051][ T1003]  vm_mmap_pgoff+0x290/0x430
[   54.131476][ T1003]  ksys_mmap_pgoff+0x15d/0x1e0
[   54.136077][ T1003]  __x64_sys_mmap+0x103/0x120
[   54.140597][ T1003]  x64_sys_call+0x67/0x9a0
[   54.144843][ T1003]  do_syscall_64+0x3b/0xb0
[   54.149095][ T1003]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[   54.154823][ T1003] page last free stack trace:
[   54.159337][ T1003]  free_unref_page_prepare+0x83d/0x850
[   54.164632][ T1003]  free_unref_page_list+0xf1/0x7b0
[   54.169580][ T1003]  release_pages+0xf7f/0xfe0
[   54.174005][ T1003]  free_pages_and_swap_cache+0x8a/0xa0
[   54.179299][ T1003]  tlb_flush_mmu+0xfe/0x1d0
[   54.183642][ T1003]  unmap_page_range+0x22d1/0x2620
[   54.188498][ T1003]  unmap_vmas+0x4e4/0x660
[   54.192666][ T1003]  exit_mmap+0x2e7/0xbe0
[   54.196744][ T1003]  __mmput+0x95/0x310
[   54.200563][ T1003]  mmput+0x56/0x170
[   54.204210][ T1003]  do_exit+0xb29/0x2b80
[   54.208200][ T1003]  do_group_exit+0x21a/0x2d0
[   54.212627][ T1003]  __x64_sys_exit_group+0x3f/0x40
[   54.217488][ T1003]  x64_sys_call+0x610/0x9a0
[   54.221826][ T1003]  do_syscall_64+0x3b/0xb0
[   54.226083][ T1003]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[   54.231808][ T1003] 
[   54.233978][ T1003] Memory state around the buggy address:
[   54.239452][ T1003]  ffff888132d9b800: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   54.247349][ T1003]  ffff888132d9b880: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   54.255244][ T1003] >ffff888132d9b900: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   54.263142][ T1003]                    ^
[   54.267050][ T1003]  ffff888132d9b980: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   54.274947][ T1003]  ffff888132d9ba00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   54.282843][ T1003] ==================================================================
[   54.292794][ T1003] Disabling lock debugging due to kernel taint
[   54.299145][ T1003] EXT4-fs error (device loop0): ext4_find_dest_de:2112: inode #12: block 7: comm syz.0.245: bad entry in directory: directory entry overrun - offset=0, inode=1793120026, rec_len=34652, size=56 fake=0
[   54.433599][  T309] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[   54.447093][  T998] EXT4-fs (loop3): unmounting filesystem.
[   54.512693][ T1005] EXT4-fs (loop1): unmounting filesystem.
[   54.543706][  T566] usb 3-1: string descriptor 0 read error: -71
[   54.549718][  T566] usb 3-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[   54.559155][  T566] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   54.572637][ T1003] EXT4-fs (loop0): unmounting filesystem.
[   54.583611][  T566] usb 3-1: can't set config #246, error -71
[   54.594777][  T566] usb 3-1: USB disconnect, device number 7
[   55.024430][  T453] device bridge_slave_1 left promiscuous mode
[   55.030357][  T453] bridge0: port 2(bridge_slave_1) entered disabled state
[   55.037738][  T453] device bridge_slave_0 left promiscuous mode
[   55.043717][  T453] bridge0: port 1(bridge_slave_0) entered disabled state
[   55.051575][  T453] device bridge_slave_1 left promiscuous mode
[   55.057671][  T453] bridge0: port 2(bridge_slave_1) entered disabled state
[   55.064919][  T453] device bridge_slave_0 left promiscuous mode
[   55.070910][  T453] bridge0: port 1(bridge_slave_0) entered disabled state
[   55.079201][  T453] device veth1_macvtap left promiscuous mode
[   55.085352][  T453] device veth0_vlan left promiscuous mode
[   55.091311][  T453] device veth1_macvtap left promiscuous mode
[   55.097176][  T453] device veth0_vlan left promiscuous mode
[   56.084496][  T453] device bridge_slave_1 left promiscuous mode
[   56.090479][  T453] bridge0: port 2(bridge_slave_1) entered disabled state
[   56.097871][  T453] device bridge_slave_0 left promiscuous mode
[   56.103883][  T453] bridge0: port 1(bridge_slave_0) entered disabled state
[   56.111640][  T453] device bridge_slave_1 left promiscuous mode
[   56.117660][  T453] bridge0: port 2(bridge_slave_1) entered disabled state
[   56.124965][  T453] device bridge_slave_0 left promiscuous mode
[   56.130871][  T453] bridge0: port 1(bridge_slave_0) entered disabled state
[   56.138959][  T453] device veth1_macvtap left promiscuous mode
[   56.144836][  T453] device veth0_vlan left promiscuous mode
[   56.150788][  T453] device veth1_macvtap left promiscuous mode
[   56.156708][  T453] device veth0_vlan left promiscuous mode