last executing test programs:

7m20.786274404s ago: executing program 2 (id=62):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000880)={[{@noauto_da_alloc}, {@inode_readahead_blks}, {@auto_da_alloc}, {@errors_remount}]}, 0xfe, 0x572, &(0x7f0000000240)="$eJzs3U1rVFcfAPD/nSS+JD4aQeRpFyXgohbrxCR9sdCFXZZWKrR7OyTXIJk4kpmISYXqom66KVIopdLSD9B9l9Iv0E8htIIUCe2imyl35o6OyUwS42hG5/eDq+fcc6/nnrn3fzxnzgwTwMCayP4oRLwSEd8kEYfayoYjL5xoHrf24NpstiVRr3/6VxJJvq91fJL/PZZn/h8Rv30VcaKwsd7qyupCqVxOl/L8ZG3x8mR1ZfXkxcXSfDqfXpqemTn99sz0e+++s/HkvTtr6xvn/vn+kzsfnv762Np3v9w7fCuJM3EgL2tvx1O43p6ZiIn8NRmJM+sOnOpBZf0k2e0LYEeG8jgfiawPOBRDedQDL78vI6IODKhE/MOAas4AMs25/abz4PrLN8u7/0FzAtRq+6P2J833RmJfY240upY8NjPKXonxHtSf1fHrn7dvZVv07n0IgC1dvxERp4aHH+v/DkZb/7dzp7ZxzPo69H/w/NzJxj9v7u0w/ik8HP9Eh/HPWIfY3Ymt479wr/OZO1wEWicb/70fncZ/Dxetxofy3P8aY76R5MLFcpr1bVk3eTxG9mb5zdZzTq/drXcrax//ZVtWf2ssmF/HveF1TZ0r1UpP0+Z2929EvLrF+DfpcP+z1+PcNus4mt5+rVvZ1u1/tuo/R7ze8f4/muskm69PTjaeh8nWU7HR3zeP/t6t/t1uf3b/Rzdv/3jSvl5bffI6ftr3b9qtbCLJF02f8Pnfk3zWSO/J910t1WpLUxF7ko837p9upn9sy7eOz9p//Fjn+N/s+d8fEZ9vs/03j9zsemg/3P+5J7r/XRL1pGvR3Y+++KFb/dvr/95qpI7ne7bT/3W+0tG89GmeZgAAAAAAAOhfhYg4EEmh+DBdKBSLzc93HInRQrlSrZ24UFm+NBeN78qOx0ihtdI91vZ5iKn887Ct/PS6/ExEHI6Ib4f2N/LF2Up5brcbDwAAAAAAAAAAAAAAAAAAAH1irMv3/zN/DO321QHPnJ/8hsG1Zfz34peegL7k/38YXOIfBpf4h8El/mFwiX8YXOIfBpf4h8El/gEAAAAAAAAAAAAAAAAAAAAAAAAAAKCnzp09m231tQfXZrP83JWV5YXKlZNzaXWhuLg8W5ytLF0uzlcq8+W0OFtZ3OrfK1cql6emY/nqZC1NapPVldXzi5XlS7XzFxdL8+n5dOS5tAoAAAAAAAAAAAAAAAAAAABeLNWV1YVSuZwuvVyJQt68bZ91MD+hHy7+xUoM98dlSPQ4sYudEgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACs818AAAD//0efKxA=")
r0 = open(&(0x7f00000007c0)='.\x00', 0x0, 0x1a1)
r1 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
mkdirat(r1, &(0x7f0000000200)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0)
renameat2(r1, &(0x7f0000000100)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', r0, &(0x7f0000000180)='./file1\x00', 0x4)

7m19.725296026s ago: executing program 2 (id=68):
lchown(0x0, 0xffffffffffffffff, 0xee00)
accept4$alg(0xffffffffffffffff, 0x0, 0x0, 0x1000)
getsockopt$IP_SET_OP_GET_BYINDEX(0xffffffffffffffff, 0x1, 0x53, &(0x7f0000000100)={0x7, 0x7, 0x4}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008a}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r1 = syz_clone(0x8200, 0x0, 0xfffffffffffffed9, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
read$msr(0xffffffffffffffff, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFULNL_MSG_CONFIG(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)={0x4c, 0x1, 0x4, 0x301, 0x0, 0x0, {0x0, 0x0, 0x6}, [@NFULA_CFG_QTHRESH={0x8, 0x5, 0x1, 0x0, 0x9d}, @NFULA_CFG_FLAGS={0x6, 0x6, 0x1, 0x0, 0x6}, @NFULA_CFG_FLAGS={0x6, 0x6, 0x1, 0x0, 0x5}, @NFULA_CFG_TIMEOUT={0x8, 0x4, 0x1, 0x0, 0x2}, @NFULA_CFG_TIMEOUT={0x8, 0x4, 0x1, 0x0, 0x4}, @NFULA_CFG_QTHRESH={0x8, 0x5, 0x1, 0x0, 0x2}, @NFULA_CFG_FLAGS={0x6, 0x6, 0x1, 0x0, 0x6}]}, 0x4c}}, 0x0)

7m16.416229333s ago: executing program 2 (id=77):
r0 = fanotify_init(0x0, 0x1000)
fanotify_mark(r0, 0x1, 0x8009174, 0xffffffffffffffff, 0x0)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x4000, &(0x7f0000000740)={[{@test_dummy_encryption}, {@i_version}, {@noblock_validity}, {@commit={'commit', 0x3d, 0x5}}, {@inlinecrypt}, {@max_batch_time}, {@abort}, {@auto_da_alloc}, {@lazytime}, {@noauto_da_alloc}, {@block_validity}]}, 0xd, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000980)=@newsa={0x138, 0x1a, 0x1, 0xfffffffe, 0x100, {{@in6=@ipv4={'\x00', '\xff\xff', @multicast2}, @in6=@private1={0xfc, 0x1, '\x00', 0x1}, 0x1, 0x71c, 0x4e23, 0x5, 0x0, 0x0, 0x0, 0x3a}, {@in6=@mcast2, 0x4d4, 0x6c}, @in=@dev={0xac, 0x14, 0x14, 0x25}, {0x0, 0x192, 0x9ba3, 0xffff, 0x8251c, 0x5, 0xfffffffffffffffc}, {0xffffffffffffffff, 0x0, 0x1f, 0xfffffffffffffffe}, {0xfffffffa, 0x3fc}, 0x80, 0x3500, 0x2, 0x1, 0x0, 0x20}, [@algo_comp={0x48, 0x3, {{'deflate\x00'}}}]}, 0x138}}, 0x844)

7m10.832822496s ago: executing program 2 (id=86):
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000200)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x4000, &(0x7f0000000300)={[{@barrier_val={'barrier', 0x3d, 0x4}}, {@nojournal_checksum}, {@sysvgroups}, {@nobarrier}, {@data_ordered}, {@test_dummy_encryption}, {@nogrpid}, {@debug}]}, 0xd, 0x607, &(0x7f0000000b00)="$eJzs3c1vFOUfAPDvbF9oKb9fCzEqHqSJMZAoLS1giPEAV0MafIkXL1ZaECnQ0BotklASvJgYL8aYePIAJv4RSuTKSRMTD148GRKihKOJa2Y7U3bb3ba7tN3a+XySpc/MMzPPM2y/nWeefZ7ZAAprMP2nFLE3IqaTiP5kfjGvM7LMwYXtHj64ejp9JVEuv/FnEkm2Lt8+yX72ZTv3RMRPPyaxp2N5uTNzV86PT01NXs6Wh2cvTA/PzF05eO7C+NnJs5MXR18aPXb0yNFjI4daOq9rddadvPH+h/2fjr198+u/k5FvfxtL4ni8mm348MHV/qpNfym1VGqtwRis/J8ky7P6jq3D8beCjuz3pPotTjrbWCGakr9/XRHxVPRHRzx68/rjk9faWjlgQ5WTiDJQUIn4h4LK2wH5vX31/Xws3P0D29T9EwsdAMvjv3OhbzB6Kn0DOx8mUd2tk0REaz1ztXZFxN07YzfO3Bm7EUv6E4GNNX89Ip6uF/9JJf4HoicGKvFfqon/tF1wKvuZrn+9xfKXdhUvj//DLR4ZWM1C/PesGP/RIP7fqYr/d1ssf/BR8r3emvjvbfWUAAAAAAAAoLBun4iIF+t9/l9aHP8Tdcb/9EXE8XUof3DJ8vLP/0v31qEYoI77JyJeqTv+t5SP/h3oyFL/q4wH6ErOnJuaPBQR/4+IA9G1I10eWaGMg5/t+ap6+WZVejAb/5e/0vLvZmMBs3rc69xRe7yJ8dnx9Th3KLr71yOeqTv+N1m8/id1rv/p34PpNZax5/lbpxrlrR7/wEYpfxOxv+71/9FTK5KVn88xXGkPDOetguWe/fjz7xuV32r8e8QEPL70+r9z5fgfSKqf1zPTfBmH5zrLjfJabf93J29WHjnTna37aHx29vJIRHdysiNdW7N+tPk6w3aUx0MeL2n8H3hu5f6/eu3/3oiYX3Ls5K/aOcW5J//p+71RfbT/oX3S+J9o6vrffGL01sAPjcpf2/X/SOVafyBbo/8PFnyZh2l37frlUbgY0DVZm11fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANgOShGxK5LS0GK6VBoaiuiLiCdiZ2nq0szsC2cufXBxIs2rfP9/Kf+m3/6F5ST//v+BquXRJcuHI2J3RHzR0VtZHjp9aWqi3ScPAAAAAAAAAAAAAAAAAAAAW0Rfg/n/qT862l07YMN1trsCQNvUif+f21EPYPO5/kNxiX8oLvEPxSX+objEPxSX+IfiEv9QXOIfAAAAAAC2ld37bv+aRMT8y72VV6o7y+tqa82AjVZqdwWAtvGIHyguQ3+guNzjA8kq+T0Nd1ptz5VMn36MnQEAAAAAAAAAAACgcPbvNf8fisr8fygu8/+huPL5//vaXA9g8zV5j6+5ANvUSjP5687/X3UvAAAAAAAAAAAAAGA9zcxdOT8+NTV5eT0TO2KNG3+3EaW3mnhra1RjMxPlcvla+luwVerzH0/kQ+Ef8zjpYZrZqzPWtnE+129tR27f3yQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKDWvwEAAP//2PcidQ==")
mount$bind(0x0, &(0x7f0000000100)='.\x00', 0x0, 0x21, 0x0)
syz_open_procfs$namespace(0x0, &(0x7f0000000700)='ns/cgroup\x00')
r0 = fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0)
r1 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
write$binfmt_register(r1, &(0x7f0000000440)={0x3a, 'syz3', 0x3a, 'M', 0x3a, 0x0, 0x3a, 'usrjquota=', 0x3a, '', 0x3a, './file2', 0x3a, [0x46]}, 0x32)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0)

7m7.064193453s ago: executing program 2 (id=95):
close(0x3)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_clone(0x1100b00, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_usb_connect$hid(0x0, 0x36, 0x0, 0x0)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, 0x0, 0x0)
syz_mount_image$hfsplus(&(0x7f00000017c0), &(0x7f0000002900)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x800002, &(0x7f00000022c0)=ANY=[], 0x1, 0x6e4, &(0x7f0000001800)="$eJzs3c1vHGcdB/DvrNeOt1TBaROaQxFWIhWkiMSJlUK4YBBCOVSoKoeercRprG6SKnFRWiFwAcEJiUP/gILkGweExD0oXLiUW68+VkLiEiEU9bJoZmffvOt4nRcngc8nGs/zzDPzzG9+88yMd53VBvi/dfFUmndS5OKpN26X9e2t5fb21vKhurmdpCw3kmZ3luJ6UtxNVsr2YmjK0HzMx+sX3vrs3vbn3Vqznqr1Z/rbzU8V8oR9bNZTFuv+FiduOTtV/92+qvDyYpJL9XzU3LR9jaxYJu1kPYenrjNmcz+b73q9A8++3tOp6D43xywkL9RP5up3gvru0Di4CJ+Mfd3lAAAA4HnUST698bSDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgOdP/f3/RT016nkWU/S+/3+ut6wuP4NWpl7zzhONAwAAAAAAAAAOxtfu535u53Cv3imqv/mfqCpH80Un+VLez62s5WZO53ZWs5GN3MzZJAtDHc3dXt3YuHm2v2Vp8pbnJm557qCOGAAAAAAAAAD+J/0ircHf/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4FlQJDPdWTUdTf5TzrOQRjODtmwm/0gy97Tj3Ydi0sI7Bx8HAAAAPJL5h9jmy/dzP7dzuFfvFOVr/nyler08n/dzPRtZz0baWcvl+jV0+aq/sb213N7eWr5WTmV9tN/v/WtfYczVPcxUtUl7Pl6t0cqVrFdLTudSFczlNLr7Ppkc78UziGs4rI/KmIrv1qaMrFmntdzZ73Z7F+GxGH0rovGANVuD4JJ+Rpbq2Motj3QzUFRv1CTVGRqy59lpjtQWql5n+3s6m0b/nZ+j4zkf9lA5f6Gel8fz6yea8/3qZ6KRKhPneqOvvGYenInk63/549tX29ffvXrl1qln55D2MLPL8p1jYnkoE68815lo7nP9pSoTx/r1i/lhfpxTWcybuZn1/CSr2chaOnX7aj2ey58LD87Uykjtzb0imavPS/ecTRPTYn5QlVZzotr2cNZT5EYuZy2vV//O5Wy+lfM5nwtDZ/jYrnFXx1Zd9Y2dV33vTP91YvAnv1EXyrvbbwZ3uZUHHfFuo/Nx6d77y7weGcprd9Tf6691ZOg6WBrK0ku97MxO7Hx/98Ydb7WX+/jlHs+Jg7VQZ6K8gHpPiV50L3cz0ayeRePj/Pedcru0r3c6V1ff26X/zR311+p5Oay2vrrX2j2TT8XjVZ6qlzJf30lGR0fZ9nL/LjPU1hmM5W7b6BO33O5Y1VYUvSv1R7lRDYDxK3Wu/h1uvKdzVdsrE9uWq7bjQ20jv2/lRtq5PHqorQNIJwBT+fvb/eJCXphr/bP1aeuT1q9aV1tvzH//0LcPvTqX2b/Nfqe5NPNa49Xiz/kkPxu8/gcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB7erQ8+fHe13V67ObnQ2L1ppNDKziW79Xxocj9F/YU+U+zruSjMJxlZUn3P0YGH0doZxlih8/PkwPPT+06ryev8tiw0x0bUpMLKyJI/jXf40T4jLKa7Lp5goZGqsJnkQHY6k8kDYI8bx8N86SjwTDmzce29M7c++PCb69dW31l7Z+367PnzF5YunH99+cyV9fbaUvfn044SeBIGD/2nHQkAAAAAAAAAAAAwrUkfDDjx4l4fGpnqMx7+ZyEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwWFw8leadFDm7dHqprG9vLbfLqVcerNlM0mgkxU+T4m6yku6UhaHuivzhbjoT9vPx+oW3Pru3/fmgr2Z3/aRRz3f34NYkm/WUxSQz9fwRjPR36ZH7K/7dO4YyYV90Op2VR4sPHo//BgAA///CPfWA")
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x141b42, 0xb)
openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x101042, 0xb0)
symlinkat(&(0x7f0000002040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00')
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="043e1f0a00c9000201"], 0x22)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_CQM(0xffffffffffffffff, 0x0, 0x8d0)
pipe(0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000380)={0x0, 0x94}}, 0x20008841)
splice(0xffffffffffffffff, 0x0, r0, 0x0, 0x8201, 0x4)

7m6.583897682s ago: executing program 2 (id=96):
r0 = socket(0x2, 0x3, 0xfc)
setsockopt$inet_int(r0, 0x0, 0x19, &(0x7f0000000180)=0x6, 0x4)
sendto$inet(r0, 0x0, 0x0, 0x0, &(0x7f0000000100)={0x2, 0x4e23, @empty}, 0x10)
recvmmsg$unix(r0, &(0x7f0000000200)=[{{0x0, 0x0, 0x0}}], 0x1, 0x10000, 0x0)

7m5.947605335s ago: executing program 32 (id=96):
r0 = socket(0x2, 0x3, 0xfc)
setsockopt$inet_int(r0, 0x0, 0x19, &(0x7f0000000180)=0x6, 0x4)
sendto$inet(r0, 0x0, 0x0, 0x0, &(0x7f0000000100)={0x2, 0x4e23, @empty}, 0x10)
recvmmsg$unix(r0, &(0x7f0000000200)=[{{0x0, 0x0, 0x0}}], 0x1, 0x10000, 0x0)

5m32.648514529s ago: executing program 4 (id=353):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x101000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_EXCEPTION_PAYLOAD(r1, 0x4068aea3, &(0x7f0000000380))

5m31.033240112s ago: executing program 4 (id=355):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100"/13], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mount(0x0, &(0x7f0000000240)='.\x00', &(0x7f00000000c0)='nfs\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000340), 0x0)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
syz_mount_image$iso9660(&(0x7f0000000dc0), &(0x7f0000002380)='./file1\x00', 0x3a0cc0a, &(0x7f00000023c0)=ANY=[@ANYBLOB='hide,dmode=0x0000000000000005,map=normal,map=normal,session=0x000000000000000e,overriderockperm,showassoc,nocompress,utf8,map=normal,session=0x0000000000000006,map=acorn,mode=0x0000000000000086,uid=', @ANYRESDEC=0x0, @ANYBLOB='\x00\x00', @ANYRESDEC, @ANYRESDEC, @ANYRES8, @ANYRESDEC], 0x43, 0xa02, &(0x7f0000003640)="$eJzs3U9sXdWdB/DvfbYTj4lCgAyTQUBewgQMZBzbGcJEbCaxnxMz/jOyHYloNCIMSaooVqmgSIAqNZWqroraRdUF3SF10xUSG9hU2bXbbrqoVLHuDnUVddFX3fueYzv283MSxzbh87Ge3/3zu+f8zrv33SNfv3dP+CZrNpvV4x7nL/xmO5Nl9zk7/tWnn31cPn50I3vSk1eKL5L+JPWkN8mhJGPjc7PTXQq6nlxKcjMpkuxN63lTLqX4WfYtz99M8auq3tKFe2wYm9LkW22njz8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANiNirHx4eGRIlOTMxfeqHdWDQHeaWVtubwvq1G/iy+71psU5SP9/UtDfR86uLz6yfLX0Tzdmnu6GpA8/fnokScPvPZEb21p+w0Svht/bw+GfNcbvvfhR9ffWly88m6H9T3t5tx3hrvUucbM5Pzs5PSZc4365Pxs/fSpU8Mnzk/M1ycmpxrzF+cXGtP1sbnGmYXZufrg2Iv1kdOnT9YbQxdnL8ycGx+aaiwtfPXfR4eHT9VfH/qfxpm5+dmZE68PzY+dn5yampw5V8WUq8uYV8sD8b8nF+oLjTPT9frVa4tXTq7KaJ2Xugwa6daSMmi0W9Do8OjoyMjo6MipV06/8urwcO/ygp5UC4bvkDWb3D5os+/hPS6+hT6pbSKoPDnWt/DsDfen1u7/M5XJzORC3kh93Z+xjGcus5nusL5tqf8/dqKxYb0r+/+lXv7Q8uqnUvX/z7bmnu3U/3fIZft+3suH+SjX81YWs5greXfV2r33UGKzuX6rfv2H1mux0y1e/XMujcxkMvOZzWSmc6ZaUm8vqed0TuVUhvNmzmci86lnIpOZSiPzuZj5LKRRHVFjmUsjZ7LQ22rjYMbyYuoZyemczsnU08hQLmY2FzKTcxnPmaqUq7lWve4nN8jxdtDIZoJGNwjaoP9vL7iL/p9vqa0+hcM9a7b7/z13LK+tDR0c266kAAAAgC31r7/P/oOP/+7PSV+eqa6xAwAAAA+b6uN6T5dPfeXUMykmJqcaw2sD39/+3AAAAICtUVTfsSuSDORwa2rpm1DrXAQAAAAAvomq//8/Wz4NlFOHU/j7HwAAAB423e+x3zWiOJ56bpSr6pdbkZfbEe37/A5MTE41hsZmp14byfPVXQaqbxqsKa0nB5Lq6wcv5Ugr6shA63lgdYn9ZdTI0Gsj6c/RdkMGnyufnhtcJ3K0jHwpL7QiX1iK7M+ayJNlJAA87I5u0B9vtv9/KcdbEcefqm7f3vvUOn3wcKtn/eEOtRMAWNZ9jJ2uEcV/LA3/0+Hv/55cPdz6SMFQ3s47WczlHK++bVB94qBdam4WWS51YMXHEI53uRowsGKEl+NL1wMO71v3esDAioFejq+5ItAp9uS6r12x5XsDALbH0TX98Ab9f7PZmlpz/X/jv/8HfKQQAHaV2yPYP8CJO+vs25mmAgBtnXvpDfQ8wIQAAAAAAAAAAAAAAAAAAAAAAAAAAADgIfAg7/9fS/JgRxa4j4kbSXZBGts88Zf2bl+zqr38xo5nuGJib+6/nP5tGeHiw//bs4sP9Xub2MGTEgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANumSHrWW15L9ia9w0lObH9WD86NnU5ghxW3cisfZP9O5wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8LBp3/+/ltbzI61F6a0lx5JcSvK/O53jVrq10wnssBX3/y/3eZpFelu7PUXf2Pjc7HS5+7O3XP/Vp599XD7upZ6ygLKGVYNLtGvovNVj1VYD41feu/79d75XHz9bJXl2YWJqfPrc3H8tBz5ZfJ7U03osWcr3B0X7KF7d8s/Llnavt6xloqp3fG29/7Le1rfrPfbbn3du27LlNK4tXhkta1povLHw/nevfbAi6PEcSZ4bTAZX1/Sd8tGhpiPp26je4uviJ8X+/DKXqv1fplE0i3IXPZrsSe2frl5bvDL09juLlzvkdCCHk1xO+jef0+G1e2JJddTV+spah6ug8tfBLuVt6JGe/c1mq8SRDm14rDpkBu6qDfXObah0ed3bbTzZIaMn8vxd7+nnu9TY9rdmS2uu+Lr4U3E+f8yPV4z/USv3/7Fs5t1ZxlSRK46Uzm0+ttzy0ZUr3rwzsuO7kgfgp/n//Oft/V9bcf5v76vtOR+tqPGBvS+KVi/UVk0fvKNHap99OmXZzvNgK6pDnv+cl9du1yXPl7ucUbbo/b9a8XXxSTGYv+aG8X8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDdr0h61lteS44lOZDk0XK+njS3or7aQLEVxWzSnjVLbmxj7btH7fZUcSu38kH272g6AAAAAAAAAGyZs+NfffrZx+Wj+n98T/6t+CLpb/2nvzfJgeIXfWPjc7PTXQrqSy4luVlO999dDuV22bc8f7OcO3T3bQEANucfAQAA//+INm5i")
name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)=ANY=[@ANYBLOB="14"], &(0x7f0000000000), 0x0)
open_by_handle_at(0xffffffffffffff9c, &(0x7f00000000c0)=ANY=[], 0x0)
r4 = msgget$private(0x0, 0x722)
r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000680)='./binderfs/binder1\x00', 0x0, 0x0)
r6 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000280)='./binderfs/binder0\x00', 0x0, 0x0)
r7 = dup3(r6, r5, 0x0)
ioctl$BINDER_GET_EXTENDED_ERROR(r7, 0xc00c6211, &(0x7f0000004300))
ioctl$TUNSETQUEUE(r7, 0x400454d9, 0x0)
msgsnd(0x0, 0x0, 0x2000, 0x0)
fgetxattr(0xffffffffffffffff, 0x0, 0x0, 0x0)
msgctl$MSG_STAT_ANY(r4, 0xd, &(0x7f0000000380)=""/114)

5m28.912685065s ago: executing program 4 (id=360):
fsetxattr$system_posix_acl(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f00000018c0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10)
socket$inet6_tcp(0xa, 0x1, 0x0)
epoll_create1(0x80000)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x1, 0x100007, 0x4, 0x25, 0x1, 0xffffffffffffffff, 0x400000}, 0x50)
bpf$BPF_MAP_LOOKUP_AND_DELETE_BATCH(0x1b, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240), 0x0, 0x2, r1}, 0x38)
syz_emit_vhci(&(0x7f00000004c0)=@HCI_EVENT_PKT={0x4, @hci_ev_conn_complete={{0x3, 0xb}, {0x47, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x0, 0x5}}}, 0xe)
syz_mount_image$udf(&(0x7f0000000f00), &(0x7f00000000c0)='./file0\x00', 0xa00004, &(0x7f0000000500)=ANY=[], 0x1, 0xc4d, &(0x7f0000000f40)="$eJzs3U9sHNd9B/DfGy3FldxWTJwqThoHm7ZIZcZy9S+mYhXuqqbZBpBlIhRzC8CVSKkLUyRBUo1spAXTSw89BCiKHnIi0BoFUjQwmiLokWldILn4UOTUE9HCRlD0wBYBAhQwWMzsW3FJkbYskhIlfz429Z2deW/mvZn1jCzozQsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIOL3Xr546nTaZsOhh9AYAOCBuDz2tVNntnv+AwCPrSs7/f8/AAAAAAAAAAAAAABwUKQo4slIMXd5LU1Unzvql9p9t26PD49sX+1IqmoeqsqXP/XTZ86e+/LzQ+e7eak98wH199pn49WxKxcbL83enJufWliYmmyMz7SvzU5O3fMedlt/q8HqBDRuvnZr8vr1hcaZ585u2nx74L3+J44PXBh65uTT3bLjwyMjYxtF6r3la/fdkI6dRngcjiJORopnv/+z1IqIInZ/LuoP9tpvdaTqxGDVifHhkaoj0+3WzGK5cbR7IoqIRk+lZvccbX8totb3QPuws2bEUtn8ssGDZffG5lrzravTU43R1vxie7E9OzOaOq0t+9OIIs6niOWIWO2/e3d9UUQtUnz32Fq6mt/6UZ2HL1UDg3duR7GPfbwHZTsbfRHLxSNwzQ6w/ijilUjx87dPxLV8n6nuNV+MeKXMH0a8WeaLEan8YpyLeHeb7xGPploU8efl9b+wliar+0H3vnLp642vzlyf7Snbva98xOfDXXeKh/R8OLIlH4wDfm+qRxGt6o6/lu7/NzsAAAAAAAAAAAAAAAAA7LUjUcRnIsXL//ZH1bjiqMalH7sw9PsDv9w7ZvypD9lPWfa5iFgq7m1M7uE8MHA0jab0kMcSf5zVo4g/zuP/vv2wGwMAAAAAAAAAAAAAAAAAAPCxVsRPI8UL75xIy9E7p3h75kbjSuvqdGdW2O7cv90509fX19cbqZPNnBM5l3Iu51zJuZozilw/ZzPnRM6lnMs5V3Ku5oxDuX7OZs6JnEs5l3Ou5FzNGbVcP2cz50TOpZzLOVdyruaMAzJ3LwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA46SIIt6PFN/55lqKFBHNiIno5Er/w24dAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFDqT0X8IFI0/qB5Z10tIlL1b8eJ8pdz0Txc5iejOVTmi9G8mLNVZa357YfQfnanLxXxk0jRX3/rzgXP17+v8+nO1yDe/NbGp8/WOnmou3Hgvf4njh+7MDTy+ad2Wk7bNWDwUnvm1u3G+PDIyFjP6lo++id71g3k4xZ703UiYuH1N15rTU9Pzd//QvkVuM/q3Su5i6M/yIVUe2SaamEvFqJ2IJrxcPq+Sf1h3JzYd+Xz/91I8dvv/Hv3gd95/tfjlzqf7jzh4xd/svH8f2Hrju7x+V/bWi8//8snwXbP/yd71r2QfzfSV4uoL96c6zseUV94/Y2T7ZutG1M3pmbOnTr1laGhr5w91Xc4on69PT3Vs7QnpwsAAAAAAAAAAAAAAADgwUlF/G6kaP1kLTUi4nY1XmvgwtAzJ58+FIeq8Vabxm2/OnblYuOl2Ztz81MLC1OTjfGZ9rXZyal7PVy9Gu41PjyyL535UEf2uf1H6i/Nzr0+377xh4vbbj9av3h1YXG+dW37zXEkiohm75rBqsHjwyNVo6fbrZmq6ui2g+k/ur5UxH9EimvnGukLeV0e/791hP+m8f9LW3e0h+P/P390Y/zfJ3qKlsdMqYhfRIrf+oun4gtVO4/GXecsl/ubSDF4/nO5XBwuy3Xb0HmvQGdkYFn2fyLFP7y/uWx3POSTG2VPf6ST+wgor/+xSPGDP/te/Hpet/n9D9tf/6Nbd7RP73/4VM+6o5veV7DrrpOv/8lI8eKTb8VvVGv+7wPf/9F9Y8OJTuGN93Ps0/X/1Z51A/m4v7lXnQcAAAAAAAAAAHiE9aUi/jZS/Giklp7P6+7l7/9Nbt3RPv39r0/3rJvcm/mKPnRh1ycVAAAAAA6IvlTETyPFjcW37oyh3jz+u2f85+9sjP8cTlu2Vn/O9yvVewP28s//eg3k407svtsAAAAAAAAAAAAAAAAAAABwoKRUxPN5PvWJajz/5I7zqa9Eipf/69lcLh0vy3XngR+ofq1fnp05eXF6erYei62r01ONsbnWtamy7qcixdpffy7XLar51bvzzXfmeN+Yi30+Uoz8XbdsZy727tzknfnA6+vrEafLsp+IFP/595vL5qmp89zR1X7PlGX/KlJ845+2L3t8o+zZsuz3IsWPv9Holj1alu2+H/XTG2WfuzZb7MNVAQAAAAAAAAAAAAAAAAAA4OOmLxXxp5Hiv28u3xnLn+f/7+v5WHnzWz3z/W9xu5rnf6Ca/3+n5fuZ/796r8DSTkcFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDHU4oi3ogUc5fX0kp/+bmjfqk9c+v2+PDI9tWOpKrmoap8+VM/febsuS8/P3S+mx9cf699Jl4du3Kx8dLszbn5qYWFqcnG+Ez72uzk1D3vYbf1txqsTkDj5mu3Jq9fX2icee7sps23B97rf+L4wIWhZ04+3S07PjwyMtZTptZ330e/S9ph/eEo4i8jxbPf/1n6UX9EEbs/Fx/y3dlvR6pODFadGB8eqToy3W7NLJYbR7snooho9FRqds/RA7gWu9KMWCqbXzZ4sOze2FxrvnV1eqox2ppfbC+2Z2dGU6e1ZX8aUcT5FLEcEav9d++uL4p4LVJ899ha+uf+iEPd8/Cly2NfO3Vm53YU+9jHe1C2s9EXsVw8AtfsAOuPIv4xUvz87RPxL/0Rtej8xBcjXinzhxFvRud6p/KLcS7i3W2+RzyaalHE/5bX/8Jaeru/vB907yuXvt746sz12Z6y3fvKI/98eJAO+L2pHkX8uLrjr6V/9d81AAAAAAAAAAAAAAAAwAFSxK9FihfeOZGq8cF3xhS3Z240rrSuTneG9XXH/nXHTK+vr683UiebOSdyLuVczrmSczVnFLl+zmaZ9fX1ifx5KedyzpWcqznjUK6fs5lzIudSzuWcKzlXc0Yt18/ZzDmRcynncs6VnKs544CM3QMAAAAAAAAAAAAAAAAAAB4vRfVPiu98cy2t93fml56ITq6YD/Sx9/8BAAD//9kg9g0=")
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x2)
setrlimit(0x1, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff})
truncate(&(0x7f0000000080)='./file1\x00', 0x400000f030)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
pwrite64(r2, &(0x7f00000000c0)='a', 0x200000c1, 0x404043000)

5m26.017859673s ago: executing program 4 (id=368):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x62181)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000280)={0x1, 0x66c, 0x0, 'queue1\x00'})
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x0, 0x12, r3, 0x0)
write$sndseq(r2, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick, {}, {}, @raw32={[0x2600]}}], 0xffc8)

5m24.458455795s ago: executing program 4 (id=371):
r0 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000000), 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r0, 0x10e, 0x4, &(0x7f0000000640)=0x1800, 0x4)
syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), r0)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000003c0)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_CHANNEL_SWITCH(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000400)={0x24, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x994}]]}, 0x24}}, 0x0)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)

5m24.148475242s ago: executing program 4 (id=373):
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x2)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x3d70000000, &(0x7f0000ffe000/0x2000)=nil})
ioctl$KVM_GET_DIRTY_LOG(r2, 0x4010ae42, &(0x7f00000000c0)={0x0, 0x0, &(0x7f000000f000/0x2000)=nil})

5m8.838290432s ago: executing program 33 (id=373):
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x2)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x3d70000000, &(0x7f0000ffe000/0x2000)=nil})
ioctl$KVM_GET_DIRTY_LOG(r2, 0x4010ae42, &(0x7f00000000c0)={0x0, 0x0, &(0x7f000000f000/0x2000)=nil})

4m12.838165875s ago: executing program 0 (id=567):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000000c0)='./file1\x00', 0x0, &(0x7f0000000100), 0xff, 0x4a6, &(0x7f0000000980)="$eJzs3MtvVFUYAPDvTh+8aUVEQdAqGomPlhZUFi7UaOJCExNd4LK2BZGBGloTIY0WY3BpSNwblyb+Be7cGHVhTNxq4tKQEG1MKK5q7gum02mZlpYpnd8vmc45c1/nu+eemXPv6b0BtK2+9E8SsT0ifo+Injw7f4a+/G12Zmrk+szUSBJzc2/9nWTzXZuZGilnLZfbVmQOVSIqnyXxYrJwuxPnL5werlbHzhX5gckzHwxMnL/wzKkzwyfHTo6dHTp27OiRweefG3p2VeJM47q27+Px/Xtfe+fyGyPHL7/707dpsfYcyKfXxnFL1xsE1EBfutf+mcvUT3t8GWW/G+yoSSedLSwIy9IREWl1dWXtvyc64mbl9cSrn7a0cMCaSn+bNi0+eXoO2MCSaHUJgNYof+jT89/ydYe6HuvC1Zciuov07MzUyOyN+DujUnzetYbb74uI49P/fZW+YrnXIQAAViDr2zzdqP9XiT3Zez7WsbMYQ+mNiHsiYldE3BsRuyPivohs3vujOx7IF57raXL7fXX5hf2fypWGZV4laf/vhZq+32xN/MVbb0eR25HF35WcOFUdO1zsk0PRtSnNDy6xje9f+e2LxabV9v/SV7r9si9YFOBKZ90FutHhyeHV2glXL0bs62wUf3JjJCA9AvZGxL7lrXpnmTj15Df7F5vp1vEvYRXGmea+jngir//pqIu/lCw9PjmwOapjhwfKo2Khn3+99GaR7K6fdlvxr4K0/rfOP/6LKReL955/k3y8tiuq1bFzE8vfxqU/Pl/0nGalx3938nY2Zv3Le/lnHw1PTp4bjOhOXs/y5Y7OPh+6uWyZL+dP4z90sHH731Usk8b/YESkB/GBiHgoIh4uyv5IRDwaEQeXiP/Hlx97f4n4k0iipfU/2vD7L4nYnCV6k9rx+hUkOk7/8N1iI+bN1f/RmM6+a3PZ998tNFvA29+DAAAAsP5VImJ7JJX+PN23PSqV/v78f/h3x9ZKdXxi8qkT4x+eHc3vEeiNrkp5paun5nroYDJdrDHPDxXXisvpR4rrxl92bMny/SPj1dEWxw7tbtv89h9l+0/91dHq0gFrzv1a0L7q23+lReUA7rxmfv+dC8DG1KD9b2lFOYA7z/k/tK9G7f+Turz+P2xMC9v/nw0eWQdsRPr/0L60f2hf2j+0pWbv4i+fp7DihwDMS5Q3C6x8PZubvsN//SX61mTNZQ2tZeG3xM1PorKMxcurSY3nmV4HlbLOE2mLWcnisbP5Z2HMTzR4WA0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBd6P8AAAD//9FR4Lw=")
r0 = creat(&(0x7f0000000000)='./file1\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x46400)
io_setup(0x200, &(0x7f0000000140)=<r1=>0x0)
r2 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
pwritev2(r0, &(0x7f0000004a40)=[{&(0x7f0000004940)="31b5b38f", 0x4}], 0x1, 0x98, 0x6, 0x5)
ftruncate(r2, 0x2007ffc)
io_submit(r1, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0x0, 0x2, 0x1, 0x0, r0, &(0x7f0000000000), 0x4000}])

4m10.748969726s ago: executing program 0 (id=570):
syz_mount_image$udf(&(0x7f0000000100), &(0x7f00000000c0)='./file1\x00', 0x210048, &(0x7f0000001040)=ANY=[@ANYBLOB='uid=', @ANYRESDEC=0x0, @ANYBLOB="2c756e64656c6574652c6e6f7672732c6164696e6963622c766f6c756d653d30303030303030303030303030303030303030322c7569643d666f726765742c6769643d666f726765742c6e6f7374726963742c6e6f7672732c0000005733010312bb6086da1fd41ffabd4b47acca2b8d488be702157dd8711c31732d"], 0xff, 0xc2d, &(0x7f0000001100)="$eJzs3U9sHNd9B/DfGy3FldxWTOwoThoXm7ZIZcVy9S+mYhXuqqbZBpBlIhRzC8AVSakLUyRBUo1spAXTSw89BCiKHnIi0BoFUjQwmiLokWldILn4UOTUE9HCRlD0wBYBcgoYzOxbcUmRNi2KEmV9Pjb13Z19b+a9eesZWdCbFwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAxB+8cun0mfSwWwEAPEhXRr96+qz7PwA8Vq76/38AAAAAAAAAAAAAADjoUhTxZKSYu7KWxqv3HfXL7b5bt8eGhrevdiRVNQ9V5cuf+pmz585/6YXBC9283J75gPr322fjtdGrlxovz96cm59aWJiabIzNtCdmJ6d2vYe91t/qZHUCGjdfvzV5/fpC4+zz5zZ9fHvg/f4njg9cHHz21DPdsmNDw8OjG0XqveVr99yQjp1meByOIk5Fiue+99PUiogi9n4u6g927Lc6UnXiZNWJsaHhqiPT7dbMYvnhSPdEFBGNnkrN7jnafiyi1vdA+7CzZsRS2fyywSfL7o3OteZb16anGiOt+cX2Ynt2ZiR1Wlv2pxFFXEgRyxGx2n/37vqiiFqk+M6xtXQtIg51z8MXq4nBO7ej2Mc+7kLZzkZfxHLxCIzZAdYfRbwaKX72zomYyNeZ6lrzhYhXy/xBxFtlvhSRyi/G+Yj3tvke8WiqRRF/WY7/xbU0WV0PuteVy19rfGXm+mxP2e515SPeH+66Ujyk+8ORLflgHPBrUz2KaFVX/LV077/ZAQAAAAAAAAAAAAAAAOB+OxJFfCZSvPIff1LNK45qXvqxi4N/OPCrvXPGn/6Q/ZRln4+IpWJ3c3IP54mBI2kkpYc8l/hxVo8i/jTP//vWw24MAAAAAAAAAAAAAAAAAADAY62In0SKF989kZajd03x9syNxtXWtenOqrDdtX+7a6avr6+vN1InmznHcy7lXM65knM1ZxS5fs5mzvGcSzmXc67kXM0Zh3L9nM2c4zmXci7nXMm5mjNquX7OZs7xnEs5l3Ou5FzNGQdk7V4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgI+TIor4RaT49jfWUqSIaEaMRydX+h926wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAUn8q4vuRovFHzTvbahGRqn87TpS/nI/m4TI/Gc3BMl+K5qWcrSprzW89hPazN32piB9Hiv7623cGPI9/X+fdna9BvPXNjXefrXXyUPfDgff7nzh+7OLg8G88vdPrtF0DTl5uz9y63RgbGh4e7dlcy0f/ZM+2gXzc4v50nYhYeOPN11vT01Pz9/6i/Arsofoj9CLVHpeeelG9iNqBaMbD6TuPgfL+/16k+N13/7N7w+/c/+vxK513d+7w8fM/27j/v7h1R7u8/9e21sv3//Kevt39/8mebS/m34301SLqizfn+o5H1BfeePNU+2brxtSNqZnzp09/eXDwy+dO9x2OqF9vT0/1vLovpwsAAAAAAAAAAAAAAADgwUlF/H6kaP14LTUi4nY1X2vg4uCzp545FIeq+Vab5m2/Nnr1UuPl2Ztz81MLC1OTjbGZ9sTs5NRuD1evpnuNDQ3vS2c+1JF9bv+R+suzc2/Mt2/88eK2nx+tX7q2sDjfmtj+4zgSRUSzd8vJqsFjQ8NVo6fbrZmq6si2k+k/ur5UxH9FionzjfT5vC3P/986w3/T/P+lrTvap/n/n+jZVh4zpSJ+Hil+56+ejs9X7Twad52zXO7vIsXJC5/L5eJwWa7bhs5zBTozA8uy/xcp/ukXm8t250M+uVH2zK5P7COiHP9jkeL7f/Hd+M28bfPzH7Yf/6Nbd7RP4/9Uz7ajm55XsOeuk8f/VKR46cm347fytg96/kf32RsncuE7z+fYp/H/VM+2gXzc374/XQcAAAAAAAAAAHik9aUi/j5S/HC4ll7I23bz9/8mt+5on/7+16d7tk3en/WKPvTFnk8qAAAAABwQfamIn0SKG4tv35lDvXn+d8/8z9/bmP85lLZ8Wv05369Vzw24n3/+12sgH3d8790GAAAAAAAAAAAAAAAAAACAAyWlIl7I66mPV/P5J3dcT30lUrzyP8/lcul4Wa67DvxA9Wv9yuzMqUvT07MTrcXWtempxuhca2KqrPtUpFj728/lukW1vnp3vfnOGu8ba7HPR4rhf+iW7azF3l2b/KmNsmfKsp+IFP/9j5vLdtex/tRG2bNl2b+JFF//l+3LHt8oe64s+91I8aOvN7plj5Zlu89H/fRG2ecnZot9GBUAAAAAAAAAAAAAAAAAAAAeN32piD+PFP97c/nOXP68/n9fz9vKW9/sWe9/i9vVOv8D1fr/O72+l/X/q+cKLO10VAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+HhKUcSbkWLuylpa6S/fd9Qvt2du3R4bGt6+2pFU1TxUlS9/6mfOnjv/pRcGL3Tzg+vfb5+J10avXmq8PHtzbn5qYWFqsjE2056YnZza9R72Wn+rk9UJaNx8/dbk9esLjbPPn9v08e2B9/ufOD5wcfDZU890y44NDQ+P9pSp9d3z0e+Sdth+OIr460jx3Pd+mn7YH1HE3s/Fh3x39tuRqhMnq06MDQ1XHZlut2YWyw9HuieiiGj0VGp2z9EDGIs9aUYslc0vG3yy7N7oXGu+dW16qjHSml9sL7ZnZ0ZSp7VlfxpRxIUUsRwRq/13764ving9Unzn2Fr61/6IQ93z8MUro189fXbndhT72MddKNvZ6ItYLh6BMTvA+qOIf44UP3vnRPxbf0QtOj/xhYhXy/xBxFvRGe9UfjHOR7y3zfeIR1Mtivj/cvwvrqV3+svrQfe6cvlrja/MXJ/tKdu9rjzy94cH6YBfm+pRxI+qK/5a+nf/XQMAAAAAAAAAAAAAAAAcIEX8eqR48d0TqZoffGdOcXvmRuNq69p0Z1pfd+5fd870+vr6eiN1splzPOdSzuWcKzlXc0aR6+dslllfXx/P75dyLudcybmaMw7l+jmbOcdzLuVczrmSczVn1HL9nM2c4zmXci7nXMm5mjMOyNw9AAAAAAAAAAAAAAAAAADg46Wo/knx7W+spfX+zvrS49HJFeuBfuz9MgAA//8hX/ir")
r0 = userfaultfd(0x1)
ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000140)={&(0x7f0000ffc000/0x2000)=nil, 0x2000})
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$UHID_INPUT(r1, &(0x7f0000000940)={0x8, {"85f080a4933d55266e07e799aa0cc421388242df2a3c6b631b65b1c061edd2aa108c3528fe9b0bb3a53ab1200f5d01a68a4acdec8fee09648222f908c1fedc3000342e6139de28366c13509306d00ebcc67497181ac916db98af9d366b76e427d9ab5bb68095f0fb246df32b8af0783653136f8a04c03690312125b2ded6a24fda8685340c575ead69519e3583f89d467ec232d6a1ffd0463ba4ea3cbae5dae6654b5547b5458f02ac307729e57b09e134f68be44f88d72517b230b066f6315b5fb80206397bbff8cbc2a36e01c2e7b3aadb03bd3dd5288a69a991d9c674717e3abba7167280b2db3b1b8502afa4f3f296c532510c9d2dd79bb5eeb25adb5edddbdd069c09d14d15c2e7e1e2bb22e97d6992236d2273c8bb95536f7118d007965008b125c7daac2814e6bbe1adbfa3572ad0b7ad5c26c8014118d8374ca9f285779dfee7715a403908146a74de61b3853914c89f444c12e7a38bdd46c4ed36eb806ea598f44d1dec9eff9e2476f43802211f0762b66673b45d236b2391ce322e30fb9c69fe0d514dc1f8b6e3979c1205fd5224b07d18a44fec4f6f1a6f65158bb6adcc295bf2dd7dea107f59d7e03c61fe5822292e45968956b931bdc4d6445ff1631e0b98e4b4448774dd4b9cd53a45896fdb3f03702778741ae2b45a25bf9a23fc02fb97a630f132bf9def6c6d4a7baeb62972f1a814f6f2377bcfc78e2e86368c138510a04cedf7175af8c2033aae7413e3ace8c71ab9a0af1ca7042011a6ed028e205648535dabf3b2f85196ae18d36b839e3cd54ae4933ad529888fdac7bb8a70c72bc0fc81ba06506f2d5bc7686e219bbe5283959cbef9950e071cb6d9f341fc624a5110341f26cebd7100599a06e61f66fae120c7fc2b34c6221200eba75bd1277114671a3fa8f058b27fd897b052f4a52afcea814df526181c75c4497210a2b85b7b26601561e78735387cf123654b0295d1d60556956b36d96dd038866c4b4db31ebdcddd6929bbc2850cd4901389e6ea6e86041e0efa1111c2fb0e6df6364cb95659f506d5c7e63fb67c8116577d15e4a4b1fc4c27de2e52586cb1f52be9c3601f5066549de8bdc3ec07d1a84caf1961323ec2487a37b751aeabafcd647ce2dae5d9499c0f969467e6cabad198669ac96bd1488954eff0854ee0c83d7b596d273625bdb16270782321071fda5d980ded78ffa9dc2b56037d7cbf942547f48a5131f1991f6c17ae1ed5120ca6878f98e68e7997a9a2b70be640a70a34adb80de286c669bb5f092e4e3a15a83217e03d02a4054f34af3a65ff6b36f395b76a0579cffafd5d3bb0e704c935caecf3a7ab756c23fd60c9fe3f4fb2be7504f5bae22b116ff1588dcf02b327d31bf0488dba8af5b33ccf2d7d87f43bbc48fcd4f191ad6af9313ad38b8b2967cbfabd6651bc1f6ce5abb4a2f1413194f96b26d7d6edc4e013fba549075c97eef508af5ca7873664b058b7bcf455a8a04b591d29fab6366c844bb75576bac2d52323e747303d00a5736c9812922b0e17bcec9135550736b54cf6407d61e22e62d7bb75f62935b665acf33e75f688c36ef416f1b890d0f0c8ad1df00e02ec45967834d5649c8e7143978622fa3704672970b7993a87e97d3d926a14265647bc8b8c9e6f83e29572608d24b42c2635ef4abbd0af83860e99c90d7471cf6e8ce99507f5ec2bc572212fa9ee3f5a9dfa3815fe55f0bbb119acce062ae37f2ff921707abba139bcddf42bfd174d29b540161b4113c4e1a13f3a628c638ec4d3a884dfbc093e23ec0d0671b46b41dc8b42d950c8615ba5ee87f49b5d0910ffa4871207995001920db05a95199967f097ba7b55bbd271d818690c4238406b40a3dfc42fa56a67173b53a96b543326c56738b6d043195934018696f5ab49347e5148a78f2d1369a71afab8330273d46ecfba4ee05802a5385649851db949dbfb39e290941641c50b1ac20fb3102754a760b097f464ddb0b83f8168badfa71db6621dcf22fb081e3403f3bac5c7e65905aca52885c807f8ddab18bb2f12ef952c50483c0e251968bc70ff0d42a638ca744dea4c7ebb4fea777cf663bb4f1505ed79730c45bc86e488a13f924377a8e2ee6670a02ca52874ae1c42a35d55b9765757047b2cc3742aa51fa3e43fb2c113c92ad213bad252c1a82966dd016f12a7f1c3900c0f1ab455035163f31899bdd30f3ff43ad17d9e45bb7438c1c986712736f24be14f71ab1bfe92a25ec07f086ee8c7971b8077a13e58a8e8bea39c8e06b251909f02cb0080abf020f27ca160eb26c082dda1fa54ea4094dfdbcb2fa7bddccb67a844e8075f4cc08dad35757006d051e183dced336bc0c2502f93ffc87dca622286ba174c24e1f53f27dc2777baafe170348b0e8d3e743b3aa906bc0764bbe7da08ff403efe2212627d6748c2ce5bb513b7312517d1f88c61c7ba5f9647cd619281c5b390b48606ee39fb4171103df2e09d7cfd56c06c721f7c24ad8cce383623fc2dcb73f7b1b3b86df1b42490815513681aafbf7e871b4b9686efae6c45ecfca60a640a6f071dfd31f9437c3d03086164b48c1ed802986864bfe0d49bdd7709662262368dbc3ecc05eb240ecc41904c76d78ab5c52b66af5a720fdd6a92f52be0676427a56e32e5bc5085b25f90add28a76f2fce6f8f0ef74f4658098549646bd63175adf77b5cdcf102946554ba6136cbc83c6268ee40318f3c9d4718025688b35d2265bf60bf889ff629f7834586ef46eab7a9176337536bb6001e676546b987f36b1fe4baea02fa76fb4830aebbb9c14d8e2b43ea77ef887e5a26448f4086fa819a25e27725ac10298851c8bc45f2ce4430b07917ade5ea8c434c3f2576effbeb521173736e5c9557450643068b0c0fb132a7e99de6ca292246a9937fa7d7e06e59cf59ce5b9f8426a9049931146af40a8a1256ba373a88d09dc00cdf4453cc6ba78572bf3e1f2352a978cdbad60220cb8ac37d7f614a306492a4b5eee9244b0ca84b6cf2e23013bfb1cb92bf6d126fe550e58c19f84e7a4081437b75b31b2b9fb658dcd8ba077962e0f3359721a148d4fefe5c97941ca9688cb85adf38fd10f5811cdd8e074a21abfc9541c71465b08d7321281b68ed52bfab789b9c83849c09d52376d419b1e7ba367603236e119cdf4a7b7cf9d81f2229601deace53cea2f14a05f7fa0ca04b39e31c6453e332f4bd0915c0e09e28f4d1125c390c6ff0833a04b6fc37855e65de90333e505b9eb66e0068607000000fb7b8b215dbdc9787b5baa724cfa71ee6745b41e203de8b7794757ac328ec5567540b951b50530c3d4ee34705ea1c66fd6591e88561083e86d48c45ef3b83a3029319d8f3d8e65ce14c1dc3cb92d0a7dbeb609a8d2793928caa079f0fbbb2bc90b9fb4000000f4032041d14c5bca00e99b3027ec3a50c4957199cf016a4594069af8659df0973f20ffb15dbc265ac5b8a2203e90b114a3e9441e357c60ce0b550a7fe66fc34f5702ac8e8992a22e89194c1df69e81a9b7ad3d2634ea8c0388588192fd47d8e803b10044d558617fb2921b69eb4d85c051f86ef63a2f4382b9becd870fb2ecadca6902712b88680792e2f2ec89591cfebb6db3ad31c2a339af10465fcf7988519d382218df52261234f26a6f66ad0d1859de505d0fe819caf2f8d30aa9fd1228ac91d11ca67f1f8d50c8eefa5c441514321507dff6c6ea3cff6f340a1c11e0c40f419e8e60fc94d8828fa47a96cdf7ee4f61e23f40751b25cf9ca1295041a350f83f0e679515d6b4b46e2c9ce8999e07f835abc1663cefcf728df37831f4e17f8c8a4feaf1fbf44c38c9313284404a50ba4cd8abe835b33bfecb02cd6c9d7f435853b4c8d505ab83cf46512739116694765658bae64b3127152d216055aef9b25c70a8a3b302752d7b1e8791c657b9f3fc9001ef299fd1a349491ae6ee9940149160507fc4130fb825d47d97dc2c243209d2403583ac3ef6ddbedcaa76432255487c0a06e59e043e572ab3aec002afea6b6a2dc9cfaeefa70557886c4d12924a0388f2f1bc8e89e4cfa69705d1ef3c4658f8616278b588011d9dd914beec0b151d65b6524fba3e3f235d58373e021699b07622a51504eade747e0b2f9cf38bc167cabc8cb18c708d1337e25648707e8c0872876514c7a49c0b2aaee5ed9e9ecfcbcc23e032c4deb63e48e7120188056468fad31448e4b46e7d62fbcfc1c2cfb01fcf0db5e8a162bdb9bd820c763f17b96c23f32db9d1c1d74ddbe657b4f9595a9796982a0742153111b15e484d8ffebe47ce0a78a41e470a341616ec2eb6eef813fb415fab50fa965bec6a5977a0ade4fed67f86fc24e11b0e2f5364079f7c7c35b560cac726dbc80f29dbd248f7ecda0286a23ef172a28c96d9bdb1f598eab31c6baf0321312da23920c074b9d2d2e442717f2c21001142a39c2da6b8bd9d06b05a6a8deae1bd1be4108a636ddbebc682d113e715f2f3ee506abc28b1c654b3d2d28e02f73b171ed0deed71dda90ce4a0b728cc75cb576385e7418b545b992b1dd98e2ee53355f464f9250a2a03b3d1e4d2ac1aa71d01de2573530324e14d15a507883411ddbd37be21dc929db9b11f11010e4d2a04c7325a5ae6d24d19900ff97a8a89438f8676457a78cff05201528f4358fe67f61288bf042a8f3c2e0f8b4997b8fb74996b80d465489b2d7807a945eba72a945e8cf8625dbad6f6f6e30537b29e558ca8a8b0625f578c766d34f2d28d704715f94df1f6318a308042aa494baa295640679f1eab1e6a8308af8ce6441d5ad8a2f3d477eb5307af0dfae66444a8f1434030b8361621340ad3dcefa6d8f090ed3929d89ad9c0ba01a6903033428dd8f98619304b1803187d2a6130bf1e009b5eb0e7e21c75594b3b8470f3106c92a9e55bfeb026091ced127a90a1f1247f3c07e36d3572923e0de3f73518d0369a25fcd4e65d243b7eab91063a7bfd8bc8ac9e39fbbb32b5c9517886287a18eacd8dbfda9b91db693cb12e42cba5988280e09e51e72b91a0f360656d8f21cc1eb3248ac345ad51d1a6172b18419277851dab01e028c7e8e2cf34095efd28267852a08fccf61c45b5e46930160daf50282be058274e7ff58c48b60b86d0c8cc886ab8778a2a2b5fa2557ad7bf7f01f2175523ce758871d334c20a9839f7a89fe2867c06289c8a2f6456ac7e4fbadee53ac41aee68214bc76669853baa4f58255b39ba581414f2e8c4b49303f8936a33bae5cbc96b29a5c724d5b50e1614144c2acd03bd90de891c3d36ce040d57543682ecbfcae66c4153c337c3a5d01896524c8e0c27e9a08919821ca27bbfe3fc9ba24a823aeec8d4ad8ef8a65c585bee4dcf1acaa3da501a8c11a23b2e22920c1ad0129a038b31fe16c2abc80589dbf7c37211afc5d1a6db908bc5fe8a692060069fcbcdcba7c523d3c424aa3b0c6556387e0e51bcde9e5f850abf62d2c2101c3a2786a0cb94932877a09cb6b64aa61da8cab3b423e7adc4c4700418a65e87225710e1691f6d9cb2eb63cce5b605ce0a4a89cf519767e00845397c5e381141a0ed8a89b01064b495ec8d1e2da37433bf1597d919a69610d2ad26bdf6fca8de422bb2cb80d0516206e8194ee51445a3dcb5dee33c0c310b4751e68e58bebda2fb586985a5a5b06456756f44e6dbfef4bb99ca732f00fb9ea35775f7419681bfbe6f43dc7c4650c13b63d93c1d490bf0173f287a4309531f13ecb1a775d0bd881a00", 0xdd52d6c}}, 0x1006)
syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xa8f94000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r5 = socket$inet6(0xa, 0x800000000000002, 0x0)
setsockopt$inet6_mtu(r5, 0x29, 0x17, &(0x7f0000000080)=0x5, 0x4)
sendmmsg$inet6(r5, &(0x7f0000000c80)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc000)
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1, 0x10012, r1, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x82042, 0x19d)
mount$bind(0x0, &(0x7f0000000100)='.\x00', 0x0, 0x21, 0x0)
r6 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(r6, 0x401c5820, &(0x7f0000000100)={0xf1e5b317, 0x800000, 0x0, 0xfffffffc, 0x40001000})
openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)

4m9.01331424s ago: executing program 0 (id=575):
r0 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_ADD_VIF(r0, 0x0, 0xca, &(0x7f0000000100)={0x0, 0x5, 0x0, 0x0, @vifc_lcl_addr=@local, @loopback}, 0x10)

4m8.716493496s ago: executing program 0 (id=577):
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = syz_open_dev$usbmon(&(0x7f0000000100), 0xc7, 0x103900)
ioctl$MON_IOCX_GETX(r4, 0x4018920a, &(0x7f0000000500)={0x0, 0x0})

4m7.721799665s ago: executing program 0 (id=581):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r1 = syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x0, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000032680)=""/102400, 0x19000)
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000003980)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x800, &(0x7f0000003a80)={[{@time_offset={'time_offset', 0x3d, 0xc}}, {@discard}, {@gid}, {@iocharset={'iocharset', 0x3d, 'cp932'}}, {@discard}, {@gid}, {@gid}, {@sys_tz}, {@errors_continue}, {@errors_continue}, {@keep_last_dots}, {@iocharset={'iocharset', 0x3d, 'iso8859-1'}}]}, 0x1, 0x1524, &(0x7f0000002280)="$eJzs3AuYTlXbOPD7XmvtMSbpaZLDsNa6N09yWCZJckiSQ5IkSZJTQtIkryQkhpyShiQkhyE5DCE5TEwa5/P5kJAkTZKE5JSs/yX8vb31fu/7fm/f67u+uX/XtS/rfva+1773cz+HvbeZ+a7zkBqNalZtQETwb8GL/yQDQCwADACA6wAgAICy8WXjL6zPKTH539sJ+3M9kna1K2BXE/c/e+P+Z2/c/+yN+5+9cf+zN+5/9sb9z964/4xlZ5umFbiel+y78P3/7Iy///8PySo15qs1pW7sAhDzz6Zw/7M37v//WcE/sxH3P3vj/mdXsVe7APa/AL//s4Mcf3cN9z974/4zlp1d7fvPV3uBSPZ+Dq72648xxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGWPZw2l+hAODy+GrXxRhjjDHGGGOMsT+Pz3G1K2CMMcYYY4wxxtj/PAQBEhQEEAM5IBZyQhwIALgWcsN1EIHrIR5ugDxwI+SFfJAfCkACFIRCoMGABYIQCkMRiMJNUBRuhmJQHEpASXBQChLhFigNt0IZuA3Kwu1QDu6A8lABKkIluBMqw11QBe6GqnAPVIPqUANqwr1QC+6D2nA/1IEHoC48CPXgIagPD0MDeAQawqPQCB6DxvA4NIGm0AyaQ4v/Vv5L0B1ehh7QE5KhF/SGV6AP9IV+0B8GwKswEF6DQfA6pMBgGAJvwFB4E4bBWzAcRsBIeBtGwTswGsbAWBgHqTAeJsC7MBHeg0kwGabAVEiDaTAd3ocZMBNmwQcwGz6EOTAX5sF8SIePYAEshAz4GBbBJ5AJi2EJLIVlsBxWwEpYBathDayFdbAeNsBG2ASbYQtshW2wHXbAp7ATPoNdsBv2wOewF774F/NP/U1+FwQEFChQocIYjMFYjMU4jMNcmAtzY26MYATjMR7zYB7Mi3kxP+bHBEzAQlgIDRokJCyMhTGKUSyKRbEYFsMSWAIdOkzERCyNt2IZLINlsSyWw3JYHitgBayElbAyVsYqWAWrYlWshtWwBtbAe/Fe7IW1sTbWwTpYF+tevj2FDbABNsSG2AgbYWNsjE2wCTbDZtgCW2BLbImtsBW2wTbYFttiO2yHSZiE7bE9dsAO2BE7YifshJ2xM3bBrtg166UcgC/jy9gTq4le2Bt7Yx9MydEP+2N/fBUH4mv4Gr6OKTgYh+Ab+Aa+icPwJA7HETgSR2Jl8Q6OxjFIYhymYipOwAk4ESfiJJyMk3EqpuE0nI7TcQbOxJn4Ac7GD/FDnItzcT6mYzouwIWYgRm4CE9hJi7GJbgUl+FyXIYrcRWuxDW4FtfgelyPG3EjbsbNuBW34nbcjp+iAsDPcDfuxhTci3txH+7D/bgfD+ABzMIsPIgH8RAewsN4GI/gETyKx/A4HsMTeAJP4ik8jafxLJ7Fc/hCwjcNPy2+OgXEBUooESNiRKyIFXEiTuQSuURukVtERETEi3iRR+QReUVekV/kFwkiQRQShYQRRpAIYwBAREVUFBVFRTFRTJQQJYQTTiSKRFFalBZlRBlRVtwuyok7RHlRQbR2lUQlUVm0cVXE3aKqqCqqieqihqgpaopaopaoLWqLOqKOqCvqinriIVFf9MJ++Ii40JlGYjA2FkOwiWgq5KVPsJZiGLYSrUUb8ZQYgcOxnWjpksSzor0YjR3EX8QYfF50EuOws3hRdBFdRTfxkuguWrkeoqeYhL1EbzEV+4i+op/oL2ZgdfEBzs5ZQ7wuUsRgMUS8Iebjm2KYeEsMFyPESPG2GCXeEaPFGDFWjBOpYryYIN4VE8V7YpKYLKaIqSJNTBPTxftihpgpZokPxGzxoZgj5op5Yr5IFx+JBWKhyBAfi0XiE5EpFoslYqlYJpaLFWKlWCVWizVirVgn1osNYqPYJDaLLWKr2Ca2ix3iU7FTfCZ2id1ij/hc7BVfiH3iS7FffCUOiK9FlvhGHBTfikPiO3FYfC+OiB/EUXFMHBc/ihPiJ3FSnBKnxRlxVvwszolfxHnhBUiUQkqpZCBjZA4ZK3PKOHmNzCWDS8/u9TJe3iDzyBtlXplP5pcFZIIsKAtJLY20kmQoC8siMipvkkXlzbKYLC5LyJLSyVIyUd4iS8tbZRl5mywrb5fl5B2yvKwgK8pK8k5ZWd4lIXJxH9VkdVlD1pT3ymS4T9aW98s68gFZVz4o68mHZH35sGwgH5EN5aOykXxMNpaPyyayqWwmm8sW8gnZUj4pW8nWso18SraVT8t28hmZJJ+V7aW/9BJ5XnaSL8jO8kXZRXaV3eQv8rz0sofsKaEXyN7yFdlH9pX9ZH85QL4qB8rX5CD5ukyRg+UQ+YYcKt+Uw+RbcrgcIUfKt+Uo+Y4cLcfIsXKcTJXj5QT5rpwo35OT5GQ5RU6VaXKa7HdppllS/sP8d/8gf9Cve98oN8nNcovcKrfJ7XKH/FTulDvlLrlL7pF75F65V+6T++R+uV8ekAdklsySB+VBeUgekoflYXlEHpFH5TF5Rv4oT8if5El5Sp6SZ+RZeVaeu/QcgEIllFRKBSpG5VCxKqeKU9eoXOpalVtdpyLqehWvblB51I0qr8qn8qsCKkEVVIWUVkZZRSpUhVURFVU34aUXjCqhSiqnSqlEdcu/kq+KqptVMVX8N/mX60v+O/W1UC1US9VStVKtVBvVRrVVbVU71U4lqSTVXrVXHVQH1VF1VJ1UJ9VZdVZdVBfVTXVT3VV31UP1UMkqWfVWr6g+qq/qp/qrAepVNVANVIPUIJWiUtQQNUQNVUPVMDVMDVfD1Ug1Uo1So9RoNVqNVWNVqkpVE9QENVFNVJPUJDVFTVFpKk1NV9PVDDVDzVKz1Gw1W81Rc9Q8NU+lq3S1QC1QGSpDLVKLVKZarBarpWqpWq6Wq5VqpVqtVqu1aq1ar9arTLVJbVJb1Ba1TW1TO9QOtVPtVLvULrVH7VF71V61T+1T+9V+dUAdUFkqSx1UB9UhdUgdVofVEXVEHVVH1XF1XJ1QJ9RJdVKdVqfVWXVWnVPn1Hl1/sJpXyACEahABTFBTBAbxAZxQVyQK8gV5A5yB5EgEsQH8UGe4MYgb5AvyB8UCBKCgkGhQAcmsIG41PRocFNQNLg5KBYUD0oEJQMXlAoSg1uC0sGtQZngtqBscHtQLrgjKB9UCCoGlYI7g8rBXUGV4O6ganBPUC2oHtQIagb3BrWC+4Lawf1BneCBoG7wYFAveCioHzwcNAgeCRoGjwaNgseCxsHjQZOgadAsaB60+FPn9/5kviddD91TJ+teurd+RffRfXU/3V8P0K/qgfo1PUi/rlP0YD1Ev6GH6jf1MP2WHq5H6JH6bT1Kv6NH6zF6rB6nU/V4PUG/qyfq9/QkPVlP0VN1mp6mp+v39Qw9U8/SH+jZ+kM9R8/V8/R8na4/0gv0Qp2hP9aL9Cc6Uy/WS/RSvUwv1yv0Sr1Kr9Zr9Fq9Tq/XG/RGvUlv1lv0Vr1Nb9c79Kd6p/5M79K79R79ud6rv9D79Jd6v/5KH9Bf6yz9jT6ov9WH9Hf6sP5eH9E/6KP6mD6uf9Qn9E/6pD6lT+sz+qz+WZ/Tv+jz2l84ub/w9W6UUSbGxJhYE2viTJzJZXKZ3Ca3iZiIiTfxJo/JY/KavCa/yW8STIIpZAqZC8iQKWwKm6iJmqKmqClmipkSpoRxxplEk2hKm9KmjCljypqyppwpZ8qb8qaiqWjuNHeau8xd5m5zt7nH3GOqm+qmpqlpaplaprapbeqYOqauqWvqmXqmvqlvGpgGpqFpaBqZRqaxaWyamCammWlmWpgWpqVpaVqZVqaNaWPamramnWlnkkySaW/amw6mg+loOppOppPpbDqbLqaL6Wa6me6mu+lhephkk2x6m96mj+lj+pl+ZoAZYAaagWaQGWRSTIoZYoaYoWaoGWaGmeFmhBl54UTVvGNGmzFmrBlnUk2qmWAmmIlmoplkJpkpZopJM2lmupluZpgZZpaZZWab2WaOmWPmmXkm3aSbBWaByTAZZpFZZDJNpllilphlZplZYVaYVWaVWWPWmHWwzmwwG8wms8lsMVvMNrPN7DA7zE6z0+wyu8wes8fsNXvNPrPP7Df7zQFzwGSZLHPQHDSHzCFz2Bw2R8wRc9QcNcfNcXPCnDAnzUlz2pw2Z02+S9+X3sTanDbOXmNz2Wttbnud/ds4vy1gE2xBW8hqm9fm+01srLXFbHFbwpa0zpayifaW38XlbQVb0Vayd9rK9i5b5XdxLXufrW3vt3XsA7amvfc3cV37oK1nH7P1EQFsU9vQNreN7GO2sX3cNrFNbTPb3La1T9t29hmbZJ+17e1zv4sX2IV2lV1t19i1dpfdbU/bM/aQ/c6etT/bHranHWBftQPta3aQfd2m2MG/i0fat+0o+44dbcfYsXbc7+IpdqpNs9PsdPu+nWFn/i5Otx/Z2TbDzrFz7Tw7/9f4Qk0Z9mO7yH5iM20AS+xSu8wutyvsyv9f61K73m6wG+1O+5ndYrfabXa73XH5RNjutnvs53av/cIetN/a/fYre8Aetln2m1/jC8d32H5vj9gf7FF7zB63P9oT9id1OfvCsf9of7HnrbdASECSFAUUQzkolnJSHF1Duehayk3XUYSup3i6gfLQjZSX8lF+KkAJVJAKkSZDlohCKkxFKEo30eXySlBJclSKEukWKk23Uhm6jcrS7VSO7qDyVIEqUiW6kyrTXVSF7qaqdA9Vo+pUg2rSvVSL7qPadD/VoQeoLj1I9eghqk8PUwN6hBrSo9SIHqPG9Dg1oabUjJpTC3qCWtKT1IpaUxt6itrS09SOnqEkepba03PUgf5CHel56kQvUGd6kbpQV+pGL1F3epl6UE9Kpl7Um16hPtSX+lF/GkCv0kB6jQbR65RCg2kIvUFD6U0aRm/RcBpBI+ltGkXv0GgaQ2NpHKXSeJpA79JEeo8m0WSaQlMpjabRdHqfZtBMmkUf0Gz6kObQXJpH8ymdPqIFtJAy6GNaRJ9QJi2mJbSUltFyWkEraRWtpjW0ltbRetpAG2kTbaYttJW20XbaQZ/STvqMdtFu2kOf0176gvbRl7SfvqID9DVl0Td0kL6lQ/QdHabvfU/6gY7SMTpOP9IJ+olO0ik6TWfoLP1M5+gXOk+eIMRQhDJUYRDGhDnC2DBnGBdeE+YKrw1zh9eFkfD6MD68IcwT3hjmDfOF+cMCYUJYMCwU6tCENqQwDAuHRcJoeFNYNLw5LBYWD0uEJUMXlgoTw1vC0uGtYZnwtrBseHtYLrwjLB9WCB97oFJ4Z1g5vCusEt4dVg3vCauF1cMaYc3w3rBWeF9YO7w/rBM+EJYJHwzrhQ+F9cOHwwbhI2HD8NGwUfhY2Dh8PGwSNg2bhc3DFuETYcvwybBV2DpsEz4Vtg2fDtuFz4RJ4bNh+/C5X9c/uPDvr08Oe4W9w1fCV0Lv75fzovOj6dGPoguiC6MZ0Y+ji6KfRDOji6NLokujy6LLoyuiK6Oroquja6Jro+ui66Mbohuj3tfMAQ6dcNIpF7gYl8PFupwuzl3jcrlrXW53nYu46128u8HlcTe6vC6fy+8KuARX0BVy2hlnHbnQFXZFXNTd5Iq6m10xV9yVcCWdc6VcomvuWrgWrqV70rVyrV0b95R7yj3tnnbPuGfcs669e851cH9xHd3zrpN7wb3gXnRdXFfXzb3kurvxuS++J5Ndb9fb9XF9XD/Xzw1wA9xAN9ANcoNciktxQ9wQN9QNdcPcMDfcDXcj3Ug3yo1yo91oN9aNdaku1U1wE9xEN9FNcpPcFDfFpbk0N91NdzPcDFd55sW9zHFz3Dw3z6W7dLfAXThnzHCL3CKX6TLdErfELXPL3Aq3wq1yq9wat8atc+vcBrfBbXKb3Ba3xW1z29wOt8PtdDvdLn/dxUndXrfP7XP73X53wH3tstw37qD71h1y37nD7nt3xP3gjrpj7rj70Z1wP7mT7pQ77c64s+5nd8794s4771Ij4yMTIu9GJkbei0yKTI5MiUyNpEWmRaZH3o/MiMyMzIp8EJkd+TAyJzI3Mi8yP5Ie+SiyILIwkhH5OLIo8kkkM7I4siSyNLIssjzifcEtoS/si/iov8kX9Tf7Yr64L+FLeudL+UR/iy/tb/Vl/G2+rL/dl/N3+PK+gq/oH/dNfFPfzDf3LfwTvqV/0rfyrX0b/5Rv65/27fwzPsk/69v753wH/xff0T/vO/kXfGf/ou/iu/pu/iXf3b/se/iePtn38r39K76P7+v7+f5+gH/VD/Sv+UH+dZ/iB/sh/g0/1L/ph/m3/HA/wo+MeduPunyJDON8qh/vJ/h3/UT/np/kJ/spfqpP89P8dP++n+Fn+ln+Az/bf+jn+Ll+np/v0/1HfoFf6DP8x36R/8Rn+sWXbyr7FX6lX+VX+zV+rV/n1/sNfqPf5Df7LX6r3+a3+x3+U7/Tf+Z3+d1+j//c7/Vf+H3+S7/ff+UP+K99lv/GH/Tf+kP+O3/Yf++P+B/8UX/MH/c/+hP+J3/Sn/Kn/Rl/1v/sz/lf/Hn+nTXGGGOMsX/K+CtD8ds1F2/n9/qDHPFXG/cGgGu3Fsj66/UXzijX5b047isS2kYA4NmenR+5vFSrlpycfGnbTAlBkbkAl/8n6IIYuBIvhjbwNCRBayj9h/X3FV3P0j+YP3o7QNxf5cTClfjK/F8CYPIfzP/EUyMXlAtPx/8X888FKFbkSk5OuBIvhja/3l9pDWX+Tv35Wv6D+nN+lQrQ6q9ycsGV+Er9ifAkPAdJv9mSMcYYY4wxxhi7qK+o2PHy9efln/j8o+vzBHUlJwdcif/R9TljjDHGGGOMMcauvue7dnvmiaSk1h3/9UGV/1bWPz1oDP9TM/PgDwfeA1x+RAHAvzkhwIWB/E8exeb/yL5SLr11/nbVsjM+gP8drfwzBlf5g4kxxhhjjDH2p7ty0v/bx9XVKogxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGMuG/hN/TuxqHyNjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDF2tf2/AAAA//9IVQM5")

4m4.749770294s ago: executing program 0 (id=584):
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
fcntl$lock(0xffffffffffffffff, 0x25, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = getpid()
r1 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
setsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000500)={r0}, 0xc)
r3 = semget$private(0x0, 0x3, 0x100)
semop(r3, &(0x7f0000000000)=[{0x2, 0xf566, 0x1800}], 0x1)

3m49.58150554s ago: executing program 34 (id=584):
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
fcntl$lock(0xffffffffffffffff, 0x25, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = getpid()
r1 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
setsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000500)={r0}, 0xc)
r3 = semget$private(0x0, 0x3, 0x100)
semop(r3, &(0x7f0000000000)=[{0x2, 0xf566, 0x1800}], 0x1)

2m23.088722228s ago: executing program 3 (id=830):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x6}]})
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, 0x0)
munmap(&(0x7f0000001000/0x3000)=nil, 0x3000)
msgrcv(0x0, &(0x7f0000000f40)={0x0, ""/255}, 0x107, 0xffffffffffffffff, 0x2000)
r1 = msgget$private(0x0, 0x0)
msgctl$IPC_SET(r1, 0x1, &(0x7f0000258f88)={{0x1, 0x0, 0x0, 0x0, 0x0, 0x80}, 0x0, 0x0, 0x6b, 0x0, 0x0, 0x0, 0x5})
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000004280)='.\x00', 0x0, 0x0)
getdents64(r2, &(0x7f0000000240)=""/241, 0xf1)
write$FUSE_INIT(0xffffffffffffffff, &(0x7f0000000380)={0x50, 0x0, 0x0, {0x7, 0x2b, 0xfffffffb, 0x10000, 0x2, 0x0, 0x5, 0x0, 0x0, 0x0, 0x4, 0xffff}}, 0xffffff60)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x4}, 0x0)
setsockopt$MRT_FLUSH(0xffffffffffffffff, 0x0, 0xd4, 0x0, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
r3 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_tx_ring(r3, 0x107, 0xd, &(0x7f0000000100)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c)
mmap(&(0x7f0000ff0000/0x10000)=nil, 0x10000, 0x7fa960bffff7, 0x20010, 0xffffffffffffffff, 0x91eeb000)
recvfrom(r3, &(0x7f0000000640)=""/195, 0xc3, 0x10002, 0x0, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000680)={'bridge0\x00'})
sendmsg$nl_route(r4, 0x0, 0x80)
stat(&(0x7f00000001c0)='./file0\x00', 0x0)
madvise(&(0x7f0000ff0000/0xe000)=nil, 0xe000, 0x15)
msgctl$IPC_SET(r1, 0x1, &(0x7f0000258f88)={{0x1, 0x0, 0x0, 0x0, 0x0, 0x21}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0xe8})
msgrcv(r1, &(0x7f0000001080)={0x0, ""/4096}, 0x1008, 0x0, 0x3000)
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000240)={0x0, 0x1, r0, 0xfffffffd})

2m20.294112142s ago: executing program 3 (id=834):
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000040)={0x1, 0x3, 0x0, 0x1000, &(0x7f0000fe6000/0x1000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000100)="360fae886ceb97c63eff2e0fc72ac4c13de2b80000008066baa000b000eef30f09440f20c0350b000000440f22c0263e0f300fc71cba0f20c035000000400f22c0", 0x41}], 0x1, 0x5c, 0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)

2m20.128190895s ago: executing program 3 (id=836):
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
syz_open_dev$dri(0x0, 0xd21, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x17, &(0x7f0000000440)=ANY=[], 0x9)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r3, &(0x7f0000000000)={0x1f, 0xffffffffffffffff, 0x3}, 0x6)
write$bt_hci(r3, &(0x7f0000000580)=ANY=[@ANYBLOB="53000300"], 0x8)
r4 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
ioctl$sock_bt_hidp_HIDPGETCONNINFO(r4, 0x800448d3, &(0x7f0000000040)={@none, 0xfff, 0x8001, 0x100, 0xa, 0x5, "7d2a8e00ac3c8a91240e3f8d836096df943f9338f5f2dc1b96162b31443d71b450c59a2cc829c0f50e07c56ab8ee7bf0eee540aea4dcc0e7732c89bbda23f0106a693d494657f908f8f5d3bbed74e2059ad8411a7554dbbdf651b8e8cc7a00212edf16565717563f5e4c5faf65f6657912b84c280f458abf9b91ef07ee7f1054"})
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000140)={'pim6reg1\x00', 0x7002})
pread64(r5, 0x0, 0x0, 0x10000)

2m18.924193489s ago: executing program 3 (id=837):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000000)='./file1\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0/file0\x00', 0x1c0)
r0 = syz_clone(0x88200200, 0x0, 0x0, 0x0, 0x0, 0x0)
setpgid(r0, 0x0)
setpgid(0x0, r0)
openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0, 0x0)

2m18.526377197s ago: executing program 3 (id=839):
syz_mount_image$erofs(&(0x7f0000000180), &(0x7f0000000040)='./file3\x00', 0x40, &(0x7f00000003c0)=ANY=[], 0xfd, 0x1d8, &(0x7f0000000640)="$eJzslj2PEkEYx/8zSxYwGhNLGwtJ1MJld1FjQyKNlYWJL8TCRCIrQVZJgEJIDPoJ7O0s7P0CJtr6IQza3DVcdVfvZV6WnSMscLwcxT2/5Gb/uzfz7DPPs/kPIAji3PL/39EoOizv5QBcRAFZ/XzfSuZwY/7f3MHH348eVr+8/P4nO3Lys2JG0fLvzwD4VbHQm6w9ubqgr0/BJ/oZOG5pXQWDo/UrcDzXOgDDC63fGrot5jvOm2YYOK/bYV0IVwyeGHwxlKbzG39mqBv5MeP/3f6gVQvDoLNFsah+4wpH2cjP7JcDla1r1M8Dh6d1CQxPtL6PbFwbVRJj/1czSXxr7v5tbLsiIpVTrLpyKbVVNoDV0gDYpnqPT/qT3eY3lCIsSBF3dEORrTPahfjQF8xBZgdVXUus0oufD9Sa+Ek0VPdyzuWUgNFwyVfYWGU7iT9F3xhuGP6krOSrPGpEC4vd/uB2812tETSC975fuufecd27flEakRrn+F9e+tOFJP7MM0lgMxsfar1ex1Pj5N5X4yzH5dL/OG5eV/fCTe2puDlDM/3H5VV6b+tHavYEQRC74xqY9GTpy7HQpwmM37qPd5gjQRAEQRAEQRAEQRDrcRwAAP//UwVIJw==")
symlink(0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
ioctl$sock_FIOSETOWN(0xffffffffffffffff, 0x8901, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = syz_io_uring_setup(0x47a8, 0x0, &(0x7f0000000180), 0x0)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r3, 0x0)
syz_io_uring_setup(0x10278e, &(0x7f0000000000)={0x0, 0x4c1f, 0x10, 0x0, 0x200004}, &(0x7f0000000200), &(0x7f00000000c0))
io_uring_enter(r3, 0x369a, 0x0, 0x1, 0x0, 0x0)
execveat(0xffffffffffffff9c, &(0x7f0000000280)='./file2\x00', 0x0, 0x0, 0x0)

2m17.725187692s ago: executing program 6 (id=840):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFULNL_MSG_CONFIG(r3, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000440)=ANY=[@ANYBLOB="240000000104010200000180000000000000000008000540000000000500010001"], 0x24}}, 0x0)
sendmsg$NFULNL_MSG_CONFIG(r3, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000880)={&(0x7f0000000300)={0x24, 0x1, 0x4, 0x5, 0x0, 0x0, {0xa}, [@NFULA_CFG_FLAGS={0x6, 0x6, 0x1, 0x0, 0x6}, @NFULA_CFG_CMD={0x5, 0x1, 0x2}]}, 0x24}}, 0x0)

2m16.518940486s ago: executing program 6 (id=842):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000480)={'wlan0\x00', <r2=>0x0})
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000004c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000000000000003700000008000300", @ANYRES32=r2, @ANYBLOB="08002600901500000800570080"], 0x2c}}, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000480)={'wlan0\x00'})
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000004c0)=ANY=[], 0x2c}}, 0x0)

2m16.330546859s ago: executing program 6 (id=844):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x6}]})
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, 0x0)
munmap(&(0x7f0000001000/0x3000)=nil, 0x3000)
msgrcv(0x0, &(0x7f0000000f40)={0x0, ""/255}, 0x107, 0xffffffffffffffff, 0x2000)
r1 = msgget$private(0x0, 0x0)
msgctl$IPC_SET(r1, 0x1, &(0x7f0000258f88)={{0x1, 0x0, 0x0, 0x0, 0x0, 0x80}, 0x0, 0x0, 0x6b, 0x0, 0x0, 0x0, 0x5})
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000004280)='.\x00', 0x0, 0x0)
getdents64(r2, &(0x7f0000000240)=""/241, 0xf1)
write$FUSE_INIT(0xffffffffffffffff, &(0x7f0000000380)={0x50, 0x0, 0x0, {0x7, 0x2b, 0xfffffffb, 0x10000, 0x2, 0x0, 0x5, 0x0, 0x0, 0x0, 0x4, 0xffff}}, 0xffffff60)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x4}, 0x0)
setsockopt$MRT_FLUSH(0xffffffffffffffff, 0x0, 0xd4, 0x0, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
r3 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_tx_ring(r3, 0x107, 0xd, &(0x7f0000000100)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c)
mmap(&(0x7f0000ff0000/0x10000)=nil, 0x10000, 0x7fa960bffff7, 0x20010, 0xffffffffffffffff, 0x91eeb000)
recvfrom(r3, &(0x7f0000000640)=""/195, 0xc3, 0x10002, 0x0, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000680)={'bridge0\x00'})
sendmsg$nl_route(r4, 0x0, 0x80)
stat(&(0x7f00000001c0)='./file0\x00', 0x0)
madvise(&(0x7f0000ff0000/0xe000)=nil, 0xe000, 0x15)
msgctl$IPC_SET(r1, 0x1, &(0x7f0000258f88)={{0x1, 0x0, 0x0, 0x0, 0x0, 0x21}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0xe8})
msgrcv(r1, &(0x7f0000001080)={0x0, ""/4096}, 0x1008, 0x0, 0x3000)
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000240)={0x0, 0x1, r0, 0xfffffffd})

2m16.228189071s ago: executing program 3 (id=846):
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x1, 0x3, 0x0, 0x1000, &(0x7f0000fe6000/0x1000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000100)="360fae886ceb97c63eff2e0fc72ac4c13de2b80000008066baa000b000eef30f09440f20c0350b000000440f22c0263e0f300fc71cba0f20c035000000400f22c0", 0x41}], 0x1, 0x5c, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

2m15.383557698s ago: executing program 35 (id=846):
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x1, 0x3, 0x0, 0x1000, &(0x7f0000fe6000/0x1000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000100)="360fae886ceb97c63eff2e0fc72ac4c13de2b80000008066baa000b000eef30f09440f20c0350b000000440f22c0263e0f300fc71cba0f20c035000000400f22c0", 0x41}], 0x1, 0x5c, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

2m13.988400065s ago: executing program 6 (id=850):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000000)='./file1\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0/file0\x00', 0x1c0)
r0 = syz_clone(0x88200200, 0x0, 0x0, 0x0, 0x0, 0x0)
setpgid(r0, 0x0)
setpgid(0x0, r0)
openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0, 0x0)

2m13.032088394s ago: executing program 6 (id=852):
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x21}, 0x94)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x8914, &(0x7f0000000040)={'dummy0\x00', 0x4000})
creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
openat(0xffffffffffffff9c, &(0x7f0000000700)='./cgroup\x00', 0x246742, 0x0)
write$cgroup_int(0xffffffffffffffff, &(0x7f0000001280)=0x200006, 0x12)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/sync_threshold\x00', 0x2, 0x0)
socket$netlink(0x10, 0x3, 0x6)
socket$netlink(0x10, 0x3, 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000180)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, 0x0, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000300)={&(0x7f0000000380)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@struct]}}, 0x0, 0x26, 0x0, 0x1}, 0x28)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r4, 0x84, 0x76, &(0x7f0000000200)={0x0, 0x7}, 0x8)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r4, 0x84, 0x75, &(0x7f0000000340)={0x0, 0xcc}, 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r4, 0x84, 0x64, &(0x7f0000000280)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
sendmmsg$inet6(r4, &(0x7f0000000780)=[{{&(0x7f0000000080)={0xa, 0x4e23, 0x4, @loopback, 0x3}, 0x1c, &(0x7f0000000500)=[{&(0x7f00000034c0)='\x00', 0x1}], 0x1}}], 0x1, 0x3404c8d4)
setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r4, 0x84, 0x77, &(0x7f00000000c0)={0x0, 0xf7}, 0x8)

2m12.404092266s ago: executing program 6 (id=853):
socket$inet_udp(0x2, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x75b08000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
gettid()
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0)
fcntl$lock(r3, 0x26, &(0x7f00000000c0)={0x0, 0x1, 0x8000000000003, 0x10000})
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0)
fcntl$lock(r4, 0x26, &(0x7f0000000000)={0x1})

2m12.031730063s ago: executing program 36 (id=853):
socket$inet_udp(0x2, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x75b08000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
gettid()
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0)
fcntl$lock(r3, 0x26, &(0x7f00000000c0)={0x0, 0x1, 0x8000000000003, 0x10000})
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0)
fcntl$lock(r4, 0x26, &(0x7f0000000000)={0x1})

15.422267279s ago: executing program 7 (id=1125):
socket$inet_sctp(0x2, 0x5, 0x84)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000003900)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b07080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf5af51d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa16509945ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a0000000000000000000000000000cf7b6c4ba9bec153d6834bfef080df374703a8ff56a63ec1fe5f2e05a79e3cace7283dd68d41e94420c325fe4dae144fde5ec25a87d625cab20753a77b323fa3783c8b675859b9012647885a242adfee2fe812ecbe5191e0a15142f7349e7627cc39d724e2e34e7a24154f26ae3125b36d0504965295d0453902ac7079b11a3a1e655e482331e3dc35b2e7e4e3ea99064fe5b9c8ae0ca3e5fd653f3286a99d81ce4eba765c38d097391ad4babac38ce5b4344e24a361cd54e5"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r0}, 0x10)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
io_uring_setup(0x2e34, &(0x7f0000000240)={0x0, 0xe148, 0x0, 0x0, 0xd4})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(0xffffffffffffffff, 0xc0a85320, &(0x7f00000005c0)={{0x80}, 'port0\x00', 0x72, 0x11cfa, 0x0, 0x8000008, 0x3, 0x4, 0x1, 0x0, 0x7cce8c743ee810df})
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)

10.164370152s ago: executing program 1 (id=1137):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000000)='./file1\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0/file0\x00', 0x1c0)
r0 = syz_clone(0x88200200, 0x0, 0x0, 0x0, 0x0, 0x0)
setpgid(r0, 0x0)
setpgid(0x0, r0)
openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0, 0x0)

9.886489157s ago: executing program 1 (id=1138):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x20010, 0xffffffffffffffff, 0x0)
syz_mount_image$vfat(&(0x7f0000000180), &(0x7f0000000040)='./file0\x00', 0x2000000, &(0x7f0000000300)=ANY=[@ANYRES32=0x0, @ANYBLOB="fdba1224ef2a829525ded658d91855d08ec1d28da36c968f6d0f2f83ae4e045a6319d24bbf7ada106db0b0938558e4a6691bb4838a24ccb0e61181f3b626bcc5eb70c809668cfea38c07734eff416b20a20406441c4052dfc1aa2a9f7fee484630fe04d88c45a099a5d6eb81984d2f904dc0263828dd215ace537edea0c5b7b132dd7fc4c9a44041fe0ea4fe8656f695785fa5e7f39f3eb05a4df9d9a3e8e28f4b627a646be7add16f256534d4a4a058d306da7b96b293341b4a2743ca62445ea4825726fe01db2632", @ANYRES16, @ANYRESOCT], 0x4, 0x2d0, &(0x7f0000000740)="$eJzs3EtrE1EUwPHT2Eea0iYLURSkB93oZmiiazFIC2LAUhvxAcK0nWjImJRMqETE2pVb8UO4KF12V9B+gW7c6caNu24EF3YhRjKT6SOd0tikSR//H4S5yb1n5t6ZSTh3yMz6w/cvchnHyJglCYVVukRENkRiEhJfV20Zcsu9st1buTbw6+ul+48e302mUqMTqmPJyesJVR0a/vTydX+t2UqfrMWerv9M/Fg7t3Zh/e/k86yjWUfzhZKaOlX4XjKnbEtnsk7OUB23LdOxNJt3rKJXX/DqM3ZhdrasZn5mMDJbtBxHzXxZc1ZZSwUtFctqPjOzeTUMQwcjgv2kFycmzOQBg6dFzrS4PzgMxWLSrB6p/l016cWOdAgAAHRUff4fqqb0rcv/ly6vlgYeLA/V8v+V3qD8/8Y3b1078v+wiBw4/6+urZH8f3dGdLo0lf/jmKjm/5Ha99e18GRpxC2Q/wMAAAAAAAAAAAAAAAAAAAAAcBxsVCrRSqUS9Zf+q09EwiLivw+Ojre7u2ix5o4/jrutG/e6h0Tsd3PpubS3rDVYFRFbLBmRqPxxz4eaatm/F1CrYvLZnq/Fz8+lvWdDJDOSdePjEpVYfXylMnYnNRpXz874HvcOvs34hETlbHB8IjC+V65e2RZvSFS+TEtBbJlxz+ut+Ddx1dv3UnXx/W47AAAAAABOAkM3Bc7fDWOvei9+c34deH3Am1+PBM7Pu+Vid2fHDgAAAADAaeGUX+VM27aKJ67gj7DRKP+/DE1sNHLgcH/jjTRekCOwe0MNdbW+MCwitja7df+y0V5tZLxFIw397ylx/sPH363bzzeXw/uM9NAKPe37BQIAAADQLltJv//Jrc52CAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAU6gdjxPr9BgBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAo+JfAAAA///O1Ayg")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.current\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f00000004c0), 0x208e24b)
openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
read$FUSE(r0, &(0x7f0000006540)={0x2020}, 0x2020)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
fdatasync(r0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
openat$uinput(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ftruncate(r0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mount$bpf(0x0, 0x0, &(0x7f00000004c0), 0x0, 0x0)
io_submit(0x0, 0x0, 0x0)
bpf$OBJ_PIN_PROG(0x6, 0x0, 0x0)
r1 = io_uring_setup(0x1694, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1})
io_uring_register$IORING_REGISTER_BUFFERS(r1, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
fcntl$notify(r1, 0x402, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0)

9.865503348s ago: executing program 5 (id=1139):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x20010, 0xffffffffffffffff, 0x0)
syz_mount_image$vfat(&(0x7f0000000180), &(0x7f0000000040)='./file0\x00', 0x2000000, &(0x7f0000000300)=ANY=[@ANYRES32=0x0, @ANYBLOB="fdba1224ef2a829525ded658d91855d08ec1d28da36c968f6d0f2f83ae4e045a6319d24bbf7ada106db0b0938558e4a6691bb4838a24ccb0e61181f3b626bcc5eb70c809668cfea38c07734eff416b20a20406441c4052dfc1aa2a9f7fee484630fe04d88c45a099a5d6eb81984d2f904dc0263828dd215ace537edea0c5b7b132dd7fc4c9a44041fe0ea4fe8656f695785fa5e7f39f3eb05a4df9d9a3e8e28f4b627a646be7add16f256534d4a4a058d306da7b96b293341b4a2743ca62445ea4825726fe01db2632", @ANYRES16, @ANYRESOCT], 0x4, 0x2d0, &(0x7f0000000740)="$eJzs3EtrE1EUwPHT2Eea0iYLURSkB93oZmiiazFIC2LAUhvxAcK0nWjImJRMqETE2pVb8UO4KF12V9B+gW7c6caNu24EF3YhRjKT6SOd0tikSR//H4S5yb1n5t6ZSTh3yMz6w/cvchnHyJglCYVVukRENkRiEhJfV20Zcsu9st1buTbw6+ul+48e302mUqMTqmPJyesJVR0a/vTydX+t2UqfrMWerv9M/Fg7t3Zh/e/k86yjWUfzhZKaOlX4XjKnbEtnsk7OUB23LdOxNJt3rKJXX/DqM3ZhdrasZn5mMDJbtBxHzXxZc1ZZSwUtFctqPjOzeTUMQwcjgv2kFycmzOQBg6dFzrS4PzgMxWLSrB6p/l016cWOdAgAAHRUff4fqqb0rcv/ly6vlgYeLA/V8v+V3qD8/8Y3b1078v+wiBw4/6+urZH8f3dGdLo0lf/jmKjm/5Ha99e18GRpxC2Q/wMAAAAAAAAAAAAAAAAAAAAAcBxsVCrRSqUS9Zf+q09EwiLivw+Ojre7u2ix5o4/jrutG/e6h0Tsd3PpubS3rDVYFRFbLBmRqPxxz4eaatm/F1CrYvLZnq/Fz8+lvWdDJDOSdePjEpVYfXylMnYnNRpXz874HvcOvs34hETlbHB8IjC+V65e2RZvSFS+TEtBbJlxz+ut+Ddx1dv3UnXx/W47AAAAAABOAkM3Bc7fDWOvei9+c34deH3Am1+PBM7Pu+Vid2fHDgAAAADAaeGUX+VM27aKJ67gj7DRKP+/DE1sNHLgcH/jjTRekCOwe0MNdbW+MCwitja7df+y0V5tZLxFIw397ylx/sPH363bzzeXw/uM9NAKPe37BQIAAADQLltJv//Jrc52CAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAU6gdjxPr9BgBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAo+JfAAAA///O1Ayg")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.current\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f00000004c0), 0x208e24b)
openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
read$FUSE(r0, &(0x7f0000006540)={0x2020}, 0x2020)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
fdatasync(r0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
openat$uinput(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ftruncate(r0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mount$bpf(0x0, 0x0, &(0x7f00000004c0), 0x0, 0x0)
io_submit(0x0, 0x0, 0x0)
bpf$OBJ_PIN_PROG(0x6, 0x0, 0x0)
r1 = io_uring_setup(0x1694, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1})
io_uring_register$IORING_REGISTER_BUFFERS(r1, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
fcntl$notify(r1, 0x402, 0x10)
r2 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x201, 0x618c00)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1000002, 0x11012, r2, 0x0)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="12000102f7d1b110da0b8beb002ca481321801571c634cc57df6d30602400b0904d97f01ffffff090905011020"], &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0})
bind$bt_hci(r3, &(0x7f0000000140)={0x1f, 0xffff, 0x2}, 0x6)
socketpair(0x2, 0x80000, 0x0, &(0x7f0000000040))
socket$packet(0x11, 0x2, 0x300)
socket$nl_sock_diag(0x10, 0x3, 0x4)

9.790818559s ago: executing program 7 (id=1140):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
syz_usb_connect(0x0, 0x3e, &(0x7f0000001100)=ANY=[@ANYBLOB="1201000020dafb2099041010f5050102030109022c00010000000009040000016f2bae000824020100000000092402020000000200090585da20"], 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r0 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x2, 0x129000)
ioctl$SNDRV_CTL_IOCTL_RAWMIDI_INFO(r0, 0xc10c5541, &(0x7f0000000180)={0x10000, 0x9, 0x1})

9.22954017s ago: executing program 1 (id=1141):
syz_mount_image$ext4(&(0x7f0000000100)='ext3\x00', &(0x7f0000000340)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x4000004, &(0x7f0000000c00)={[{@jqfmt_vfsold}, {@grpid}, {@debug}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0xdf07}}, {@noauto_da_alloc}, {@commit={'commit', 0x3d, 0x5}}, {@init_itable_val={'init_itable', 0x3d, 0x9}}, {@debug}, {@usrjquota}, {@nolazytime}, {@norecovery}]}, 0xfe, 0x477, &(0x7f0000000780)="$eJzs3M1vFOUfAPDvTLctLz9+rYgvIEgVjcSXlpYXOXjRaMJBExM9YDzVtpDKQg2tiRCi1QMeDYl3439hPOnFqBdNvOrdkBDDBdTLmtmZKUvZLVu67QL7+STTPs/M0z7Pd2ae2Wfm2d0AetZI9iOJ+F9E/B4RQ3n25gIj+a/rVy9M/X31wlQStdpbfyX1cteuXpgqi5Z/tzXP1GpFfrBJvRffjZisVmfOFvmxhdMfjM2fO//C7OnJkzMnZ85MHD166OCegSMThzsSZxbXtV0fz+3eeeydS29MHb/03k9JJfK4Y1kcnTKS792mnu50ZV22rSFd37FL9v5yI93sTKCb+iIiO1z99f4/FH2xeWnbULz2WVcbB6yrWq1WW+GqvFgD7mNJdLsFQHcUtwD1+99y2cDhR9ddeTm/Acrivl4s+ZZKpHlib/+y+9tOGomI44v/fJUtsU7PIQAAGn2XjX+ebzb+S+PhPDGQ/fh/MYcyHBEPRMT2iHgwInZExEMR9bKPRMSjq6x/+QzJreOf9PIdB9eGbPz3UjG3dfP4Ly2LDPcVuW31+PuTE7PVmQPFPtkf/YMnZpOZ8RXq+P7V375ota1x/JctWf3lWLBox+XK4Kab/mZ6cmFyTUE3uPJpxK5Ks/iTKKdxkojYGRG77rCO2WcrLbfdPv4VtP63bat9HfFMfvwXY1n8paTl/OT4i0cmDo9tiurMgbHyrLjVz79efLNV/WuKvwOy47+l6fm/FP9wsili/tz5U/X52vnV13Hxj89b3tO0d/4vZY5tK87/geTt+oqBYsNHkwsLZ8cjBpLXb10/ceO/lfmyfBb//n3N+//2uLEnHouI3RGxJyIez24Ki7Y/ERFPRsS+FeL/8ZWn3l99/BszV5rFP3274x+Nx3/1ib5TP3x7+/iza1yr43+ontpfrGnn+tduA9ey7wAAAOBekdbfA5+ko0mlSKfp6Gj+Hv4dsSWtzs0vPHdi7sMz0/l75YejPy2fdA01PA8dL54Nl/mJZfmDxXPjL/s21/OjU3PV6W4HDz1ua9n/l64Fef/P/NnX7dYB664D82jAPUr/h96l/0NvSvR/6Gn6P/SuZv3/k5alR79Z18YAG8rrP/SuNvr/Yv6r9agAuDd5/Yfepf9DT2r52fh0TR/53/DEv8X3Gd4t7bn/E5HeFc24/xOVtr/MYhWJ2lDe/7M1g03LdPvKBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0Bn/BQAA///T8uXN")
creat(&(0x7f0000000580)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x80)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f00000000c0)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, 0x0, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
openat(r1, &(0x7f0000000040)='./bus\x00', 0x71d902, 0x44)
symlink(&(0x7f0000000540)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000640)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
creat(0x0, 0x0)
mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x0)

8.596751952s ago: executing program 5 (id=1142):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x20010, 0xffffffffffffffff, 0x0)
syz_mount_image$vfat(&(0x7f0000000180), &(0x7f0000000040)='./file0\x00', 0x2000000, &(0x7f0000000300)=ANY=[@ANYRES32=0x0, @ANYBLOB="fdba1224ef2a829525ded658d91855d08ec1d28da36c968f6d0f2f83ae4e045a6319d24bbf7ada106db0b0938558e4a6691bb4838a24ccb0e61181f3b626bcc5eb70c809668cfea38c07734eff416b20a20406441c4052dfc1aa2a9f7fee484630fe04d88c45a099a5d6eb81984d2f904dc0263828dd215ace537edea0c5b7b132dd7fc4c9a44041fe0ea4fe8656f695785fa5e7f39f3eb05a4df9d9a3e8e28f4b627a646be7add16f256534d4a4a058d306da7b96b293341b4a2743ca62445ea4825726fe01db2632", @ANYRES16, @ANYRESOCT], 0x4, 0x2d0, &(0x7f0000000740)="$eJzs3EtrE1EUwPHT2Eea0iYLURSkB93oZmiiazFIC2LAUhvxAcK0nWjImJRMqETE2pVb8UO4KF12V9B+gW7c6caNu24EF3YhRjKT6SOd0tikSR//H4S5yb1n5t6ZSTh3yMz6w/cvchnHyJglCYVVukRENkRiEhJfV20Zcsu9st1buTbw6+ul+48e302mUqMTqmPJyesJVR0a/vTydX+t2UqfrMWerv9M/Fg7t3Zh/e/k86yjWUfzhZKaOlX4XjKnbEtnsk7OUB23LdOxNJt3rKJXX/DqM3ZhdrasZn5mMDJbtBxHzXxZc1ZZSwUtFctqPjOzeTUMQwcjgv2kFycmzOQBg6dFzrS4PzgMxWLSrB6p/l016cWOdAgAAHRUff4fqqb0rcv/ly6vlgYeLA/V8v+V3qD8/8Y3b1078v+wiBw4/6+urZH8f3dGdLo0lf/jmKjm/5Ha99e18GRpxC2Q/wMAAAAAAAAAAAAAAAAAAAAAcBxsVCrRSqUS9Zf+q09EwiLivw+Ojre7u2ix5o4/jrutG/e6h0Tsd3PpubS3rDVYFRFbLBmRqPxxz4eaatm/F1CrYvLZnq/Fz8+lvWdDJDOSdePjEpVYfXylMnYnNRpXz874HvcOvs34hETlbHB8IjC+V65e2RZvSFS+TEtBbJlxz+ut+Ddx1dv3UnXx/W47AAAAAABOAkM3Bc7fDWOvei9+c34deH3Am1+PBM7Pu+Vid2fHDgAAAADAaeGUX+VM27aKJ67gj7DRKP+/DE1sNHLgcH/jjTRekCOwe0MNdbW+MCwitja7df+y0V5tZLxFIw397ylx/sPH363bzzeXw/uM9NAKPe37BQIAAADQLltJv//Jrc52CAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAU6gdjxPr9BgBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAo+JfAAAA///O1Ayg")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.current\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f00000004c0), 0x208e24b)
openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
read$FUSE(r0, &(0x7f0000006540)={0x2020}, 0x2020)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
fdatasync(r0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
openat$uinput(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ftruncate(r0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mount$bpf(0x0, 0x0, &(0x7f00000004c0), 0x0, 0x0)
io_submit(0x0, 0x0, 0x0)
bpf$OBJ_PIN_PROG(0x6, 0x0, 0x0)
io_uring_register$IORING_REGISTER_BUFFERS(0xffffffffffffffff, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0)

8.111300352s ago: executing program 1 (id=1144):
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', 0x0, 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000000)='./file1\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0/file0\x00', 0x1c0)
r0 = syz_clone(0x88200200, 0x0, 0x0, 0x0, 0x0, 0x0)
setpgid(r0, 0x0)
setpgid(0x0, r0)
openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0, 0x0)

8.032197373s ago: executing program 9 (id=1146):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000001fc0)=@delchain={0x34, 0x65, 0x2, 0x70bd27, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x2, 0x2}, {0x0, 0x1}, {0x0, 0xb}}, [@TCA_RATE={0x6, 0x5, {0x8, 0x6}}, @TCA_RATE={0x6, 0x5, {0x81, 0x64}}]}, 0x34}, 0x1, 0x0, 0x0, 0x81}, 0x20000080)
r0 = socket(0x10, 0x803, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = io_uring_setup(0x2754, &(0x7f0000000080)={0x0, 0xfffffffc, 0x800, 0xfffffffe, 0x800001b4})
io_uring_register$IORING_REGISTER_BUFFERS(r4, 0x0, &(0x7f00000002c0), 0x0)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x89f1, 0x0)
socket$inet_smc(0x2b, 0x1, 0x0)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000a40)=@newsa={0x10c, 0x10, 0x1, 0x8000000, 0x0, {{@in=@remote, @in6=@loopback, 0x2, 0x0, 0x4e20, 0x50, 0x0, 0x20, 0x0, 0x16}, {@in6=@local, 0xfffffffc, 0x33}, @in=@local, {0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x5680000000, 0x0, 0x0, 0x10000}, {0x401, 0x9}, 0x0, 0x0, 0xa, 0x1, 0x0, 0x90}, [@replay_esn_val={0x1c, 0x17, {0x0, 0x70bd2d, 0x70bd28, 0x70bd2b, 0x70bd2b, 0x8}}]}, 0x10c}}, 0x24000058)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x14}, {&(0x7f00000007c0)=""/154, 0x21}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0xffffffffffffff2f}}], 0x4000000000003b4, 0x2040000, &(0x7f0000003700)={0x77359400})

7.021417693s ago: executing program 9 (id=1148):
r0 = syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x0, &(0x7f0000000180)={[{@debug}]}, 0x0, 0x236, &(0x7f0000000300)="$eJzs3TFoM2UcBvDnLomf/b4gVRdBUEFEtFDqJrjURaEgpYgIKlREXJRWqC1urZOLg84qnVyKuFkdpUtxUQSnqh3qImhxsDjoELlcK9VGFFNz8t3vB5fcJe97//e4e95kOS5Aa00nmU/SSTKTpJekON/grnqZPt3cntpfTgaDx38shu3q7dpZv2tJtpI8mGSvLPJiN9nYffro54NH731jvXfPe7tPTU30IE8dHx0+dvLu4usfLjyw8fmX3y8WmU//D8d1+YoRn3WL5Jb/otj/RNFtegT8E0uvfvBVlftbk9w9zH8vZeqT9+baDXu93P/OX/V964cvbp/kWIHLNxj0qt/ArQHQOmWSfopyNkm9Xpazs/V/+K87V8uXVtdemXlhdX3l+aZnKuCy9JPDRz6+8tG1P+X/u06df+D6VeX/iaWdb6r1k07TowEmqcr/zLOb90X+oXXkH9pL/qG95B/aS/6hveQf2kv+ob3kH9pL/qG95B/a63z+AYB2GVxp+g5koClNzz8AAAAAAAAAAAAAAAAAAMBF21P7y2fLpGp++nZy/HCS7qj6neHziJMbh69XfyqqZr8r6m5jeebOMXcwpvcbvvv6pm+brf/ZHc3W31xJtl5LMtftXrz+itPr79+7+W++7z03ZoExPfRks/V/3Wm2/sJB8kk1/8yNmn/K3DZ8Hz3/9KvzN2b9l38ZcwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABMzG8BAAD//8n0bSk=")
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000005e00))
socket$inet6_tcp(0xa, 0x1, 0x0)
creat(&(0x7f0000000580)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x10)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
setuid(0xee00)
ioctl$EXT4_IOC_GROUP_EXTEND(r0, 0x40086607, &(0x7f0000000040)=0x8)

5.289071917s ago: executing program 5 (id=1150):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdir(&(0x7f00000000c0)='./bus\x00', 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000a00)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@nfs_export_on}]})
chdir(&(0x7f00000001c0)='./bus\x00')
utime(0x0, 0x0)
rmdir(&(0x7f0000000380)='./file0/../file0\x00')

5.285447317s ago: executing program 9 (id=1151):
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x0, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000880)='./binderfs/binder1\x00', 0x800, 0x0)
creat(&(0x7f0000000440)='./file0\x00', 0x0)
socket$unix(0x1, 0x5, 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x42, 0x0)
socket$key(0xf, 0x3, 0x2)
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='trans=fd,rfd', @ANYRESHEX=r0, @ANYRESHEX=r1])
openat$sndtimer(0xffffffffffffff9c, &(0x7f00000006c0), 0x0)
syz_open_dev$loop(&(0x7f0000000240), 0x7, 0x184a62)
unshare(0x62000000)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg(r2, 0x0, 0x0)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/sync_on_suspend', 0x40000, 0x2d)
openat$tun(0xffffffffffffff9c, &(0x7f0000000300), 0x35451d700330dc4b, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x101000, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)

5.237980408s ago: executing program 1 (id=1152):
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x0, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000880)='./binderfs/binder1\x00', 0x800, 0x0)
creat(&(0x7f0000000440)='./file0\x00', 0x0)
socket$unix(0x1, 0x5, 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x42, 0x0)
socket$key(0xf, 0x3, 0x2)
pipe2$9p(&(0x7f0000000240)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='trans=fd,rfd', @ANYRESHEX=r1, @ANYRESHEX=r2])
openat$sndtimer(0xffffffffffffff9c, &(0x7f00000006c0), 0x0)
syz_open_dev$loop(&(0x7f0000000240), 0x7, 0x184a62)
unshare(0x62000000)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg(r3, 0x0, 0x0)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/sync_on_suspend', 0x40000, 0x2d)
openat$tun(0xffffffffffffff9c, &(0x7f0000000300), 0x35451d700330dc4b, 0x0)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
syz_usb_connect$uac1(0x3, 0xdc, &(0x7f0000000240)=ANY=[@ANYBLOB="12010000000000106b1d01014000010203010902ca0003010070000904000000010100000a24010800000201020d24060000030800000000000000240803960c03112d9cd2ce0c240208000103000000ff000924060506020100000924030003030005490c240206", @ANYRES8=r4, @ANYRES16=r0], 0x0)

5.11365421s ago: executing program 7 (id=1153):
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x0, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000880)='./binderfs/binder1\x00', 0x800, 0x0)
creat(&(0x7f0000000440)='./file0\x00', 0x0)
socket$unix(0x1, 0x5, 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x42, 0x0)
socket$key(0xf, 0x3, 0x2)
pipe2$9p(&(0x7f0000000240)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='trans=fd,rfd', @ANYRESHEX=r1, @ANYRESHEX=r2])
openat$sndtimer(0xffffffffffffff9c, &(0x7f00000006c0), 0x0)
syz_open_dev$loop(&(0x7f0000000240), 0x7, 0x184a62)
unshare(0x62000000)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg(r3, 0x0, 0x0)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/sync_on_suspend', 0x40000, 0x2d)
openat$tun(0xffffffffffffff9c, &(0x7f0000000300), 0x35451d700330dc4b, 0x0)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
syz_usb_connect$uac1(0x3, 0xdc, &(0x7f0000000240)=ANY=[@ANYBLOB="12010000000000106b1d01014000010203010902ca0003010070000904000000010100000a24010800000201020d24060000030800000000000000240803960c03112d9cd2ce0c240208000103000000ff000924060506020100000924030003030005490c240206", @ANYRES8=r4, @ANYRES16=r0], 0x0)

4.946143254s ago: executing program 5 (id=1154):
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x0, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000880)='./binderfs/binder1\x00', 0x800, 0x0)
creat(&(0x7f0000000440)='./file0\x00', 0x0)
socket$unix(0x1, 0x5, 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x42, 0x0)
socket$key(0xf, 0x3, 0x2)
pipe2$9p(&(0x7f0000000240)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='trans=fd,rfd', @ANYRESHEX=r1, @ANYRESHEX=r2])
openat$sndtimer(0xffffffffffffff9c, &(0x7f00000006c0), 0x0)
syz_open_dev$loop(&(0x7f0000000240), 0x7, 0x184a62)
unshare(0x62000000)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg(r3, 0x0, 0x0)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/sync_on_suspend', 0x40000, 0x2d)
openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x101000, 0x0)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
syz_usb_connect$uac1(0x3, 0xdc, &(0x7f0000000240)=ANY=[@ANYBLOB="12010000000000106b1d01014000010203010902ca0003010070000904000000010100000a24010800000201020d24060000030800000000000000240803960c03112d9cd2ce0c240208000103000000ff000924060506020100000924030003030005490c240206", @ANYRES8=r4, @ANYRES16=r0], 0x0)

4.496352263s ago: executing program 9 (id=1155):
syz_mount_image$ext4(&(0x7f0000000100)='ext3\x00', &(0x7f0000000340)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x4000004, &(0x7f0000000c00)={[{@jqfmt_vfsold}, {@grpid}, {@debug}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0xdf07}}, {@noauto_da_alloc}, {@commit={'commit', 0x3d, 0x5}}, {@init_itable_val={'init_itable', 0x3d, 0x9}}, {@debug}, {@usrjquota}, {@nolazytime}, {@norecovery}]}, 0xfe, 0x477, &(0x7f0000000780)="$eJzs3M1vFOUfAPDvTLctLz9+rYgvIEgVjcSXlpYXOXjRaMJBExM9YDzVtpDKQg2tiRCi1QMeDYl3439hPOnFqBdNvOrdkBDDBdTLmtmZKUvZLVu67QL7+STTPs/M0z7Pd2ae2Wfm2d0AetZI9iOJ+F9E/B4RQ3n25gIj+a/rVy9M/X31wlQStdpbfyX1cteuXpgqi5Z/tzXP1GpFfrBJvRffjZisVmfOFvmxhdMfjM2fO//C7OnJkzMnZ85MHD166OCegSMThzsSZxbXtV0fz+3eeeydS29MHb/03k9JJfK4Y1kcnTKS792mnu50ZV22rSFd37FL9v5yI93sTKCb+iIiO1z99f4/FH2xeWnbULz2WVcbB6yrWq1WW+GqvFgD7mNJdLsFQHcUtwD1+99y2cDhR9ddeTm/Acrivl4s+ZZKpHlib/+y+9tOGomI44v/fJUtsU7PIQAAGn2XjX+ebzb+S+PhPDGQ/fh/MYcyHBEPRMT2iHgwInZExEMR9bKPRMSjq6x/+QzJreOf9PIdB9eGbPz3UjG3dfP4Ly2LDPcVuW31+PuTE7PVmQPFPtkf/YMnZpOZ8RXq+P7V375ota1x/JctWf3lWLBox+XK4Kab/mZ6cmFyTUE3uPJpxK5Ks/iTKKdxkojYGRG77rCO2WcrLbfdPv4VtP63bat9HfFMfvwXY1n8paTl/OT4i0cmDo9tiurMgbHyrLjVz79efLNV/WuKvwOy47+l6fm/FP9wsili/tz5U/X52vnV13Hxj89b3tO0d/4vZY5tK87/geTt+oqBYsNHkwsLZ8cjBpLXb10/ceO/lfmyfBb//n3N+//2uLEnHouI3RGxJyIez24Ki7Y/ERFPRsS+FeL/8ZWn3l99/BszV5rFP3274x+Nx3/1ib5TP3x7+/iza1yr43+ontpfrGnn+tduA9ey7wAAAOBekdbfA5+ko0mlSKfp6Gj+Hv4dsSWtzs0vPHdi7sMz0/l75YejPy2fdA01PA8dL54Nl/mJZfmDxXPjL/s21/OjU3PV6W4HDz1ua9n/l64Fef/P/NnX7dYB664D82jAPUr/h96l/0NvSvR/6Gn6P/SuZv3/k5alR79Z18YAG8rrP/SuNvr/Yv6r9agAuDd5/Yfepf9DT2r52fh0TR/53/DEv8X3Gd4t7bn/E5HeFc24/xOVtr/MYhWJ2lDe/7M1g03LdPvKBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0Bn/BQAA///T8uXN")
creat(&(0x7f0000000580)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x80)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f00000000c0)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, 0x0, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
openat(r1, &(0x7f0000000040)='./bus\x00', 0x71d902, 0x44)
symlink(&(0x7f0000000540)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000640)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
creat(&(0x7f0000000d80)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
mknod$loop(0x0, 0x0, 0x0)

3.968624243s ago: executing program 8 (id=1156):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(ecb-aes-aesni)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000180)="10797fcd6cd957d2b903c6bf46b4abf3629ff075475e4bd6e43be1712bf8b4dc", 0x20)
readv(0xffffffffffffffff, &(0x7f0000000740)=[{&(0x7f0000000100)=""/116, 0x74}], 0x1)
sendmmsg$alg(0xffffffffffffffff, &(0x7f0000001e00)=[{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000440)="ceaaf6bd51d2672882ca41befb3a4a578485513759e92125d72e5499cb01596482fb5bc4d59169d5e32316c2ef3200eee8a7e8cc94d04086f092ed6234e23ee27b", 0x41}], 0x1, 0x0, 0x0, 0x44041}], 0x1, 0x20044800)

3.776286907s ago: executing program 8 (id=1157):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r2)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x4a000, 0x0)
close(r3)
r4 = socket$unix(0x1, 0x1, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000026c0)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2, 0xffff}}, [@qdisc_kind_options=@q_cbs={{0x8}, {0x1c, 0x2, @TCA_CBS_PARMS={0x18, 0x1, {0x0, '\x00', 0x1, 0x7, 0x100, 0x8}}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x20000001}, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x70b923, 0x80000, {0x0, 0x0, 0x0, r6, {0x0, 0xd}, {0x2, 0xb}, {0x9, 0xb}}, [@qdisc_kind_options=@q_sfb={{0x8}, {0x2c, 0x2, @TCA_SFB_PARMS={0x28, 0x1, {0x7ff, 0x0, 0x10, 0x6, 0x3, 0xfffffffa, 0xc219, 0x1, 0x3ccd}}}}]}, 0x58}, 0x1, 0x0, 0x0, 0x200048e5}, 0x4008000)
ioctl$SIOCSIFHWADDR(r3, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})

3.60773041s ago: executing program 8 (id=1158):
syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000140)='./file1\x00', 0x300a088, &(0x7f0000000080)=ANY=[], 0x85, 0x68b, &(0x7f0000000800)="$eJzs3c1vHGcdB/DvbDabbCipmyZtgiolaiRARE3sWCmYSwNCKIcKVeXA2UqcxMomDY6L3ApBeClce8gfUA6+cUBI3CPKhQvcevWxEoJLLzWnRTM7u16/22nqtcPnU43nmXnmeeb3/HbedrfRBvi/de1Cmo9T5NqFNxfK5aXFyc7S4uTdfjnJkSSNpNmbpfi82+1+nFxNb8qZcmXdXbG69/vP90uPZqfe/uSzpU97S816qrZvrG+3Ww/rKeeSHKrnT6u/69v1d3S77orBCMuEne8nDkbtcJJu5d+Pemt++vfnBjVD2hu13vbIBw6AonffXGcsOVaf6OVzQO+u2LtnH2gPRx0AAAAA7IHnl7OchRwfdRwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwkNS//1/UU6NfPpei//v/rXpd6vL+cnZ3mz/+suIAAAAAAAAAgD10djnLWcjx/nK3qL7zf7VaOFn9/UrezYPMZC4Xs5DpzGc+c5lIMjbUUWthen5+bmLQsv9/BqxveXnDlpe3CfRIPW8/jVEDAAAAAAAAwEHzebfb3XKDX+fayvf/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwHxTJod6smk72y2NpNJMcTdIqt3uY/LNfPqjOvJY8HnUQAAAA8AV0d7jd88tZzkKOD9oV1Xv+l6r3/Ufzbu5lPrOZTyczuVF9FtB7199YWpzsLC1O3i2n9f1+7z+7CrfqMb3PHjbe8+lqi3ZuZrZaczHX806K4kYaVcvS6X48G8f1qzKm4o2ewzuM7EY9L0f+YT1fq7mrsW5qlx+mjFUZOTzIyHgdW5mNF7bOxC5fnbV7mkhjEOzJNXtaM4hVOX9jh/s7Vs/L8fxuk5yPxtpMXB46+l7aOufJN/7yx5/c7ty7c/vmgwv7Z0g7c6ie964r7fWZmBzKxMvPcibWGa8ycWqwfC0/zI9zIefyVuYym59lOvOZybn8oCpN18dzMXTKD2WqMdT11VU7emu7SFr1Edp7sVbHlG1ierVqezyz+VHeyY3M5PXqv8uZyLdzJVcyNfQKn9rBlbaxyVnf/eqGwZ//Zl1oJ/l9Pa/cekrX1ydW5vWFobwOX3PHqrrhNStZOrGL+1E/S3/aOpTm1+pCuY/fZPXhMlprMzExlIkXt87EH6rLyoPOvTtzt6fv72x3Jz6sC+V59MG+ukuUx8uJwXPB6qOjrHuxV1c9gwznq1V/49Jr11hXd2pQ1ztTH256prbqZ7j1PV2u6l7esG6yqjs9VLf2easzeB466F/+ADyzPmglx751rNX+V/sf7Y/av23fbr959PtHvnPklVYO/+3wd5vjh77eeKX4cz7KL1be/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAE/uwXvv35nudGbm1hS63e4vN6k6yIX+z5nt4U7PPJeMasitJPsj8//tdrv1mmI/xLN1oVs6ku4TNv9rkp1t3EyyUdXZ0Sdhi4uGH4CCZ8Kl+bv3Lz147/3XZu9O35q5NXNv6sqVqfGpK69PXro525kZ7/0ddZTAl2Hlpj/qSAAAAAAAAAAAAICd2ot/TrD53o/u5VABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAA+rahTQfp8jE+MXxcnlpcbJTTv3yypbNJI0kxc+T4uPkanpTxoa6Kzbbz6PZqbc/+Wzp05W+mv3tG1u125mH9ZRzSQ7V86fV3/Uv3F8xGGGZsPP9xMGo/S8AAP//fgkLLw==")
r0 = creat(&(0x7f0000000580)='\x00', 0x44)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
unshare(0x4020400)
r4 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb010018000000000000001c0000001c00000003000000010000000000000e0200000000000000000000000000000604000000002e"], 0x0, 0x37}, 0x20)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="0900000004000000040000000a00000000000000", @ANYRES32, @ANYBLOB='\x00'/15, @ANYRES32=0x0, @ANYRES32=r4, @ANYBLOB], 0x48)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000240)={r5, 0x50, 0x0}, 0x10)
fanotify_mark(0xffffffffffffffff, 0x105, 0x40009975, r0, 0x0)
r6 = socket$inet6_icmp_raw(0xa, 0x3, 0x87)
connect$inet6(r6, &(0x7f0000000500)={0xa, 0xfffd, 0x0, @loopback, 0x5}, 0x1c)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='freezer.parent_freezing\x00', 0x275a, 0x0)
write$binfmt_script(r7, &(0x7f0000000440), 0x1000a)
sendfile(r6, r7, &(0x7f0000000000)=0x5, 0x20001)
r8 = openat(0xffffffffffffff9c, 0x0, 0x42, 0x0)
r9 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f00000002c0), 0x1, 0x0)
write$binfmt_register(r9, &(0x7f0000000300)={0x3a, 'syz2', 0x3a, 'E', 0x3a, 0xffffffffffffffff, 0x3a, 'allow_other', 0x3a, '', 0x3a, './cgroup.cpu/cpuset.cpus', 0x3a, [0x50, 0x43]}, 0x45)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, 0x0, &(0x7f0000000340)='syzkaller\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
ioctl$EXT4_IOC_MOVE_EXT(r8, 0x40305829, &(0x7f00000002c0)={0x17c04, 0xffffffffffffffff, 0x8006, 0x8a, 0x0, 0x8001})

3.489959532s ago: executing program 9 (id=1159):
r0 = syz_io_uring_setup(0x359a, &(0x7f00000016c0)={0x0, 0x2000000, 0x80}, &(0x7f0000000080)=<r1=>0x0, &(0x7f0000000040))
syz_mount_image$udf(&(0x7f0000000f00), &(0x7f0000000000)='./bus\x00', 0x2c4c87, &(0x7f0000002800)=ANY=[@ANYRES64, @ANYBLOB="3823b7d1f607322399ec76687c44f8142b08deab88623a6d935d31591d804c5d1bed63ca29545a2350230d5f31394de5233840d30bf16459cecb08cdab262fe72e0173dfa5809d9de9590d6dde820ebeeb67fa147599e4115d3f6e45a9f839e741d231beab3ca1530db9729e3a7dcb963b9f5e6c3d828d47bd04ab2fc727e08c15080820bd84ffdfcce859561b28b74a6e3fadd74abe7a891ea187e03d781b1aea65c709d9e4239f9cf31b0a0baaa3304593bf4919548544bcf8ed3992377059a3168667e5cc986de13d26eb03edc881010d171046851a687d12954adfaf2299fa33de30609755b4c45a1a4373e4096651bd952e352aac3676df079a6a6ab9403b050ccdef1152cba5f1e8ae2f6787547360aeea95db1b5a64d932398203fa48ec216debb2cfd73ab8d240f57a94798e20ae3273b246a2b29e206053efdb787fd2d462660829a76c73f5ca6e344e9947a0970d34342a75eb5ca7447bd27f6f177c5da7b06fb776b865f8cf4e5775c762cc0c5bbe1ffa4694ed8bf57163be2a501effbcdc7ec959b1a167d54b619163614b9b9d045d1c751cd7e3611d2e6154541966c28c52630e8417478f3923fc4868ae204e799510d73198f16afa32acea05085b4c8beb485cd4d4ba6695f20d187787b1af6c16565ec5bf15d0e3d533cab69a8a2d7e64120e4fac8910669d885a71abec2469c8fc4ebf09aebbda6dc12bcfa9cb5586583f4062403cda7d1536285a4ae14a86b32684549605c819577f1481ba39df2f61719e1cd42937743ca1871754cd8d5daecb36afeec5e87507964d311c81e699139279b4c47e919e5dc6b0c8ac71034bc76e3199107483ba1fd00ed26b5868043b674d0fd8d20fc1c0ca949a205b092f12a9240a159751eccea4d2e3502fd684137a1e97b7fbea26aab0a44e895fd2c7cee223277da934817191789163bf7b4385fab95e76e4513f9f3d2040bc147a372637756cc3858d39325de3893adfdff9b53764e4ea0a8fa577fe4225a466c8890d78901ad87fe92dbcd2992d7f8fd16df115352bad186bec0c8c7e38f54862773cde9c2cf034694ddfb8a244d772f6fe4eec9cebb325b9c68411f1706368146fdadd83fd5a2e766db5858fcc70d1492f524b936691bdf1cb072000158fd24a26b47cd91b2e697416245e3a814a33feedf40480fa0908085c5a10fc9eeeb2b01cc4bfc9ef93cb19fb091706ebcdb93ef25d1a39d68af822b221a62582331942fddf57c2b2e90b0c92c5ba1381bc8e46bbfeeae4dcdd558ccc804833f39283a389cbb62dbcb7184ed902222f7723ebc5dbf0754e971c481868cf0ad8182871f3b06dfbe61606bb6024bf0f549c9e63c4eaee9defda6492d4e5aef9c0b096959dfef4fccb516fe07bf363a24f612560434653672a3281aeca4bbf1f34e5c91d942e8966320c0f0f369a4e60e1989fb8d4b5db4b62b374806d8d4a2720506525eb8b0e251e34dc1d1feb736e16f9ccaff4ffb737b157b7c0c3687acefd167e1f3d5f85b110537b62a0c6ffd1d69aa0bc50ae39c3cb86a53ed0119f7ecfe56e6f9dc6ea43c48aa8c5e3761d86e0a5694438085b0421092c6e492e31327151cd1840f119e16ed0dc53117a323528e0bc1248a46f7d7396db207f48334dd1674f49ebf587349ad3a2c5cb9362cd795074781cb61b446bf13a48b7ac9fb2eadce826378d49220e5e0ba0023839dedc437190752e17ba0bbfe9167d20ef54aa75f7a793d79413a70472b57fa38a81dc11e06d1ab1791293834c590726a407f1d8c0f8281129768fa8dbb62f3bdc38b097a44560192943c5a9f0604fd6d76ea19dac1aeffbec50b7253901baa0eb2eb05b2f441ea1c3720a093f6cc297e9b594bb5f9539027848518ad6a1ee7f3b13fb7ca6508c2f75bbdcbe6be74fad537d0acce303348d8cd5efbcba0f8cb0c941c3a658656debb2872e77af618c67880ef7440e7eb313e5de027c37a2dbffb4c1ffe1221647923dac47008dcd1f199b324bb8b20639fc204999a1004f37a4a76ece1c9b4d37e0f9082ea4dcaa2126a45e6c68022494e076e433ffbd5343c1c3a69eb896261994a782f999572e5223de5f600f5db38e5485da6cf4caf5a842da02d566033e6291c179f0845afe8100ecbd746f9483f6e567a6ce4a9c9b330948d47e14c386d31986770dacf1f41fff46b551d90997f5cd151059cc6551840ee52c0b3f007104de98db2b1bb80ee76999acde46f0cd43129e8ec47ae9bb5f26393816ba1ca2dc8c69a37ad339a1ecad9e6ff9c4993a7e1696a8c8ebcda2819d0d3416a984b7b80fd8ef89633d289dd6d7ea9228cc43f17c11d1bc0a95ce4dffd69f08c4f4027e6b4a9736ba3dfa0b55cdb1d77d016075cd444effc3632e941eea71cdec7502b472c0eccf3ee0d160d72277533d8c38132223be92d76abf213eac8503d6ad3b2cf0e598ee606d078275f435f86bd0d61832761653d5ed69a98459073f1c22a557fed2f87047154a3edc90ac6a25afef33e9c65c4c924a2692e3ce650de8e7b13a1229d29808935347d2bc33b0673bfb141c3b95d6194cf32c59de23f9c26a7ec60d8820cf42e2e27174638fa103e6944899f13fe09dd037b171ea76bebeb30b7ebc24311211d4f0e2032d2a10d7b244b30503f84c568a68ddc9e54f079d09fa54a8595b51b94c1c78590baed1c2c373b2a55f8f14c265f8c888058845c26deae5b4ef1bdafc76576536b56a5a67592d05f6b49c220d5b2b7a4769c82d7dcd8e90eb89210c6baab2dbe79cf53eb0efa98f4147afa98a4d6c812a18e61eaba2f923c6a951354139f626a94da3c91255614e12cee714250348063636f3171b81186956dfbe16e0a30c8244b7a5bff1235ba278476c9a71974ceee54a5ec90572e7cf2df2f500283c6b4c37413ace100d7c92b0f75dd1565cd6140b795aeb468d5490bb9f352f2d489f170bb83e325675f9d34be7f51499388a254c7639f5a54149250a12e1c43b9c52379d2f5fe55342aaf1e663f27caeac07fa2ad7ac3fd45e855d3a7d10a43d4ba968237e37281135ffc769b9b327b60ad12b5e8517eed233c8514b818aaacdd14d616235e3ce368fb0fc8342b395c3b7d67d9f6fcc24760a36ba6e9a2e705bae47d919b7628dc7b74ca52693510cd90e2c4fe91cb29fc268a8b86730d013e7b3ea435815ab0eeaef94753497655cca1086f6fc495567bd14d3cc98aa05a151200e9ed4e70e71187bf7e5ada4df81790e382a6db6859134f4d7ce626517aa7a42f723105d9e9c553d8609f3eb84cd6ae85eaaf8bc45117b4b3a6c7848e5bd3f5dde4c084072c5bb1da68706d1f20b1c96f2247012f85b55fbcdf7a644583d29e47667b5f9e15ea5947533ec665f730e612f3505033c48cd057cbc1bb8fcfb0f01f4dab75e88137acf72a299cf532af0307702464677f9928ffb0c508a88f509997c458eed271ad4667c61438a62287b0483be4cd9f3a282420e6d21b555c569b499daabc980a4d7bbbe3cbe67e685fac48b10bf68bf0097c10bf5fe81e50b59f586865b97ee7562361b4d18f7459378df7b7348e15b6d7cd5d54864507261d32275bdab67a4bdc1eb1aca8035cc12fd7d9a56079d158b3ea70be26fceb04b2c2cea20c762f53580dd831915110fa2f8e7c3223cf77b4a3f4f614db34521c606610e08f89c865766dc994c3b605d0bc087641482fc578d47d386fc67c4e8d2ae281836db15d2ea7eb19e453f12dfcad476d25cb214c3e6d18c63a225e16788b079ae667740d24d554a972cb3788a5258e616ff541149cfa1cf5f2e41cfff8072904783bb8579ce6e8c6347f4459f222d94bec8bbc8e3cc5b1e8c8674244f9dc5cd3c21edacbf47e42d33f4d01431037171afc4b2580954025c19f8bace0b24d0a32caf8ff691d035968975aeb1a99c152a21e40b7286c0a92b8866cea3a21265c541dea92cb091fc2cd2598b18e63619a9a0142d788c1ac7f7a68864afa527c14457b30d6a2adc438b4c3176c1db8a59597bd33c7901b89e2996eb49e625f655e32b1c37e7056639d3c496e518a1ebd68d570b514d03446c39a932f74001af2bcf2639fc916d70093eb934a0464562e1e75386ed60a707de567f00aa56bd5a0ccc9ae3b950b018245896578ea9aed2700f24a722bd524e988fb60f749936c9b036321f3fc6d705ec4757660034da1b1764b4b896b3e1cec93b830a8c4c82c906a4fc73c29d268860d05178edd3985dfff40342252af48d4c60e94eadcc104004664b66223a6b832475ffb3c80df9fc5448a673f507ef246031a2d9ff37a7b335916fafd2338d5a27258ccbf130cb1e17e8848eb89dce32d30b99f30ee0dd50ebb3834cdead1c63d6863464f04b35a0eb4d55161ccd6ac19e4f804bb35bcc347fe0dfd76b2aee64eeb976afe38e7a9ed6d05774fd9254823b0f1c29e6577a740d4c4b0373f60ac42f86042a67c353fe2cc6262ed6111dac17142129035191728ecc071be9e29627e4626f9512b9f8b641d0eed7da359af06886a5499caf70b5337f171c43a814b82a32dcf270d2a4f751154bb51b97531ed97344be2ae9078944309b8fcd689e607f6781c21c6b16573fd900ae888584f815c473775a545b49d7ae5a7a82f7784ad7e38c9dc6371f68261b659f776c0a0d5384a34082c78e6c8c9ccb61f96ed55eb0c478961f9e59d447f45a2b77b5ffe879b3ab00f040ce91eb530a723a77e4b35f07ff6a083fe34fc19a7736a4e8021ec0ef7fee33fc6f054318fce40dad9ea05827c52ffd5cf8e15fa1c4eb4af1eb978f771f455285a1df6318af00a1ae2451ae0e68a742cc8e931eae61787bff10d2bcd60f68d90dea1543847a339801ed6038644697eadedbebcb0a9f4494eb9b34507b4eb97b37b04d9a6ded26bfe09cd4c42d1c8b623d9a46438b8a696a46ec81f2d464d4337181d0c6784e474689075c5c92a7e504704be97098b689f0746f7cb7ff682c19dac52323dabdbafe399ea850ac1b01210926cb58fb557c38d44510da8ef30137fd01cf9f593aa4654e72f655aaeba3745ce3a5d141546215db3d9f9a33ce04e3a268607844671cc99e3e5fb9ca2c99d4899ece85ef952f9d2f0430134955ac361880e8b50d019a70106b2794bfa247fc2df8c44eea8cf2ebfdd2fed1fa01c566a40f2d73cf50971ed74c12bd1c4311761ea3b8c7e8a7679d6fe0f85c48017688201d7947a2fa3f259863e759f13bffb30eadd662989b960103c38cb0b8affaf3b6135bcbabe10b6e834f89edc72b3148f5d5861ef1e1ebb91462d8e3e05603e3ddb2a8928e8ffe5f740b1c08f6fecc978670ae96eca6255963361f717ebbaa3796e3dab577b39f6c869c54df26947ae5119107f312b197f09929062ff5f6b7b191be5a4b6f1898254d8d7043b68063d3dbf453e4eb0f563bb96d4b699968158c7ce527d56cd022cbb33bbd061bf6ea70faf9a73a79f2efa14d9654242d4286ed2fd2757cdf6a18261579dc14a0e71ce45580a7031bac78077b1dbfac3700250f8a998560194b8560c05b82c24a912064c0785721cdfbc84d1dbfc5c5691d345144af8f0bd25be1df822340ff5cb209b66c70de13bfd89e2728b623d6d8df6efb2214f1ee5f7da8449fa31bb376e8ac56ec9873fc90972bfc5a1bdf010d0c7db6e9d5399fcdf28299de6511e64b8899d07170d057f3070bfd7047c8f3185fd8d9829cb43211203e2647c46e83b815a6891281afe454bc488a07baedd02de010b2965f2b74e13971788c6ded334b8058f54cd702e5d5d982df12ce8044", @ANYRESOCT=0x0], 0xfb, 0xc41, &(0x7f0000001b80)="$eJzs3U9sHNd9B/DfG5Hi0m4rxnYUJ42LTVuksmK5+hdTsQp3VdNsA8gyEYq5BeCKpNSFKZIgqUY20oLupYceAhRFDzkRaI0CKRoYTRH0yLQukFx8KHLqiWhhIyh6YIsAOQUMZvatuKRJmzb/iLI+H5v67s68N/PezHJGIvjmBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQ8QcvXTl7Lt3vVgAAh+na6NfOnnf/B4CHynX//gcAAAAAAAAAAAAAgKMuRRGPR4q5a2tpvHrfVrva6r1zd2xoePtq/amqeawqX37Vzp2/cPHLzw1e6uTV1swH1N9vn4tXRq9fqb84e3tufmphYWqyPjbTmpidnNr1FvZaf6vT1QGo3371zuTNmwv1889e2LT67sB7fY+eHLg8+PSZpzplx4aGh0c3itS6y/d87Ia07TTC43gUcSZSPPO9n6ZmRBSx92NRO9xzv1V/1YnTVSfGhoarjky3mjOL5cqRzoEoIupdlRqdY7T9uYie3kPtw84aEUtl88sGny67NzrXnG/emJ6qjzTnF1uLrdmZkdRubdmfehRxKUUsR8Rq3/s31xtF9ESK75xYSzci4ljnOHypGhi8czuKA+zjLpTtrPdGLBcPwDk7wvqiiJcjxc/ePhUT+TpTXWu+GPFymT+IeLPMFyJS+cG4GPHuNp8jHkw9UcRfluf/8lqarK4HnevK1a/Xvzpzc7arbOe68hHvD++7Utyn+0P/ljwcR/zaVIsimtUVfy19/L/sAAAAAAAAAAAAAAAAALDf+qOIz0aKl/7jT6pxxVGNSz9xefAPB361e8z4kx+ynbLssxGxVOxuTO7xPDBwJI2kdJ/HEj/MalHEn+bxf2/c78YAAAAAAAAAAAAAAAAAAAA81Ir4SaR4/p1TaTm65xRvzdyqX2/emG7PCtuZ+7czZ/r6+vp6PbWzkXM851LO5ZwrOVdzRpHr52zkHM+5lHM550rO1ZxxLNfP2cg5nnMp53LOlZyrOaMn18/ZyDmecynncs6VnKs544jM3QsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8ElSRBG/iBTf/uZaihQRjYjxaOdK3/1uHQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABQ6ktFfD9S1P+ocW9ZT0Sk6v+2U+UfF6NxvMzHojFY5gvRuJKzWWVP44370H72pjcV8eNI0Vd7K1JPe1k+/73td/c+BvHmtzbefS6XPdZZOfBe36MnT1weHP6NJ3d6nbZrwOmrrZk7d+tjQ8PDo12Le/LeH+taNpD3W+xT34lYeO31V5vT01PzH/9F+RHYQ/UH6EX5DXIEmuHFYb2IniPRjPvTdx4C5f3/3Ujxu+/8Z+eG377/1+JX2u/u3eHj53+2cf9/fuuGdnn/79laL9//y3v6dvf/x7uWPZ//NtLbE1FbvD3XezKitvDa62dat5u3pm5NzVw8e/Yrg4NfuXC293hE7WZreqrr1b4cLgAAAAAAAAAAAAAAAIDDk4r4/UjR/PFaqkfE3Wq81sDlwafPPHUsjlXjrTaN235l9PqV+ouzt+fmpxYWpibrYzOtidnJqd3urlYN9xobGj6Qznyo/gNuf3/txdm51+Zbt/54cdv1j9Su3FhYnG9ObL86+qOIaHQvOV01eGxouGr0dKs5U1Ud2XYw/UfXm4r4r0gxcbGevpCX5fH/W0f4bxr/v7R1Qwc0/v9TXcvKfaZUxM8jxe/81ZPxhaqdj8T7jlku93eR4vSlz+dycbws12nDY9VDBNojA8uy/xcp/ukXm8t2xkO2xyBWZc/t/sg+GMrzfyJSfP8vvhu/mZdtfv7D9uf/ka0bOqDz/0TXskc2Pa9gz10nn/8zkeKFx9+K38rLPuj5H51nb5zKhe89n+OAzv+nu5YN5P3+9v50HQAAAAAAAAAA4IHWm4r4+0jxw+Ge9Fxetpvf/5vcuqED+v2vz3Qtm9yf+Yo+9MWeDyoAAAAAHBG9qYifRIpbi2/dG0O9efx31/jP39sY/zmUtqytfs73a9VzA/bz53/dBvJ+x/febQAAAAAAAAAAAAAAAAAAADhSUiriuTyf+ng1nn9yx/nUVyLFS//zTC6XTpblOvPAD1R/1q7Nzpy5Mj09O9FcbN6YnqqPzjUnpsq6T0SKtb/9fK5bVPOrd+abb8/xvjEX+3ykGP6HTtn2XOyducmf2Ch7riz7qUjx3/+Yy66vV2U781h/eqPs+bLs30SKb/zL5u12yp7cKHuhLPvdSPGjb9Q7ZR8py3aej/qZjbLPTswWB3BWAAAAAAAAAAAAAAAAAAAAeNj0piL+PFL87+3le2P58/z/vV1vK29+q2u+/y3uVvP8D1Tz/+/0+uPM/189V2Bpp70CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAnU4oiXo8Uc9fW0kpf+b6tdrU1c+fu2NDw9tX6U1XzWFW+/KqdO3/h4pefG7zUyQ+uv98+G6+MXr9Sf3H29tz81MLC1GR9bKY1MTs5test7LX+VqerA1C//eqdyZs3F+rnn72wafXdgff6Hj05cHnw6TNPdcqODQ0Pj3aV6en9qDt9Y8c1aYflx6OIv44Uz3zvp+mHfRFF7P1YbPvZ6dt9L/aov+rE6aoTY0PDVUemW82ZxXLlSOdAFBH1rkqNzjHat3NxQBoRS2XzywafLrs3Otecb96YnqqPNOcXW4ut2ZmR1G5t2Z96FHEpRSxHxOo256A3ing1UnznxFr6176IY53j8KVro187e37ndhQH2MddKNtZ741YLh6Ac3aE9UUR/xwpfvb2qfi3voieaH/FFyNeLvMHEW9G+3yn8oNxMeLdw/te5oD1RBH/X57/y2vp7b7yetC5rlz9ev2rMzdnu8p2risHcn84PP2Hurcjfm2qRRE/qq74a+nffV8DAAAAAAAAAAAAAAAAHCFF/HqkeP6dU6kaH3xvTHFr5lb9evPGdHtYX2fsX2fM9Pr6+no9tbORczznUs7lnCs5V3NGkevnbJRZW18fz++Xci7nXMm5mjOO5fo5GznHcy7lXM65knM1Z/Tk+jkbOcdzLuVczrmSczVnHJGxewAAAAAAAAAAAAAAAAAAwCdLUf2X4tvfXEvrfe35pcejnSvmA/3E+2UAAAD//xtt+zc=")
socket$nl_route(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
sendmsg$MPTCP_PM_CMD_SUBFLOW_CREATE(0xffffffffffffffff, 0x0, 0x2400c800)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x33}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r3 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r3, 0x1, 0x0)
r4 = syz_open_dev$MSR(&(0x7f0000000000), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r5, 0x4018620d, &(0x7f0000000080)={0x73622a85, 0x100})
r6 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000100)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r6, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000200)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r6, 0xc0306201, &(0x7f0000000480)={0x10, 0x0, &(0x7f0000000000)=[@clear_death], 0x0, 0x0, 0x0})
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x240007fd, 0x0, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x40, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
io_uring_enter(r0, 0x1815, 0x0, 0x0, 0x0, 0x0)

2.472480662s ago: executing program 8 (id=1160):
r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r1 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000100)={0x6, 0x1f, 0x6})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(0xffffffffffffffff, 0xc02064b2, &(0x7f00000000c0)={0xdb, 0x1ff, 0xb})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000000)={0x7fff, 0x8, 0x100})
r2 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
r3 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r3, 0xc02064b2, &(0x7f00000001c0)={0x8, 0x8167, 0xe})
r4 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r4, 0xc02064b2, &(0x7f0000000340)={0x8, 0x8169, 0x6})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, &(0x7f0000000280)={0x40, 0x403, 0xc})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r4, 0xc02064b2, &(0x7f0000000200)={0x1000008, 0x1, 0x7})
dup(r1)
close_range(r0, 0xffffffffffffffff, 0x0)

2.411170773s ago: executing program 5 (id=1161):
r0 = syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x0, &(0x7f0000000180)={[{@debug}]}, 0x0, 0x236, &(0x7f0000000300)="$eJzs3TFoM2UcBvDnLomf/b4gVRdBUEFEtFDqJrjURaEgpYgIKlREXJRWqC1urZOLg84qnVyKuFkdpUtxUQSnqh3qImhxsDjoELlcK9VGFFNz8t3vB5fcJe97//e4e95kOS5Aa00nmU/SSTKTpJekON/grnqZPt3cntpfTgaDx38shu3q7dpZv2tJtpI8mGSvLPJiN9nYffro54NH731jvXfPe7tPTU30IE8dHx0+dvLu4usfLjyw8fmX3y8WmU//D8d1+YoRn3WL5Jb/otj/RNFtegT8E0uvfvBVlftbk9w9zH8vZeqT9+baDXu93P/OX/V964cvbp/kWIHLNxj0qt/ArQHQOmWSfopyNkm9Xpazs/V/+K87V8uXVtdemXlhdX3l+aZnKuCy9JPDRz6+8tG1P+X/u06df+D6VeX/iaWdb6r1k07TowEmqcr/zLOb90X+oXXkH9pL/qG95B/aS/6hveQf2kv+ob3kH9pL/qG95B/a63z+AYB2GVxp+g5koClNzz8AAAAAAAAAAAAAAAAAAMBF21P7y2fLpGp++nZy/HCS7qj6neHziJMbh69XfyqqZr8r6m5jeebOMXcwpvcbvvv6pm+brf/ZHc3W31xJtl5LMtftXrz+itPr79+7+W++7z03ZoExPfRks/V/3Wm2/sJB8kk1/8yNmn/K3DZ8Hz3/9KvzN2b9l38ZcwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABMzG8BAAD//8n0bSk=")
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000005e00))
socket$inet6_tcp(0xa, 0x1, 0x0)
creat(&(0x7f0000000580)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x10)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
setuid(0xee00)
ioctl$EXT4_IOC_GROUP_EXTEND(r0, 0x40086607, &(0x7f0000000040)=0x8)

2.410067013s ago: executing program 7 (id=1162):
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', 0x0, 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000000)='./file1\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0/file0\x00', 0x1c0)
r0 = syz_clone(0x88200200, 0x0, 0x0, 0x0, 0x0, 0x0)
setpgid(r0, 0x0)
setpgid(0x0, r0)
openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0, 0x0)

2.359306275s ago: executing program 1 (id=1163):
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x0, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000880)='./binderfs/binder1\x00', 0x800, 0x0)
creat(&(0x7f0000000440)='./file0\x00', 0x0)
socket$unix(0x1, 0x5, 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x42, 0x0)
socket$key(0xf, 0x3, 0x2)
mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='trans=fd,rfd', @ANYRESHEX, @ANYRESHEX])
openat$sndtimer(0xffffffffffffff9c, &(0x7f00000006c0), 0x0)
syz_open_dev$loop(&(0x7f0000000240), 0x7, 0x184a62)
socket$netlink(0x10, 0x3, 0x0)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/sync_on_suspend', 0x40000, 0x2d)
openat$tun(0xffffffffffffff9c, &(0x7f0000000300), 0x35451d700330dc4b, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x101000, 0x0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
syz_usb_connect$uac1(0x3, 0xdc, &(0x7f0000000240)=ANY=[@ANYBLOB="12010000000000106b1d01014000010203010902ca0003010070000904000000010100000a24010800000201020d24060000030800000000000000240803960c03112d9cd2ce0c240208000103000000ff000924060506020100000924030003030005490c240206", @ANYRES8=r1, @ANYRES16=r0], 0x0)

2.07119068s ago: executing program 7 (id=1164):
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x0, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000880)='./binderfs/binder1\x00', 0x800, 0x0)
creat(&(0x7f0000000440)='./file0\x00', 0x0)
socket$unix(0x1, 0x5, 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x42, 0x0)
socket$key(0xf, 0x3, 0x2)
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='trans=fd,rfd', @ANYRESHEX=r0, @ANYRESHEX=r1])
openat$sndtimer(0xffffffffffffff9c, &(0x7f00000006c0), 0x0)
syz_open_dev$loop(&(0x7f0000000240), 0x7, 0x184a62)
unshare(0x62000000)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg(r2, 0x0, 0x0)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/sync_on_suspend', 0x40000, 0x2d)
openat$tun(0xffffffffffffff9c, &(0x7f0000000300), 0x35451d700330dc4b, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x101000, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)

2.05643083s ago: executing program 5 (id=1165):
r0 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r0, 0x40045532, &(0x7f0000000100))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x102}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
syz_mount_image$ocfs2(&(0x7f00000026c0), &(0x7f0000004780)='./file0\x00', 0x200000, &(0x7f0000000340)=ANY=[@ANYBLOB="6a6f75726e616c5f6173796e635f636f6d6d69742c636f686572656e63793d66756c6c2c6572726f72733d636f6e74696e75652c6865617274626561743d6e6f6e652c6572726f72733d636f6e74696e75652c6e6f696e74722c67727071756f74612c001796fa694353e3807803df5ea6fd4d6e6a2613d336eb62b863dcd89e37b45f8bd04199a14c48b3e553e035ab300ba3c60c27682a8ab5656969d829535c0862f6e3a35f15fe4d50c0d5c74631344625d6224c436474bb101ff47a14c51e342ca291c09c35d9d31b06b6b86cb9dccae387b5f1e7c5e1d445d52845a3fa4c77234ea9d37c8a277c85e69a85cc6ffeb225bebbca91b569b80ee303c9a21c58db5d96fb87f1713e0e9b896e37becae2e7a978259a0847e9fb08dcb8b9f84f616463da2507db1b3489769e99"], 0x1, 0x4703, &(0x7f0000004800)="$eJzs212IXFcBB/BzZ1ezmybb/UibpOnHJBFctCybPlXrQ1yrNpo2H9pWU2Wd3Ww3q7M76+6MFgxSgyAKghIEFT+oCqUvtSAG+lKLUPADaRVKRdH6IlKogg8GbaArM3Nvdu6d2d7JTtLS9veDdvaee8+5Z/a/99w590wKseqphdXiwmqxtFSszN6/ekvxc5VybXEuFF4lr/X56c6VyEn2r50j7/vAR+65JYQ/HPvah9bW1tZC3XDo6EDLz+f/fXq29TVRyNSpt9u5taY/1h556edveaUj8pwIIexo61ddXwjhY78IYUsIYSQuG41fB0MI20IIUQjh0d/868cDvXShxdl7X3ju2JnD+85MPf7YMxfmj254YBTCd8u7b55ffHF/323Pv+MynR4AAF7RB48fufvo5IHwZBSGzvW3f17fGb8mn4/vfNun7nq4f33/Gt3pexVDBQAAgIz1+f9w9HKH9bpkZS1ZEnzigRN3PxWt7zexfX07dNeR298/eSBe/43a9t8aF/3zvX2NNdTsum92/XckU7/z+u/6eR7+6rO/XHrr5vuf9C8573CIChOp7UJhYiKEY1PN7V3R1kK5slp95/2V2tLJzZ/3jSKdf3b1fn1Bv9v8RzPV89b/d3/i8z8b7O/lHYyF7F9tfbvY/qdMB+n8Nx7Lf/KlqKv8xzL18vK/4+nt53+1pZd3kD0jlyKdf/NC3Nd6QLE5ANTz/2Z/fv47Mu3n5f/9qXOPntjE93/q48xwVO/rQGoEeDku3+ArTGSk828GkRo641/kRtf//zL5X5NpPy//Oyv/+N3ferj/bzT+j0/10uabRzr/ZhDF1BHr1/9IIf/6vzbTfl7+vz3152c/2dO9uj3/ev/H3f+7ks4/vhGnB8/Gb7Lb8X9npv28/HeN3ffQwib6/eHBuJ9DURhr+dbpufotbGh9vboxpanvXt7ESd4E0vk3f2upS2eo+dK4/ofzx/9dmfbz8n9oz9ffc7qn7/92Hv8njf9dSec/2Ci7lPxfyuS/O9N+Xv4/PP33v9x3mcf/+vZB+Xclnf/Wtv3rz38KXc3/rsvUz3v+s2/0qUf+2sP8P+lfct7k+U/yHGI8aj7/obN0/ldteFy39/89mXp51/+3/vP80/t7Gf+jAU8AepDOf1uzsMMEsNv8r8+0n5f/F+758sf/tIn5X+MT30CSf8v8f0uz/Kjxvyvp/Lc3C1P/GOrBxv8b9/+oPff/ZvK/IdN+Xv4XDk30f+Uy3//r/R/v8Cibdun8hzY8rp7/77u4/9+YqZeX/xf3/vTFm3v6/B/CpLn+pqXzv3rD4xrX/0B+/jdl6uXl/51v/PqJB3vo/9t7qEs2/+a9PnU5xZ/Nu53/FzPt5+X/o/HzZ/dfgfnfre7/XUnn31w1v5T8s/P/vZn28/L/3pEfrPRfgec/d8gfAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgU0bj1+EQFSZS24XCxEQIY/H2rrA1mimdnJ4pV2Y/sxrCjri8GEaj+XJlplSeXliqnJybLpXLldkQron37wgD0Wq5Up1eLC1fe7GtwejUXGmlOjNXqoYQdsbl14ftSVszC9XF0nLj2KTOVVHps7VKtTRRW51bCbsvlm9LyudXKrXl6y62dXWhsrJ8qrQ0fXJh5d2Tk5OTYc/FPo9Ecw9U55aqzd4299brJHWHo5Y309h9Q8v5Pl2prSyVyo3yG1vqlCuzpXJLnZtazlddqS3Nlqpz0+XKfHK+YkvdlvfW2L033jceRlLvL6mbdTB+vf3Q8Y8eP3ygbX8xSue9VFucm9ze+W8CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgDeuJ29717dDCH3NrUII4WDyQxT/l3L23heeO3bm8L4zU48/9syF+aOdjgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg/+zAgQAAAAAAkP9rI1RVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVh535equjiOACfGd/7WiCltBFyGRgiojsJC/pFJJXXyJZtWge1SsigKDCMaFkQBEHtooKgVVD5F0QtXLaqNrVoYRBBxehMXu4IN7zQMed5YDgzzL1nvjBw78z5HA4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMD6cXbHYlfWXtq1eWnr7g+hMz/3fwhhNFne/7y3I/SEEL5+mTkdVmkLPU39v5mcGy9fNfm9t3/84fXRZO31F98trtsdknSo4XhnkqZDQ2vvf6O6M/hsejAJIY1dCFEsjD05UwshdMQuhCh+fpy/mP2+/xe7EKLo/3C3K7v/tdiFEMXW3Z/6avkzHtVzvn5hsPG/v9UjeBuP6KxDb09eeZe6qZX3Mn//T/LN+2A1zJ448v557CKIZnZu6mjsGgAAgL/rXIv8P2xZ3r9/OQk93eXc/1tT/t/b1P/q+f+Ke9tvjM20FUJsK41NZsfD+9rpc+M7NXD19uua8Z6qkv9Xm/y/2uT/1Sb/rzb5f7XJ/8m8kv9X0uObexZfxC6CaOT/AABQPYeOT0zVh0eyl/9NPzrLeX1f3tbzPP3BremBRw3jRvLDf9vhYxMHDg6P5Pe9PCC4sv5DunT2ez7fo7ktTDbNu2i1/kPv04X5a53lT9T/cP5GUV9xXes/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC/2J17GgbBKAyj321F1EarogkLPwk+0MCIAKQwowEdTBiAgRBQwEDOWe5NnuUFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnu9f5XXx/aUx0muNSFPZZdf+OZ5mP3PfDsv77HHjVgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANjYgQMZAAAAAGH+1nm0HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgKcCAAD//wTsyzo=")
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
write$cgroup_int(r1, &(0x7f0000000200), 0x12)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r2}, 0x10)
r3 = fsopen(&(0x7f0000000300)='bpf\x00', 0x1)
fsconfig$FSCONFIG_SET_FLAG(r3, 0x0, &(0x7f0000000100)='rw\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x22051, r1, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000300)='./file1\x00', 0xc4042, 0x1b)
r5 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000140), 0x2000, 0x0)
sendfile(r4, r5, 0x0, 0x20fffe82)
ioctl$SNDCTL_DSP_SYNC(r4, 0x5001, 0x0)

1.997292272s ago: executing program 8 (id=1166):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, 0x0, &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000000)='./file1\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0/file0\x00', 0x1c0)
r0 = syz_clone(0x88200200, 0x0, 0x0, 0x0, 0x0, 0x0)
setpgid(r0, 0x0)
setpgid(0x0, r0)
openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0, 0x0)

1.703896707s ago: executing program 8 (id=1167):
syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f0000000740)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xc000, &(0x7f00000006c0), 0x2, 0x246, &(0x7f0000000ac0)="$eJzs3T9oM2UcB/DvXRJf+75BXnURxD8gIloor5vg8rooFKQUEUGFioiL0gq1xa1xcnHQWaWTSxE3q6N0KS6K4FS1Q10ELQ4WBx0iybVS24ja1Jz0Ph+43l3vee73HLnvkyyXBGisq0muJ2klmU7SSVIcb3B3tVw93F2f2l5I+v0nfiqG7ar9ylG/K0l6SR5KslUWeamdrG4+s/fLzmP3vbnSuff9zaenJnqRh/b3dh8/eG/ujY9mH1z94qsf5opcT/dP13X+ihH/axfJLf9Fsf+Jol33CPgn5l/78OtB7m9Ncs8w/52UqV68t5Zv2OrkgXf/qu/bP355+yTHCpy/fr8zeA/s9YHGKZN0U5QzSartspyZqT7Df9O6XL68tPzq9ItLK4sv1D1TAeelm+w++smlj6+cyP/3rSr/wMU1yP+T8xvfDrYPWnWPBpiIO6rVIP/Tz63dH/mHxpF/aC75h+aSf2gu+Yfmkn9oLvmHC6xztNEbeVj+obnkH5pL/qG5jucfAGiW/qW6n0AG6lL3/AMAAAAAAAAAAAAAAAAAAJy2PrW9cLRMquZn7yT7jyRpj6rfGv4ecXLj8O/ln4tBsz8UVbexPHvXmCcY0wc1P31903f11v/8znrrry0mvdeTXGu3T99/xeH9d3Y3/83xzvNjFviXihP7Dz812fon/bZRb/3ZneTTwfxzbdT8U+a24Xr0/NM9/hXLZ/TKr2OeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIn5PQAA//8PK23M")
mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0xfffffffffffffffe, 0x4031, 0xffffffffffffffff, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
read$msr(0xffffffffffffffff, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
openat$ptp0(0xffffffffffffff9c, &(0x7f0000000480), 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x4, 0x5, &(0x7f00000003c0)=@raw=[@ringbuf_query, @jmp={0x5, 0x0, 0x2, 0x4, 0x0, 0xffffffffffffffb2, 0x4}], &(0x7f00000000c0)='syzkaller\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0xfffffffe}, 0x94)
write$UHID_INPUT(0xffffffffffffffff, 0x0, 0x0)
msgsnd(0x0, &(0x7f0000000340)=ANY=[@ANYRES16], 0x2000, 0x0)

292.028935ms ago: executing program 7 (id=1168):
openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000880)='./binderfs/binder1\x00', 0x800, 0x0)
creat(&(0x7f0000000440)='./file0\x00', 0x0)
socket$unix(0x1, 0x5, 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x42, 0x0)
socket$key(0xf, 0x3, 0x2)
pipe2$9p(&(0x7f0000000240)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='trans=fd,rfd', @ANYRESHEX=r1, @ANYRESHEX=r2])
openat$sndtimer(0xffffffffffffff9c, &(0x7f00000006c0), 0x0)
syz_open_dev$loop(&(0x7f0000000240), 0x7, 0x184a62)
socket$netlink(0x10, 0x3, 0x0)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/sync_on_suspend', 0x40000, 0x2d)
openat$tun(0xffffffffffffff9c, &(0x7f0000000300), 0x35451d700330dc4b, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x101000, 0x0)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/oops_count', 0x181000, 0x24)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
syz_usb_connect$uac1(0x3, 0xdc, &(0x7f0000000240)=ANY=[@ANYBLOB="12010000000000106b1d01014000010203010902ca0003010070000904000000010100000a24010800000201020d24060000030800000000000000240803960c03112d9cd2ce0c240208000103000000ff000924060506020100000924030003030005490c240206", @ANYRES8=r3, @ANYRES16=r0], 0x0)

0s ago: executing program 9 (id=1169):
syz_mount_image$ext4(&(0x7f0000000100)='ext3\x00', &(0x7f0000000340)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x4000004, &(0x7f0000000c00)={[{@jqfmt_vfsold}, {@grpid}, {@debug}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0xdf07}}, {@noauto_da_alloc}, {@commit={'commit', 0x3d, 0x5}}, {@init_itable_val={'init_itable', 0x3d, 0x9}}, {@debug}, {@usrjquota}, {@nolazytime}, {@norecovery}]}, 0xfe, 0x477, &(0x7f0000000780)="$eJzs3M1vFOUfAPDvTLctLz9+rYgvIEgVjcSXlpYXOXjRaMJBExM9YDzVtpDKQg2tiRCi1QMeDYl3439hPOnFqBdNvOrdkBDDBdTLmtmZKUvZLVu67QL7+STTPs/M0z7Pd2ae2Wfm2d0AetZI9iOJ+F9E/B4RQ3n25gIj+a/rVy9M/X31wlQStdpbfyX1cteuXpgqi5Z/tzXP1GpFfrBJvRffjZisVmfOFvmxhdMfjM2fO//C7OnJkzMnZ85MHD166OCegSMThzsSZxbXtV0fz+3eeeydS29MHb/03k9JJfK4Y1kcnTKS792mnu50ZV22rSFd37FL9v5yI93sTKCb+iIiO1z99f4/FH2xeWnbULz2WVcbB6yrWq1WW+GqvFgD7mNJdLsFQHcUtwD1+99y2cDhR9ddeTm/Acrivl4s+ZZKpHlib/+y+9tOGomI44v/fJUtsU7PIQAAGn2XjX+ebzb+S+PhPDGQ/fh/MYcyHBEPRMT2iHgwInZExEMR9bKPRMSjq6x/+QzJreOf9PIdB9eGbPz3UjG3dfP4Ly2LDPcVuW31+PuTE7PVmQPFPtkf/YMnZpOZ8RXq+P7V375ota1x/JctWf3lWLBox+XK4Kab/mZ6cmFyTUE3uPJpxK5Ks/iTKKdxkojYGRG77rCO2WcrLbfdPv4VtP63bat9HfFMfvwXY1n8paTl/OT4i0cmDo9tiurMgbHyrLjVz79efLNV/WuKvwOy47+l6fm/FP9wsili/tz5U/X52vnV13Hxj89b3tO0d/4vZY5tK87/geTt+oqBYsNHkwsLZ8cjBpLXb10/ceO/lfmyfBb//n3N+//2uLEnHouI3RGxJyIez24Ki7Y/ERFPRsS+FeL/8ZWn3l99/BszV5rFP3274x+Nx3/1ib5TP3x7+/iza1yr43+ontpfrGnn+tduA9ey7wAAAOBekdbfA5+ko0mlSKfp6Gj+Hv4dsSWtzs0vPHdi7sMz0/l75YejPy2fdA01PA8dL54Nl/mJZfmDxXPjL/s21/OjU3PV6W4HDz1ua9n/l64Fef/P/NnX7dYB664D82jAPUr/h96l/0NvSvR/6Gn6P/SuZv3/k5alR79Z18YAG8rrP/SuNvr/Yv6r9agAuDd5/Yfepf9DT2r52fh0TR/53/DEv8X3Gd4t7bn/E5HeFc24/xOVtr/MYhWJ2lDe/7M1g03LdPvKBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0Bn/BQAA///T8uXN")
creat(&(0x7f0000000580)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x80)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f00000000c0)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, 0x0, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
openat(r1, &(0x7f0000000040)='./bus\x00', 0x71d902, 0x44)
symlink(&(0x7f0000000540)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000640)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
creat(&(0x7f0000000d80)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
mknod$loop(0x0, 0x0, 0x0)

kernel console output (not intermixed with test programs):

evice loop3): ext4_xattr_ibody_find:2228: inode #15: comm syz.3.661: corrupted in-inode xattr
[  320.985124][ T6909] device veth1_vlan entered promiscuous mode
[  321.015969][ T7130] EXT4-fs error (device loop3): ext4_orphan_get:1406: comm syz.3.661: couldn't read orphan inode 15 (err -117)
[  321.102995][ T7130] EXT4-fs (loop3): mounted filesystem without journal. Opts: jqfmt=vfsold,grpid,debug,auto_da_alloc=0x000000000000df07,noauto_da_alloc,commit=0x0000000000000005,init_itable=0x0000000000000009,debug,usrjquota=,nolazytime,norecovery,,errors=continue. Quota mode: none.
[  321.162155][ T4272] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  321.173262][ T4272] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  321.353741][ T6909] device veth0_macvtap entered promiscuous mode
[  321.453006][ T6909] device veth1_macvtap entered promiscuous mode
[  321.485145][ T7145] loop5: detected capacity change from 0 to 128
[  321.571580][ T6909] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  321.587598][ T7145] UDF-fs: error (device loop5): udf_read_tagged: read failed, block=256, location=256
[  321.665853][ T6909] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  321.736434][ T6909] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  321.909933][ T6909] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  321.980990][ T6909] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  322.153882][ T6909] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  322.345389][ T6909] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  322.416669][ T6909] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  322.488575][ T6909] batman_adv: batadv0: Interface activated: batadv_slave_0
[  322.560473][ T6909] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  322.604000][ T6909] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  322.614227][ T6909] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  322.624711][ T6909] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  322.634648][ T6909] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  322.645133][ T6909] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  322.655003][ T6909] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  322.682772][ T6909] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  322.702969][ T6909] batman_adv: batadv0: Interface activated: batadv_slave_1
[  322.720252][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  322.736525][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  322.755446][ T4229] usb 2-1: new full-speed USB device number 5 using dummy_hcd
[  322.766128][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  322.782955][ T7159] loop6: detected capacity change from 0 to 1024
[  322.797220][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  322.853475][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  322.896017][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  322.934191][ T7164] loop5: detected capacity change from 0 to 512
[  322.938717][ T6909] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  322.981883][ T6909] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  323.005394][ T6909] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  323.035193][ T6909] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  323.159327][ T7164] EXT4-fs error (device loop5): ext4_free_branches:1030: inode #13: comm syz.5.667: invalid indirect mapped block 10 (level 1)
[  323.350976][ T7164] EXT4-fs error (device loop5): ext4_free_branches:1030: inode #13: comm syz.5.667: invalid indirect mapped block 8 (level 1)
[  323.618515][ T7164] EXT4-fs (loop5): 1 truncate cleaned up
[  323.624214][ T7164] EXT4-fs (loop5): mounted filesystem without journal. Opts: quota,,errors=continue. Quota mode: writeback.
[  323.887572][ T4475] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  323.931066][ T4475] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  324.023034][ T4475] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  324.085898][ T4229] usb 2-1: config 27 interface 0 altsetting 0 has an invalid endpoint with address 0x78, skipping
[  324.097236][ T4229] usb 2-1: config 27 interface 0 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0
[  324.100276][ T6734] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  324.107162][ T4229] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  324.107191][ T4229] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  324.135628][ T7151] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  324.250198][ T6734] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  324.283845][ T7178] loop5: detected capacity change from 0 to 164
[  324.303704][ T4272] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  324.474579][ T7178] loop5: detected capacity change from 0 to 512
[  324.488827][ T4229] snd-usb-audio: probe of 2-1:27.0 failed with error -12
[  324.535651][ T4229] usb 2-1: USB disconnect, device number 5
[  324.991684][ T7178] EXT4-fs error (device loop5): ext4_orphan_get:1401: inode #17: comm syz.5.669: iget: bogus i_mode (0)
[  325.382776][ T7178] EXT4-fs error (device loop5): ext4_orphan_get:1406: comm syz.5.669: couldn't read orphan inode 17 (err -117)
[  325.480458][ T4296] udevd[4296]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:27.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  325.542663][ T7178] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  325.793495][ T7195] xt_bpf: check failed: parse error
[  327.428998][ T7208] process 'syz.1.674' launched './file0' with NULL argv: empty string added
[  328.227901][ T7211] print_req_error: 2 callbacks suppressed
[  328.228058][ T7211] blk_update_request: I/O error, dev loop3, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  328.304201][ T7211] blk_update_request: I/O error, dev loop3, sector 256 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  328.325373][ T7211] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256
[  328.380107][ T7211] blk_update_request: I/O error, dev loop3, sector 512 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  328.392406][ T7211] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=512, location=512
[  328.403116][ T7211] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found
[  328.411193][ T7211] UDF-fs: Scanning with blocksize 512 failed
[  328.511914][ T7211] blk_update_request: I/O error, dev loop3, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  328.573789][ T7211] blk_update_request: I/O error, dev loop3, sector 512 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  328.589883][ T7211] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256
[  328.630795][ T7211] blk_update_request: I/O error, dev loop3, sector 1024 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  328.649808][ T7211] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=512, location=512
[  328.660334][ T7211] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found
[  328.668680][ T7211] UDF-fs: Scanning with blocksize 1024 failed
[  328.741030][ T7211] blk_update_request: I/O error, dev loop3, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  328.785419][ T7211] blk_update_request: I/O error, dev loop3, sector 1024 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  329.369258][ T7211] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256
[  329.379027][ T7211] blk_update_request: I/O error, dev loop3, sector 2048 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  329.390237][ T7211] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=512, location=512
[  329.399948][ T7211] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found
[  329.407709][ T7211] UDF-fs: Scanning with blocksize 2048 failed
[  329.414118][ T7211] blk_update_request: I/O error, dev loop3, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  329.425337][ T7211] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256
[  329.435026][ T7211] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=512, location=512
[  329.444732][ T7211] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found
[  329.452514][ T7211] UDF-fs: Scanning with blocksize 4096 failed
[  329.458602][ T7211] UDF-fs: warning (device loop3): udf_fill_super: No partition found (1)
[  329.744450][ T7216] loop5: detected capacity change from 0 to 1024
[  331.950596][ T7242] loop5: detected capacity change from 0 to 512
[  332.766014][ T7242] EXT4-fs (loop5): mounting ext3 file system using the ext4 subsystem
[  332.836518][ T7242] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a003c11c, mo2=0002]
[  332.844856][ T7242] System zones: 1-12
[  332.880229][   T26] audit: type=1326 audit(1757719804.753:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7251 comm="syz.1.684" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1397a9aba9 code=0x0
[  332.917613][ T7242] EXT4-fs error (device loop5): ext4_xattr_ibody_find:2228: inode #15: comm syz.5.682: corrupted in-inode xattr
[  332.936720][ T7242] EXT4-fs error (device loop5): ext4_orphan_get:1406: comm syz.5.682: couldn't read orphan inode 15 (err -117)
[  332.956285][ T7242] EXT4-fs (loop5): mounted filesystem without journal. Opts: jqfmt=vfsold,grpid,debug,auto_da_alloc=0x000000000000df07,noauto_da_alloc,commit=0x0000000000000005,init_itable=0x0000000000000009,debug,usrjquota=,nolazytime,norecovery,,errors=continue. Quota mode: none.
[  335.115404][ T4236] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[  335.244745][ T7288] loop7: detected capacity change from 0 to 512
[  335.337963][ T7288] EXT4-fs (loop7): Ignoring removed nobh option
[  335.344274][ T7288] EXT4-fs (loop7): Quota format mount options ignored when QUOTA feature is enabled
[  335.395659][ T4236] usb 7-1: Using ep0 maxpacket: 32
[  335.410321][ T7288] EXT4-fs error (device loop7): ext4_orphan_get:1401: inode #15: comm syz.7.691: iget: bad i_size value: 38620345925642
[  335.538926][ T7288] EXT4-fs error (device loop7): ext4_orphan_get:1406: comm syz.7.691: couldn't read orphan inode 15 (err -117)
[  335.582005][ T7288] EXT4-fs (loop7): mounted filesystem without journal. Opts: nobh,jqfmt=vfsv0,data_err=ignore,,errors=continue. Quota mode: writeback.
[  335.635393][ T7256] EXT4-fs error (device loop7): ext4_validate_block_bitmap:429: comm ext4lazyinit: bg 0: block 5: invalid block bitmap
[  335.697337][ T7288] EXT4-fs error (device loop7): ext4_free_branches:1030: inode #16: comm syz.7.691: invalid indirect mapped block 3973251072 (level 0)
[  336.302612][ T7297] kthread_run failed with err -4
[  336.922380][ T4236] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  336.938551][ T4236] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  336.948732][ T4236] usb 7-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  336.959613][ T4236] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  336.969552][ T4236] usb 7-1: config 0 descriptor??
[  338.001764][ T7314] loop1: detected capacity change from 0 to 512
[  338.054864][   T26] audit: type=1326 audit(1757719809.923:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7317 comm="syz.6.698" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fda1a644ba9 code=0x0
[  338.125476][ T4236] usbhid 7-1:0.0: can't add hid device: -71
[  338.125514][ T7314] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  338.131540][ T4236] usbhid: probe of 7-1:0.0 failed with error -71
[  338.162227][ T7314] EXT4-fs (loop1): 1 truncate cleaned up
[  338.173844][ T7314] EXT4-fs (loop1): mounted filesystem without journal. Opts: init_itable=0x0000000000000000,jqfmt=vfsold,debug_want_extra_isize=0x000000000000006a,user_xattr,errors=remount-ro,quota,. Quota mode: writeback.
[  338.508394][ T4236] usb 7-1: USB disconnect, device number 5
[  339.020228][ T7332] loop7: detected capacity change from 0 to 164
[  340.085081][ T7332] loop7: detected capacity change from 0 to 512
[  340.145357][ T4251] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  340.371176][ T7332] EXT4-fs error (device loop7): ext4_orphan_get:1401: inode #17: comm syz.7.699: iget: bogus i_mode (0)
[  340.397502][ T7332] EXT4-fs error (device loop7): ext4_orphan_get:1406: comm syz.7.699: couldn't read orphan inode 17 (err -117)
[  340.471175][ T7332] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  340.588705][ T4251] usb 6-1: Using ep0 maxpacket: 8
[  340.775750][ T4251] usb 6-1: config 0 interface 0 altsetting 5 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  340.862807][ T4251] usb 6-1: config 0 interface 0 has no altsetting 0
[  341.169297][ T4251] usb 6-1: New USB device found, idVendor=5543, idProduct=0042, bcdDevice= 0.00
[  341.375430][ T4251] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  341.453293][ T4251] usb 6-1: config 0 descriptor??
[  341.787669][ T6424] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  342.066310][ T6424] usb 4-1: Using ep0 maxpacket: 32
[  342.162745][ T4251] uclogic 0003:5543:0042.0008: unbalanced collection at end of report description
[  342.307559][ T6424] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  342.487444][ T4251] uclogic 0003:5543:0042.0008: parse failed
[  342.500104][ T6424] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  342.525421][ T4251] uclogic: probe of 0003:5543:0042.0008 failed with error -22
[  342.565502][ T6424] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  342.605592][ T4251] usb 6-1: USB disconnect, device number 4
[  342.647162][ T7372] loop6: detected capacity change from 0 to 8192
[  342.655594][ T6424] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  342.677445][   T26] audit: type=1326 audit(1757719814.553:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7378 comm="syz.7.712" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fcb24231ba9 code=0x0
[  342.724036][ T7382] loop1: detected capacity change from 0 to 128
[  342.726135][ T6424] usb 4-1: config 0 descriptor??
[  344.262456][ T7382] FAT-fs (loop1): Directory bread(block 32) failed
[  344.292684][ T7382] FAT-fs (loop1): Directory bread(block 33) failed
[  344.531022][ T7400] Invalid option length (1048180) for dns_resolver key
[  345.702519][ T6424] usbhid 4-1:0.0: can't add hid device: -71
[  345.711492][ T7382] FAT-fs (loop1): Directory bread(block 34) failed
[  345.735437][ T6424] usbhid: probe of 4-1:0.0 failed with error -71
[  345.765816][ T6424] usb 4-1: USB disconnect, device number 7
[  345.768014][ T7382] FAT-fs (loop1): Directory bread(block 35) failed
[  345.807861][   T21] Bluetooth: hci1: command 0x0406 tx timeout
[  345.814270][ T7382] FAT-fs (loop1): Directory bread(block 36) failed
[  345.856258][ T7382] FAT-fs (loop1): Directory bread(block 37) failed
[  345.881647][ T7382] FAT-fs (loop1): Directory bread(block 38) failed
[  345.935601][ T7382] FAT-fs (loop1): Directory bread(block 39) failed
[  345.963638][ T7382] FAT-fs (loop1): Directory bread(block 40) failed
[  346.058241][ T7382] FAT-fs (loop1): Directory bread(block 41) failed
[  348.040255][ T7426] netlink: 16 bytes leftover after parsing attributes in process `syz.5.725'.
[  348.093051][ T7429] usb usb8: usbfs: process 7429 (syz.7.735) did not claim interface 0 before use
[  348.276599][ T7437] loop5: detected capacity change from 0 to 512
[  348.290109][ T7440] loop1: detected capacity change from 0 to 128
[  348.414580][ T7437] EXT4-fs (loop5): Ignoring removed nobh option
[  348.426001][ T7437] EXT4-fs (loop5): Quota format mount options ignored when QUOTA feature is enabled
[  348.440219][ T7440] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  348.458046][   T26] audit: type=1326 audit(1757719820.333:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7443 comm="syz.7.729" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fcb24231ba9 code=0x0
[  348.523070][ T7437] EXT4-fs error (device loop5): ext4_orphan_get:1401: inode #15: comm syz.5.726: iget: bad i_size value: 38620345925642
[  348.537609][ T7440] ext4 filesystem being mounted at /144/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  348.556693][ T7437] EXT4-fs error (device loop5): ext4_orphan_get:1406: comm syz.5.726: couldn't read orphan inode 15 (err -117)
[  348.608952][ T7440] fscrypt (loop1, inode 12): Mutually exclusive encryption flags (0x0e)
[  348.646757][ T7437] EXT4-fs (loop5): mounted filesystem without journal. Opts: nobh,jqfmt=vfsv0,data_err=ignore,,errors=continue. Quota mode: writeback.
[  348.647489][ T7455] loop3: detected capacity change from 0 to 2048
[  348.744663][ T7437] EXT4-fs error (device loop5): ext4_free_branches:1030: inode #16: comm syz.5.726: invalid indirect mapped block 3973251072 (level 0)
[  351.033510][   T21] Bluetooth: hci5: command 0x0406 tx timeout
[  351.379922][ T4475] EXT4-fs error (device loop5): ext4_validate_block_bitmap:429: comm kworker/u4:12: bg 0: block 5: invalid block bitmap
[  351.521039][ T7474] loop1: detected capacity change from 0 to 256
[  352.120191][ T7474] exFAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  352.191109][ T7474] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010364, chksum : 0x43f9f21b, utbl_chksum : 0xe619d30d)
[  352.252100][ T4475] EXT4-fs (loop5): Delayed block allocation failed for inode 16 at logical offset 9 with max blocks 3 with error 28
[  352.269371][ T4475] EXT4-fs (loop5): This should not happen!! Data will be lost
[  352.269371][ T4475] 
[  352.279649][ T4475] EXT4-fs (loop5): Total free blocks count 0
[  352.286044][ T4475] EXT4-fs (loop5): Free/Dirty block details
[  352.296600][ T4475] EXT4-fs (loop5): free_blocks=0
[  352.305176][ T4475] EXT4-fs (loop5): dirty_blocks=3
[  352.310714][ T4475] EXT4-fs (loop5): Block reservation details
[  352.317195][ T4475] EXT4-fs (loop5): i_reserved_data_blocks=3
[  352.362036][ T7480] binder: 7477:7480 unknown command 0
[  352.450708][ T7480] binder: 7477:7480 ioctl c0306201 200000000080 returned -22
[  352.729342][ T7485] loop1: detected capacity change from 0 to 16
[  352.777696][ T7485] erofs: DAX enabled. Warning: EXPERIMENTAL, use at your own risk
[  352.954215][ T7485] erofs: DAX enabled. Warning: EXPERIMENTAL, use at your own risk
[  353.356054][ T7485] erofs: DAX unsupported by block device. Turning off DAX.
[  353.428508][ T7485] erofs: (device loop1): mounted with root inode @ nid 36.
[  353.527700][ T7494] loop7: detected capacity change from 0 to 128
[  353.592444][ T7494] UDF-fs: error (device loop7): udf_read_tagged: read failed, block=256, location=256
[  353.602332][ T7496] netlink: 4 bytes leftover after parsing attributes in process `syz.5.742'.
[  354.528152][ T7504] loop1: detected capacity change from 0 to 2048
[  354.561953][ T7498] loop6: detected capacity change from 0 to 512
[  354.574810][ T7509] loop3: detected capacity change from 0 to 256
[  354.656361][ T7509] exfat: Bad value for 'uid'
[  355.771346][ T7518] binder: BINDER_SET_CONTEXT_MGR already set
[  355.778895][ T7518] binder: 7503:7518 ioctl 4018620d 200000000080 returned -16
[  358.397850][ T7551] loop3: detected capacity change from 0 to 128
[  358.458153][ T7549] loop5: detected capacity change from 0 to 4096
[  358.469371][ T7554] loop6: detected capacity change from 0 to 512
[  358.479185][ T7552] loop7: detected capacity change from 0 to 2048
[  358.511524][ T7551] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256
[  362.235158][ T7573] loop5: detected capacity change from 0 to 512
[  362.359268][ T7572] loop3: detected capacity change from 0 to 1764
[  362.447010][ T7573] EXT4-fs (loop5): mounted filesystem without journal. Opts: grpid,grpquota,,errors=continue. Quota mode: writeback.
[  362.505478][ T7573] ext4 filesystem being mounted at /143/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  362.582026][   T26] audit: type=1326 audit(1757719834.453:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7579 comm="syz.1.747" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1397a9aba9 code=0x0
[  362.726345][ T7584] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  363.319947][ T7597] loop3: detected capacity change from 0 to 128
[  363.416434][ T7597] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=16, mo=a802c018, mo2=0002]
[  363.424452][ T7597] System zones: 1-3, 19-19, 35-36
[  363.573196][ T7597] EXT4-fs (loop3): mounted filesystem without journal. Opts: debug,,errors=continue. Quota mode: none.
[  363.615434][ T7597] ext4 filesystem being mounted at /173/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  365.075881][ T4251] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  365.365684][ T4251] usb 2-1: Using ep0 maxpacket: 8
[  365.549440][ T7623] netlink: 'syz.7.767': attribute type 16 has an invalid length.
[  365.560762][ T7623] netlink: 'syz.7.767': attribute type 17 has an invalid length.
[  365.656313][ T4251] usb 2-1: config 0 interface 0 altsetting 5 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  367.059832][ T4251] usb 2-1: config 0 interface 0 has no altsetting 0
[  367.080081][ T4251] usb 2-1: New USB device found, idVendor=5543, idProduct=0042, bcdDevice= 0.00
[  367.105309][ T4251] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  367.156802][ T4251] usb 2-1: config 0 descriptor??
[  367.269803][ T7623] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  367.305894][ T7623] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  367.631042][ T4251] uclogic 0003:5543:0042.0009: unbalanced collection at end of report description
[  367.655831][ T4251] uclogic 0003:5543:0042.0009: parse failed
[  367.676932][ T7645] loop5: detected capacity change from 0 to 4096
[  367.683697][ T4251] uclogic: probe of 0003:5543:0042.0009 failed with error -22
[  367.837276][ T7625] loop6: detected capacity change from 0 to 1024
[  367.866980][ T5487] usb 2-1: USB disconnect, device number 6
[  368.043259][ T7657] loop7: detected capacity change from 0 to 256
[  368.136786][ T7657] exFAT-fs (loop7): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  368.169393][ T7657] exFAT-fs (loop7): failed to load upcase table (idx : 0x00010364, chksum : 0x43f9f21b, utbl_chksum : 0xe619d30d)
[  368.635470][ T7625] loop6: detected capacity change from 0 to 512
[  368.771726][   T26] audit: type=1326 audit(1757719840.643:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7664 comm="syz.7.775" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fcb24231ba9 code=0x0
[  370.693040][ T7684] loop7: detected capacity change from 0 to 1024
[  370.811737][ T7684] EXT4-fs (loop7): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  370.867521][ T7691] loop3: detected capacity change from 0 to 2048
[  370.874374][ T7684] EXT4-fs (loop7): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  370.890579][ T7684] JBD2: no valid journal superblock found
[  370.896655][ T7684] EXT4-fs (loop7): error loading journal
[  370.905392][ T1108] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[  371.041768][ T7694] loop1: detected capacity change from 0 to 128
[  372.985822][ T1108] usb 7-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  373.026471][ T7694] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=16, mo=a802c018, mo2=0002]
[  373.070716][ T7694] System zones: 1-3, 19-19, 35-36
[  373.097407][ T1108] usb 7-1: config 27 interface 0 altsetting 0 endpoint 0x8D has invalid wMaxPacketSize 0
[  373.146029][ T7694] EXT4-fs (loop1): mounted filesystem without journal. Opts: debug,,errors=continue. Quota mode: none.
[  373.158924][ T7706] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability
[  373.184797][ T7706] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16
[  373.192664][ T1108] usb 7-1: config 27 interface 0 altsetting 0 bulk endpoint 0x8D has invalid maxpacket 0
[  373.195121][ T7694] ext4 filesystem being mounted at /154/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  373.240890][ T1108] usb 7-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  373.282521][ T7694] EXT4-fs warning (device loop1): ext4_group_extend:1823: can't shrink FS - resize aborted
[  373.297515][ T1108] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  373.365498][ T1108] usb 7-1: can't set config #27, error -71
[  373.381136][ T1108] usb 7-1: USB disconnect, device number 6
[  373.595094][ T7723] loop7: detected capacity change from 0 to 512
[  373.637905][   T26] audit: type=1326 audit(1757719845.503:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7721 comm="syz.5.789" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f32949f2ba9 code=0x0
[  373.886696][ T7731] loop6: detected capacity change from 0 to 256
[  374.093330][ T7723] EXT4-fs (loop7): Ignoring removed nobh option
[  374.225553][ T7731] /dev/loop6: Can't open blockdev
[  374.446837][ T7723] EXT4-fs (loop7): Test dummy encryption mode enabled
[  374.453667][ T7723] EXT4-fs (loop7): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  374.686207][ T7733] print_req_error: 2 callbacks suppressed
[  374.686218][ T7733] blk_update_request: I/O error, dev loop1, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  374.703103][ T7733] blk_update_request: I/O error, dev loop1, sector 256 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  374.714286][ T7733] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[  374.724113][ T7733] blk_update_request: I/O error, dev loop1, sector 512 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  374.735197][ T7733] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=512, location=512
[  374.744818][ T7733] UDF-fs: warning (device loop1): udf_load_vrs: No anchor found
[  374.752477][ T7733] UDF-fs: Scanning with blocksize 512 failed
[  374.759067][ T7733] blk_update_request: I/O error, dev loop1, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  374.770207][ T7733] blk_update_request: I/O error, dev loop1, sector 512 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  374.781284][ T7733] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[  374.790991][ T7733] blk_update_request: I/O error, dev loop1, sector 1024 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  374.802159][ T7733] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=512, location=512
[  374.811899][ T7733] UDF-fs: warning (device loop1): udf_load_vrs: No anchor found
[  374.819551][ T7733] UDF-fs: Scanning with blocksize 1024 failed
[  374.826045][ T7733] blk_update_request: I/O error, dev loop1, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  374.837186][ T7733] blk_update_request: I/O error, dev loop1, sector 1024 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  374.848362][ T7733] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[  374.858040][ T7733] blk_update_request: I/O error, dev loop1, sector 2048 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  374.869194][ T7733] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=512, location=512
[  374.878753][ T7733] UDF-fs: warning (device loop1): udf_load_vrs: No anchor found
[  374.886396][ T7733] UDF-fs: Scanning with blocksize 2048 failed
[  374.892849][ T7733] blk_update_request: I/O error, dev loop1, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  374.904389][ T7733] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[  374.914147][ T7733] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=512, location=512
[  374.923813][ T7733] UDF-fs: warning (device loop1): udf_load_vrs: No anchor found
[  374.931491][ T7733] UDF-fs: Scanning with blocksize 4096 failed
[  374.937673][ T7733] UDF-fs: warning (device loop1): udf_fill_super: No partition found (1)
[  375.728666][ T7723] EXT4-fs error (device loop7): ext4_orphan_get:1401: inode #15: comm syz.7.788: iget: bad i_size value: 38620345925642
[  375.755631][ T7723] EXT4-fs error (device loop7): ext4_orphan_get:1406: comm syz.7.788: couldn't read orphan inode 15 (err -117)
[  375.849714][ T7741] loop6: detected capacity change from 0 to 2048
[  375.886633][ T7723] EXT4-fs (loop7): mounted filesystem without journal. Opts: nobh,debug_want_extra_isize=0x0000000000000004,data_err=ignore,nojournal_checksum,dioread_nolock,test_dummy_encryption=v1,,errors=continue. Quota mode: writeback.
[  377.705118][ T7763] loop7: detected capacity change from 0 to 128
[  377.863473][ T7763] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=16, mo=a802c018, mo2=0002]
[  377.924282][ T7772] loop6: detected capacity change from 0 to 512
[  377.934406][ T7763] System zones: 1-3, 19-19, 35-36
[  377.986923][ T7763] EXT4-fs (loop7): mounted filesystem without journal. Opts: debug,,errors=continue. Quota mode: none.
[  378.082860][ T7772] EXT4-fs (loop6): Ignoring removed oldalloc option
[  378.103915][ T7763] ext4 filesystem being mounted at /33/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  378.120516][ T7772] EXT4-fs (loop6): write access unavailable, skipping orphan cleanup
[  378.132780][ T7781] loop3: detected capacity change from 0 to 128
[  378.155957][ T7772] EXT4-fs (loop6): mounted filesystem without journal. Opts: oldalloc,jqfmt=vfsv0,abort,bsddf,noquota,usrjquota=..,errors=continue. Quota mode: writeback.
[  378.171559][ T7763] EXT4-fs warning (device loop7): ext4_group_extend:1823: can't shrink FS - resize aborted
[  378.506538][ T7782] loop1: detected capacity change from 0 to 128
[  379.431370][ T1428] ieee802154 phy0 wpan0: encryption failed: -22
[  379.446026][ T1428] ieee802154 phy1 wpan1: encryption failed: -22
[  379.458648][ T7782] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  379.489164][ T7782] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  379.563711][ T7781] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256
[  379.606392][ T7772] EXT4-fs (loop6): shut down requested (1)
[  379.855360][   T26] audit: type=1326 audit(1757719851.693:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7786 comm="syz.7.803" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fcb24231ba9 code=0x0
[  380.531539][ T7799] loop7: detected capacity change from 0 to 512
[  380.653905][ T7799] EXT4-fs error (device loop7): ext4_orphan_get:1401: inode #17: comm syz.7.805: iget: bogus i_mode (0)
[  380.751172][ T7799] EXT4-fs error (device loop7): ext4_orphan_get:1406: comm syz.7.805: couldn't read orphan inode 17 (err -117)
[  380.764266][ T7808] loop6: detected capacity change from 0 to 1024
[  380.775600][ T7807] loop5: detected capacity change from 0 to 1024
[  380.816702][ T7807] EXT4-fs (loop5): Ignoring removed oldalloc option
[  380.855694][ T7799] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  380.897872][ T7807] EXT4-fs (loop5): mounted filesystem without journal. Opts: stripe=0x0000000000000003,noauto_da_alloc,jqfmt=vfsold,data_err=ignore,noauto_da_alloc,delalloc,resuid=0x0000000000000000,oldalloc,jqfmt=vfsv1,,errors=continue. Quota mode: none.
[  381.743583][ T7829] loop7: detected capacity change from 0 to 512
[  381.927615][ T7829] EXT4-fs (loop7): Ignoring removed oldalloc option
[  382.950683][ T7829] EXT4-fs (loop7): 1 truncate cleaned up
[  382.992221][ T7829] EXT4-fs (loop7): mounted filesystem without journal. Opts: quota,bsdgroups,nouid32,errors=remount-ro,jqfmt=vfsv1,oldalloc,stripe=0x0000000000000005,. Quota mode: writeback.
[  383.107888][ T7843] loop6: detected capacity change from 0 to 1024
[  383.153088][ T7829] EXT4-fs error (device loop7): ext4_free_branches:1030: inode #13: comm syz.7.809: invalid indirect mapped block 234881024 (level 0)
[  383.185531][ T7829] EXT4-fs (loop7): Remounting filesystem read-only
[  383.188730][ T7849] loop3: detected capacity change from 0 to 128
[  383.439268][ T7849] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=16, mo=a802c018, mo2=0002]
[  383.524276][ T7849] System zones: 1-3, 19-19, 35-36
[  383.936176][ T7849] EXT4-fs (loop3): mounted filesystem without journal. Opts: debug,,errors=continue. Quota mode: none.
[  383.994534][ T7849] ext4 filesystem being mounted at /182/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  384.005601][   T26] audit: type=1326 audit(1757719855.843:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7857 comm="syz.7.815" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fcb24231ba9 code=0x0
[  384.181944][ T7849] EXT4-fs warning (device loop3): ext4_group_extend:1823: can't shrink FS - resize aborted
[  384.382987][ T7866] print_req_error: 2 callbacks suppressed
[  384.382999][ T7866] blk_update_request: I/O error, dev loop1, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  384.399941][ T7866] blk_update_request: I/O error, dev loop1, sector 256 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  384.411026][ T7866] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[  384.420965][ T7866] blk_update_request: I/O error, dev loop1, sector 512 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  384.432072][ T7866] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=512, location=512
[  384.441647][ T7866] UDF-fs: warning (device loop1): udf_load_vrs: No anchor found
[  384.449288][ T7866] UDF-fs: Scanning with blocksize 512 failed
[  384.455767][ T7866] blk_update_request: I/O error, dev loop1, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  384.466917][ T7866] blk_update_request: I/O error, dev loop1, sector 512 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  384.478097][ T7866] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[  384.487912][ T7866] blk_update_request: I/O error, dev loop1, sector 1024 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  384.499080][ T7866] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=512, location=512
[  384.508671][ T7866] UDF-fs: warning (device loop1): udf_load_vrs: No anchor found
[  384.516316][ T7866] UDF-fs: Scanning with blocksize 1024 failed
[  384.522752][ T7866] blk_update_request: I/O error, dev loop1, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  384.533915][ T7866] blk_update_request: I/O error, dev loop1, sector 1024 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  384.545089][ T7866] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[  384.554780][ T7866] blk_update_request: I/O error, dev loop1, sector 2048 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  384.565936][ T7866] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=512, location=512
[  384.575497][ T7866] UDF-fs: warning (device loop1): udf_load_vrs: No anchor found
[  384.583146][ T7866] UDF-fs: Scanning with blocksize 2048 failed
[  384.589543][ T7866] blk_update_request: I/O error, dev loop1, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  384.600641][ T7866] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[  384.610312][ T7866] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=512, location=512
[  384.619875][ T7866] UDF-fs: warning (device loop1): udf_load_vrs: No anchor found
[  384.627513][ T7866] UDF-fs: Scanning with blocksize 4096 failed
[  384.633566][ T7866] UDF-fs: warning (device loop1): udf_fill_super: No partition found (1)
[  385.988499][ T7885] loop7: detected capacity change from 0 to 16
[  386.187587][ T7883] loop3: detected capacity change from 0 to 2048
[  386.555565][ T7885] erofs: (device loop7): mounted with root inode @ nid 36.
[  386.570308][ T7883] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  386.788472][ T7904] loop1: detected capacity change from 0 to 128
[  386.895049][ T7904] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[  386.943835][ T7911] loop5: detected capacity change from 0 to 512
[  386.951518][ T7910] loop7: detected capacity change from 0 to 1024
[  387.122026][ T7910] EXT4-fs (loop7): Ignoring removed oldalloc option
[  387.179105][ T7911] EXT4-fs error (device loop5): ext4_orphan_get:1401: inode #15: comm syz.5.825: iget: bad i_size value: 38620345925642
[  387.296650][ T7911] EXT4-fs error (device loop5): ext4_orphan_get:1406: comm syz.5.825: couldn't read orphan inode 15 (err -117)
[  387.520953][ T7910] EXT4-fs (loop7): mounted filesystem without journal. Opts: stripe=0x0000000000000003,noauto_da_alloc,jqfmt=vfsold,data_err=ignore,noauto_da_alloc,delalloc,resuid=0x0000000000000000,oldalloc,jqfmt=vfsv1,,errors=continue. Quota mode: none.
[  387.635847][ T7911] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  387.798669][ T7925] loop3: detected capacity change from 0 to 1024
[  387.932625][ T7925] EXT4-fs (loop3): Ignoring removed bh option
[  387.996580][ T7925] EXT4-fs (loop3): Ignoring removed nobh option
[  388.024240][ T7925] EXT4-fs (loop3): Ignoring removed bh option
[  388.075369][ T7925] EXT4-fs (loop3): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  388.170263][ T7933] loop7: detected capacity change from 0 to 128
[  388.310925][ T7925] EXT4-fs (loop3): mounted filesystem without journal. Opts: delalloc,data_err=abort,bh,dioread_lock,data_err=ignore,max_dir_size_kb=0x00000000004007b1,data_err=ignore,grpquota,nobh,user_xattr,bh,dioread_nolock,,errors=continue. Quota mode: writeback.
[  388.347983][ T7933] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=16, mo=a802c018, mo2=0002]
[  388.465543][ T7933] System zones: 1-3, 19-19, 35-36
[  388.471746][ T7933] EXT4-fs (loop7): mounted filesystem without journal. Opts: debug,,errors=continue. Quota mode: none.
[  388.638696][ T7933] ext4 filesystem being mounted at /41/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  389.345523][   T26] audit: type=1800 audit(1757719861.213:46): pid=7941 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.827" name="file1" dev="loop3" ino=15 res=0 errno=0
[  389.406433][ T7945] EXT4-fs warning (device loop7): ext4_group_extend:1823: can't shrink FS - resize aborted
[  389.583041][   T26] audit: type=1326 audit(1757719861.453:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7946 comm="syz.3.830" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f26e41d8ba9 code=0x0
[  389.737976][ T7952] loop5: detected capacity change from 0 to 512
[  389.798326][ T7952] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  390.699348][ T7929] print_req_error: 2 callbacks suppressed
[  390.700464][ T7929] blk_update_request: I/O error, dev loop1, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  390.809089][ T7929] blk_update_request: I/O error, dev loop1, sector 256 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  390.839815][ T7929] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[  390.876133][ T7929] blk_update_request: I/O error, dev loop1, sector 512 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  390.877675][ T7952] EXT4-fs (loop5): 1 truncate cleaned up
[  390.925330][ T7929] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=512, location=512
[  390.955283][ T7929] UDF-fs: warning (device loop1): udf_load_vrs: No anchor found
[  390.965607][ T7929] UDF-fs: Scanning with blocksize 512 failed
[  391.119174][ T7929] blk_update_request: I/O error, dev loop1, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  391.175615][ T7929] blk_update_request: I/O error, dev loop1, sector 512 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  391.186840][ T7952] EXT4-fs (loop5): mounted filesystem without journal. Opts: debug_want_extra_isize=0x000000000000002e,min_batch_time=0x0000000000000fff,inode_readahead_blks=0x0000000000000080,stripe=0x0000000000000012,inode_readahead_blks=0x0000000000000020,max_batch_time=0x0000000000000007,,errors=continue. Quota mode: none.
[  392.266389][ T7929] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[  392.295315][ T7929] blk_update_request: I/O error, dev loop1, sector 1024 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  392.370233][ T7929] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=512, location=512
[  392.415047][ T7929] UDF-fs: warning (device loop1): udf_load_vrs: No anchor found
[  392.441134][ T7929] UDF-fs: Scanning with blocksize 1024 failed
[  392.675748][ T7929] blk_update_request: I/O error, dev loop1, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  393.466854][ T7929] blk_update_request: I/O error, dev loop1, sector 1024 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  393.495734][ T7929] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[  393.521193][ T7929] blk_update_request: I/O error, dev loop1, sector 2048 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  393.563319][ T7929] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=512, location=512
[  393.573751][ T7929] UDF-fs: warning (device loop1): udf_load_vrs: No anchor found
[  393.663294][ T7929] UDF-fs: Scanning with blocksize 2048 failed
[  393.698325][ T7929] blk_update_request: I/O error, dev loop1, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  393.735202][ T7929] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[  393.773397][ T7929] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=512, location=512
[  393.841946][ T7929] UDF-fs: warning (device loop1): udf_load_vrs: No anchor found
[  394.018761][ T7929] UDF-fs: Scanning with blocksize 4096 failed
[  394.035410][ T7929] UDF-fs: warning (device loop1): udf_fill_super: No partition found (1)
[  396.308247][    T9] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  396.395502][   T26] audit: type=1326 audit(1757719868.263:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8011 comm="syz.6.844" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fda1a644ba9 code=0x0
[  397.137486][    T9] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  397.562612][ T8031] loop7: detected capacity change from 0 to 128
[  398.597408][    T9] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  398.623359][ T8031] FAT-fs (loop7): Directory bread(block 32) failed
[  398.630120][ T8031] FAT-fs (loop7): Directory bread(block 33) failed
[  398.636807][ T8031] FAT-fs (loop7): Directory bread(block 34) failed
[  398.643320][ T8031] FAT-fs (loop7): Directory bread(block 35) failed
[  398.649897][ T8031] FAT-fs (loop7): Directory bread(block 36) failed
[  398.656478][ T8031] FAT-fs (loop7): Directory bread(block 37) failed
[  398.663029][ T8031] FAT-fs (loop7): Directory bread(block 38) failed
[  398.669656][ T8031] FAT-fs (loop7): Directory bread(block 39) failed
[  398.676257][ T8031] FAT-fs (loop7): Directory bread(block 40) failed
[  398.682767][ T8031] FAT-fs (loop7): Directory bread(block 41) failed
[  398.778110][ T8028] FAT-fs (loop7): error, corrupted directory (invalid entries)
[  398.785738][ T8028] FAT-fs (loop7): Filesystem has been set read-only
[  399.550015][    T9] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  400.513590][ T8056] loop1: detected capacity change from 0 to 16
[  400.580653][ T8056] erofs: (device loop1): mounted with root inode @ nid 36.
[  400.630138][ T8040] chnl_net:caif_netlink_parms(): no params data found
[  400.982785][ T8066] erofs: (device loop1): z_erofs_readahead: readahead error at page 2 @ nid 89
[  401.272800][ T4195] erofs: (device loop1): z_erofs_lz4_decompress: failed to decompress 6887 in[4096, 0] out[8192]
[  401.317194][ T8066] erofs: (device loop1): z_erofs_lz4_decompress: failed to decompress 6887 in[4096, 0] out[8192]
[  401.536104][   T26] audit: type=1800 audit(1757719873.313:49): pid=8066 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.843" name="file2" dev="loop1" ino=89 res=0 errno=0
[  402.044012][ T8084] print_req_error: 2 callbacks suppressed
[  402.044064][ T8084] blk_update_request: I/O error, dev loop1, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  402.062951][ T8084] blk_update_request: I/O error, dev loop1, sector 256 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  402.074378][ T8084] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[  402.085557][ T8084] blk_update_request: I/O error, dev loop1, sector 512 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  402.096963][ T8084] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=512, location=512
[  402.106641][ T8084] UDF-fs: warning (device loop1): udf_load_vrs: No anchor found
[  402.114491][ T8084] UDF-fs: Scanning with blocksize 512 failed
[  402.124558][ T8084] blk_update_request: I/O error, dev loop1, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  402.137025][ T8084] blk_update_request: I/O error, dev loop1, sector 512 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  402.148595][ T8084] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[  402.159286][ T8084] blk_update_request: I/O error, dev loop1, sector 1024 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  402.170722][ T8084] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=512, location=512
[  402.180417][ T8084] UDF-fs: warning (device loop1): udf_load_vrs: No anchor found
[  402.188405][ T8084] UDF-fs: Scanning with blocksize 1024 failed
[  402.197578][ T8084] blk_update_request: I/O error, dev loop1, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  402.210041][ T8084] blk_update_request: I/O error, dev loop1, sector 1024 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  402.221528][ T8084] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[  402.232306][ T8084] blk_update_request: I/O error, dev loop1, sector 2048 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  402.243818][ T8084] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=512, location=512
[  402.253650][ T8084] UDF-fs: warning (device loop1): udf_load_vrs: No anchor found
[  402.261396][ T8084] UDF-fs: Scanning with blocksize 2048 failed
[  402.269959][ T8084] blk_update_request: I/O error, dev loop1, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  402.282304][ T8084] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[  402.292851][ T8084] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=512, location=512
[  402.302551][ T8084] UDF-fs: warning (device loop1): udf_load_vrs: No anchor found
[  402.310325][ T8084] UDF-fs: Scanning with blocksize 4096 failed
[  402.316470][ T8084] UDF-fs: warning (device loop1): udf_fill_super: No partition found (1)
[  403.415910][ T4251] Bluetooth: hci0: command 0x0409 tx timeout
[  403.583788][ T8040] bridge0: port 1(bridge_slave_0) entered blocking state
[  403.615513][ T8040] bridge0: port 1(bridge_slave_0) entered disabled state
[  403.643666][ T8040] device bridge_slave_0 entered promiscuous mode
[  403.707917][ T8040] bridge0: port 2(bridge_slave_1) entered blocking state
[  403.718346][ T8040] bridge0: port 2(bridge_slave_1) entered disabled state
[  403.749635][ T8040] device bridge_slave_1 entered promiscuous mode
[  403.865483][ T4262] Bluetooth: hci3: command 0x0409 tx timeout
[  403.914357][ T8040] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  403.971725][ T8040] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  404.234168][ T8040] team0: Port device team_slave_0 added
[  404.362462][ T8040] team0: Port device team_slave_1 added
[  404.409573][    T9] device hsr_slave_0 left promiscuous mode
[  404.435732][    T9] device hsr_slave_1 left promiscuous mode
[  405.046399][ T8109] netlink: 4 bytes leftover after parsing attributes in process `syz.5.857'.
[  405.066822][    T9] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  405.074500][    T9] batman_adv: batadv0: Removing interface: batadv_slave_0
[  405.155629][    T9] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  405.163861][   T26] audit: type=1326 audit(1757719877.033:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8106 comm="syz.7.859" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fcb24231ba9 code=0x0
[  405.201685][    T9] batman_adv: batadv0: Removing interface: batadv_slave_1
[  405.223460][    T9] device bridge_slave_1 left promiscuous mode
[  405.292563][    T9] bridge0: port 2(bridge_slave_1) entered disabled state
[  405.314696][    T9] device bridge_slave_0 left promiscuous mode
[  405.375514][    T9] bridge0: port 1(bridge_slave_0) entered disabled state
[  405.471018][ T4419] Bluetooth: hci0: command 0x041b tx timeout
[  405.488349][    T9] device veth1_macvtap left promiscuous mode
[  405.494466][    T9] device veth0_macvtap left promiscuous mode
[  405.541292][    T9] device veth1_vlan left promiscuous mode
[  405.549018][    T9] device veth0_vlan left promiscuous mode
[  405.945581][ T4419] Bluetooth: hci3: command 0x041b tx timeout
[  406.162452][    T9] team0 (unregistering): Port device team_slave_1 removed
[  406.353134][    T9] team0 (unregistering): Port device team_slave_0 removed
[  406.677629][    T9] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  406.700424][    T9] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  406.728478][ T8126] loop7: detected capacity change from 0 to 512
[  406.759885][ T8126] EXT4-fs (loop7): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  406.813109][    T9] bond0 (unregistering): Released all slaves
[  406.816923][ T8126] EXT4-fs error (device loop7): ext4_validate_block_bitmap:429: comm syz.7.862: bg 0: block 5: invalid block bitmap
[  406.834594][ T8126] EXT4-fs error (device loop7) in ext4_mb_clear_bb:6178: Corrupt filesystem
[  406.843814][ T8126] EXT4-fs error (device loop7): ext4_free_branches:1030: inode #11: comm syz.7.862: invalid indirect mapped block 3 (level 2)
[  406.857791][ T8126] EXT4-fs (loop7): 2 truncates cleaned up
[  406.863530][ T8126] EXT4-fs (loop7): mounted filesystem without journal. Opts: noauto_da_alloc,init_itable=0x0000000000000006,dioread_nolock,grpquota,,errors=continue. Quota mode: writeback.
[  407.065098][ T8040] batman_adv: batadv0: Adding interface: batadv_slave_0
[  407.118761][ T8040] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  407.309097][ T8040] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  407.333268][ T8040] batman_adv: batadv0: Adding interface: batadv_slave_1
[  407.775706][ T8040] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  407.832951][ T4262] Bluetooth: hci0: command 0x040f tx timeout
[  407.902933][ T8040] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  407.993476][ T8080] chnl_net:caif_netlink_parms(): no params data found
[  408.017514][ T8040] device hsr_slave_0 entered promiscuous mode
[  408.025557][ T4229] Bluetooth: hci3: command 0x040f tx timeout
[  408.037742][ T8040] device hsr_slave_1 entered promiscuous mode
[  408.050310][ T8040] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  408.069977][ T8040] Cannot create hsr debugfs directory
[  408.335648][ T4262] usb 6-1: new full-speed USB device number 5 using dummy_hcd
[  408.354136][ T8080] bridge0: port 1(bridge_slave_0) entered blocking state
[  408.370441][ T8080] bridge0: port 1(bridge_slave_0) entered disabled state
[  408.380770][ T8080] device bridge_slave_0 entered promiscuous mode
[  408.425392][ T8080] bridge0: port 2(bridge_slave_1) entered blocking state
[  408.432513][ T8080] bridge0: port 2(bridge_slave_1) entered disabled state
[  408.448985][ T8080] device bridge_slave_1 entered promiscuous mode
[  408.524391][ T8080] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  408.580753][ T8080] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  408.745913][ T4262] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  408.777268][ T4262] usb 6-1: config 0 has no interfaces?
[  408.820395][ T8080] team0: Port device team_slave_0 added
[  408.860618][ T8080] team0: Port device team_slave_1 added
[  408.965538][ T4262] usb 6-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  408.974818][ T4262] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  409.015361][ T4262] usb 6-1: Product: syz
[  409.019583][ T4262] usb 6-1: Manufacturer: syz
[  409.024201][ T4262] usb 6-1: SerialNumber: syz
[  409.074711][ T4262] usb 6-1: config 0 descriptor??
[  409.185858][ T8080] batman_adv: batadv0: Adding interface: batadv_slave_0
[  409.195543][ T8080] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  409.288013][ T8080] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  409.323117][   T26] audit: type=1326 audit(1757719881.193:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8168 comm="syz.1.869" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1397a9aba9 code=0x0
[  409.375840][ T8080] batman_adv: batadv0: Adding interface: batadv_slave_1
[  409.382824][ T8080] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  409.429012][ T8080] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  409.526848][ T8040] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  409.566203][ T8040] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  409.596026][ T8080] device hsr_slave_0 entered promiscuous mode
[  409.609781][ T8080] device hsr_slave_1 entered promiscuous mode
[  409.625138][ T8080] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  409.644697][ T8080] Cannot create hsr debugfs directory
[  409.660511][ T8040] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  409.737307][ T8040] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  409.773723][ T8182] loop1: detected capacity change from 0 to 128
[  409.855717][ T4262] Bluetooth: hci0: command 0x0419 tx timeout
[  409.872385][ T8182] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=16, mo=a802c018, mo2=0002]
[  409.915623][ T8182] System zones: 1-3, 19-19, 35-36
[  409.955742][ T8182] EXT4-fs (loop1): mounted filesystem without journal. Opts: debug,,errors=continue. Quota mode: none.
[  410.025139][ T8182] ext4 filesystem being mounted at /167/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  410.095370][ T4419] Bluetooth: hci3: command 0x0419 tx timeout
[  410.122327][ T8040] 8021q: adding VLAN 0 to HW filter on device bond0
[  410.164200][ T4318] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  410.200040][ T4318] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  410.252078][ T8080] netdevsim netdevsim9 netdevsim0: renamed from eth0
[  410.289553][ T8040] 8021q: adding VLAN 0 to HW filter on device team0
[  410.308745][ T8080] netdevsim netdevsim9 netdevsim1: renamed from eth1
[  410.324515][ T4226] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  410.421360][ T4226] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  410.479179][ T4226] bridge0: port 1(bridge_slave_0) entered blocking state
[  410.486326][ T4226] bridge0: port 1(bridge_slave_0) entered forwarding state
[  410.567033][ T8080] netdevsim netdevsim9 netdevsim2: renamed from eth2
[  410.583523][ T4226] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  410.606916][ T4226] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  410.642679][ T4419] usb 6-1: USB disconnect, device number 5
[  410.708482][ T4226] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  410.729849][ T8206] loop1: detected capacity change from 0 to 24
[  410.751595][ T4226] bridge0: port 2(bridge_slave_1) entered blocking state
[  410.758751][ T4226] bridge0: port 2(bridge_slave_1) entered forwarding state
[  410.775935][ T8206] MTD: Attempt to mount non-MTD device "/dev/loop1"
[  410.802404][ T8206] romfs: Mounting image 'rom 637cf1fa' through the block layer
[  410.833937][ T8206] VFS: Lookup of 'file0' in romfs loop1 would have caused loop
[  410.853282][ T4226] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  410.883448][ T8080] netdevsim netdevsim9 netdevsim3: renamed from eth3
[  410.925804][ T4226] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  410.945972][ T4226] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  410.981866][ T4226] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  411.001009][ T4226] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  411.072883][ T7567] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  411.075473][ T4419] usb 6-1: new full-speed USB device number 6 using dummy_hcd
[  411.094502][ T7567] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  411.184730][ T8040] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  411.229599][ T8040] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  411.274221][ T4226] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  411.293145][ T4226] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  411.324014][ T4226] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  411.353973][ T4226] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  411.375662][ T4226] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  411.455705][ T4419] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  411.495348][ T4419] usb 6-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  411.584488][ T8080] 8021q: adding VLAN 0 to HW filter on device bond0
[  411.645916][ T4307] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  411.667588][ T4307] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  411.675709][ T4419] usb 6-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  411.698161][ T8080] 8021q: adding VLAN 0 to HW filter on device team0
[  411.702230][ T4419] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  411.738943][ T7567] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  411.755324][ T4419] usb 6-1: Product: syz
[  411.766179][ T7567] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  411.774489][ T4419] usb 6-1: Manufacturer: syz
[  411.785378][ T4419] usb 6-1: SerialNumber: syz
[  411.798875][ T7567] bridge0: port 1(bridge_slave_0) entered blocking state
[  411.806050][ T7567] bridge0: port 1(bridge_slave_0) entered forwarding state
[  411.828813][ T4419] usb 6-1: config 0 descriptor??
[  411.853544][ T7567] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  411.893578][ T4307] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  411.921954][ T4307] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  411.942210][ T4307] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  411.987555][ T4307] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  412.031503][ T4307] bridge0: port 2(bridge_slave_1) entered blocking state
[  412.038653][ T4307] bridge0: port 2(bridge_slave_1) entered forwarding state
[  412.125031][ T8040] 8021q: adding VLAN 0 to HW filter on device batadv0
[  412.156282][ T4307] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  412.202537][ T4307] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  412.285173][ T6419] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  412.306633][ T6419] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  412.336259][ T6419] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  412.357308][ T6419] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  412.386225][ T6419] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  412.404895][ T6419] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  412.437078][ T8080] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  412.480093][ T8080] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  412.510731][ T6419] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  412.530082][ T6419] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  412.548770][    T7] usb 8-1: new full-speed USB device number 2 using dummy_hcd
[  412.556349][ T6419] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  412.856020][ T6419] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  412.875543][ T6419] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  412.914633][ T7567] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  412.946349][ T7567] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  412.970951][    T7] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  412.977474][ T7567] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  412.993471][ T7567] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  413.002451][    T7] usb 8-1: config 0 has no interfaces?
[  413.010730][ T8040] device veth0_vlan entered promiscuous mode
[  413.041977][ T4307] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  413.051581][ T4307] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  413.096447][ T8040] device veth1_vlan entered promiscuous mode
[  413.120075][ T8080] 8021q: adding VLAN 0 to HW filter on device batadv0
[  413.185686][    T7] usb 8-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  413.203848][    T7] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  413.229747][    T7] usb 8-1: Product: syz
[  413.256083][    T7] usb 8-1: Manufacturer: syz
[  413.260731][    T7] usb 8-1: SerialNumber: syz
[  413.372173][    T7] usb 8-1: config 0 descriptor??
[  413.398916][ T4318] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  413.442738][ T4318] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  414.034726][    T7] usb 6-1: USB disconnect, device number 6
[  414.104829][ T8040] device veth0_macvtap entered promiscuous mode
[  414.163306][ T7567] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  414.208020][ T7567] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  414.237206][ T7567] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  414.338782][ T8040] device veth1_macvtap entered promiscuous mode
[  414.437197][ T5748] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  414.464622][    T9] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  414.648471][ T8040] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  414.846164][ T8040] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  415.026965][ T8040] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  415.189777][ T8040] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  415.252192][ T8040] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  415.295258][   T26] audit: type=1326 audit(1757719887.163:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8289 comm="syz.1.878" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1397a9aba9 code=0x0
[  415.314903][ T4298] usb 8-1: USB disconnect, device number 2
[  415.330744][ T8040] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  415.386240][ T8296] loop7: detected capacity change from 0 to 128
[  415.395501][ T8040] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  415.579206][ T8040] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  415.618719][ T8040] batman_adv: batadv0: Interface activated: batadv_slave_0
[  415.756433][ T8296] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=16, mo=a802c018, mo2=0002]
[  415.764467][ T8296] System zones: 1-3, 19-19, 35-36
[  415.777626][    T9] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  415.841571][ T8296] EXT4-fs (loop7): mounted filesystem without journal. Opts: debug,,errors=continue. Quota mode: none.
[  415.892284][ T8296] ext4 filesystem being mounted at /54/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  416.156889][ T8316] netlink: 4 bytes leftover after parsing attributes in process `syz.5.881'.
[  416.182741][ T4318] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  416.214214][ T4318] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  416.919203][ T8040] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  416.935645][ T8040] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  416.946080][ T8040] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  416.956959][ T8040] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  416.969565][ T8040] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  416.980223][ T8040] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  416.990127][ T8040] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  417.000724][ T8040] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  417.012137][ T8040] batman_adv: batadv0: Interface activated: batadv_slave_1
[  417.070251][ T4318] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  417.079545][ T4318] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  417.228712][ T8040] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  417.238342][ T8040] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  417.247819][ T8040] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  417.258138][ T8040] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  417.301868][    T9] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  417.322965][ T4262] usb 8-1: new full-speed USB device number 3 using dummy_hcd
[  417.475385][ T6734] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  417.500052][ T6734] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  417.572729][ T8080] device veth0_vlan entered promiscuous mode
[  417.587994][ T4307] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  417.603589][ T4307] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  417.613939][ T4307] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  417.623266][ T4307] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  417.668419][    T9] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  417.718078][ T8080] device veth1_vlan entered promiscuous mode
[  417.734008][ T7567] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  417.755669][ T4262] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  417.769475][ T7567] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  417.783604][ T4262] usb 8-1: config 0 has no interfaces?
[  417.815010][ T6734] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  417.826172][ T6734] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  417.865047][ T6734] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  417.933338][ T6734] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  417.950953][ T4307] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  417.984973][ T6734] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  417.993045][ T4307] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  418.001349][ T4262] usb 8-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  418.015429][ T4262] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  418.036613][ T4307] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  418.052056][ T4262] usb 8-1: Product: syz
[  418.072117][ T4262] usb 8-1: Manufacturer: syz
[  418.078151][ T4262] usb 8-1: SerialNumber: syz
[  418.087043][ T8080] device veth0_macvtap entered promiscuous mode
[  418.089230][ T4262] usb 8-1: config 0 descriptor??
[  418.142646][ T8080] device veth1_macvtap entered promiscuous mode
[  418.214479][ T4307] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  418.233109][ T4307] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  418.325155][ T8080] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  418.381091][ T8347] loop8: detected capacity change from 0 to 1764
[  418.385283][ T8080] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  418.420765][ T8080] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  418.432217][ T8080] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  418.464126][ T8080] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  418.505756][ T8080] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  418.537917][ T8080] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  418.723178][ T8080] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  418.761894][ T8080] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  418.793118][ T8080] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  418.825194][ T8080] batman_adv: batadv0: Interface activated: batadv_slave_0
[  418.851989][ T7567] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  418.866275][ T7567] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  418.892267][ T8080] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  418.923245][ T8080] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  418.947128][ T8080] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  419.004327][ T8080] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  419.024706][ T8080] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  419.068729][ T8080] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  419.099287][ T8080] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  419.162278][ T8080] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  419.250731][ T8080] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  419.294640][ T8080] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  419.405576][ T8080] batman_adv: batadv0: Interface activated: batadv_slave_1
[  419.414057][ T4307] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  419.936443][ T4307] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  420.283965][ T4251] usb 8-1: USB disconnect, device number 3
[  420.594871][   T26] audit: type=1326 audit(1757719892.463:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8369 comm="syz.7.888" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fcb24231ba9 code=0x0
[  420.722787][ T8080] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  420.914548][ T8080] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  421.125140][ T8080] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  421.133969][ T8080] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  421.474556][ T8388] loop1: detected capacity change from 0 to 1024
[  421.694903][ T4318] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  421.749344][ T6734] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  421.799151][ T4318] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  421.826978][ T6734] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  422.525910][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  422.555350][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  422.865460][ T4298] usb 8-1: new high-speed USB device number 4 using dummy_hcd
[  423.965486][ T4298] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  424.051116][ T8420] netlink: 4 bytes leftover after parsing attributes in process `syz.9.894'.
[  424.836087][ T4298] usb 8-1: config 0 has no interfaces?
[  424.841637][ T4298] usb 8-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  424.850859][ T4298] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  424.864415][ T4298] usb 8-1: config 0 descriptor??
[  424.980520][    T9] device hsr_slave_0 left promiscuous mode
[  424.995620][    T9] device hsr_slave_1 left promiscuous mode
[  425.020389][    T9] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  425.028304][    T9] batman_adv: batadv0: Removing interface: batadv_slave_0
[  425.046201][    T9] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  425.053663][    T9] batman_adv: batadv0: Removing interface: batadv_slave_1
[  425.083502][    T9] device bridge_slave_1 left promiscuous mode
[  425.123066][    T9] bridge0: port 2(bridge_slave_1) entered disabled state
[  425.147092][    T9] device bridge_slave_0 left promiscuous mode
[  425.164152][    T9] bridge0: port 1(bridge_slave_0) entered disabled state
[  425.204841][    T9] device veth1_macvtap left promiscuous mode
[  425.245499][    T9] device veth0_macvtap left promiscuous mode
[  425.275413][    T9] device veth1_vlan left promiscuous mode
[  425.281261][    T9] device veth0_vlan left promiscuous mode
[  425.316919][ T8430] binder: 8429:8430 ioctl c0306201 0 returned -14
[  425.371722][ T8430] binder: 8429:8430 ioctl c0306201 2000000003c0 returned -14
[  426.082366][    T9] team0 (unregistering): Port device team_slave_1 removed
[  426.124396][    T9] team0 (unregistering): Port device team_slave_0 removed
[  426.173347][ T4244] usb 8-1: USB disconnect, device number 4
[  426.216922][    T9] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  426.276735][    T9] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  426.313634][ T8446] loop7: detected capacity change from 0 to 1764
[  426.539607][    T9] bond0 (unregistering): Released all slaves
[  426.610731][ T8430] syz.8.896 (8430): drop_caches: 2
[  426.704336][   T26] audit: type=1326 audit(1757719898.573:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8449 comm="syz.9.900" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f4d1a5b4ba9 code=0x0
[  426.765399][ T4262] usb 2-1: new full-speed USB device number 7 using dummy_hcd
[  427.895503][ T4262] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  428.026614][ T4262] usb 2-1: config 0 has no interfaces?
[  429.016132][ T4262] usb 2-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  429.036176][ T4262] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  429.044299][ T4262] usb 2-1: Product: syz
[  429.050657][ T4262] usb 2-1: Manufacturer: syz
[  429.065405][ T4262] usb 2-1: SerialNumber: syz
[  429.079722][ T4262] usb 2-1: config 0 descriptor??
[  429.535570][ T4262] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  429.708087][ T8489] netlink: 4 bytes leftover after parsing attributes in process `syz.7.906'.
[  430.735931][ T4262] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  430.770772][ T4262] usb 6-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  430.800766][ T4262] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  430.845228][ T4298] usb 2-1: USB disconnect, device number 7
[  430.876621][ T4262] usb 6-1: config 0 descriptor??
[  430.961376][ T4262] pwc: Askey VC010 type 2 USB webcam detected.
[  430.976200][ T8510] binder: 8509:8510 ioctl c0306201 0 returned -14
[  431.032875][ T8510] binder: BINDER_SET_CONTEXT_MGR already set
[  431.062866][ T8510] binder: 8509:8510 ioctl 4018620d 200000000ac0 returned -16
[  431.081214][ T8510] binder: 8509:8510 ioctl c0306201 2000000003c0 returned -14
[  431.385574][ T4262] pwc: recv_control_msg error -32 req 02 val 2b00
[  431.392222][ T4298] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  431.445576][ T4262] pwc: recv_control_msg error -32 req 02 val 2700
[  431.505508][ T4262] pwc: recv_control_msg error -32 req 02 val 2c00
[  431.545585][ T4262] pwc: recv_control_msg error -32 req 04 val 1000
[  431.595508][ T4262] pwc: recv_control_msg error -32 req 04 val 1300
[  431.636898][ T4262] pwc: recv_control_msg error -32 req 04 val 1400
[  431.685529][ T4262] pwc: recv_control_msg error -32 req 02 val 2000
[  431.745943][ T4262] pwc: recv_control_msg error -32 req 02 val 2100
[  431.776495][ T4419] Bluetooth: hci2: command 0x0406 tx timeout
[  431.805654][ T4262] pwc: recv_control_msg error -32 req 04 val 1500
[  431.846124][ T4298] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  431.875457][ T4262] pwc: recv_control_msg error -32 req 02 val 2500
[  431.885447][ T4298] usb 2-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  431.910901][ T4298] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  431.935431][ T4262] pwc: recv_control_msg error -32 req 02 val 2400
[  431.962258][ T4298] usb 2-1: config 0 descriptor??
[  431.975720][ T4262] pwc: recv_control_msg error -32 req 02 val 2600
[  432.035517][ T4262] pwc: recv_control_msg error -32 req 02 val 2900
[  432.044417][ T4298] pwc: Askey VC010 type 2 USB webcam detected.
[  432.085452][ T4262] pwc: recv_control_msg error -32 req 02 val 2800
[  432.135633][ T4262] pwc: recv_control_msg error -71 req 04 val 1100
[  432.143265][ T8510] syz.8.911 (8510): drop_caches: 2
[  432.165418][ T4262] pwc: recv_control_msg error -71 req 04 val 1200
[  432.215753][ T4262] pwc: Registered as video103.
[  432.241747][ T4262] input: PWC snapshot button as /devices/platform/dummy_hcd.5/usb6/6-1/input/input24
[  432.295170][ T4262] usb 6-1: USB disconnect, device number 7
[  432.528605][ T4298] pwc: recv_control_msg error -32 req 02 val 2b00
[  432.575882][ T4298] pwc: recv_control_msg error -32 req 02 val 2700
[  434.405368][ T4298] pwc: recv_control_msg error -71 req 02 val 2c00
[  434.435373][ T4298] pwc: recv_control_msg error -71 req 04 val 1000
[  434.455496][ T4298] pwc: recv_control_msg error -71 req 04 val 1300
[  434.475379][ T4298] pwc: recv_control_msg error -71 req 04 val 1400
[  434.495523][ T4298] pwc: recv_control_msg error -71 req 02 val 2000
[  434.515498][ T4298] pwc: recv_control_msg error -71 req 02 val 2100
[  434.545518][   T26] audit: type=1326 audit(1757719906.423:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8543 comm="syz.5.915" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f32949f2ba9 code=0x0
[  434.575067][ T4298] pwc: recv_control_msg error -71 req 04 val 1500
[  434.586584][ T8547] netlink: 8 bytes leftover after parsing attributes in process `syz.8.916'.
[  434.665911][ T4298] pwc: recv_control_msg error -71 req 02 val 2500
[  434.817139][ T4298] pwc: recv_control_msg error -71 req 02 val 2400
[  435.025897][ T4298] pwc: recv_control_msg error -71 req 02 val 2600
[  435.225503][ T4298] pwc: recv_control_msg error -71 req 02 val 2900
[  435.318945][ T4298] pwc: recv_control_msg error -71 req 02 val 2800
[  435.382915][ T8555] loop1: detected capacity change from 0 to 128
[  435.389653][ T4298] pwc: recv_control_msg error -71 req 04 val 1100
[  435.438465][ T4298] pwc: recv_control_msg error -71 req 04 val 1200
[  435.468307][ T4298] pwc: Registered as video103.
[  435.474257][ T4298] input: PWC snapshot button as /devices/platform/dummy_hcd.1/usb2/2-1/input/input25
[  435.600242][ T4298] usb 2-1: USB disconnect, device number 8
[  435.866280][ T8555] attempt to access beyond end of device
[  435.866280][ T8555] loop1: rw=2049, want=729, limit=128
[  437.360610][ T8586] loop9: detected capacity change from 0 to 128
[  437.399977][ T8590] loop5: detected capacity change from 0 to 128
[  437.544161][ T8590] EXT4-fs (loop5): mounted filesystem without journal. Opts: journal_dev=0x0000000000000000,nouid32,,errors=continue. Quota mode: none.
[  437.545591][ T4244] usb 9-1: new high-speed USB device number 2 using dummy_hcd
[  437.558535][ T4298] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  437.574410][ T8586] EXT4-fs (loop9): mounted filesystem without journal. Opts: journal_dev=0x0000000000000000,nouid32,,errors=continue. Quota mode: none.
[  437.575617][ T8590] ext4 filesystem being mounted at /177/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  437.591148][ T8586] ext4 filesystem being mounted at /7/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  438.415421][ T4244] usb 9-1: Using ep0 maxpacket: 32
[  438.435346][ T4298] usb 2-1: Using ep0 maxpacket: 32
[  438.555564][ T4244] usb 9-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 32
[  438.611421][ T4298] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 32
[  438.825804][ T4298] usb 2-1: New USB device found, idVendor=0499, idProduct=1010, bcdDevice= 5.f5
[  438.944952][ T4244] usb 9-1: New USB device found, idVendor=0499, idProduct=1010, bcdDevice= 5.f5
[  439.020299][ T4244] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  439.180923][ T4244] usb 9-1: Product: syz
[  439.263637][ T4244] usb 9-1: Manufacturer: syz
[  439.598902][ T4298] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  439.607122][ T4298] usb 2-1: Product: syz
[  439.611418][ T4298] usb 2-1: Manufacturer: syz
[  439.616131][ T4298] usb 2-1: SerialNumber: syz
[  439.630294][ T4298] usb 2-1: config 0 descriptor??
[  439.653246][ T4244] usb 9-1: SerialNumber: syz
[  439.694838][ T4244] usb 9-1: config 0 descriptor??
[  439.715652][ T8584] raw-gadget.1 gadget: fail, usb_ep_enable returned -22
[  439.765641][ T8583] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  439.942490][ T1428] ieee802154 phy0 wpan0: encryption failed: -22
[  439.948877][ T1428] ieee802154 phy1 wpan1: encryption failed: -22
[  440.099369][ T4244] usb 9-1: USB disconnect, device number 2
[  440.173415][ T7566] usb 2-1: USB disconnect, device number 9
[  442.495382][ T8652] loop1: detected capacity change from 0 to 128
[  442.512786][ T8651] loop8: detected capacity change from 0 to 128
[  442.769423][ T8661] loop9: detected capacity change from 0 to 128
[  442.779124][ T8656] attempt to access beyond end of device
[  442.779124][ T8656] loop1: rw=2049, want=721, limit=128
[  442.781920][ T8662] attempt to access beyond end of device
[  442.781920][ T8662] loop8: rw=2049, want=841, limit=128
[  443.133251][ T8666] attempt to access beyond end of device
[  443.133251][ T8666] loop9: rw=2049, want=1041, limit=128
[  443.413329][ T8678] loop7: detected capacity change from 0 to 128
[  443.640018][ T8684] loop5: detected capacity change from 0 to 128
[  443.703108][ T8686] attempt to access beyond end of device
[  443.703108][ T8686] loop7: rw=2049, want=1041, limit=128
[  443.897651][ T8692] attempt to access beyond end of device
[  443.897651][ T8692] loop5: rw=2049, want=1041, limit=128
[  444.335801][ T4244] usb 10-1: new high-speed USB device number 2 using dummy_hcd
[  445.485302][ T4244] usb 10-1: Using ep0 maxpacket: 32
[  445.495967][ T8710] loop1: detected capacity change from 0 to 128
[  445.543838][ T8710] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  445.555772][ T8710] ext4 filesystem being mounted at /186/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  445.625529][ T4244] usb 10-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 32
[  445.639393][ T8714] loop7: detected capacity change from 0 to 512
[  445.668845][ T8714] EXT4-fs (loop7): corrupt root inode, run e2fsck
[  445.696115][ T8714] EXT4-fs (loop7): mount failed
[  445.948344][ T4244] usb 10-1: New USB device found, idVendor=0499, idProduct=1010, bcdDevice= 5.f5
[  446.150387][ T4244] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  446.159389][ T4244] usb 10-1: Product: syz
[  446.163784][ T4244] usb 10-1: Manufacturer: syz
[  446.168859][ T4244] usb 10-1: SerialNumber: syz
[  446.775571][ T4244] usb 10-1: config 0 descriptor??
[  446.805971][ T8698] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  446.832159][ T8728] loop8: detected capacity change from 0 to 1024
[  447.349482][ T4237] usb 10-1: USB disconnect, device number 2
[  447.429076][ T8740] loop1: detected capacity change from 0 to 1024
[  448.703693][ T8772] device bridge1 entered promiscuous mode
[  450.152732][ T8801] loop9: detected capacity change from 0 to 1024
[  450.882952][ T8817] loop1: detected capacity change from 0 to 512
[  451.041855][ T8817] EXT4-fs (loop1): corrupt root inode, run e2fsck
[  451.060219][ T8817] EXT4-fs (loop1): mount failed
[  451.464313][ T8825] loop7: detected capacity change from 0 to 128
[  451.566911][ T8829] loop8: detected capacity change from 0 to 512
[  452.179959][ T8829] EXT4-fs (loop8): corrupt root inode, run e2fsck
[  452.188351][ T8829] EXT4-fs (loop8): mount failed
[  452.194200][ T8825] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  452.215512][ T8825] ext4 filesystem being mounted at /72/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  452.284103][ T8841] loop1: detected capacity change from 0 to 512
[  452.580041][ T8843] loop5: detected capacity change from 0 to 128
[  452.603281][ T8841] EXT4-fs (loop1): error: could not find journal device path: error -2
[  453.210720][ T8843] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  453.290472][ T8855] loop8: detected capacity change from 0 to 512
[  453.324663][ T8843] ext4 filesystem being mounted at /183/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  453.374780][ T8855] EXT4-fs (loop8): error: could not find journal device path: error -2
[  455.694924][ T8874] loop5: detected capacity change from 0 to 512
[  455.786548][ T8874] EXT4-fs (loop5): corrupt root inode, run e2fsck
[  455.799526][ T8874] EXT4-fs (loop5): mount failed
[  457.395057][ T8898] loop7: detected capacity change from 0 to 512
[  457.486579][ T8898] EXT4-fs (loop7): corrupt root inode, run e2fsck
[  457.548835][ T8898] EXT4-fs (loop7): mount failed
[  458.446650][ T8913] netlink: 8 bytes leftover after parsing attributes in process `syz.8.969'.
[  459.235926][ T8924] device bridge1 entered promiscuous mode
[  459.319139][ T8925] loop7: detected capacity change from 0 to 1024
[  459.457633][ T8928] device bridge1 entered promiscuous mode
[  459.660416][ T8932] loop1: detected capacity change from 0 to 1024
[  459.678814][ T8934] loop5: detected capacity change from 0 to 1024
[  459.724371][ T8938] loop8: detected capacity change from 0 to 1024
[  459.932657][ T8938] EXT4-fs (loop8): Ignoring removed nomblk_io_submit option
[  459.967206][ T8932] EXT4-fs (loop1): Ignoring removed nomblk_io_submit option
[  460.220122][ T8932] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e815c02c, mo2=0003]
[  460.242479][ T8938] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e815c02c, mo2=0003]
[  460.366824][ T8932] System zones: 0-1, 3-36
[  460.371750][ T8938] System zones: 0-1, 3-36
[  460.395855][ T8932] EXT4-fs (loop1): mounted filesystem without journal. Opts: grpquota,delalloc,resuid=0x0000000000000000,debug,errors=remount-ro,bsddf,nomblk_io_submit,noauto_da_alloc,. Quota mode: writeback.
[  460.424054][ T8938] EXT4-fs (loop8): mounted filesystem without journal. Opts: grpquota,delalloc,resuid=0x0000000000000000,debug,errors=remount-ro,bsddf,nomblk_io_submit,noauto_da_alloc,. Quota mode: writeback.
[  460.817286][ T8951] loop7: detected capacity change from 0 to 512
[  460.824170][ T8932] netlink: 8 bytes leftover after parsing attributes in process `syz.1.976'.
[  460.879476][ T8952] loop9: detected capacity change from 0 to 512
[  460.888248][ T8938] netlink: 8 bytes leftover after parsing attributes in process `syz.8.980'.
[  460.995637][ T8952] EXT4-fs (loop9): error: could not find journal device path: error -2
[  461.008828][ T8951] EXT4-fs (loop7): error: could not find journal device path: error -2
[  463.235606][ T4237] usb 9-1: new high-speed USB device number 3 using dummy_hcd
[  463.769476][ T4237] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  463.795282][ T4237] usb 9-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  463.936467][ T4237] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  463.996967][ T4237] usb 9-1: config 0 descriptor??
[  464.005339][   T21] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  464.228189][ T4237] pwc: Askey VC010 type 2 USB webcam detected.
[  464.385836][   T21] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  464.529497][   T21] usb 6-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  464.782190][   T21] usb 6-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  464.955411][   T21] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  464.993495][ T4237] pwc: send_video_command error -71
[  465.001974][ T4237] pwc: Failed to set video mode CIF@30 fps; return code = -71
[  465.010400][ T4237] Philips webcam: probe of 9-1:0.0 failed with error -71
[  465.023065][ T4237] usb 9-1: USB disconnect, device number 3
[  465.056233][   T21] usb 6-1: config 0 descriptor??
[  465.268169][   T21] usb 6-1: can't set config #0, error -71
[  465.275598][   T21] usb 6-1: USB disconnect, device number 8
[  465.435638][ T4237] usb 9-1: new high-speed USB device number 4 using dummy_hcd
[  465.905664][ T4237] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  465.937332][ T4237] usb 9-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  465.975628][ T4237] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  465.993275][ T4237] usb 9-1: config 0 descriptor??
[  466.185486][ T4244] usb 8-1: new high-speed USB device number 5 using dummy_hcd
[  466.595844][ T4244] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  466.668813][ T4244] usb 8-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  466.810747][ T4237] pwc: Askey VC010 type 2 USB webcam detected.
[  466.822965][ T4244] usb 8-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  466.835410][ T9015] netlink: 8 bytes leftover after parsing attributes in process `syz.9.986'.
[  466.839575][ T4244] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  466.859121][ T4244] usb 8-1: config 0 descriptor??
[  467.115464][ T4237] pwc: recv_control_msg error -32 req 02 val 2b00
[  467.773955][   T21] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[  468.236909][ T4237] pwc: recv_control_msg error -32 req 02 val 2700
[  468.354642][ T4237] pwc: recv_control_msg error -32 req 02 val 2c00
[  468.411683][ T4237] pwc: recv_control_msg error -32 req 04 val 1000
[  468.455746][ T4237] pwc: recv_control_msg error -32 req 04 val 1300
[  468.484180][ T9040] loop9: detected capacity change from 0 to 128
[  468.505493][ T4237] pwc: recv_control_msg error -32 req 04 val 1400
[  468.545429][ T4237] pwc: recv_control_msg error -32 req 02 val 2000
[  468.595551][ T4237] pwc: recv_control_msg error -32 req 02 val 2100
[  468.638640][   T21] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  468.654545][   T21] usb 6-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  468.662753][ T4237] pwc: recv_control_msg error -32 req 04 val 1500
[  468.665174][   T21] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  468.689359][ T9040] attempt to access beyond end of device
[  468.689359][ T9040] loop9: rw=2049, want=1041, limit=128
[  468.700301][   T21] usb 6-1: config 0 descriptor??
[  468.716563][ T4237] pwc: recv_control_msg error -32 req 02 val 2500
[  468.752099][   T21] pwc: Askey VC010 type 2 USB webcam detected.
[  468.765571][ T4237] pwc: recv_control_msg error -32 req 02 val 2400
[  468.809340][ T4237] pwc: recv_control_msg error -32 req 02 val 2600
[  468.884465][ T9053] loop9: detected capacity change from 0 to 128
[  468.896427][ T4237] pwc: recv_control_msg error -32 req 02 val 2900
[  469.059257][ T9053] attempt to access beyond end of device
[  469.059257][ T9053] loop9: rw=2049, want=1041, limit=128
[  469.185556][   T21] pwc: recv_control_msg error -32 req 02 val 2b00
[  469.225534][   T21] pwc: recv_control_msg error -32 req 02 val 2700
[  469.265376][   T21] pwc: recv_control_msg error -32 req 02 val 2c00
[  469.315364][   T21] pwc: recv_control_msg error -32 req 04 val 1000
[  469.355422][   T21] pwc: recv_control_msg error -32 req 04 val 1300
[  469.515464][ T4237] pwc: recv_control_msg error -71 req 04 val 1200
[  469.536135][ T4237] pwc: Registered as video103.
[  469.542333][   T21] pwc: recv_control_msg error -32 req 04 val 1400
[  469.585373][   T21] pwc: recv_control_msg error -32 req 02 val 2000
[  469.625462][   T21] pwc: recv_control_msg error -32 req 02 val 2100
[  469.626611][ T4237] input: PWC snapshot button as /devices/platform/dummy_hcd.8/usb9/9-1/input/input26
[  469.906169][   T21] pwc: recv_control_msg error -32 req 04 val 1500
[  469.985787][   T21] pwc: recv_control_msg error -32 req 02 val 2500
[  470.496161][   T21] pwc: recv_control_msg error -32 req 02 val 2400
[  470.535424][   T21] pwc: recv_control_msg error -32 req 02 val 2600
[  470.565933][ T4237] usb 9-1: USB disconnect, device number 4
[  470.572059][   T13] usb 8-1: USB disconnect, device number 5
[  470.723354][   T21] pwc: recv_control_msg error -32 req 02 val 2900
[  470.995440][   T21] pwc: recv_control_msg error -71 req 04 val 1100
[  471.025370][   T21] pwc: recv_control_msg error -71 req 04 val 1200
[  471.035673][   T21] pwc: Registered as video103.
[  471.059696][   T21] input: PWC snapshot button as /devices/platform/dummy_hcd.5/usb6/6-1/input/input27
[  471.155379][ T7566] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  471.173728][   T21] usb 6-1: USB disconnect, device number 9
[  471.415440][ T7566] usb 2-1: Using ep0 maxpacket: 32
[  471.543856][ T7566] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 32
[  471.688575][ T9108] loop5: detected capacity change from 0 to 128
[  471.720596][ T7566] usb 2-1: New USB device found, idVendor=0499, idProduct=1010, bcdDevice= 5.f5
[  471.740065][ T7566] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  471.785391][ T7566] usb 2-1: Product: syz
[  471.800610][ T7566] usb 2-1: Manufacturer: syz
[  471.831264][ T7566] usb 2-1: SerialNumber: syz
[  471.854956][ T9110] attempt to access beyond end of device
[  471.854956][ T9110] loop5: rw=2049, want=409, limit=128
[  471.877292][ T7566] usb 2-1: config 0 descriptor??
[  471.895588][ T9087] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  472.023789][ T9112] loop9: detected capacity change from 0 to 128
[  473.469770][ T9112] attempt to access beyond end of device
[  473.469770][ T9112] loop9: rw=2049, want=1033, limit=128
[  474.117233][ T4244] usb 2-1: USB disconnect, device number 10
[  474.216508][ T9143] loop7: detected capacity change from 0 to 128
[  474.235448][ T4419] usb 9-1: new high-speed USB device number 5 using dummy_hcd
[  474.322386][ T9143] attempt to access beyond end of device
[  474.322386][ T9143] loop7: rw=2049, want=1041, limit=128
[  474.333743][ T4262] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[  474.471680][ T9147] loop9: detected capacity change from 0 to 1024
[  474.475457][ T4419] usb 9-1: Using ep0 maxpacket: 32
[  474.577620][ T4262] usb 6-1: Using ep0 maxpacket: 32
[  474.745071][ T9152] loop7: detected capacity change from 0 to 1024
[  474.755692][ T4262] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 32
[  474.766981][ T4419] usb 9-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 32
[  475.266863][ T4262] usb 6-1: New USB device found, idVendor=0499, idProduct=1010, bcdDevice= 5.f5
[  475.278014][ T4419] usb 9-1: New USB device found, idVendor=0499, idProduct=1010, bcdDevice= 5.f5
[  475.374646][ T4262] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  475.476998][ T4419] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  475.586511][ T4262] usb 6-1: Product: syz
[  475.595564][ T4419] usb 9-1: Product: syz
[  475.599876][ T4419] usb 9-1: Manufacturer: syz
[  475.614817][ T4262] usb 6-1: Manufacturer: syz
[  475.624950][ T4262] usb 6-1: SerialNumber: syz
[  475.629933][ T4419] usb 9-1: SerialNumber: syz
[  475.656197][ T4419] usb 9-1: config 0 descriptor??
[  475.662665][ T4262] usb 6-1: config 0 descriptor??
[  475.675614][ T9138] raw-gadget.1 gadget: fail, usb_ep_enable returned -22
[  475.695698][ T9140] raw-gadget.2 gadget: fail, usb_ep_enable returned -22
[  475.947720][ T9163] loop1: detected capacity change from 0 to 512
[  477.330139][ T4419] usb 9-1: USB disconnect, device number 5
[  477.371880][ T4237] usb 6-1: USB disconnect, device number 10
[  477.451997][ T9163] EXT4-fs (loop1): corrupt root inode, run e2fsck
[  477.470450][ T9163] EXT4-fs (loop1): mount failed
[  477.554703][ T9177] loop5: detected capacity change from 0 to 1024
[  478.118806][ T4324] udevd[4324]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/sound/card4/controlC4/../uevent} for writing: No such file or directory
[  478.198648][ T9187] loop1: detected capacity change from 0 to 512
[  478.306332][ T9191] loop7: detected capacity change from 0 to 128
[  478.408832][ T9187] EXT4-fs (loop1): corrupt root inode, run e2fsck
[  478.437691][ T9187] EXT4-fs (loop1): mount failed
[  478.455952][ T9191] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  478.586665][ T9191] ext4 filesystem being mounted at /84/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  479.005156][ T9204] loop9: detected capacity change from 0 to 512
[  480.247361][ T9204] EXT4-fs (loop9): corrupt root inode, run e2fsck
[  480.254075][ T9204] EXT4-fs (loop9): mount failed
[  481.414083][ T9230] loop7: detected capacity change from 0 to 1024
[  481.478259][ T9232] loop9: detected capacity change from 0 to 512
[  481.493487][ T9231] loop5: detected capacity change from 0 to 512
[  481.623558][ T9231] EXT4-fs (loop5): corrupt root inode, run e2fsck
[  481.630246][ T9232] EXT4-fs (loop9): corrupt root inode, run e2fsck
[  481.701829][ T9231] EXT4-fs (loop5): mount failed
[  481.707360][ T9232] EXT4-fs (loop9): mount failed
[  484.207528][ T9256] loop1: detected capacity change from 0 to 1024
[  484.278356][ T9264] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1031'.
[  484.453728][ T9263] loop7: detected capacity change from 0 to 1024
[  484.511899][ T9266] loop5: detected capacity change from 0 to 1024
[  486.125355][ T9288] loop8: detected capacity change from 0 to 512
[  486.175859][ T9291] loop1: detected capacity change from 0 to 128
[  486.229419][ T9288] EXT4-fs (loop8): error: could not find journal device path: error -2
[  486.549124][ T9293] loop7: detected capacity change from 0 to 1024
[  487.232988][ T9293] EXT4-fs (loop7): Ignoring removed nomblk_io_submit option
[  487.454631][ T9293] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e815c02c, mo2=0003]
[  487.505547][ T9293] System zones: 0-1, 3-36
[  487.633724][ T9293] EXT4-fs (loop7): mounted filesystem without journal. Opts: grpquota,delalloc,resuid=0x0000000000000000,debug,errors=remount-ro,bsddf,nomblk_io_submit,noauto_da_alloc,. Quota mode: writeback.
[  487.707204][ T9293] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1040'.
[  487.821730][ T9305] loop5: detected capacity change from 0 to 8192
[  487.967379][ T9305] FAT-fs (loop5): error, fat_get_cluster: invalid cluster chain (i_pos 0)
[  488.034735][ T9305] FAT-fs (loop5): Filesystem has been set read-only
[  488.184180][ T9313] device bridge2 entered promiscuous mode
[  488.297885][ T4473] attempt to access beyond end of device
[  488.297885][ T4473] loop1: rw=1, want=1041, limit=128
[  489.387210][ T9327] loop5: detected capacity change from 0 to 128
[  489.422912][ T9328] loop1: detected capacity change from 0 to 128
[  489.586000][ T9331] loop7: detected capacity change from 0 to 256
[  489.593182][ T9331] exfat: Unknown parameter '00000000000000000000000ÿ18446744073709551615'
[  489.635767][ T9333] attempt to access beyond end of device
[  489.635767][ T9333] loop5: rw=2049, want=1041, limit=128
[  489.691076][ T9338] autofs4:pid:9338:autofs_fill_super: called with bogus options
[  489.836147][ T9328] attempt to access beyond end of device
[  489.836147][ T9328] loop1: rw=2049, want=1041, limit=128
[  490.066188][ T9347] loop8: detected capacity change from 0 to 1024
[  490.250359][ T7566] usb 10-1: new high-speed USB device number 3 using dummy_hcd
[  490.726009][ T7566] usb 10-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  490.792820][ T7566] usb 10-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  490.967395][ T7566] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  491.036506][ T7566] usb 10-1: config 0 descriptor??
[  491.083419][ T7566] pwc: Askey VC010 type 2 USB webcam detected.
[  491.535771][ T7566] pwc: recv_control_msg error -32 req 02 val 2b00
[  491.606427][ T7566] pwc: recv_control_msg error -32 req 02 val 2700
[  491.666223][ T7566] pwc: recv_control_msg error -32 req 02 val 2c00
[  491.785797][ T7566] pwc: recv_control_msg error -32 req 04 val 1000
[  491.855815][ T7566] pwc: recv_control_msg error -32 req 04 val 1300
[  491.883356][ T9369] loop5: detected capacity change from 0 to 1024
[  491.905857][ T7566] pwc: recv_control_msg error -32 req 04 val 1400
[  491.960912][ T7566] pwc: recv_control_msg error -32 req 02 val 2000
[  492.016076][ T7566] pwc: recv_control_msg error -32 req 02 val 2100
[  492.185785][ T7566] pwc: recv_control_msg error -32 req 04 val 1500
[  492.315695][ T7566] pwc: recv_control_msg error -32 req 02 val 2500
[  492.445350][ T7566] pwc: recv_control_msg error -32 req 02 val 2400
[  492.525665][ T7566] pwc: recv_control_msg error -32 req 02 val 2600
[  492.568955][ T9377] loop8: detected capacity change from 0 to 1024
[  492.575747][ T7566] pwc: recv_control_msg error -32 req 02 val 2900
[  492.935309][ T7566] pwc: recv_control_msg error -71 req 04 val 1100
[  492.955370][ T7566] pwc: recv_control_msg error -71 req 04 val 1200
[  492.976224][ T7566] pwc: Registered as video103.
[  492.982227][ T7566] input: PWC snapshot button as /devices/platform/dummy_hcd.9/usb10/10-1/input/input28
[  493.111478][ T9381] loop1: detected capacity change from 0 to 1024
[  493.651600][ T9386] device syzkaller0 entered promiscuous mode
[  494.022155][ T9392] loop9: detected capacity change from 0 to 1024
[  494.175615][ T7566] usb 10-1: USB disconnect, device number 3
[  494.373110][ T9397] device bridge2 entered promiscuous mode
[  494.455400][ T9392] EXT4-fs (loop9): Ignoring removed nomblk_io_submit option
[  494.753608][ T9392] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e815c02c, mo2=0003]
[  494.999026][ T9392] System zones: 0-1, 3-36
[  495.058297][ T9392] EXT4-fs (loop9): mounted filesystem without journal. Opts: grpquota,delalloc,resuid=0x0000000000000000,debug,errors=remount-ro,bsddf,nomblk_io_submit,noauto_da_alloc,. Quota mode: writeback.
[  495.328862][ T9392] netlink: 8 bytes leftover after parsing attributes in process `syz.9.1059'.
[  496.126244][ T9426] device bridge1 entered promiscuous mode
[  497.698233][ T9439] loop9: detected capacity change from 0 to 256
[  497.706153][ T4190] Bluetooth: hci3: link tx timeout
[  497.712238][ T4190] Bluetooth: hci3: killing stalled connection 11:aa:aa:aa:aa:aa
[  497.752027][ T9439] FAT-fs (loop9): Invalid FSINFO signature: 0x00fffff8, 0x00000000 (sector = 1)
[  498.034716][ T9448] loop1: detected capacity change from 0 to 1024
[  498.100808][ T9452] loop9: detected capacity change from 0 to 512
[  498.133240][ T9452] EXT4-fs (loop9): error: could not find journal device path: error -2
[  499.539278][ T9465] loop7: detected capacity change from 0 to 128
[  499.589345][ T9462] loop1: detected capacity change from 0 to 512
[  499.623483][ T9465] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=16, mo=a802c018, mo2=0002]
[  499.681375][ T9462] EXT4-fs (loop1): corrupt root inode, run e2fsck
[  499.709926][ T9462] EXT4-fs (loop1): mount failed
[  499.714980][ T9465] System zones: 1-3, 19-19, 35-36
[  499.750207][ T9465] EXT4-fs (loop7): mounted filesystem without journal. Opts: debug,,errors=continue. Quota mode: none.
[  499.774693][ T9465] ext4 filesystem being mounted at /94/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  499.785399][ T4262] Bluetooth: hci3: command 0x0406 tx timeout
[  500.578539][ T9479] autofs4:pid:9479:autofs_fill_super: called with bogus options
[  500.821628][ T9484] device syzkaller0 entered promiscuous mode
[  500.914813][ T9488] loop8: detected capacity change from 0 to 512
[  500.988466][ T9488] EXT4-fs (loop8): corrupt root inode, run e2fsck
[  501.026357][ T9488] EXT4-fs (loop8): mount failed
[  501.396120][ T1428] ieee802154 phy0 wpan0: encryption failed: -22
[  501.402608][ T1428] ieee802154 phy1 wpan1: encryption failed: -22
[  501.929435][ T9506] device bridge2 entered promiscuous mode
[  502.314087][ T9510] loop9: detected capacity change from 0 to 512
[  502.350437][ T9509] loop8: detected capacity change from 0 to 1024
[  502.361174][ T9513] loop7: detected capacity change from 0 to 1024
[  502.418564][ T9513] EXT4-fs (loop7): Ignoring removed nomblk_io_submit option
[  502.441643][ T9513] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e815c02c, mo2=0003]
[  502.458144][ T9513] System zones: 0-1, 3-36
[  502.469674][ T9510] EXT4-fs (loop9): corrupt root inode, run e2fsck
[  502.516268][ T9510] EXT4-fs (loop9): mount failed
[  502.516933][ T9513] EXT4-fs (loop7): mounted filesystem without journal. Opts: grpquota,delalloc,resuid=0x0000000000000000,debug,errors=remount-ro,bsddf,nomblk_io_submit,noauto_da_alloc,. Quota mode: writeback.
[  502.637138][ T9521] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1082'.
[  503.035860][ T9526] loop5: detected capacity change from 0 to 512
[  503.326221][ T9526] EXT4-fs (loop5): error: could not find journal device path: error -2
[  503.701537][ T9536] loop8: detected capacity change from 0 to 128
[  503.756434][ T9538] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1083'.
[  503.789663][ T9540] binder: 9539:9540 ioctl 4018620d 0 returned -22
[  503.828572][ T9540] binder: 9539:9540 ioctl c0306201 2000000003c0 returned -14
[  503.891050][ T9536] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=16, mo=a802c018, mo2=0002]
[  503.910859][ T9536] System zones: 1-3, 19-19, 35-36
[  503.987812][ T9536] EXT4-fs (loop8): mounted filesystem without journal. Opts: debug,,errors=continue. Quota mode: none.
[  504.023149][ T9536] ext4 filesystem being mounted at /37/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  504.154785][ T9554] loop7: detected capacity change from 0 to 128
[  504.381059][ T9548] autofs4:pid:9548:autofs_fill_super: called with bogus options
[  504.415110][ T9554] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=16, mo=a802c018, mo2=0002]
[  504.423884][ T9540] syz.9.1086 (9540): drop_caches: 2
[  504.447587][ T9554] System zones: 1-3, 19-19, 35-36
[  504.467194][ T9554] EXT4-fs (loop7): mounted filesystem without journal. Opts: debug,,errors=continue. Quota mode: none.
[  504.493735][ T9554] ext4 filesystem being mounted at /99/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  504.663146][ T9567] loop8: detected capacity change from 0 to 512
[  504.782598][ T9567] EXT4-fs (loop8): corrupt root inode, run e2fsck
[  504.799739][ T9574] loop9: detected capacity change from 0 to 2048
[  504.806306][ T9567] EXT4-fs (loop8): mount failed
[  506.711235][ T9589] loop8: detected capacity change from 0 to 512
[  506.814987][ T9589] EXT4-fs (loop8): corrupt root inode, run e2fsck
[  506.829570][ T9589] EXT4-fs (loop8): mount failed
[  508.660854][ T9612] loop8: detected capacity change from 0 to 512
[  508.808539][ T9617] loop7: detected capacity change from 0 to 1024
[  508.819228][ T9612] EXT4-fs (loop8): corrupt root inode, run e2fsck
[  508.826096][ T9612] EXT4-fs (loop8): mount failed
[  509.396215][ T9621] loop9: detected capacity change from 0 to 1024
[  509.669356][ T9629] loop8: detected capacity change from 0 to 128
[  509.755800][ T9629] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=16, mo=a802c018, mo2=0002]
[  509.784281][ T9629] System zones: 1-3, 19-19, 35-36
[  509.860652][ T9629] EXT4-fs (loop8): mounted filesystem without journal. Opts: debug,,errors=continue. Quota mode: none.
[  509.872071][ T9636] loop9: detected capacity change from 0 to 1024
[  509.889158][ T9640] loop1: detected capacity change from 0 to 2048
[  509.901759][ T9641] loop5: detected capacity change from 0 to 512
[  509.940535][ T9629] ext4 filesystem being mounted at /41/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  509.979356][ T9641] EXT4-fs (loop5): corrupt root inode, run e2fsck
[  510.002082][ T9641] EXT4-fs (loop5): mount failed
[  510.395501][ T9640] binder: BINDER_SET_CONTEXT_MGR already set
[  510.401505][ T9640] binder: 9639:9640 ioctl 4018620d 200000000080 returned -16
[  511.919018][ T9664] loop9: detected capacity change from 0 to 128
[  512.399429][ T9664] EXT4-fs (loop9): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  512.410401][ T9664] ext4 filesystem being mounted at /43/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  513.073095][ T9683] loop9: detected capacity change from 0 to 512
[  513.095398][   T21] usb 6-1: new high-speed USB device number 11 using dummy_hcd
[  513.204208][ T9683] EXT4-fs (loop9): mounting ext3 file system using the ext4 subsystem
[  513.266331][ T9683] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a003c11c, mo2=0002]
[  513.345256][   T21] usb 6-1: Using ep0 maxpacket: 32
[  513.403062][ T9683] System zones: 1-12
[  513.465616][   T21] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 32
[  513.465673][ T9683] EXT4-fs error (device loop9): ext4_xattr_ibody_find:2228: inode #15: comm syz.9.1113: corrupted in-inode xattr
[  513.592072][ T9683] EXT4-fs error (device loop9): ext4_orphan_get:1406: comm syz.9.1113: couldn't read orphan inode 15 (err -117)
[  513.641566][ T9683] EXT4-fs (loop9): mounted filesystem without journal. Opts: jqfmt=vfsold,grpid,debug,auto_da_alloc=0x000000000000df07,noauto_da_alloc,commit=0x0000000000000005,init_itable=0x0000000000000009,debug,usrjquota=,nolazytime,norecovery,,errors=continue. Quota mode: none.
[  513.670868][   T21] usb 6-1: New USB device found, idVendor=0499, idProduct=1010, bcdDevice= 5.f5
[  513.680151][   T21] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  513.689612][   T21] usb 6-1: Product: syz
[  513.693948][   T21] usb 6-1: Manufacturer: syz
[  513.699151][   T21] usb 6-1: SerialNumber: syz
[  513.731998][   T21] usb 6-1: config 0 descriptor??
[  513.825689][ T9676] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  514.376180][ T9713] loop9: detected capacity change from 0 to 128
[  514.544418][ T9720] loop1: detected capacity change from 0 to 128
[  514.631773][ T9718] loop8: detected capacity change from 0 to 2048
[  514.715742][ T9720] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=16, mo=a802c018, mo2=0002]
[  514.746207][ T9720] System zones: 1-3, 19-19, 35-36
[  514.766766][ T9720] EXT4-fs (loop1): mounted filesystem without journal. Opts: debug,,errors=continue. Quota mode: none.
[  514.793290][ T9713] attempt to access beyond end of device
[  514.793290][ T9713] loop9: rw=2049, want=1041, limit=128
[  514.893673][ T9720] ext4 filesystem being mounted at /228/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  516.121922][ T9735] loop1: detected capacity change from 0 to 1024
[  516.124896][ T4237] usb 6-1: USB disconnect, device number 11
[  516.327478][ T9738] loop9: detected capacity change from 0 to 128
[  517.251703][ T9745] loop5: detected capacity change from 0 to 128
[  517.270097][ T9750] loop1: detected capacity change from 0 to 128
[  517.417422][ T9738] attempt to access beyond end of device
[  517.417422][ T9738] loop9: rw=2049, want=1041, limit=128
[  517.518828][ T9756] attempt to access beyond end of device
[  517.518828][ T9756] loop1: rw=2049, want=1041, limit=128
[  517.563608][ T9757] attempt to access beyond end of device
[  517.563608][ T9757] loop5: rw=2049, want=1025, limit=128
[  517.969774][ T9766] autofs4:pid:9766:autofs_fill_super: called with bogus options
[  518.155195][ T9773] loop8: detected capacity change from 0 to 512
[  518.341601][ T9773] EXT4-fs (loop8): mounting ext3 file system using the ext4 subsystem
[  518.402099][ T9773] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a003c11c, mo2=0002]
[  518.417683][ T9773] System zones: 1-12
[  518.475311][ T9773] EXT4-fs error (device loop8): ext4_xattr_ibody_find:2228: inode #15: comm syz.8.1127: corrupted in-inode xattr
[  518.491097][ T9773] EXT4-fs error (device loop8): ext4_orphan_get:1406: comm syz.8.1127: couldn't read orphan inode 15 (err -117)
[  518.517548][ T9773] EXT4-fs (loop8): mounted filesystem without journal. Opts: jqfmt=vfsold,grpid,debug,auto_da_alloc=0x000000000000df07,noauto_da_alloc,commit=0x0000000000000005,init_itable=0x0000000000000009,debug,usrjquota=,nolazytime,norecovery,,errors=continue. Quota mode: none.
[  520.122482][ T9798] loop8: detected capacity change from 0 to 2048
[  520.153263][ T9806] loop5: detected capacity change from 0 to 128
[  520.516779][ T9806] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=16, mo=a802c018, mo2=0002]
[  520.680493][ T9806] System zones: 1-3, 19-19, 35-36
[  520.856587][ T9806] EXT4-fs (loop5): mounted filesystem without journal. Opts: debug,,errors=continue. Quota mode: none.
[  520.950509][ T9806] ext4 filesystem being mounted at /212/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  521.153453][ T9818] loop1: detected capacity change from 0 to 128
[  521.304066][ T9818] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=16, mo=a802c018, mo2=0002]
[  522.075347][ T9818] System zones: 1-3, 19-19, 35-36
[  522.081239][ T9818] EXT4-fs (loop1): mounted filesystem without journal. Opts: debug,,errors=continue. Quota mode: none.
[  522.160714][ T9824] loop5: detected capacity change from 0 to 128
[  522.195508][ T9818] ext4 filesystem being mounted at /233/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  522.469969][ T9824] attempt to access beyond end of device
[  522.469969][ T9824] loop5: rw=2049, want=1041, limit=128
[  522.579138][ T9833] autofs4:pid:9833:autofs_fill_super: called with bogus options
[  522.740501][ T9838] loop1: detected capacity change from 0 to 128
[  522.851817][ T9841] loop5: detected capacity change from 0 to 128
[  523.054625][ T9846] attempt to access beyond end of device
[  523.054625][ T9846] loop1: rw=2049, want=1041, limit=128
[  523.067738][ T9845] attempt to access beyond end of device
[  523.067738][ T9845] loop5: rw=2049, want=1041, limit=128
[  523.146214][   T21] usb 8-1: new high-speed USB device number 6 using dummy_hcd
[  523.385319][   T21] usb 8-1: Using ep0 maxpacket: 32
[  523.439872][ T9855] loop1: detected capacity change from 0 to 512
[  523.508532][   T21] usb 8-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 32
[  523.562882][ T9855] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[  523.592329][ T9859] loop8: detected capacity change from 0 to 1024
[  523.597418][ T9855] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a003c11c, mo2=0002]
[  523.639770][ T9855] System zones: 1-12
[  523.652129][ T9855] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2228: inode #15: comm syz.1.1141: corrupted in-inode xattr
[  523.696574][ T9855] EXT4-fs error (device loop1): ext4_orphan_get:1406: comm syz.1.1141: couldn't read orphan inode 15 (err -117)
[  523.714958][ T9855] EXT4-fs (loop1): mounted filesystem without journal. Opts: jqfmt=vfsold,grpid,debug,auto_da_alloc=0x000000000000df07,noauto_da_alloc,commit=0x0000000000000005,init_itable=0x0000000000000009,debug,usrjquota=,nolazytime,norecovery,,errors=continue. Quota mode: none.
[  523.745565][   T21] usb 8-1: New USB device found, idVendor=0499, idProduct=1010, bcdDevice= 5.f5
[  523.754644][   T21] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  523.995448][   T21] usb 8-1: Product: syz
[  524.017923][   T21] usb 8-1: Manufacturer: syz
[  524.036197][   T21] usb 8-1: SerialNumber: syz
[  524.483542][   T21] usb 8-1: config 0 descriptor??
[  524.525775][ T9843] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  524.583634][ T9872] loop5: detected capacity change from 0 to 128
[  524.643654][ T1110] Bluetooth: hci0: command 0x0406 tx timeout
[  524.649836][ T1110] Bluetooth: hci3: command 0x0406 tx timeout
[  525.596750][ T9883] loop8: detected capacity change from 0 to 2048
[  525.620341][ T9886] loop9: detected capacity change from 0 to 128
[  525.639013][ T4237] usb 8-1: USB disconnect, device number 6
[  525.644376][ T9872] attempt to access beyond end of device
[  525.644376][ T9872] loop5: rw=2049, want=1041, limit=128
[  527.147492][ T9886] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=16, mo=a802c018, mo2=0002]
[  527.173814][ T9886] System zones: 1-3, 19-19, 35-36
[  527.207598][ T9886] EXT4-fs (loop9): mounted filesystem without journal. Opts: debug,,errors=continue. Quota mode: none.
[  527.246590][ T9886] ext4 filesystem being mounted at /51/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  527.419530][ T4324] udevd[4324]: error opening ATTR{/sys/devices/platform/dummy_hcd.7/usb8/8-1/8-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  527.879262][   T13] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[  527.957370][ T4244] usb 8-1: new high-speed USB device number 7 using dummy_hcd
[  528.125921][ T4251] usb 6-1: new high-speed USB device number 12 using dummy_hcd
[  528.162655][ T9927] loop9: detected capacity change from 0 to 512
[  528.165327][   T13] usb 2-1: Using ep0 maxpacket: 16
[  528.215396][ T4244] usb 8-1: Using ep0 maxpacket: 16
[  528.295545][ T9927] EXT4-fs (loop9): mounting ext3 file system using the ext4 subsystem
[  528.318025][ T9927] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a003c11c, mo2=0002]
[  528.326461][   T13] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  528.335724][ T4244] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  528.355390][ T4244] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 3
[  528.365319][ T4251] usb 6-1: Using ep0 maxpacket: 16
[  528.375439][ T9927] System zones: 1-12
[  528.380906][   T13] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  528.395439][ T9927] EXT4-fs error (device loop9): ext4_xattr_ibody_find:2228: inode #15: comm syz.9.1155: corrupted in-inode xattr
[  528.442645][ T9933] autofs4:pid:9933:autofs_fill_super: called with bogus options
[  528.462080][ T9927] EXT4-fs error (device loop9): ext4_orphan_get:1406: comm syz.9.1155: couldn't read orphan inode 15 (err -117)
[  528.476911][ T9927] EXT4-fs (loop9): mounted filesystem without journal. Opts: jqfmt=vfsold,grpid,debug,auto_da_alloc=0x000000000000df07,noauto_da_alloc,commit=0x0000000000000005,init_itable=0x0000000000000009,debug,usrjquota=,nolazytime,norecovery,,errors=continue. Quota mode: none.
[  528.503062][ T4251] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  528.513679][ T4251] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[  528.555536][ T4244] usb 8-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  528.570360][ T4244] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  528.592553][ T4244] usb 8-1: Product: syz
[  528.613666][ T4244] usb 8-1: Manufacturer: syz
[  528.650908][ T4244] usb 8-1: SerialNumber: syz
[  528.675601][ T4251] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  528.704175][ T4251] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  528.737784][ T4251] usb 6-1: Product: syz
[  528.751044][ T4251] usb 6-1: Manufacturer: syz
[  528.765404][   T13] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  528.775602][ T4251] usb 6-1: SerialNumber: syz
[  528.777449][   T13] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  528.805052][   T13] usb 2-1: Product: syz
[  528.818753][   T13] usb 2-1: Manufacturer: syz
[  528.823477][   T13] usb 2-1: SerialNumber: syz
[  528.855600][ T9944] device syzkaller0 entered promiscuous mode
[  529.117856][ T4244] usb 8-1: 0:2 : does not exist
[  529.126290][ T9951] loop8: detected capacity change from 0 to 1024
[  529.212284][ T4244] usb 8-1: USB disconnect, device number 7
[  529.268776][ T4251] usb 6-1: 0:2 : does not exist
[  529.302075][ T9958] loop9: detected capacity change from 0 to 2048
[  529.337634][ T4251] usb 6-1: USB disconnect, device number 12
[  530.052013][   T13] usb 2-1: 0:2 : does not exist
[  530.145428][   T13] usb 2-1: USB disconnect, device number 11
[  530.294099][ T9971] loop5: detected capacity change from 0 to 128
[  530.394216][ T9971] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=16, mo=a802c018, mo2=0002]
[  530.431447][ T9971] System zones: 1-3, 19-19, 35-36
[  530.445016][ T9971] EXT4-fs (loop5): mounted filesystem without journal. Opts: debug,,errors=continue. Quota mode: none.
[  530.456945][ T9971] ext4 filesystem being mounted at /218/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  530.545022][ T4639] udevd[4639]: error opening ATTR{/sys/devices/platform/dummy_hcd.7/usb8/8-1/8-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  530.775607][   T13] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[  530.786396][ T4314] udevd[4314]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:1.0/sound/card4/controlC4/../uevent} for writing: No such file or directory
[  530.887116][ T9988] loop5: detected capacity change from 0 to 32768
[  530.982533][ T9988] (syz.5.1165,9988,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  531.006207][ T9988] (syz.5.1165,9988,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  532.305501][   T13] usb 2-1: Using ep0 maxpacket: 16
[  532.317320][ T9988] JBD2: Ignoring recovery information on journal
[  532.331053][ T9999] loop8: detected capacity change from 0 to 128
[  532.441779][ T9988] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode.
[  532.459127][   T13] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  532.515271][   T13] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  532.589354][ T9999] EXT4-fs (loop8): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  532.644323][ T9988] 
[  532.646698][ T9988] ======================================================
[  532.653727][ T9988] WARNING: possible circular locking dependency detected
[  532.660768][ T9988] syzkaller #0 Not tainted
[  532.665195][ T9988] ------------------------------------------------------
[  532.672236][ T9988] syz.5.1165/9988 is trying to acquire lock:
[  532.678237][ T9988] ffff888029cfc650 (sb_internal#4){.+.+}-{0:0}, at: ocfs2_acquire_dquot+0x677/0xaf0
[  532.687680][ T9988] 
[  532.687680][ T9988] but task is already holding lock:
[  532.695070][ T9988] ffff888076a05be0 (&ocfs2_quota_ip_alloc_sem_key){++++}-{3:3}, at: ocfs2_lock_global_qf+0x1e5/0x270
[  532.705980][ T9988] 
[  532.705980][ T9988] which lock already depends on the new lock.
[  532.705980][ T9988] 
[  532.716398][ T9988] 
[  532.716398][ T9988] the existing dependency chain (in reverse order) is:
[  532.725435][ T9988] 
[  532.725435][ T9988] -> #6 (&ocfs2_quota_ip_alloc_sem_key){++++}-{3:3}:
[  532.734412][ T9988]        down_write+0x38/0x60
[  532.739120][ T9988]        ocfs2_lock_global_qf+0x1e5/0x270
[  532.744865][ T9988]        ocfs2_acquire_dquot+0x29d/0xaf0
[  532.750520][ T9988]        dqget+0x778/0xeb0
[  532.754964][ T9988]        __dquot_initialize+0x3b6/0xcb0
[  532.760534][ T9988]        ocfs2_get_init_inode+0x138/0x1b0
[  532.766276][ T9988]        ocfs2_mknod+0x8aa/0x22b0
[  532.771325][ T9988]        ocfs2_create+0x192/0x410
[  532.776371][ T9988]        path_openat+0x11e1/0x2f30
[  532.781507][ T9988]        do_filp_open+0x1b3/0x3e0
[  532.786553][ T9988]        do_sys_openat2+0x142/0x4a0
[  532.791777][ T9988]        __x64_sys_openat+0x135/0x160
[  532.795702][ T4419] usb 8-1: new high-speed USB device number 8 using dummy_hcd
[  532.797174][ T9988]        do_syscall_64+0x4c/0xa0
[  532.797196][ T9988]        entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  532.816006][ T9988] 
[  532.816006][ T9988] -> #5 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#3){+.+.}-{3:3}:
[  532.826557][ T9988]        down_write+0x38/0x60
[  532.831259][ T9988]        ocfs2_lock_global_qf+0x1c7/0x270
[  532.837001][ T9988]        ocfs2_acquire_dquot+0x29d/0xaf0
[  532.842664][ T9988]        dqget+0x778/0xeb0
[  532.847106][ T9988]        __dquot_initialize+0x3b6/0xcb0
[  532.852699][ T9988]        ocfs2_get_init_inode+0x138/0x1b0
[  532.858440][ T9988]        ocfs2_mknod+0x8aa/0x22b0
[  532.863491][ T9988]        ocfs2_create+0x192/0x410
[  532.868534][ T9988]        path_openat+0x11e1/0x2f30
[  532.873664][ T9988]        do_filp_open+0x1b3/0x3e0
[  532.878712][ T9988]        do_sys_openat2+0x142/0x4a0
[  532.883937][ T9988]        __x64_sys_openat+0x135/0x160
[  532.889339][ T9988]        do_syscall_64+0x4c/0xa0
[  532.894297][ T9988]        entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  532.895721][   T13] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  532.900728][ T9988] 
[  532.900728][ T9988] -> #4 (&dquot->dq_lock){+.+.}-{3:3}:
[  532.917394][ T9988]        __mutex_lock_common+0x1eb/0x2390
[  532.923146][ T9988]        mutex_lock_nested+0x17/0x20
[  532.928458][ T9988]        dquot_commit+0x5a/0x410
[  532.933421][ T9988]        ext4_write_dquot+0x1f0/0x360
[  532.938820][ T9988]        mark_all_dquot_dirty+0xf9/0x400
[  532.944480][ T9988]        __dquot_free_space+0x7ca/0xb90
[  532.950047][ T9988]        ext4_free_blocks+0x1af5/0x2480
[  532.955614][ T9988]        ext4_ext_remove_space+0x1eaa/0x43a0
[  532.961618][ T9988]        ext4_ext_truncate+0x192/0x240
[  532.967124][ T9988]        ext4_truncate+0x9f1/0x10d0
[  532.972352][ T9988]        ext4_setattr+0xffe/0x19e0
[  532.977500][ T9988]        notify_change+0xbcd/0xee0
[  532.982640][ T9988]        do_truncate+0x197/0x220
[  532.983229][   T13] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  532.987603][ T9988]        path_openat+0x28af/0x2f30
[  532.987625][ T9988]        do_filp_open+0x1b3/0x3e0
[  532.987648][ T9988]        do_sys_openat2+0x142/0x4a0
[  533.010953][ T9988]        __x64_sys_open+0x11b/0x140
[  533.016173][ T9988]        do_syscall_64+0x4c/0xa0
[  533.021147][ T9988]        entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  533.027590][ T9988] 
[  533.027590][ T9988] -> #3 (&ei->i_data_sem){++++}-{3:3}:
[  533.035268][ T9988]        down_write+0x38/0x60
[  533.039968][ T9988]        ext4_truncate+0x96d/0x10d0
[  533.045188][ T9988]        ext4_setattr+0xffe/0x19e0
[  533.050324][ T9988]        notify_change+0xbcd/0xee0
[  533.055458][ T9988]        do_truncate+0x197/0x220
[  533.060421][ T9988]        do_sys_ftruncate+0x31b/0x3d0
[  533.065813][ T9988]        do_syscall_64+0x4c/0xa0
[  533.070767][ T9988]        entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  533.077205][ T9988] 
[  533.077205][ T9988] -> #2 (jbd2_handle){++++}-{0:0}:
[  533.084532][   T13] usb 2-1: Product: syz
[  533.084528][ T9988]        start_this_handle+0x1338/0x15a0
[  533.084554][ T9988]        jbd2__journal_start+0x2b7/0x5a0
[  533.099965][ T9988]        jbd2_journal_start+0x26/0x30
[  533.105451][ T9988]        ocfs2_start_trans+0x374/0x6c0
[  533.109618][   T13] usb 2-1: Manufacturer: syz
[  533.110943][ T9988]        ocfs2_modify_bh+0xe5/0x470
[  533.110966][ T9988]        ocfs2_local_read_info+0x13b1/0x16e0
[  533.126717][ T9988]        dquot_load_quota_sb+0x756/0xac0
[  533.132376][ T9988]        dquot_load_quota_inode+0x2d8/0x5d0
[  533.138301][ T9988]        ocfs2_enable_quotas+0x1c3/0x440
[  533.143963][ T9988]        ocfs2_fill_super+0x3a1f/0x4d80
[  533.147797][   T13] usb 2-1: SerialNumber: syz
[  533.149531][ T9988]        mount_bdev+0x287/0x3c0
[  533.149557][ T9988]        legacy_get_tree+0xe6/0x180
[  533.164324][ T9988]        vfs_get_tree+0x88/0x270
[  533.169298][ T9988]        do_new_mount+0x24a/0xa40
[  533.174352][ T9988]        __se_sys_mount+0x2d6/0x3c0
[  533.179618][ T9988]        do_syscall_64+0x4c/0xa0
[  533.184576][ T9988]        entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  533.191059][ T9988] 
[  533.191059][ T9988] -> #1 (&journal->j_trans_barrier){.+.+}-{3:3}:
[  533.198121][ T4419] usb 8-1: Using ep0 maxpacket: 16
[  533.199594][ T9988]        down_read+0x44/0x2e0
[  533.209411][ T9988]        ocfs2_start_trans+0x368/0x6c0
[  533.214901][ T9988]        ocfs2_modify_bh+0xe5/0x470
[  533.220141][ T9988]        ocfs2_local_read_info+0x13b1/0x16e0
[  533.226151][ T9988]        dquot_load_quota_sb+0x756/0xac0
[  533.231809][ T9988]        dquot_load_quota_inode+0x2d8/0x5d0
[  533.237725][ T9988]        ocfs2_enable_quotas+0x1c3/0x440
[  533.243397][ T9988]        ocfs2_fill_super+0x3a1f/0x4d80
[  533.248967][ T9988]        mount_bdev+0x287/0x3c0
[  533.253838][ T9988]        legacy_get_tree+0xe6/0x180
[  533.259067][ T9988]        vfs_get_tree+0x88/0x270
[  533.264031][ T9988]        do_new_mount+0x24a/0xa40
[  533.269073][ T9988]        __se_sys_mount+0x2d6/0x3c0
[  533.274294][ T9988]        do_syscall_64+0x4c/0xa0
[  533.279252][ T9988]        entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  533.285687][ T9988] 
[  533.285687][ T9988] -> #0 (sb_internal#4){.+.+}-{0:0}:
[  533.293189][ T9988]        __lock_acquire+0x2c33/0x7c60
[  533.298592][ T9988]        lock_acquire+0x197/0x3f0
[  533.303639][ T9988]        ocfs2_start_trans+0x269/0x6c0
[  533.309124][ T9988]        ocfs2_acquire_dquot+0x677/0xaf0
[  533.314781][ T9988]        dqget+0x778/0xeb0
[  533.319217][ T9988]        __dquot_initialize+0x3b6/0xcb0
[  533.324783][ T9988]        ocfs2_get_init_inode+0x138/0x1b0
[  533.330520][ T9988]        ocfs2_mknod+0x8aa/0x22b0
[  533.335566][ T9988]        ocfs2_create+0x192/0x410
[  533.340606][ T9988]        path_openat+0x11e1/0x2f30
[  533.345738][ T9988]        do_filp_open+0x1b3/0x3e0
[  533.350783][ T9988]        do_sys_openat2+0x142/0x4a0
[  533.356005][ T9988]        __x64_sys_openat+0x135/0x160
[  533.361508][ T9988]        do_syscall_64+0x4c/0xa0
[  533.366470][ T9988]        entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  533.373171][ T9988] 
[  533.373171][ T9988] other info that might help us debug this:
[  533.373171][ T9988] 
[  533.383415][ T9988] Chain exists of:
[  533.383415][ T9988]   sb_internal#4 --> &ocfs2_sysfile_lock_key[args->fi_sysfile_type]#3 --> &ocfs2_quota_ip_alloc_sem_key
[  533.383415][ T9988] 
[  533.400409][ T9988]  Possible unsafe locking scenario:
[  533.400409][ T9988] 
[  533.408047][ T9988]        CPU0                    CPU1
[  533.413431][ T9988]        ----                    ----
[  533.418804][ T9988]   lock(&ocfs2_quota_ip_alloc_sem_key);
[  533.424456][ T9988]                                lock(&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#3);
[  533.434284][ T9988]                                lock(&ocfs2_quota_ip_alloc_sem_key);
[  533.442451][ T9988]   lock(sb_internal#4);
[  533.446716][ T9988] 
[  533.446716][ T9988]  *** DEADLOCK ***
[  533.446716][ T9988] 
[  533.454867][ T9988] 6 locks held by syz.5.1165/9988:
[  533.459988][ T9988]  #0: ffff888029cfc460 (sb_writers#27){.+.+}-{0:0}, at: mnt_want_write+0x3d/0x90
[  533.469249][ T9988]  #1: ffff888076a009c8 (&type->i_mutex_dir_key#16){+.+.}-{3:3}, at: path_openat+0x7f3/0x2f30
[  533.479557][ T9988]  #2: ffff888076942648 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#2){+.+.}-{3:3}, at: ocfs2_reserve_suballoc_bits+0x161/0x4350
[  533.493257][ T9988]  #3: ffff8880540820a8 (&dquot->dq_lock){+.+.}-{3:3}, at: ocfs2_acquire_dquot+0x290/0xaf0
[  533.495669][ T4419] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  533.503294][ T9988]  #4: ffff888076a05f48 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#3){+.+.}-{3:3}, at: ocfs2_lock_global_qf+0x1c7/0x270
[  533.526428][ T9988]  #5: ffff888076a05be0 (&ocfs2_quota_ip_alloc_sem_key){++++}-{3:3}, at: ocfs2_lock_global_qf+0x1e5/0x270
[  533.537775][ T9988] 
[  533.537775][ T9988] stack backtrace:
[  533.543682][ T9988] CPU: 1 PID: 9988 Comm: syz.5.1165 Not tainted syzkaller #0
[  533.551073][ T9988] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  533.556573][ T4419] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 3
[  533.561161][ T9988] Call Trace:
[  533.561170][ T9988]  <TASK>
[  533.561178][ T9988]  dump_stack_lvl+0x168/0x230
[  533.580925][ T9988]  ? load_image+0x3b0/0x3b0
[  533.585458][ T9988]  ? show_regs_print_info+0x20/0x20
[  533.590684][ T9988]  ? print_circular_bug+0x12b/0x1a0
[  533.595908][ T9988]  check_noncircular+0x274/0x310
[  533.600867][ T9988]  ? add_chain_block+0x940/0x940
[  533.605820][ T9988]  ? lockdep_lock+0xdc/0x1e0
[  533.610436][ T9988]  ? mark_lock+0x94/0x320
[  533.614788][ T9988]  ? mark_lock+0x94/0x320
[  533.619157][ T9988]  __lock_acquire+0x2c33/0x7c60
[  533.624051][ T9988]  ? verify_lock_unused+0x140/0x140
[  533.629270][ T9988]  ? verify_lock_unused+0x140/0x140
[  533.634495][ T9988]  ? ocfs2_get_init_inode+0x138/0x1b0
[  533.639885][ T9988]  ? path_openat+0x11e1/0x2f30
[  533.644669][ T9988]  ? do_filp_open+0x1b3/0x3e0
[  533.649371][ T9988]  ? do_sys_openat2+0x142/0x4a0
[  533.654254][ T9988]  ? do_syscall_64+0x4c/0xa0
[  533.658866][ T9988]  ? entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  533.664951][ T9988]  ? verify_lock_unused+0x140/0x140
[  533.670180][ T9988]  lock_acquire+0x197/0x3f0
[  533.674708][ T9988]  ? ocfs2_acquire_dquot+0x677/0xaf0
[  533.680022][ T9988]  ? __might_sleep+0xf0/0xf0
[  533.684626][ T9988]  ? do_raw_spin_lock+0x11d/0x280
[  533.689668][ T9988]  ? read_lock_is_recursive+0x10/0x10
[  533.695064][ T9988]  ? __rwlock_init+0x140/0x140
[  533.699852][ T9988]  ? do_raw_spin_unlock+0x11d/0x230
[  533.705075][ T9988]  ocfs2_start_trans+0x269/0x6c0
[  533.710041][ T9988]  ? ocfs2_acquire_dquot+0x677/0xaf0
[  533.715352][ T9988]  ? ocfs2_recovery_exit+0x50/0x50
[  533.720492][ T9988]  ? do_raw_spin_unlock+0x11d/0x230
[  533.725713][ T9988]  ? _raw_spin_unlock+0x24/0x40
[  533.730584][ T9988]  ? ocfs2_qinfo_unlock+0x11a/0x140
[  533.735805][ T9988]  ocfs2_acquire_dquot+0x677/0xaf0
[  533.740954][ T9988]  ? ocfs2_destroy_dquot+0x40/0x40
[  533.746135][ T9988]  ? percpu_counter_add_batch+0x13b/0x160
[  533.751885][ T9988]  dqget+0x778/0xeb0
[  533.755806][ T9988]  __dquot_initialize+0x3b6/0xcb0
[  533.760880][ T9988]  ? dquot_initialize+0x20/0x20
[  533.765749][ T9988]  ? do_raw_spin_unlock+0x11d/0x230
[  533.770973][ T9988]  ocfs2_get_init_inode+0x138/0x1b0
[  533.776194][ T9988]  ? ocfs2_create_inode_in_orphan+0x1080/0x1080
[  533.782458][ T9988]  ? __lock_acquire+0x13ad/0x7c60
[  533.787510][ T9988]  ocfs2_mknod+0x8aa/0x22b0
[  533.792047][ T9988]  ? ocfs2_mkdir+0x410/0x410
[  533.796664][ T9988]  ? _raw_spin_lock_irqsave+0x7f/0xf0
[  533.802068][ T9988]  ? _raw_spin_unlock_irqrestore+0xaa/0x100
[  533.807987][ T9988]  ? __wake_up_common+0x5b/0x4e0
[  533.812960][ T9988]  ? ocfs2_inode_unlock+0xa1/0x140
[  533.818106][ T9988]  ? __lock_acquire+0x7c60/0x7c60
[  533.823159][ T9988]  ? __rwlock_init+0x140/0x140
[  533.827946][ T9988]  ? _raw_spin_unlock+0x24/0x40
[  533.832824][ T9988]  ? __d_add+0x4e0/0x7f0
[  533.837097][ T9988]  ? do_raw_spin_unlock+0x11d/0x230
[  533.842320][ T9988]  ? rcu_is_watching+0x11/0xa0
[  533.847107][ T9988]  ? ocfs2_lookup+0x491/0x930
[  533.851814][ T9988]  ocfs2_create+0x192/0x410
[  533.856341][ T9988]  ? ocfs2_update_inode_fsync_trans+0x200/0x200
[  533.862609][ T9988]  ? ocfs2_lookup+0x930/0x930
[  533.867310][ T9988]  ? inode_permission+0xef/0x480
[  533.872275][ T9988]  ? bpf_lsm_inode_create+0x5/0x10
[  533.877406][ T9988]  ? security_inode_create+0xb3/0x100
[  533.882799][ T9988]  ? ocfs2_lookup+0x930/0x930
[  533.887501][ T9988]  path_openat+0x11e1/0x2f30
[  533.892134][ T9988]  ? do_filp_open+0x3e0/0x3e0
[  533.896843][ T9988]  do_filp_open+0x1b3/0x3e0
[  533.901376][ T9988]  ? vfs_tmpfile+0x300/0x300
[  533.905993][ T9988]  ? _raw_spin_unlock+0x24/0x40
[  533.910864][ T9988]  ? alloc_fd+0x598/0x630
[  533.915213][ T9988]  do_sys_openat2+0x142/0x4a0
[  533.919896][ T9988]  ? __lock_acquire+0x7c60/0x7c60
[  533.924928][ T9988]  ? do_sys_open+0xe0/0xe0
[  533.929346][ T9988]  ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[  533.935339][ T9988]  ? lock_chain_count+0x20/0x20
[  533.940283][ T9988]  ? vtime_user_exit+0x2dc/0x400
[  533.945222][ T9988]  __x64_sys_openat+0x135/0x160
[  533.950087][ T9988]  do_syscall_64+0x4c/0xa0
[  533.954502][ T9988]  ? clear_bhb_loop+0x30/0x80
[  533.959179][ T9988]  ? clear_bhb_loop+0x30/0x80
[  533.963943][ T9988]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  533.969848][ T9988] RIP: 0033:0x7f32949f2ba9
[  533.974267][ T9988] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  533.993874][ T9988] RSP: 002b:00007f3292c5a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  534.002285][ T9988] RAX: ffffffffffffffda RBX: 00007f3294c39fa0 RCX: 00007f32949f2ba9
[  534.010259][ T9988] RDX: 000000000000275a RSI: 00002000000001c0 RDI: ffffffffffffff9c
[  534.018409][ T9988] RBP: 00007f3294a75e19 R08: 0000000000000000 R09: 0000000000000000
[  534.026464][ T9988] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  534.034432][ T9988] R13: 00007f3294c3a038 R14: 00007f3294c39fa0 R15: 00007ffcf1d82518
[  534.042407][ T9988]  </TASK>
[  534.052919][ T4419] usb 8-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  534.064647][ T9999] ext4 filesystem being mounted at /57/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  534.096499][    C0] vkms_vblank_simulate: vblank timer overrun
[  534.108933][   T13] usb 2-1: can't set config #1, error -71
[  534.121746][ T9160] udevd[9160]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card4/controlC4/../uevent} for writing: No such file or directory
[  534.138313][   T13] usb 2-1: USB disconnect, device number 12
[  534.164391][ T4419] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  534.215209][ T4419] usb 8-1: Product: syz
[  534.219471][ T4419] usb 8-1: Manufacturer: syz
[  534.235356][ T4419] usb 8-1: SerialNumber: syz
[  534.331404][T10021] loop9: detected capacity change from 0 to 512
[  534.381429][T10021] EXT4-fs (loop9): mounting ext3 file system using the ext4 subsystem
[  534.395690][T10021] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a003c11c, mo2=0002]
[  534.405058][T10021] System zones: 1-12
[  534.416427][T10021] EXT4-fs error (device loop9): ext4_xattr_ibody_find:2228: inode #15: comm syz.9.1169: corrupted in-inode xattr
[  534.467719][T10021] EXT4-fs error (device loop9): ext4_orphan_get:1406: comm syz.9.1169: couldn't read orphan inode 15 (err -117)
[  534.483658][T10021] EXT4-fs (loop9): mounted filesystem without journal. Opts: jqfmt=vfsold,grpid,debug,auto_da_alloc=0x000000000000df07,noauto_da_alloc,commit=0x0000000000000005,init_itable=0x0000000000000009,debug,usrjquota=,nolazytime,norecovery,,errors=continue. Quota mode: none.
[  534.685471][ T4419] usb 8-1: 0:2 : does not exist
[  534.834827][ T4419] usb 8-1: USB disconnect, device number 8
[  534.993010][   T26] audit: type=1800 audit(1757720006.863:56): pid=10005 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1165" name="file1" dev="loop5" ino=16979 res=0 errno=0
[  535.029196][ T4606] ocfs2: Unmounting device (7,5) on (node local)
[  535.066707][ T4639] udevd[4639]: error opening ATTR{/sys/devices/platform/dummy_hcd.7/usb8/8-1/8-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory