last executing test programs:

2m6.681430275s ago: executing program 0 (id=30):
r0 = syz_usb_connect$uac1(0x0, 0x71, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000000000086b1d010140000102030109025f00030100600009040000000101"], 0x0)
syz_usb_control_io(r0, &(0x7f0000000480)={0x2c, 0x0, &(0x7f0000000040)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0xb}}, 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io(r0, &(0x7f0000000500)={0x2c, 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="000338000000380329e6a417d525f663e0e30da79143a84ab5ba0472d784232eb9c060ac3445d5763fc2e0dd638b774cd4ba"], 0x0, 0x0, 0x0}, 0x0)

2m4.80949346s ago: executing program 0 (id=75):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x5, &(0x7f00000027c0)=ANY=[@ANYBLOB="180000000000000000000000ff000000850000000f000000970000005000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='sys_enter\x00', r0}, 0x10)
link(0x0, 0x0)

2m4.752679071s ago: executing program 0 (id=76):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000040)='./file1\x00', 0x210000, &(0x7f0000000140)={[{@jqfmt_vfsv1}, {@bh}, {@nodioread_nolock}, {@norecovery}, {@lazytime}, {@dax_always}, {@errors_remount}, {@nouid32}, {@orlov}]}, 0xfc, 0x572, &(0x7f0000003780)="$eJzs3d9rW1UcAPDvTdPup66DMdQHGezByVy6tv6YIDgfRYcDfZ+hvSuj6TKadKx14PbgXnyRIYg4EP8A330c/gP+FQMdDBlFH0So3PSmy9qkv5aZbPl84Lbn5N7bc78593t7Tm5CAhhYx7IfhYiXI+KbJOJQy7pi5CuPrW63/PD6VLYksbLy6Z9JJPljze2T/PeBvPJSRPz6VcTJwsZ2a4tLs+VKJZ3P62P1uStjtcWlU5fmyjPpTHp5YnLyzFuTE+++83bXYn39/N/ff3L3wzNfH1/+7uf7h28ncTYO5uta43gCN1orx8r/5qXhOLtuw/EuNNZPkl4fALsylOf5cGTXgEMxlGc98Pz7MiJWgAGVyH8YUM1xQHNu36V58DPjwQerE6BG7COt8RdXXxuJvY250f7l5LGZUTbfHe1C+1kbv/xx53a2xOavQ+zbog6wIzduRsTpYnHj9T/Jr3+7d7rx4vHm1rcxaP9/oJfuZuOfN9qN/wpr459oM/450CZ3d2Pr/C/c70IzHWXjv/fajn/XLl2jQ3nthcaYbzi5eKmSno6IFyPiRAzvyeqb3c85s3xvpdO61vFftmTtN8eC+XHcL+55fJ/pcr0cESNPEnfTg5sRrxTbxZ+s9X/Spv+z5+P8Nts4mt55tdO6reN/ulZ+initbf8/uqOVbH5/cqxxPow1z4qN/rp19LdO7fc6/qz/928e/2jSer+2tvM2ftz7T9pp3W7P/5Hks0a5mQTXyvX6/HjESPLxxscnHu3brDe3z+I/cXzz61+78z+bfH2+zfhvHbnVcdN+6P/pHfX/zgv3Pvrih07tb6//32yUTuSP5Ne/9vJzZbsH+KTPHwAAAAAAAPSTQkQcjKRQWisXCqXS6vs7jsT+QqVaq5+8WF24PB2Nz8qOxnCheaf7UMv7Icbz98M26xPr6pMRcTgivh3a16iXpqqV6V4HDwAAAAAAAAAAAAAAAAAAAH3iQIfP/2d+H+r10QFPXeOLDfb0+iiAXtjyK/+78U1PQF/aMv+B55b8h8El/2FwyX8YXPIfBpf8h8El/2FwyX8AAAAAAAAAAAAAAAAAAAAAAAAAAADoqvPnzmXLyvLD61NZffrq4sJs9eqp6bQ2W5pbmCpNVeevlGaq1ZlKWpqqzm319yrV6pXxiVi4NlZPa/Wx2uLShbnqwuX6hUtz5Zn0Qjr8v0QFAAAAAAAAAAAAAAAAAAAAz5ba4tJsuVJJ5xU6Ft6PvjiMpxngql3tXuyXKBQ6FG7m3buzvXp4UQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAdf4LAAD//++4Mnc=")
r3 = inotify_init1(0x0)
fcntl$setown(r3, 0x8, 0x0)
syz_mount_image$ext4(&(0x7f0000000280)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x100000, &(0x7f0000000780)={[{@jqfmt_vfsold}, {@init_itable_val={'init_itable', 0x3d, 0x800}}, {@debug}, {@noload}, {@mblk_io_submit}, {@commit={'commit', 0x3d, 0x5}}, {@init_itable_val={'init_itable', 0x3d, 0x601}}, {@grpquota}]}, 0xfe, 0x45a, &(0x7f0000000940)="$eJzs3M9vFFUcAPDvzLblt62IP0DQKhqJP1pafsjBi0YTDpqY6AHjqbYLqSzU0JoIIVo94NGQeDfe/QOMJ70Y9WTiVe+GhBguoKc1szMDS9ktXbplofv5JLP73syD974z83bezNttAH1rNHtJIrZGxJ8RMZxnby4wmr9du3J++t8r56eTqNff+SdplLt65fx0WbT8d1vyTL1e5De0qPfC+xFTtVr1TJEfXzj10fj82XMvzZ6aOlE9UT09eeTIwQN7hg5PHupKnFlcV3d9Ord759H3Lr41feziB79+l7V3a7G9OY5uGc33bkvPdruyHtvWlE4GetgQOlKJiOxwDTb6/3BUYtP1bcPxxhc9bRywpur1er3V9bmwWAfWsSR63QKgN8oLfXb/Wy53aehxT7j8an4DlMV9rVjyLQOR5oknB5fc33bTaEQcW/zvm2yJNXoOAQDQ7Mds/PNiq/FfGo/kiaHs5YFiDmUkIh6MiO0R8VBE7IiIhyMaZR+NiMc6rH/pDMmt45/00h0HtwLZ+O+VYm7r5vFfWhYZqRS5bY34B5Pjs7Xq/mKf7IvBDcdnk+rEMnX89PofX7Xb1jz+y5as/nIsWLTj0sCSB3QzUwtTq4m52eXPI3YNtIo/iXIaJ4mInRGx6w7rmH2+/YTQ7eNfRhfmmerfRjyXH//FWBJ/KWk7Pznx8uHJQ+Mbo1bdP16eFbf67fcLb7erf1Xxd0F2/De3PP+vxz+SbIyYP3vuZGO+dr7zOi789WXbe5oOz/+j24rzfyh5t7FiqNjwydTCwpmJiKHkzVvXT97438p8WT6Lf9/e1v1/e9zYE49HxO6I2BMRT2Q3hUXbn4qIpyNi7zLx//LaMx92Hv8yT+W7KIt/5nbHP5qPf+eJysmff+g8/lJ2/A82UvuKNSv5/FtpA1ez7wAAAOB+kTa+A5+kY9fTaTo2ln+Hf0dsTmtz8wsvHJ/7+PRM/l35kRhMyyddw03PQyeKZ8NlfnJJ/kDx3PjryqZGfmx6rjbT6+Chz21p0/8zf1d63Tpgzfm9FvQv/R/6l/4P/SnR/6Gv6f/Qv1r1/8/alh77fk0bA9xVrv/Qv1bQ/xfzt/ajAuD+5PoP/Uv/h77U9rfx6ap+8i+x7hOR3hPNWP+JgRX/MYsOEvXhvP9naza0LNPrTyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDu+D8AAP//Yz/jTQ==")
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000001afc180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b703000000090000850000000400000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r5 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
socket$tipc(0x1e, 0x2, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
pwrite64(0xffffffffffffffff, 0x0, 0x0, 0x8)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xb, &(0x7f0000000c00)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000040)='kmem_cache_free\x00', r9}, 0x18)
r10 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$TIPC_NL_BEARER_ENABLE(r8, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)={0x6c, r10, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_BEARER={0x58, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x0, 0x0, @loopback}}, {0x20, 0x2, @in6={0xa, 0x0, 0x0, @remote}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz1\x00'}]}]}, 0x6c}}, 0x0)
ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000280)={0x1, 0x0, [{0x40000003, 0x0, 0x5}]})

2m3.846256463s ago: executing program 0 (id=86):
syz_mount_image$exfat(&(0x7f0000000080), &(0x7f0000000000)='./file0\x00', 0x2008802, &(0x7f0000000180)={[{@discard}, {@errors_remount}, {@uid={'uid', 0x3d, 0xee00}}, {@iocharset={'iocharset', 0x3d, 'cp936'}}, {@namecase}, {@keep_last_dots}, {@gid}, {@dmask={'dmask', 0x3d, 0x1}}, {@errors_continue}, {@errors_continue}]}, 0x1, 0x1532, &(0x7f0000004d00)="$eJzs3AuYTlX7MPD7XmvtMSQ9TXIY1lr35kkOiyTJIUkOSZIkSU4JSZJXEhJDTqEhCclhSA5DSA4Tk8b5fD4kJEmTJCE5Jeu7psyn3nq/91D/fP937t917cu6Z+177bXd8+xn7f08fN1lWI1GNas2ICL4Q/DnPxIAIBYABgLANQAQAEDZuLJxGf3ZJSb8sYOwP9dDyVd6BuxK4vpnbVz/rI3rn7Vx/bM2rn/WxvXP2rj+WRvXn7GsbMuM/NfylnU3fv6flfH7/3+R9JLjPl9X8vquADH/agrX/38//AO5XP//WsG/shPXP2vj+mc9PhtcWqOzrI5f/1lBtn/Yw/XP2rj+jGVlv3wWHAtX/nn0X71B5H/1ZyCD//D5M8YYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjf4Gz/jIFAJntKz0vxhhjjDHGGGOM/Xl8tis9A8YYY4wxxhhjjP3PQxAgQUEAMZANYiE75AABEJPZfy3EwXWQG66HPJAX8kF+iIcCUBA0GLBAEEIhKAxRuAGKwI1QFIpBcSgBDkpCKbgJSsPNUAZugbJwK5SD26A8VICKUAluh8pwB1SBO6Eq3AXVoDrUgJpwN9SCe6A23At14D6oC/dDPXgA6sOD0AAegobwMDSCR6AxPApNoCk0g+bQ4j/KfwF6wIvQE3pBAvSGPvAS9IV+0B8GwEB4GQbBYBgCr0AiDIVh8CoMh9dgBLwOI2EUjIY3YAy8CWNhHIyHCZAEE2ESvAWT4W2YAlNhGkyHZJgBM+EdmAWzYQ68C3PhPZgH82EBLIQUeB8WwWJIhQ9gCXwIabAUlsFyWAErYRWshjWwFtbBetgAG2ETbIYtsBW2wXbYATthF3wEu+Fj2AN7YR98Avvh038z/8zf5XdFQECBAhUqjMEYjMVYzIE5MCfmxFyYCyMYwTiMw9yYG/NgHsyH+TAe47EgFkSDBgkJC2EhjGIUi2ARLIpFsTgWR4cOS2EpLI03Yxksg2WxLJbDclgeK2AFrISVsDJWxipYBatiVayG1bAG1sC78W7sjbWxNtbBOlgX62Y+nsIG2AAbYkNshI2wMTbGJtgEm2EzbIEtsCW2xFbYCttgG2yLbbEdtsP22B47YAfsiB2xE3bCztgZu2AX7IrdsFv6C9kAX8QXsRdWE72xD/bBvpiYrT8OwAH4Mg7CwTgYX8FEHIrD8FV8FV/DEXgaR+IoHI2jsbJ4E8fiOCQxAZMwCSfhJJyMk3EKTsWpOB2TcQbOxJk4C2fjbHwX5+J7+B7Ox/m4EFMwBRfhYkzFVFyCZzANl+IyXI4rcCWuwNW4BlfjOlyP63AjbsTNuBm34lbcjttxJ+7Ej1AB4Me4F/diIu7H/XgAD+BBPIiH8BCmYzoexsN4BI/gUTyKx/AYHscTeBJP4Ck8hafxDJ7Fs3gez+MFfC7+y4YfFVubCCKDEkrEiBgRK2JFDpFD5BQ5RS6RS0RERMSJOJFb5BZ5RB6RT+QT8SJeFBQFhRFGkAgzrhQiKqKiiCgiioqiorgoLpxwopQoJUqL0qKMKCPKiltFOXGbKC8qiNaukqgkKos2roq4U1QVVUU1UV3UEDVFTVFL1BK1RW1RR9QRdUVdUU88IOqL3tgfHxIZlWkkhmJjMQybiKZCXrpCtRQjsJVoLdqIJ8QoHIntREvXXjwtOoix2FH8TYzDZ0VnMQG7iOdFV9FNdBcviB6ilespeokp2Fv0EdOxr+gn+osBYhZWF+/i3Ow1xCsiUQwVw8SrYiG+JkaI18VIMUqMFm+IMeJNMVaME+PFBJEkJopJ4i0xWbwtpoipYpqYLpLFDDFTvCNmidlijnhXzBXviXlivlggFooU8b5YJBaLVPGBWCI+FGliqVgmlosVYqVYJVaLNWKtWCfWiw1io9gkNostYqvYJraLHWKn2CU+ErvFx2KP2Cv2iU/EfvGpOCA+EwfF5+KQ+EKkx34pDouvxBHxtTgqvhHHxLfiuDghTorvxCnxvTgtzoiz4pw4L34QF8SP4qLwAiRKIaVUMpAxMpuMldllDnmVzCmDzOu/jJPXydzyeplH5pX5ZH4ZLwvIglJLI60kGcpCsrCMyhtkEXmjLCqLyeKyhHSypCwlb5Kl5c2yjLxFlpW3ynLyNlleVpAVZSV5u6ws75AQ+fkY1WR1WUPWlHfLBLhH1pb3yjryPllX3i/ryQdkffmgbCAfkg3lw7KRfEQ2lo/KJrKpbCabyxbyMdlSPi5bydayjXxCtpVPynbyKdlePi07SH/pV+RZ2Vk+J7vI52VX2U12lz/Ki9LLnrKXhN4g+8iXZF/ZT/aXA+RA+bIcJAfLIfIVmSiHymHyVTlcviZHyNflSDlKjpZvyDHyTTlWjpPj5QSZJCfKSfItOVm+LafIqXKanC6T5QzZ/9JIc6T8p/lv/U7+kJ+OvllukVvlNrld7pA75S75kdwtd8s9co/cJ/fJ/XK/PCAPyIPyoDwkD8l0mS4Py8PyiDwij8qj8pg8Jo/LE/Kc/E6ekt/L0/KMPCPPyfPyvLxw6e8AFCqhpFIqUDEqm4pV2VUOdZXKqa5WudQ1KqKuVXHqOpVbXa/yqLwqn8qv4lUBVVBpZZRVpEJVSBVWUXUDXvqFUcVVCeVUSVVK3fTv5Ksi6kZVVBX7VX7m/BL+wfxaqBaqpWqpWqlWqo1qo9qqtqqdaqfaq/aqg+qgOqqOqpPqpDqrzqqL6qK6qq6qu+queqgeqqfqqRJUguqjXlJ9VT/VXw1QA9XLIuMchqghKlElqmFqmBquhqsRaoQaqUaq0Wq0GqPGqLFqrBqvxqsklaQmqUlqspqspqgpapqappJVspqpZqpZapaao+aouWqumqfmqQVqgUpRKWqRWqRSVapaopaoNLVULVXL1XK1Uq1Uq9VqtVatVevVerVRbVRpaovaorapbWqH2qF2qV1qt9qt9qg9ap/ap/ar/eqAOqAOqoPqkDqk0lW6OqwOqyPqiDqqjqpj6pg6ro6rk+qkOqVOqdPqtDqrzqrz6ry6oC6oi+pixrIvEH1FoAIVxAQxQWwQG+QIcgQ5g5xBriBXEAkiQVwQF+QOrg/yBHmDfEH+ID4oEBQMdGACG4hLRY8GNwRFghuDokGxoHhQInBByaBUcFNQOrg5KBPcEpQNbg3KBbcF5YMKQcWgUnB7UDm4I6gS3BlUDe4KqgXVgxpBzeDuoFZwT1A7uDeoE9wX1A3uD+oFDwT1gweDBsFDQcPg4aBR8EjQOHg0aBI0DZoFzYMWf+r43p/O+7jrqXvpBN1b99Ev6b66n+6vB+iB+mU9SA/WQ/QrOlEP1cP0q3q4fk2P0K/rkXqUHq3f0GP0m3qsHqfH6wk6SU/Uk/RberJ+W0/RU/U0PV0n6xl6pn5Hz9Kz9Rz9rp6r39Pz9Hy9QC/UKfp9vUgv1qn6A71Ef6jT9FK9TC/XK/RKvUqv1mv0Wr1Or9cb9Ea9SW/WW/RWvU1v1zv0Tr1Lf6R364/1Hr1X79Of6P36U31Af6YP6s/1If2FTtdf6sP6K31Ef62P6m/0Mf2tPq5P6JP6O31Kf69P6zP6rD6nz+sf9AX9o76ofcbiPuPt3SijTIyJMbEm1uQwOUxOk9PkMrlMxERMnIkzuU1uk8fkMflMPhNv4k1BU9BkIEOmkClkoiZqipgipqgpaoqb4sYZZ0qZUqa0KW3KmDKmrClryplyprwpbyqaiuZ2c7u5w9xh7jR3mrvMXaa6qW5qmpqmlqllapvapo6pY+qauqaeqWfqm/qmgWlgGpqGppFpZBqbxqaJaWKamWamhWlhWpqWppVpZdqYNqataWvamXamvWlvOpgOpqPpaDqZTqaz6Wy6mC6mq+lqupvupofpYXqanibBJJg+po/pa/qa/qa/GWgGmkFmkBlihphEk2iGmWFmuBluRpgRZqQZZUZnLFTNm2asGWfGmwkmySSZSWaSmWwmmylmiplmpplkk2xmmplmlpll5pg5Zq6Za+aZeWaBWWBSTIpZZBaZVJNqlpglJs2kmWVmmVlhVphVZpVZY9aYdWad2QAbzCazyWwxW8w2s83sMDvMLrPL7Da7zR6zx+wz+8x+s98cMAfMQXPQHDKHTLpJN4fNYXPEHDFHzVFzzBwzx81xc9KcNKfMKXPanDZnzVlz3uS99H7pTazNbnPYq2xOe7XNZa+xfx/ns/ltvC1gC1pt89i8v4qNtbaoLWaL2xLW2ZK2lL3pN3F5W8FWtJXs7bayvcNW+U1cy95ja9t7bR17n61p7/5VXNfeb+vZR2x9RADb1Da0zW0j+4htbB+1TWxT28w2t23tk7adfcq2t0/bDvaZ38SL7GK7xq616+x6u8futWftOXvEfm3P2x9sT9vLDrQv20F2sB1iX7GJduhv4tH2DTvGvmnH2nF2vJ3wm3ianW6T7Qw7075jZ9nZv4lT7Pt2rk218+x8u8Au/CnOmFOq/cAusR/aNBvAMrvcrrAr7Sq7+v/OdbndaDfZzXa3/dhus9vtDrvT7spcCNu9dp/9xO63n9rD9it70H5uD9mjNt1++VOccX5H7Tf2mP3WHrcn7En7nT1lv1eZ2Rnn/p390V603gIhAUlSFFAMZaNYyk456CrKSVdTLrqGInQtxdF1lJuupzyUl/JRfoqnAlSQNBmyRBRSISpMUbqBMqdXnEqQo5JUim6i0nQzlaFbqCzdSuXoNipPFagiVaLbqTLdQVXoTqpKd1E1qk41qCbdTbXoHqpN91Iduo/q0v1Ujx6g+vQgNaCHqCE9TI3okVxAj1ITakrNqDm1oMeoJT1Orag1taEnqC09Se3oKWpPT1MHeoY60t+oEz1Lnek56kLPU1fqRt3pBepBL1JP6kUJ1Jv60EvUl/pRfxpAA+llGkSDaQi9Qok0lIbRqzScXqMR9DqNpFE0mt6gMfQmjaVxNJ4mUBJNpEn0Fk2mt2kKTaVpNJ2SaQbNpHdoFs2mOfQuzaX3aB7NpwW0kFLofVpEiymVPqAl9CGl0VJaRstpBa2kVbSa1tBaWkfraQNtpE20mbbQVtpG22kH7aRd9BHtpo9pD+2lffQJ7adP6QB9RgfpczpEX1A6fUmH6Ss6Ql/TUfrG96Jv6TidoJP0HZ2i7+k0naGzdI7O0w90gX6ki+QJQgxFKEMVBmFMmC2MDbOHOcKrwpzh1WGu8JowEl4bxoXXhbnD68M8Yd4wX5g/jA8LhAVDHZrQhhSGYaGwcBgNbwiLhDeGRcNiYfGwROjCkmGp8KawdHhzWCa8JSwb3hqWC28Ly4cVwkfuqxTeHlYO7wirhHeGVcO7wmph9bBGWDO8O6wV3hPWDu8N64T3hWXC+8N64QNh/fDBsEH4UNgwfDhsFD4SNg4fDZuETcNmYfOwRfhY2DJ8PGwVtg7bhFeFbcMnw3bhU2H78OmwQ/jMT/33L87sf+I3/Qlh77BP+FL4Uuj9vXJBdGE0Jfp+dFF0cTQ1+kF0SfTDaFp0aXRZdHl0RXRldFV0dXRNdG10XXR9dEN0Y3RTdHPU+5rZwKETTjrlAhfjsrlYl93lcFe5nO5ql8td4yLuWhfnrnO53fUuj8vr8rn8Lt4VcAWddsZZRy50hVxhF3U3uCLuRlfUFXPFXQnnXElXyjV3LVwL19I97lq51q6Ne8I94Z50T7qn3FPuadfBPeM6ur+5Tu5Z19k9555zz7uurpvr7l5wPdzEXD+/JhNcH9fH9XV9XX/X3w10A90gN8gNcUNcokt0w9wwN9wNdyPcCDfSjXSj3Wg3xo1xY91YN96Nd0kuyU1yk9xkN9lNcVPcNDfNJbtkN9PNdLPcLFd59s9HmefmuQVugUtxKW6Ry1gzprolbolLc2lumVvmVrgVbpVb5da4NW6dW+c2uA1uk9vktrgtbpvb5na4HW6X2+V2u91uj7/m50HdfnfAHXAH3UF3yH3h0t2X7rD7yh1xX7uj7ht3zH3rjrsT7qT7zp1y37vT7ow768658+4Hd8H96C4675IiEyOTIm9FJkfejkyJTI1Mi0yPJEdmRGZG3onMisyOzIm8G5kbeS8yLzI/siCyMJISeT+yKLI4khr5ILIk8mEkLbI0siyyPLIisjLifYFtoS/kC/uov8EX8Tf6or6YL+5LeOdL+lL+Jl/a3+zL+Ft8WX+rL+dv8+V9BV/RP+qb+Ka+mW/uW/jHfEv/uG/lW/s2/gnf1j/p2/mnfHv/tO/gn/Ed/d98J/+s7+yf8138876r7+a7+xd8D/+i7+l7+QTf2/fxL/m+vp/v7wf4gf5lP8gP9kP8Kz7RD/XD/Kt+uH/Nj/Cv+5F+lB8d84Yfk3mLDBN8kp/oJ/m3/GT/tp/ip/ppfrpP9jP8TP+On+Vn+zn+XT/Xv+fn+fl+gV/oU/z7fpFf7FP9B36J/9Cn+aWZD439Kr/ar/Fr/Tq/3m/wG/0mv9lv8Vv9Nr/d7/A7/S7/kd/tP/Z7/F6/z3/i9/tP/QH/mT/oP/eH/Bc+3X/pD/uv/BH/tT/qv/HH/Lf+uD/hT/rv/Cn/vT/tz/iz/pw/73/wF/yP/iL/mzXGGGOMsX/JxMtN8euenx/n9/6dHPGLnfsAwNXb86f/sj9jRbkhz8/tfiK+bQQAnu7V5aHMrVq1hISES/umSQgKzwfI/CQow09fPbgUL4U28CS0h9ZQ+nfn3090O0//ZPzorQA5fpETC5fjy+N/BoAJvzP+Y0+MXlQuPBv3/xh/PkDRwpdzssPleCm0+en5Smso8w/mn7flP5l/9s+TAFr9IicnXI4vz78UPA7PQPtf7ckYY4wxxhhjjP2sn6jYKfP+M/Mbn793fx6vLudkg8vxP7s/Z4wxxhhjjDHG2JX3bLfuTz3Wvn3rTv9+o8p/lPUvNxrD/9TI3PjdhvcAmT9RAPAHBwTIaMi/8iy2/mfp3v9bWYmXXjp/37XinA/g/49S/hmNK3xhYowxxhhjjP3pLi/6f/1zdaUmxBhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMZUF/xX8ndqXPkTHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGLvS/k8AAAD//yd1At0=")
mkdir(&(0x7f0000000200)='./bus\x00', 0x0)
mount$incfs(&(0x7f0000000000)='./bus\x00', &(0x7f0000000040)='./bus\x00', &(0x7f00000000c0), 0x0, 0x0)

2m3.340521079s ago: executing program 0 (id=90):
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000040)={@fallback=r0, 0xf, 0x0, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x5c)

2m2.808846196s ago: executing program 0 (id=98):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000d00)={r0}, 0xc)

2m2.676515108s ago: executing program 32 (id=98):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000d00)={r0}, 0xc)

46.676479577s ago: executing program 3 (id=798):
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000000)='./file0\x00', 0x800, &(0x7f0000000200)=ANY=[@ANYBLOB='iocharset=macgreek,umask=00000000000000000000005,namecase=1,uid=', @ANYRESHEX=0x0, @ANYBLOB="2c666d61736b3d30303030303030303030303030303030303030303031302c646973636172642c666d61736b3d30303030303030303030303030303030303030303030362c696f636861727365743d6575632d6a702c6572726f72733d636f6e74696e75652c616c6c6f775f7574696d653d30303030303030303030303030303030303134373037302c0092803b831534d131135366249e8a045ee656058ddf6f41400b01a0870e4c656ef6f11325a20c319fd81269acc3b77200feb4294a821f553876d64b4a41390c44492e6f79c4b09bbe8e5cb02585b919505651c34f3e21f9532204a0c936a1da6422edb1108cf73536e8fbe241e030f5b5e1d081994fbe8a093c44b63f3da6a8a46706b47fa3"], 0x1, 0x1528, &(0x7f00000037c0)="$eJzs3AuYT9X6OPD3XWvtMSS+TXIZ1lrv5ptclkmSXJLkkiRJkuSWkDTJkYTEEJI0JCG5DEkMIblMTBr3+/2SkCRNkoTklqz/M+FxOnX+p/M7/XKe37yf59mP9X73ftd+9/f9XvbeZubbrkNrNaldvRERwX8EL/yTBACxADAQAPICQAAA5ePKx2Wtzykx6T/bCftzPZh6pStgVxL3P3vj/mdv3P/sjfufvXH/szfuf/bG/c/euP+MZWebphW6hpfsu/D9/+yMv///D8ksM/bLNWWu6wYQ80dTuP/ZG/f//6zgj2zE/c/euP/ZVeyVLoD9F+D3f3aQ45+u4f5nb9x/xrKzK33/+UovEPkvew6O5LzQmL/q+BljjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMsb/AaX+ZAoBL4ytdF2OMMcYYY4wxxv48PseVroAxxhhjjDHGGGP/+xAESFAQQAzkgFjICblAAMDVkAfyQgSugTi4FvLBdZAfCkBBKATxUBiKgAYDFghCKArFIArXQ3G4AUpASSgFpcFBGUiAG6Es3ATl4GYoD7dABbgVKkIlqAxV4DaoCrdDNbgDqsOdUANqQi2oDXdBHbgb6sI9UA/uhfpwHzSA+6EhPACN4EFoDA9BE3gYmsIj0AyaQwtoCa3+R/nPQ094AXpBb0iCPtAXXoR+0B8GwEswEF6GQfAKDIZXIRmGwFB4DYbB6zAc3oARMBJGwZswGt6CMTAWxsF4SIEJMBHehknwDkyGd2EKTIVUmAbT4T2YATNhFrwPs+EDmANzYR7MhzT4EBbAQkiHj2ARfAwZsBiWwFJYBsthBayEVbAa1sBaWAfrYQNshE2wGbbAVtgG22EHfAI74VPYBbthD3wGe+HzfzP/1D/kd0NAQIECFSqMwRiMxVjMhbkwN+bGPJgHIxjBOIzDfJgP82N+LIgFMR7jsQgWQYMGCQmLYlGMYhSLY3EsgSWwFJZChw4TMAHL4k1YDstheSyPFbACVsRKWAmrYBWsilWxGlbD6lgda2ANrIW18C68C/tgXayL9bAe1sf6l25PYSNshI2xMTbBJtgUm2IzbIYtsAW2wlbYGltjG2yD7bAdtsf22AE7YCImYkfsiJ2wE3bGztgFu2BX7IrdsDt2z3w+B+AL+AL2xhqiD/bFvtgPk3MMwJfwJXwZB+Er+Aq+isk4BIfia/gavo7D8SSOwJE4CkdhVfEWjsGxSGI8pmAKTsSJOAknYVah7+JUTMVpOB2n4wyciTPxfZyNH+AHOBfn4nxMwzRcgAsxHdNxEZ7CDFyMS3ApLsPluAxX4ipciWtwLa7B9bgeN+JG3IybcStuxe24HT9BBYCf4m7cjcm4F/fiPtyH+3E/HsADmImZeBAP4iE8hIfxMB7BI3gUj+FxPIYn8ASexFN4Gk/jWTyL5/DZ+K8bf1JydTKILEooESNiRKyIFblELpFb5BZ5RB4RERERJ+JEPpFP5Bf5RUFRUMSLeFFEFBFGGEEijAEAERVRUVwUFyVECVFKlBJOOJEgEkRZUVaUE+VEeXGLqCBuFRVFJdHWVRFVRFXRzlUTd4jqorqoIWqKWqK2qC3qiDqirqgr6ol6or6oLxqI+0VD0QcH4IMiqzNNxBBsKoZiM9FcyIufYK3FcGwj2op24nExEkdgB9HaJYqnREcxBjuJv4mx+IzoIsZjV/Gc6Ca6ix7iedFTtHG9RG8xGfuIvmIq9hP9xQDxkpiBNcX7ODtnLfGqSBZDxFDxmpiPr4vh4g0xQowUo8SbYrR4S4wRY8U4MV6kiAlionhbTBLviMniXTFFTBWpYpqYLt4TM8RMMUu8L2aLD8QcMVfME/NFmvhQLBALRbr4SCwSH4sMsVgsEUvFMrFcrBArxSqxWqwRa8U6sV5sEBvFJrFZbBFbxTaxXewQn4id4lOxS+wWe8RnYq/4XOwTX4j94ktxQHwlMsXX4qD4RhwS34rD4jtxRHwvjopj4rj4QZwQP4qT4pQ4Lc6Is+IncU78LM4LL0CiFFJKJQMZI3PIWJlT5pJXydwyuPjsXiPj5LUyn7xO5pcFZEFZSMbLwrKI1NJIK0mGsqgsJqPyellc3iBLyJKylCwtnSwjE+SNsqy8SZaTN8vy8hZZQd4qK8pKsrKsIm+TVeXtEiIX9lFD1pS1ZG15l0yCu2VdeY+sJ++V9eV9soG8XzaUD8hG8kHZWD4km8iHZVP5iGwmm8sWsqVsJR+VreVjso1sK9vJx2V7+YTsIJ+UifIp2VH6iy+RZ2QX+azsKp+T3WR32UP+LM9LL3vJ3hL6gOwrX5T9ZH85IBYA5MtykHxFDpavymQ5RA6Vr8lh8nU5XL4hR8iRcpR8U46Wb8kxcqwcJ8fLFDlBTpRvy0nyHTlZviunyKkyVU6TA+TAX2aaJeW/zH/7d/IH/7L3jXKT3Cy3yK1ym9wud8hP5E65U+6Su+QeuUfulXvlPrlP7pf75QF5QGbKTHlQHpSH5CF5WB6WR+QReVQek2fkD/KE/FGelKfkKXlGnpVn5bmLzwEoVEJJpVSgYlQOFatyqlzqKpVbXa3yqLwqoq5RcepalU9dp/KrAqqgKqTiVWFVRGlllFWkQlVUFVNRdT1efMGoUqq0cqqMSlA3/jv5qri6QZVQJX+Vf6m+pH9SXyvVSrVWrVUb1Ua1U+1Ue9VedVAdVKJKVB1VR9VJdVKdVWfVRXVRXVVX1U11Uz1UD9VT9VS9VC+VpJJUX/Wi6qf6qwHqJTVQvawGqUFqsBqsklWyGqqGqmFqmBquhqsRaoQapUap0Wq0GqPGqHFqnEpRKWqimqgmqUlqspqspqgpKlWlqulqupqhZqhZapaarWarOWqOmqfmqTSVphaoBSpdpatFapHKUIvVYrVULVXL1XK1Uq1Uq9VqtVatVevVepWhNqlNaovaorapbWqH2qF2qp1ql9ql9qg9aq/aq/apfWq/2q8OqAMqU2Wqg+qgOqQOqcPqsDqijqij6qg6ro6rE+qEOqlOqtPqtDqrzqpz6pw6r85nnfYFIhCBClQQE8QEsUFskCvIFeQOcgd5gjxBJIgEcUFckC+4LsgfFAgKBoWC+KBwUCTQgQlsIC42PRpcHxQPbghKBCWDUkHpwAVlgoTgxqBscFNQLrg5KB/cElQIbg0qBpWCykGV4LaganB7UC24I6ge3BnUCGoGtYLawV1BneDuoG5wT1AvuDeoH9wXNAjuDxoGDwSNggeDxsFDQZPg4aBp8EjQLGgetAhaBq3+1Pm9P1ngMddL99ZJuo/uq1/U/XR/PUC/pAfql/Ug/YoerF/VyXqIHqpf08P063q4fkOP0CP1KP2mHq3f0mP0WD1Oj9cpeoKeqN/Wk/Q7erJ+V0/RU3Wqnqan6/f0DD1Tz9Lv69n6Az1Hz9Xz9Hydpj/UC/RCna4/0ov0xzpDL9ZL9FK9TC/XK/RKvUqv1mv0Wr1Or9cb9Ea9SW/WW/RWvU1v1zv0J3qn/lTv0rv1Hv2Z3qs/1/v0F3q//lIf0F/pTP21Pqi/0Yf0t/qw/k4f0d/ro/qYPq5/0Cf0j/qkPqVP6zP6rP5Jn9M/6/PaZ53cZ329G2WUiTExJtbEmlwml8ltcps8Jo+JmIiJM3Emn8ln8pv8pqApaOJNvCliipgsZMgUNUVN1ERNcVPclDAlTClTyjjjTIJJMGVNWVPOlDPlTXlTwVQwFU1FU9lUNreZ28zt5nZzh7nD3GnuNDVNTVPb1DZ1TB1T19Q19Uw9U9/UNw1MA9PQNDSNTCPT2DQ2TUwT09Q0Nc1MM9PCtDCtTCvT2rQ2bUwb0860M+1Ne9PBdDCJJtF0NB1NJ9PJdDadTRfTxXQ1XU030830MD1MT9PT9DK9TJJJMn1NX9PP9DMDzAAz0Aw0g8wgM9gMNskm2Qw1Q80wM8wMN8PNCDPSjMo6UTVvmTFmrBlnxpsUk2ImmolmkplkJpvJZoqZYlJNqpluppsZZoaZZWaZ2Wa2mWPmmHlmnkkzaWaBWWDSTbpZZBaZDJNhlpglZplZZlaYFWaVWWXWmDVmHawzG8wGs8lsMlvMFrPNbDM7zA6z0+w0u8wus8fsMXvNXrPP7DP7zX5zwBwwmSbTHDQHzSFzyBw2h80Rc8QcNUfNcXPcnDAnzElz0pw2p81ZU+Di96U3sTanzWWvsrnt1TaPzWv/MS5oC9l4W9gWsdrmtwV+FRtrbQlb0paypa2zZWyCvfE3cUVbyVa2Vexttqq93Vb7TVzH3m3r2ntsPXuvrW3v+lVc395nG9iHbUNEANvcNrYtbRP7sG1qH7HNbHPbwra07e0TtoN90ibap2xH+/Rv4gV2oV1lV9s1dq3dZXfb0/aMPWS/tWftT7aX7W0H2pftIPuKHWxftcl2yG/iUfZNO9q+ZcfYsXacHf+beIqdalPtNDvdvmdn2Jm/idPsh3a2Tbdz7Fw7z87/Jc6qKd1+ZBfZj22GDWCJXWqX2eV2hV15qVaf1663G+xGu9N+arfYrXab3W53XDoRtrvtHvuZ3Ws/twftN3a//dIesIdtpv36lzjr+A7b7+wR+709ao/Z4/YHe8L+qC5lZx37D/Zne956C4QEJElRQDGUg2IpJ+Wiqyg3XU15KC9F6BqKo2spH11H+akAFaRCFE+FqQhpMmSJKKSiVIyidD1dKq8UlSZHZSiBbqSydBOVo5upPN1CFehWqkiVqDJVoduoKt1O1egOqk53Ug2qSbWoNt1Fdehuqkv3UD26l+rTfdSA7qeG9AA1ogepMT1ETehhakqPUDNqTi2oJbWiR6k1PUZtqC21o8epPT1BHehJSqSnqCM9TZ3ob9SZnqEu9Cx1peeoG3WnHvQ89aQXqBf1piTqQ33pRepH/WkAvUQD6WUaRK/QYHqVkmkIDaXXaBi9TsPpDRpBI2kUvUmj6S0aQ2NpHI2nFJpAE+ltmkTv0GR6l6bQVEqlaTSd3qMZNJNm0fs0mz6gOTSX5tF8SqMPaQEtpHT6iBbRx5RBi2kJLaVltJxW0EpaRatpDa2ldbSeNtBG2kSbaQttpW20nXbQJ7STPqVdtJv20Ge0lz6nffQF7acv6QB9RZn0NR2kb+gQfUuH6Tvfm76no3SMjtMPdIJ+pJN0ik7TGTpLP9E5+pnOkycIMRShDFUYhDFhjjA2zBnmCq8Kc4dXh3nCvGEkvCaMC68N84XXhfnDAmHBsFAYHxYOi4Q6NKENKQzDomGxMBpeHxYPbwhLhCXDUmHp0IVlwoTwxrBseFNYLrw5LB/eElYIbw0rhpXCh++tEt4WVg1vD6uFd4TVwzvDGmHNsFZYO7wrrBPeHdYN7wnrhfeG5cL7wgbh/WHD8IGwUfhg2Dh8KGwSPhw2DR8Jm4XNwxZhy7BV+GjYOnwsbBO2DduFj4ftwyfCDuGTYWL4VNgxfPqX9fct/Ofrk8I+Yd/wxfDF0Pt75Lzo/Gha9MPogujCaHr0o+ii6MfRjOji6JLo0uiy6PLoiujK6Kro6uia6Nrouuj66Iboxqj3tXOAQyecdMoFLsblcLEup8vlrnK53dUuj8vrIu4aF+eudfncdS6/K+AKukIu3hV2RZx2xllHLnRFXTEXdde74u4GV8KVdKVcaedcGZfgWrpWrpVr7R5zbVxb18497h53T7gn3JPuSfeU6+iedp3c31xn94zr4p51z7rnXDfX3fVwz7uebkKeC+/JJNfX9XX9XD83wA1wA91AN8gNcoPdYJfskt1QN9QNc8PccDfcjXAj3Cg3yo12o90YN8aNc+NciktxE91EN8lNcpPdZDfFTXGpLtVNd9PdDDfDVZ15YS9z3Bw3z81zaS7NLXBZ54zpbpFb5DJchlvilrhlbplb4Va4VW6VW+PWuHVundvgNrhNbpPb4ra4bW6b2+F2uJ1up9vl816Y1O11+9w+t9/tdwfcVy7Tfe0Oum/cIfetO+y+c0fc9+6oO+aOux/cCfejO+lOudPujDvrfnLn3M/uvPMuJTIhMjHydmRS5J3I5Mi7kSmRqZHUyLTI9Mh7kRmRmZFZkfcjsyMfROZE5kbmReZH0iIfRhZEFkbSIx9FFkU+jmREFkeWRJZGlkWWR7wvvCX0RX0xH/XX++L+Bl/Cl/SlfGnvfBmf4G/0Zf1Nvpy/2Zf3t/gK/lZf0Vfylf0jvplv7lv4lr6Vf9S39o/5Nr6tb+cf9+39E76Df9In+qd8R/+07+T/5jv7Z3wX/6zv6p/z3Xx338M/73v6F3wv39sn+T6+r3/R9/P9/QD/kh/oX/aD/Ct+sH/VJ/shfqh/zQ/zr/vh/g0/wo/0o2Le9KMvXSLDeJ/iJ/iJ/m0/yb/jJ/t3/RQ/1af6aX66f8/P8DP9LP++n+0/8HP8XD/Pz/dp/kO/wC/06f4jv8h/7DP84ks3lf0Kv9Kv8qv9Gr/Wr/Pr/Qa/0W/ym/0Wv9Vv89v9Dv+J3+k/9bv8br/Hf+b3+s/9Pv+F3++/9Af8Vz7Tf+0P+m/8If+tP+y/80f89/6oP+aP+x/8Cf+jP+lP+dP+jD/rf/Ln/M/+PP/OGmOMMcbYHzLh8lD8es2F2/l9fidH/N3GfQHg6q2FMv9+fdYZ5br8F8b9RXz7CAA81bvrg5eWGjWSkpIubpshISg2F+DS/wRliYHL8WJoB09AIrSFsr9bf3/R/Sz9i/mjtwDk+rucWLgcX57/CwBM+p35H3181IIK4em4/8/8cwFKFLuckxMux4uh3S/3V9pCuX9Sf4HW/6L+nF+mALT5u5zccDm+XH8CPAZPQ+KvtmSMMcYYY4wxxi7oLyp3vnT9eeknPn/v+jxeXc7JAZfjf3V9zhhjjDHGGGOMsSvvme49nnw0MbFt539/UO1/lPWHB03hf2tmHvzuwHuAS48oAPgPJwTIGsi/8ig2/yX7Sr741vnHVcvO+AD+O1r5Zwyu8AcTY4wxxhhj7E93+aT/14+rK1UQY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDGWDf0Vf07sSh8jY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxdqX9vwAAAP//kfb+pw==")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_INPUT(r0, &(0x7f0000000940)={0x8, {"85f080a4933d55266e07e799aa0cc421388242df2a3c6b631b65b1c061edd2aa108c3528fe9b0bb3a53ab1200f5d01a68a4acdec8fee09648222f908c1fedc3000342e6139de28366c13509306d00ebcc67497181ac916db98af9d366b76e427d9ab5bb68095f0fb246df32b8af0783653136f8a04c03690312125c7ded6a24fda8685340c575ead69519e3583f89d467ec232d6a1ffd0463ba4ea3cbae5dae6654b5547b5458f02ac307729e57b09e134f68be44f88d72517b230b066f6315b5fb80206397bbff8cbc2a36e01c2e7b3aadb32bd3dd5288a69a991d9c674717e3abba7167280b2db3b1b8502afa4f3f296c532510c9d2dd79bb5eeb25adb5edddbdd069c09d14d15c2e7e1e2bd6c108fab3591bb22e97d6992236d2273c8bb95536f7118d007965008b125c7daac2814e6bbe1adbfa3572ad0b7ad5c26c8014118d8374ca9f285779dfee7715a403908146a74de61b3853914c89f444c12e7a38bdd46c4ed36eb806ea598f44d1dec9eff9e2476f43802211f0762b66673b45d236b2391ce322e30fb9c69fe0d514dc1f8b6e3979c1205fd5224b07d18a44fec4f6f1a6f65158bb6adcc295bf2dd7dea107f59d7e03c61fe5822292e45968956b931bdc4d6445ff1631e0b98e4b4448774dd4b9cd53a45896fdb3f03702778741ae2b45a25bf9a23fc02fb97a630f132bf9def6c6d4a7baeb62972f1a814f6f2377bcfc78e2e86368c138510a04cedf7175af8c2034fae7413e3ace8c71ab9a0af1ca7042011a6ed028e205648535dabf3b2f85196ae18d36b839e3cd54ae4933ad529888fdac7bb8a70c72bc0fc81ba06506f2d5bc7686e219bbe5283959cbef9950e071cb6d9f341fc624a5110341f26cebd7100599a06e61f66fae120c7fc2b34c6221200eba75bd1277114671a3fa8f058b27fd897b052f4a52afcea814df526181c75c4497210a2b8b74e26601561e78735387cf123654b0295d1d60556956b36d96dd038866c4b4db31ebdcddd4829bbc2850cd4901389e6ea6e86041e0efa1158f334e7afda0e11c2fb0e6df6364cb95659f506d5c7e63fb67c8116577d15e4a4b1fc4c27de2e52586cb1f52be9c3601f5066549de8bdc3ec07d1a84caf1961323ec2487a37b751aeabafcd647ce2dae5d9499c0f969467e6cabad198669ac96bd1488954eff0854ee0c83d7b596d273625bdb16270782321071fda5d980ded78ffa9dc2b56037d7cbf942547f48a5131f1991f6c17ae1ed5120ca6878f98e68e7997a9a2b70be640a70a34adb80de286c6692abb5f092e4e3a15a83217e03d02a4054f34af3a65ff6b36f395b76a0579cffafd5d3bb0e704c935caecf3a7ab756c23fd60c9fe3f4fb2be7504f5bae22b116ff1588dcf02b327d31bf0488dba8af5b33ccf2d7d87f43bbc48fcd4f191ad6af9313ad38b8b29674bfabd6651bc1f6ce5abb4a2f1413194f96b26d7d6edc4e013fba549075c97eef508af5ca7873664b058b7bcf455a8a04b591d29fab6366c844bb75576bac2d52323e747303d00a5736c9812922b0e17bcec9135550736b54cf6407d61e22e62d7bb75f62935b665acf33e75f688c36ef416f1b890d0f0c8ad1df00e02ec45967834d5649c8e7143978622fa3704672970b7993a87e97d3d926a14265647bc8b8c9e6f83e29572608d24b42c2635ef4abbd0af83860e99c90d7471cf6e8ce99507f5ec2bc572212fa9ee3f5a9dfa3815fe55f0bbb119acce062ae37f2ff921707abba139bccdf42bfd174d29b540161b4113c4e1a13f3a628c638ec4d3a884dfbc093e23ec0d0671b46b41dc8b42d950c8615ba5ee87f49b5d0910ffa4871207995001920db05a95199967f097ba7b55bbd271d818690c4238406b40a3dfc42fa56a67173b53a96b543326c56738b6d043195934018696f5ab49347e5148a78f2d1369a71afab8330273d46ecfba4ee05802a5385649851db949dbfb39e290941641c50b1ac20fb3102754a760b097f464ddb0b83f8168badfa71db6621dcf22fb081e3403f3bac5c7e65905aca52885c807f8ddab18bb2f12ef952c50483c0e251968bc70ff0d42a638ca744dea4c7ebb4fea777cf663bb4f1505ed79730c45bc86e488a13f924377a8e2ee6670a02ca52874ae1c42a35d55b9765757047b2cc3742aa51fa3e43fb2c113c92ad213bad252c1a82966dd016f12a7f1c3900c0f1ab455035163f31899bdd30f3ff43ad17d9e45bb7438c1c986712736f24be14f71ab1bfe92a25ec07f086ee8c7971b8077a13e58a8e8bea39c8e06b251909f02cb0080abf020f27ca160eb26c082dda1fa54ea4094dfdbcb2fa7bddccb67a844e8075f4cc08dad35757006d051e183dced336bc0c2502f93ffc87dca622286ba174c24e1f53f27dc2777baafe170348b0e8d3e743b3aa906bc0764bbe7da08ff403efe2212627d672250658bb513b7312517d1f88c61c7ba5f9647cd619281c5b390b48606ee39fb4171103df2e09d7cfd56c06c721f7c24ad8cce383623fc2dcb15ac56438ea331820ae59c8c474e36fc73f7b1b3b86df1b42490815513681aafbf7e871b4b9686efae6c45ecfca60a640a6f071dfd31f9437c3d03086164b48c1ed802986864bfe0d49bdd7709662262368dbc3ecc05eb240ecc41904c76d78ab5c52b66af5a720fdd6a92f52be0676427a56e32e5bc5085b25f90add28a76f2fce6f8f0ef74f4659698549646bd63175adf77b5cdcfe676e1b1a9af15102946554ba6136cbc83c6268ee40318f3c9d4718025688b35d2265bf60bf889ff629f7834586ef46eab7a9176337536bb6001e676546b987f36b1fe4b9f6e46a8ce73eb22ebbb9c14d8e2b43ea77ef887e5a26448f4086fa819a25e27725ac10298851c8bc45f2ce4430b07917ade5ea8c434c3f2576effbeb521173736e5c9557450643068b0c0fb132a7e99de6ca292246a9937fa7d7e06e59cf59ce5b9f842629049931146af40a8a1256ba373a88d09dc00cdf4453cc6ba78572bf3e1f2352a978cdbad60220cb8ac37d7f614a306492a4b5eee9244b0ca84b6cf2e23013bfb1cb92bf6d126fe550e58c19f84e7a4081437b75b31b2b9fb658dcd8ba077962e0f3359721a148d4fefe5c97941ca9688cb85adf38fd10f5811cdd8e074a21bbfc9541c71465b08d7321281b68ed52bfab789b9c83849c09d52376d419b1e7ba367603236e119cdf4a7b7cf9d81f2229601deace53cea2f14a05f7fa0ca04b39e31c6453e332f4bd0915c0e09e28f4d1125c390c6ff0833a04b6fc37855e65de90333e505b9eb66e00686a3ed499cfb7b8b215dbdc9787b5baa724cfa71ee6745b41e203de8b7794757ac328ec5567540b951b50530c3d4ee34705ea1c66fd6591e88561083e86d48c45ef3b83a3029319d8f3d8e65ce14c1dc3cb92d0a7dbeb609a8d2793928caa079f0fbbb2bc90b9f058cc048f4032041d14c5bca00e99b3027ec3a50c4957199cf016a4594069af8659df0973f20ffb15dbc265ac5b8a2203e90b114a3e9441e357c60ce0b550a7fe66fc34f5702ac8e8992a22e89194c1df69e81a9b7ad3d2634ea8c0388588192fd47d8e803b10044d558617fb2921b69eb4d85c051f86ef63a2f4382b9becd870fb2ecadca6902712b88680792e2f2ec89591cfebb6db3ad31c2a339af10465fcf7988519d382218df52261234f26a6f66ad0d1859de505d0fe819caf2f8d30aa9fd1228ac91d11ca67f1f8d50c8eefa5c441514321507dff6c6ea3cff6f340a1c11e0c40f419e8e60fc94d8828fa47a96cdf7ee4f61e23f40751b25cf9ca1295041a350f83f0e679515d6b4b46e2c9ce8999e07f835abc1663cefcf728df37831f4e17f8c8a4feaf1fbf44c38c9313284404a50ba4cd8abe835b33bfecb02cd6c9d7f435853b4c8d505ab83cf46512739116694765658bae64b3127152d216055aef9b25c70a8a3b302752d7b1e8791c657b9f3fc9001ef299fd1a349491ae6ee9940149160507fc4130fb825d47d97dc2c243209d2403583ac3ef6ddbedcaa76432255487c0a06e59e043e572ab3aec002af6a6b6a2dc9cfaeefa70557886c4d12924a0388f2f1bc8e89e4cfa69705d1ef3c4658f8616278b588011d9dd914beec0b151d65b6524fba3e3f235d58373e021699b07622a51504eade747e0b2f9cf38bc167cabc8cb18c708d1337e25648707e8c0872876514c7a49c0b2aaee5ed9e9ecfcbcc23e032c4deb63e48e7120188056468fad31448e4b42e7d62fbcfc1c2cfb01fcf0db5e8a162bdb9bd820c763f17b96c23f32db9d1c1d74ddbe657b4f9595a9796982a0742153111b15e484d8ffebe47ce0a78a41e470a341616ec2eb6eef813fb415fab50fa965bec6a5977a0ade4fed67f86fc24e11b0e2f5364079f7c7c35b560cac726dbc80f29dbd248f7ecda0286a23ef172a28c96d9bdb1f598eab31c6baf0321312da23920c074b9d2d2e442717f2c21001142a39c2da6b8bd9d06b05a6a8deae1bd1be4108a636ddbebc682d113e715f2f3ee506abc28b1c654b3d2d28e02f73b171ed0deed71dda90ce4a0b728cc75cb576385e7418b545b992b1dd98e2ee53355f464f9250a2a03b3d1e4d2ac1aa71d01de2573530324e14d15a507883411ddbd37be21dc929db9b11f11010e4d2a04c7325a5ae6d24d19900ff97a8a89438f8676457a78cff05201528f4358fe67f61288bf042a8f3c2e0f8b4997b8fb74996b80d465489b2d7807a945eba72a945e8cf8625dbad6f6f6e30537b29e558ca8a8b0625f578c766d34f2d28d704715f94df1f6318a308042aa494baa295640679f1eab1e6a8308af8ce6441d5ad8a2f3d477eb5307af0dfae6644493f1434030b8361621340ad3dcefa6d8f090ed3929d89ad9c0ba01a6903033428dd8f98619304b1803187d2a6130bf1e009b5eb0e7e21c75594b3b8470f3106c92a9e55bfeb026091ced127a90a1f1247f3c07e36d3572923e0de3f73518d0369a25fcd4e65d243b7eab91063a7bfd8bc8ac9e39fbbb32b5c9517886287a18eacd8dbfda9b91db693cb12e42cba5988280e09e51e72b91a0f360656d8f21cc1eb3248ac345ad51d1a6172b18419277851dab01e028c7e8e2cf34095efd28267852a08fccf61c45b5e46930160daf50282be058274e7ff58c48b60b86d0c8cc886ab8778a2a2b5fa2557ad7bf7f01f2175523ce758871d334c20a9839f7a89fe2867c06289c8a2f6456ac7e4fbadee53ac41aee68214bc76669853baa4f58255b39ba581414f2e8c4b49303f8936a33bae5cbc96b29a5c724d5b50e1614144c2acd03bd90de891c3d36ce040d57543682ecbfcae66c4153c337c3a5d01896524c8e0c27e9a08919821ca27bbfe3fc9ba24a823aeec8d4ad8ef8a65c585bee4dcf1acaa3da501a8c11a23b2e22920c1ad0129a038b31fe16c2abc80589dbf7c37211afc5d1a6db908bc5fe8a692060069fcbcdcba7c523d3c424aa3b0c6556387e0e51bcde9e5f850abf62d2c2101c3a2786a0cb94932877a09cb6b64aa61da8cab3b423e7adc4c4700418a65e87225710e1691f6d9cb2eb63cce5b605ce0a4a89cf519767e00845397c5e381141a0ed8a89b01064b495ec8d1e2da37433bf1597d919a69610d2ad26bdf6fca8de422bb2cb80d0516206e8194ee51445a3dcb5dee33c0c310b4751e68e58bebda2fb586985a5a5b06456756f44e6dbfef4bb99ca732f00fb9ea35775f7419681bfbe6f43dc7c4650c13b63d93c1d490bf0173f287a4309531f13ecb1a775d0bd881a", 0x1000}}, 0x1006)
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1, 0x10012, r0, 0x0)
readlink(&(0x7f0000000080)='./file0\x00', &(0x7f0000000180)=""/114, 0x72)

46.46991978s ago: executing program 3 (id=801):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000280)=@framed, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
r1 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5ac, 0x8241, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0)
syz_usb_control_io(r1, 0x0, 0x0)
syz_usb_control_io(r1, &(0x7f00000003c0)={0x2c, &(0x7f0000000100)=ANY=[@ANYBLOB='\x00\x00\b'], 0x0, 0x0, 0x0, 0x0}, 0x0)

43.688508786s ago: executing program 3 (id=823):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x5, 0x4, 0x7fdf, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f00000001c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfe}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = dup2(r1, r0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sys_enter\x00', r2}, 0x10)
renameat(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

43.636397067s ago: executing program 3 (id=824):
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file2\x00', 0x10050, &(0x7f0000000840), 0x3, 0x52c, &(0x7f0000000880)="$eJzs3dFrLFcZAPBvJtnb5N7UpOqDFqzFVm6qZpM03jb4UBVEnwpqxddrTDYhZJO9JBt7E4pN8Q8QRLTgiz75IvgHCNIX30Uo6ItPoqJoe6sPCm1HZnb23pvNbpJ73WQg+f3gZOfMzM73nQ179pydYSeAS+vJiJiOiJGIeCYiJsv1aVnioFPy/d6588pyXpLIspfeSiIp13WP9Uj5eK182lhEfP0rEd9Ojsbd2dvfWGo2G9tlfba9mbybZfsz65tLa421xtbCwvxzi88v3licG0o7pyLihS/99Uff//mXX/j1Z17+082/T383T+u/WfZq9LRjmDpNrxWvRddoRGyfRbCKjBYt7LhRcS4AABwvH+9/MCI+UYz/J2OkGM0BAAAAF0n2+Yl4N4nIAAAAgAsrjYiJSNJ6eb3vRKRpvd65hvfDcTVttnban15t7W6t5NsipqKWrq43G3PltQNTUUvy+nx5jW23/mxPfSEiHouIH06OF/X6cqu5UvWXHwAAAHBJXOuZ//97sjP/LxxUnBwAAAAwPFNVJwAAAACcOfN/AAAAuPjM/wEAAOBC++qLL+Yl697/euWfsbvR+s7MSmNno765u1xfbm3fqq+1WmvFb/ZtnnS8Zqt167OxtXt7tt3Yac/u7O3f3GztbrVvrh+6BTYAAABwjh77+Bt/SCLi4HPjRcldKbfVIrKR+3cerSJD4KykD7LzX84uD+D83f/5Pl5hHsD5M6SHy6tWdQJA5ZITtg+8eOe3w88FAAA4G9c/Ovj8/1urlaYGnLHy/H9y0vwfuHhGqk4AqEzn/N/7WUfV2QDnqXbcCMCkAC68dDjn/0+4lDDRoQAAQMUmipKk9XIeMBFpWq9HPFrcFqCWrK43G3MR8YGI+P1k7ZG8Pl88MzGaBwAAAAAAAAAAAAAAAAAAAAAAAIBTyrIksocx88eHehoAAABw/iLSv3XvzHV98umJ3u8HriT/mSweI+Lln7z049tL7fb2fL7+7bvr26+X65+t4hsMAAAAoFd3nt6dxwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAML1z55XlbjnPuP/4YkRM9Ys/GmPF41jUIuLqv5IYve95SUSMDCH+wWsR8ZF+8ZM8rZgqszgU/0pEGhHjw4rf9/U/Jn504l8bQny4zN7I+58v9Hv/pfFk8dj//Tdalv/X4P4vvdv/jQzo/x4ddNDa4erjb/5ydmD81yIeH+3f/3TjJ/nx+sR/6pRt/NY39vcHbct+FnG9X/+XHI412968Nbuztz+zvrm01lhrbC0szD+3+PzijcW52dX1ZqP82zfGDz72q/fv1d470v6rx/S/RfsHvP5Pn7L97715+86HOos9/5moxU+zbPqp/v//wqeOxu9+9n2y3Cuv569h+vo3+8Z/4he/e2JQbnn7Vwa0f+yE9k+fsv3PfO17fz7lrgDAOdjZ299YajYb2xYsPMBCPu6sPI0kkji6aan6xDoLr5bvsaVm9902pCP/ppwc3V3zdnn8ISZfQV8EAACcrXuD/t4tSTUJAQAAAAAAAAAAAAAAAAAAwCV04s+ADdqURsQpf06sN+ZBNU0FAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADjW/wIAAP//ngbSgw==")
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x1204001, &(0x7f00000011c0)={[{@lowerdir={'lowerdir', 0x3d, '.'}, 0x3a}], [], 0x2f})
chdir(&(0x7f00000001c0)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0, 0x151)
lseek(r0, 0x897c, 0x2)

43.38355653s ago: executing program 3 (id=825):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_X86_SETUP_MCE(r2, 0x4008ae9c, &(0x7f0000000000)={0x1e, 0x5, 0x1})
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000080)=ANY=[@ANYBLOB="01000000000000009802"])

43.207982572s ago: executing program 3 (id=828):
syz_mount_image$erofs(&(0x7f0000000340), &(0x7f0000000240)='./file0\x00', 0x2000000, &(0x7f0000000300)=ANY=[], 0x1, 0x22f, &(0x7f0000000380)="$eJzsmL9rU1EUx7/35r2XxIro0sHFwYIVbdK8LF0KVhCcRGj9NWmwz1KTNpI+wQakFBcX3RwEFwf/AYeCnRzc/AcEHVQQFMzgIEiXK+fem+QmzzTpazfPZ7h87z3n3nvOyX1nCBiG+W/5+uX35yfnZxbOAjiMCWTt+vcMIITR0vH/9Pz+mWezF168/vjq3eqRh9v959EWpXoXcrvc7wF4O5fBRuemzu4dEhN2sgBJ+gfpK5A4bdevQaBg9S1IXLU6gsANq+86uk7+hcKd5VpUuF2vLZKYpqFEQ0hDuT++1qbAop0rpZRw7GvrzWqlVosajvCs7R+mVKJzWXU8UT8fAVpz0ocTH1Xx+uNHmzRv12ba1E9TgkTJJlGGwLxdn0G2XRtTEif/4173/Ewi/2S2O2+0LxmGJZkzYvbXgRSLRAAjjk2lO2eS0jmXNB1FmnjQu8tH10SVPJiUBz4dLbyhb/GP/bGwtyvG6AFcGjWLp3kA+8orO1KEe82iR4y3tt8nTd923aWU2hjhqYuB78fvX8mNGnP7Q0xf1TyaVbmfig0K7MOW6R/qpcAppz95Tv8oxiv3imvrzanllcpStBSthmE5O2ZsuhEV9Zjoe93+nNf96ZBzvj/AN5ABHlTiuFEyYyAC5BHHjVDPQ+ezmd+q/7xpt8W4COCkmVDbDDonZhJ3iMD4SO1LajLpxDAMwzAMwzAMwzAMwzAMk4oTEPpf0CGEl7X33wAAAP//HVdh7g==")
mount$bind(0x0, &(0x7f0000000780)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x21, 0x0)
mount(0x0, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
getdents64(r0, &(0x7f0000000f80)=""/4096, 0x1000)

43.124831234s ago: executing program 33 (id=828):
syz_mount_image$erofs(&(0x7f0000000340), &(0x7f0000000240)='./file0\x00', 0x2000000, &(0x7f0000000300)=ANY=[], 0x1, 0x22f, &(0x7f0000000380)="$eJzsmL9rU1EUx7/35r2XxIro0sHFwYIVbdK8LF0KVhCcRGj9NWmwz1KTNpI+wQakFBcX3RwEFwf/AYeCnRzc/AcEHVQQFMzgIEiXK+fem+QmzzTpazfPZ7h87z3n3nvOyX1nCBiG+W/5+uX35yfnZxbOAjiMCWTt+vcMIITR0vH/9Pz+mWezF168/vjq3eqRh9v959EWpXoXcrvc7wF4O5fBRuemzu4dEhN2sgBJ+gfpK5A4bdevQaBg9S1IXLU6gsANq+86uk7+hcKd5VpUuF2vLZKYpqFEQ0hDuT++1qbAop0rpZRw7GvrzWqlVosajvCs7R+mVKJzWXU8UT8fAVpz0ocTH1Xx+uNHmzRv12ba1E9TgkTJJlGGwLxdn0G2XRtTEif/4173/Ewi/2S2O2+0LxmGJZkzYvbXgRSLRAAjjk2lO2eS0jmXNB1FmnjQu8tH10SVPJiUBz4dLbyhb/GP/bGwtyvG6AFcGjWLp3kA+8orO1KEe82iR4y3tt8nTd923aWU2hjhqYuB78fvX8mNGnP7Q0xf1TyaVbmfig0K7MOW6R/qpcAppz95Tv8oxiv3imvrzanllcpStBSthmE5O2ZsuhEV9Zjoe93+nNf96ZBzvj/AN5ABHlTiuFEyYyAC5BHHjVDPQ+ezmd+q/7xpt8W4COCkmVDbDDonZhJ3iMD4SO1LajLpxDAMwzAMwzAMwzAMwzAMk4oTEPpf0CGEl7X33wAAAP//HVdh7g==")
mount$bind(0x0, &(0x7f0000000780)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x21, 0x0)
mount(0x0, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
getdents64(r0, &(0x7f0000000f80)=""/4096, 0x1000)

19.899442639s ago: executing program 1 (id=964):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x15, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000500000095"], 0x0, 0x2, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @sk_reuseport, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r1, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

19.899021209s ago: executing program 1 (id=965):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x7)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b000000"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000140)=@raw={'raw\x00', 0x8, 0x3, 0x498, 0x320, 0xa, 0x148, 0x368, 0x60, 0x400, 0x2a8, 0x2a8, 0x400, 0x2a8, 0x7fffffe, 0x0, {[{{@ip={@multicast2, @multicast2, 0x0, 0x0, 'bridge0\x00', 'rose0\x00'}, 0x0, 0x2f8, 0x368, 0x0, {0x200003ae, 0x7f00}, [@common=@inet=@hashlimit1={{0x58}, {'veth1_to_team\x00', {0x0, 0x0, 0x2, 0x0, 0x0, 0xffffffff, 0x7}}}, @common=@unspec=@bpf1={{0x230, 'bpf\x00', 0x0}, @pinned={0x1, 0x8601, 0x6, './file0\x00'}}]}, @common=@unspec=@NFLOG={0x70, 'NFLOG\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, "f2f7b9f28413d9d8ad470ad2b60c45cb4ea6e7bf902bdc2ff8a9304d9f655c746adc0bdc773506378bc2d27efd6abb05175089830cc46186074d7de46d5af300"}}}, {{@ip={@empty, @empty, 0x0, 0x0, 'syzkaller0\x00', 'veth0_to_team\x00'}, 0x0, 0x70, 0x98}, @common=@unspec=@MARK={0x28}}], {{'\x00', 0xc8, 0x70, 0x98}, {0x28}}}}, 0x4f8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000540)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f0000000480), 0x400034f, 0x2, 0x0)
setxattr$incfs_id(&(0x7f0000000200)='./cgroup.cpu/cgroup.procs\x00', &(0x7f0000000440), 0x0, 0x0, 0x2)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x7, 0x9, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0xd, 0x3, 0x4, 0x1, 0x0, r4, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r6 = syz_io_uring_setup(0x1eb1, &(0x7f0000000480)={0x0, 0x100000, 0x1, 0x1}, &(0x7f0000000080)=<r7=>0x0, &(0x7f0000000040))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x40, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_complete(r7)
io_uring_enter(r6, 0x8a4, 0x0, 0x1, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008031, 0xffffffffffffffff, 0x5b76c000)
epoll_create1(0x0)
r8 = syz_open_procfs(0x0, &(0x7f0000000240)='fdinfo/3\x00')
lseek(r8, 0x4, 0x0)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000e80)={r5, &(0x7f0000000680)="5d81c1421cf671cf10365538cb6bb390c7806ac113f849eef9a76fe29dd8c716516db694291d0e725f6dcc941223b123987c35852da3d1cf1a81098ffa3aa195d02faa55be6a6ccacdc8384263f2ea565029b4be52caf91611fb25304c979a6f7b05b9085ba4babd8e4425b0f94c04dcd3456383f825ad020cb3c61043325ba57547eced13a02de1bb8db10251c310ff180391187ce109", 0x0}, 0x20)

19.235809258s ago: executing program 1 (id=968):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000040)=@framed={{}, [@printk={@lli, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x6}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000840)='virtio_transport_alloc_pkt\x00', r0}, 0x18)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r1, &(0x7f0000000100)={0x28, 0x0, 0x0, @local}, 0x10)

19.132704569s ago: executing program 1 (id=972):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000080)='./file1\x00', 0x8000, &(0x7f0000000480)=ANY=[@ANYBLOB="002918d910d46be7099c66b02010b1f0b7c3dc1dabe625969fb0adc922385af53d57a1d35dd71c90d9dd649b53142dd3d4108b4c7db82e8475d5bb6fa2fa626cd92c7326ce1ba2f33b0aef2b2164e01d910058b51684696959ea7f5a607a6572d2640cf9312a07000000260e3651a0cbfd2c080990fb4c76e9e613a759863734a70d0600ec77e8ba76aacbb21e4b903aa4873a9951f269a9c0f87805a1a0cbdf6b8644a1de05a8d9dd9687d67c8af7f68cb59e60d1fbefb49b93d6b72cce4162edc4468a13987d94d428df36915621aeff6dc1358a7331fa69e05c417c2e1e6b8dc29c496c76d02dfc2d7b48616fb3f01b221f4f8f484a00090964922de8909a1f9f7ef655a12a68a56cb341a8fba4cd81cedec9cb518d13d2a2564427b63b037494748a24daa21fe1256df68d000b2778bf0437cc642cd83c5a1b34eeffdf93ecbd85bb340eeef68dd60101769c74f94d217264c171feea0305bfc87c36247d90b129a9973f00000001d99b195d2f75653a0193672783c6dbca5d1445110621d8095064f0a034f492cf5aa4767a772d6f4967722546bfd83d3202f76c20a9d7f40f9e7818d77129df7fd072804e0227ecaa03dddd303a318d6f7763ce011543587e6a306780ca2f37db7e8a5b64a5059ac91ff2110e40ea13d70e1504653ba9eebcf61b427797fb3fd79d2bb9aaa13c9729fe323c4ac222991981381e004684fb200b17d2f6ede181067662ad8a31f45b613869ca8fc5b1dbe62407a1f6dcb86a4c430210e9bcfca9b83283b87316c4d17f388e0bab0500000092a82e12f8e5348f11e7739033e9081bfc598746cf032fa55d0300470000000019ac65f89ca7d96da3ca2db52f8ec80462fddf42dbbca24b720000000000000000000000000000005214e7febdbc0033d6402c34aa96940474"], 0x1, 0x1221, &(0x7f0000002300)="$eJzs3M9rHGUYB/Bn2/wyNdmotdqC9EUvehmbHDx5CZKCdEFpm0IrCFMz0WU3uyGzBLaI7c2rf4d49CaI/0AuXjwL3nLx2IM40p1gTUiRFNrdhs/nsg8775d9ZncZ2OF9dv/D77Y6m2W2mQ/iTKMRU9sR6WGKFGfibNQexHu3fvv9rRu371xbbbXWrqd0dfXm8gcppcXLP3/29Q9v/zI4d+vHxZ9mY2/p8/0/V/7Yu7B3cf/vm1+1y9QuU68/SHm62+8P8rvdIm20y06W0qfdIi+L1O6Vxc6h45vd/vb2MOW9jYX57Z2iLFPeG6ZOMUyDfhrsDFP+Zd7upSzL0sJ88PRmYv37h1VVRVTVdMxEVVXVSzEf5+LlWIjFaMbSdMSr8Vqcj9fjQrwRb8bF0apxdw4AAAAAAAAAAAAAAAAAAACny//M/8cr5v8BAAAAAAAAAAAAAAAAAADgmTP/DwAAAAAAAAAAAAAAAAAAAONn/h8AAAAAAAAAAAAAAAAAAADG78btO9dWW6216ynNRWx9u7u+u14/1sdXN6Md3SjiSjTjrxhN/9fq+urHrbUraWQp3t+6f5C/v7t+9nB+efR3Asfml+t8Opyfjfn/5leiGeePz68cm5+Ld9+p841H+Sya8esX0Y9ubMSj7OP8N8spffRJ60j+0mgdAAAAnAZZ+texv9+zLDUa9dIjx+snn3x/oGoeuT/QOJyfiktTYzxxRsrhvU7e7RY7L1Zx8JWMe5388iT08+Ri5qDTSelnAoqDd+TBpPTzghbTEfEMX+LIhWIuImaf44WJ5+Lxhz7uTgAAAAAAAAAAADiJE2wMnKr32558O+G4zxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOAfduBYAAAAAECYv3UaHRsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABcFQAA//8my+RP")
creat(&(0x7f00000000c0)='./bus\x00', 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x201000, 0x0)
r0 = open(&(0x7f0000000540)='./bus\x00', 0x4000, 0x0)
preadv2(r0, &(0x7f0000000940)=[{&(0x7f00000003c0)=""/170, 0xaa}, {&(0x7f00000009c0)=""/111, 0x6f}, {0x0}, {&(0x7f00000007c0)=""/201, 0xc9}, {&(0x7f00000001c0)=""/22, 0x16}, {&(0x7f00000008c0)=""/83, 0x53}], 0x6, 0x0, 0x0, 0x0)

18.985687331s ago: executing program 1 (id=974):
unlink(0x0)
socket$inet6(0xa, 0x80002, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x42, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, 0x0)
r3 = socket$inet(0x2, 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r3, 0x4000000000000, 0x40, &(0x7f0000002700)=@raw={'raw\x00', 0x8, 0x3, 0x2a0, 0x208, 0x8, 0xfa04, 0x0, 0x6c02, 0x208, 0x194, 0x194, 0x208, 0x194, 0x3, 0x0, {[{{@ip={@empty=0x1e00, @broadcast, 0x0, 0x0, 'veth0_to_hsr\x00', 'veth0_virt_wifi\x00', {}, {}, 0x6}, 0x0, 0xa0, 0xc8, 0x0, {0x0, 0x74020000}, [@common=@inet=@tcp={{0x30}, {[], [], 0x0, 0x0, 0x7a}}]}, @common=@inet=@TCPMSS={0x28}}, {{@ip={@multicast1, @rand_addr, 0x0, 0x0, 'batadv_slave_0\x00', 'pimreg\x00'}, 0x0, 0xf8, 0x140, 0x0, {}, [@common=@unspec=@helper={{0x48}, {0x0, 'amanda\x00'}}, @common=@unspec=@connlimit={{0x40}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'snmp\x00'}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x300)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffc000)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
keyctl$set_reqkey_keyring(0xe, 0x4)
request_key(&(0x7f0000000340)='user\x00', &(0x7f0000000380)={'syz', 0x3}, &(0x7f00000003c0)=')\x00', 0x0)

18.860762893s ago: executing program 1 (id=977):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0xfffffffffffffdd0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00', r1}, 0x10)
getrlimit(0xd, &(0x7f0000000000))

18.819018383s ago: executing program 34 (id=977):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0xfffffffffffffdd0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00', r1}, 0x10)
getrlimit(0xd, &(0x7f0000000000))

7.191056596s ago: executing program 7 (id=1085):
syz_usb_connect$hid(0x2, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x10c4, 0x8acf, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x2, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000000)=ANY=[@ANYBLOB="0100000000000000000100c0"])

6.89295506s ago: executing program 6 (id=1087):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NFC_CMD_GET_TARGET(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x14, 0x0, 0x4}, 0x14}, 0x1, 0x0, 0x0, 0x40085}, 0x40)
syz_genetlink_get_family_id$nfc(&(0x7f0000000140), r0)
r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000300), r0)
sendmsg$NL802154_CMD_NEW_INTERFACE(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000005c0)={0x28, r1, 0x1, 0x0, 0x0, {0x1c}, [@NL802154_ATTR_IFNAME={0xa, 0x4, 'wpan3\x00'}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x28}}, 0x0)

6.82848939s ago: executing program 6 (id=1088):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xd, &(0x7f0000000000)=ANY=[@ANYRESHEX=r0, @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x7)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b000000"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000140)=@raw={'raw\x00', 0x8, 0x3, 0x498, 0x320, 0xa, 0x148, 0x368, 0x60, 0x400, 0x2a8, 0x2a8, 0x400, 0x2a8, 0x7fffffe, 0x0, {[{{@ip={@multicast2, @multicast2, 0x0, 0x0, 'bridge0\x00', 'rose0\x00'}, 0x0, 0x2f8, 0x368, 0x0, {0x200003ae, 0x7f00}, [@common=@inet=@hashlimit1={{0x58}, {'veth1_to_team\x00', {0x0, 0x0, 0x2, 0x0, 0x0, 0xffffffff, 0x7}}}, @common=@unspec=@bpf1={{0x230, 'bpf\x00', 0x0}, @pinned={0x1, 0x8601, 0x6, './file0\x00'}}]}, @common=@unspec=@NFLOG={0x70, 'NFLOG\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, "f2f7b9f28413d9d8ad470ad2b60c45cb4ea6e7bf902bdc2ff8a9304d9f655c746adc0bdc773506378bc2d27efd6abb05175089830cc46186074d7de46d5af300"}}}, {{@ip={@empty, @empty, 0x0, 0x0, 'syzkaller0\x00', 'veth0_to_team\x00'}, 0x0, 0x70, 0x98}, @common=@unspec=@MARK={0x28}}], {{'\x00', 0xc8, 0x70, 0x98}, {0x28}}}}, 0x4f8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000540)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, 0x0, 0x0, 0x2, 0x0)
setxattr$incfs_id(&(0x7f0000000200)='./cgroup.cpu/cgroup.procs\x00', &(0x7f0000000440), 0x0, 0x0, 0x2)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x7, 0x9, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0xd, 0x3, 0x4, 0x1, 0x0, r5, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r7 = syz_io_uring_setup(0x1eb1, &(0x7f0000000480)={0x0, 0x100000, 0x1, 0x1}, &(0x7f0000000080)=<r8=>0x0, &(0x7f0000000040))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r8, 0x40, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_complete(r8)
io_uring_enter(r7, 0x8a4, 0x0, 0x1, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008031, 0xffffffffffffffff, 0x5b76c000)
epoll_create1(0x0)
r9 = syz_open_procfs(0x0, &(0x7f0000000240)='fdinfo/3\x00')
lseek(r9, 0x4, 0x0)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000e80)={r6, &(0x7f0000000680)="5d81c1421cf671cf10365538cb6bb390c7806ac113f849eef9a76fe29dd8c716516db694291d0e725f6dcc941223b123987c35852da3d1cf1a81098ffa3aa195d02faa55be6a6ccacdc8384263f2ea565029b4be52caf91611fb25304c979a6f7b05b9085ba4babd8e4425b0f94c04dcd3456383f825ad020cb3c61043325ba57547eced13a02de1bb8db10251c310ff180391187ce109", 0x0}, 0x20)

5.859410593s ago: executing program 6 (id=1098):
syz_mount_image$f2fs(&(0x7f0000000000), &(0x7f0000000080)='./file1\x00', 0x0, &(0x7f00000069c0)=ANY=[@ANYBLOB="6c617a7974696d652c6e6f696e6c696e655f78617474722c6c617a7974696d652c6e6f626172726965722c6163746976655f6c6f67733d342c757365725f78617474722c6d6f64653d6c66732c616c6c6f635f6d6f64653d64656661756c742c00be9ee044c45511e65887f6fac9eba6d787c3684a836f23dbf8ad3dd5931c08b4d8bde7e8acbbf3bf3326f2faa5952a332ad2ced40c98a2affa2dad4d623f9ff3ffa81e45095548ab6200f069d0f63d20fd71d3043b0dd5c4cf9785f3f531abc19bc1678f5e0b33006bd1049ca45fd8500d67a5aa6e1c23d900000000007867738729e703bb122283fb2fae9813a0cfefcdf3dc968af1cf80e96649d943198a96d9b1af9c91506b30922be8537f54e65cf60c6b6a5798955796aea325770d6ccc93a95fad93b2c7bad114fcbc55036a301c23b07073c71555791db8919235022bb0ee4294211ab9b43f3fbedecd223722d937aa22b31e2e9c97e5ea94e4ab83d4e5811c7556813c334aec856af0a0c12b3c93ba5aa906c6e2268a0c6cbbb13f496d87c608604eb02b2c031d5ae40c75"], 0x1, 0x5531, &(0x7f0000000b00)="$eJzs3EtvG1UUAODrpOmbEiEW7DpShZRItVWnSQW7AK14iFQRjwUr6tiO5db2RLHjhKxYsEQs+CcIJFYs+Q0sWLNDLEDskIo89wY1PCpQHJsk3ydNz8yd6zPnjqpEZyZyAM6s+ezXn0vhWrgUQpgNIVwNodgvpa2wGsMLIYTrIYSZJ7ZSGv9j4HwI4XII4dooecxZSqc+vzm8sfLTW798892Fc1e++Pr76a0amLYXQwjdrbi/240xb8X4MI3Xhu0idpeHKcYT3UfpOI9xt7lRZNitHcyrFfF2K87Pt3b6o7jZqdVHsdXeLMa3evGC/WHrIE/xgYe17eK40dwoYrufF7G1H+va248/2/b7g5inkfJ9VKQPg8FBjOPNvWZcz9ajItZ7gzQe8+aN5t4oDlNMlwv1vNMo6tg4yp3+f3u73dvZy4bN7X4772UrlepLleqdcnU7bzQHzeVyrdu4s5wttDqjaeVBs9ZdbeV5q9Os1PPuYrbQqtfL1Wq2cLe50a71smq1crtyq7yymPZuZq/ffz/rNLKFUXy13dsZtDv9bDPfzuInFrOlyu2XF7Mb1ezdtfVs/Z1799bW3/vw7gf3X1l787U06S9lZQtLt5aWytVb5aXq4sld/+h3/X9a/yep6DGuH46k9LSTDyZXB8AJov8HpmGi/f9cGHv/H/T/Y6H/P7Prf5wc7QZytj21/wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4DT7Ye7LN4qd+Xh8JY0/k4aeS8elEMJMCOHx35gN5w/lnE155v5h/tyfavi2FIoMo2tcSNvlEMJq2n579rjvAgAAAJxeX318/bPYrcd/5qddEJMUH9rMXH0wpnylEMLc/I9jyBLSw6bw/NGrikb/v8+FvTFlKx5gXRxTsvjI7dy4sv0rs4fCxSdCKYaZg5nnJ1oXAABwnA53ApPtQgAAAJikT6ddANNRvGlNf4ufXvNdiCG9ELx06AgAAAA4gUrTLgAAAAA4dkX/7/v/AAAA4HSL3/8HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAL+zcze5aQNRAICfDS609AdV3fcq3cExeoQuu4y4CkcgV8gFOAPZZZtdBBH2JAoRhBAbE6Lvk+xhbOvxjPDijUcDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABzTdTEbX1787teNs1zV08zdAAAAANssitm4/DCs+oN0/Fs69DP1s4jII2Jb7d6JTxsxOylOseP64lkOVxFlhPV39NL2JSL+pO3ux7F/BQAAAPi45pPpqKrWq93w1AnRpmrQJv/6t6F4WUQUw5uGouXr3a9XXbraPz60/n934/+Os9lhqZUDW1F7ysyDcsit21S0/TrpcX9s+k+arGry9tIBAADaslkJtFiFAAAA0LJ/p06A0yjfeqa5+GkCf69q0gvBzxs9AAAA4AwdOusZAAAAeI8GL54t6/8zWP/v+631/wAAAODNqvX/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOKZFMRvPJ9NR3TjLVT3N3A0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAPfvzjsIwDAZhcJMor07oAr7/Lc2C3bp1MwOCj38rAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABceRwvzzNejZlso9eZ5N3zSvLp1Ph2avw6N/5Jxrr7NwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7+/OSAiEQBFEwZ/zvpO9/WEnQM4gQAQ2PKmrRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAF/3ul/8TU+NMMnfaWDoeSdauGltXjb0HjaMH4+3fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXO/fvGzcVBwD8e+fzlRYQIaAMQYhKDLDQ9FpaujKAIgb+BKQovZbAlR9tBlpVoCxsKHMXBCNCSKCw9X/o3EpdytbhhiIxMYDss5PXo4iDKvaRfD7S8/vacvy+z4mifP2cAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKA2fnMvzorNwiTuVsduP7i+XvR3pvrCze27y0Ur4s7fXP+L/Up8/r2Y7nSW2ksEAACAwyOr6/uIfuQ7q0XQXSjr/7w+p6j5v3l6Etf1/HTdX/d17V+0n3+6//zuQAuTcYqLXtgYDU/+NZVeto/znGfP/OMZvfLOl89esvIb0n1n67lxXt7Pzle3br3VL8MjTWQLAPwXJ+q+Cuq/h4p+0GZiABwavaoV7lX1f7bQbk4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAATehvxZN13ImI5d5eXLjz4Pp62U/t39y+u1y3szdubKfXLC6RR8SFjdHwZFMT+R+4cvXah2uj0fBy88FLEdHe6FXw3gznRLSZoeBxg271sz7bVx2PiPZzbj9o+RcTAAAHTl61oq6/l++sFsc6ixF/fPtw/f9KEkda/0/1af1///2zt9Ox0vp/0NgM59/K5qVPVq5cvfbaxqW1i8OLw49ePzV4Y3D63Jkz51bKZyUrnpgAAADwePpVS+v/7mLEeGr9/1gSx4z1/6dfDz5Px8rU/4+0t+jXdiYAAACH27PHf/u184jjnX4/Plvb3Lw8mGx3909Nti2k+q8dqVpa/2eLbWcFAAAANGG81Xlo/f98EseM6/9PfffCD+k1s4g4Wq3/n1j/eHS+uem05PeZzmri34n3faoAAADMtaNVS9f/8/L9/+7uKw/diHj15UlcfQzgTPV/9vaX36djpe//n25uinOpuzS5H2W/FNFbajsjAAAADrInqlYU+7/kO6sf/Hjs3b73/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACa9mcAAAD//6vIRLE=")
r0 = open(&(0x7f0000000000)='./file1\x00', 0x109042, 0x0)
write$cgroup_subtree(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="2bb92d6e657422"], 0x5)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x10400, &(0x7f0000000d40)=ANY=[], 0xfe, 0x2ae, &(0x7f0000000a40)="$eJzs3c9qY1UYAPDvpkka7SJZuBLBu5iFG8tkti7MIBXErpQs/AM6ODMwNGGggcCoGGblE7hw4Xu4cy+48Q0EH8CdgxSO3NzbJLZp2rSmlfr7bXo45/vu+U7uabO43NPPXxsePHw6evz869+i1cqi1otevMiiE7U4lioBANwKL1KKPy71/V6vbaomAGCzFr7/G2eEbJ/uenvTZQEAG/ThRx+/f39/f++DPG9FDL8d97Mof5bj9x/HkxjEo7gb7TiaPwtIqWy/+97+XtTzQifuDCfjfpE5/OyXxccGRX432tFZnt/NSwv5k3G/ES9HZFnEk15RyL1oxyun8ovxvXtL8qPfjDda1SKL+XejHb9+EU9jEA+nzzTm83/TzfN30nd/fvVJEVzkZ5Nxf3saN5e2rvveAAAAAAAAAAAAAAAAAAAAAABwe+3mM524Myy6qvN3to6m47v/GJ+er1Objpf5WURz2jhxPtAkxQ/H5+vczfM8ZWX8/Hyferxaj/qNLRwAAAAAAAAAAAAAAAAAAAD+Q0bPvjx4MBg8OvxXGtVL/rPX+i97nd5Cz+uxOnh7rbliqwovaj0Z0/350+Gsp1jEZYofN/KIVTU3TvW8VNRz/pX/SimlLIu42m1qXGSucxo7q2OKD/in73fePHiQnfcZto5v3I+LQ804HD07cU8jW6fCtNb2a66IaVY75kLX2bniL9Fbv5eTVT3ZGqtoVI04a/u11trP1/c3CAAAAAAAAAAAAAAAAAAAKM1f+l0y+Hxlam1jRQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADANZv///81GpMqeXlMSmky62nG4eiGlwgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMD/wN8BAAD//7DYbww=")
truncate(&(0x7f0000000080)='./file1\x00', 0xf000)

5.40617913s ago: executing program 7 (id=1108):
syz_mount_image$ext4(&(0x7f0000000540)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x88, &(0x7f00000005c0)={[{@nogrpid}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@nobarrier}, {@nodiscard}, {@quota}]}, 0x3, 0x438, &(0x7f0000000d80)="$eJzs289rHFUcAPDv7GZT01+Jpf5oWjVaxeCPpElr7cGLouBBQdBDPcYkLbHbRpoItgSNIvUoBe/iUfAv8KQXUU8Fr3oXoUgurZ5WZncm2d1sfnaTrd3PByb5vpm3vPfNzNt9My8bQNcaSn8kEfsj4veI6K8VGysM1X7dXlqY/GdpYTKJSuXtv5NqvVtLC5N51fx1+/JCT0Th8ySOtmh37srVCxPl8vTlrDw6f/GD0bkrV5+fuThxfvr89KXxM2dOnRx78fT4C23JM83r1uDHs8eOvP7u9Tcnz15/75fvkjz/pjzaZGi9g09VKm1urrMO1MVJTwc7wpYUa8M0StXx3x/FWDl5/fHaZx3tHLCjKpVK5cG1Dy9WgHtYEp3uAdAZ+Qd9ev+bb7s09bgr3Hy5dgOU5n0722pHeqKQ1Sk13d+201BEnF389+t0i515DgEA0OCHdP7zXKv5XyHqnwsdzNZQBiLi/og4FBGnI+JwRDwQUa37UEQ8vMX2mxdJVs9/Dm4rr81K538vZWtbjfO/fPYXA8WsdKCafyk5N1OePpH1bDhKe9Ly2Dpt/Pjqb1+2PJA1kc//0i1tP58LZpX+6tnT+LKpifmJO8m53s1PIwZ7WuWfLK8EJBFxJCIGt9nGzDPfHlvr2NCG+a+jDetMlW8inq6d/8Voyj+XrL8+OXpflKdPjOZXxWq/3rj21lrt31H+bZCe/70tr//l/AeS+vXaua23ce2PL9a8p9k4/9bXf2/yTsO+jybm5y+PRfQmb9Q6Xb9/vKne+Er9NP/h463H/6FY+UscjYj0In4kIh6NiMeyvj8eEU9ExPHVqd3ozYKfX3ny/WpQ2k7+OyvNf2pL538l6I3mPa2D4oWfvm9odGAr+afn/1Q1Gs72bOb9bzP92t7VDAAAAP8/hYjYH0lhZDkuFEZGav/Dfzj2Fsqzc/PPnpv98NJU7TsCA1Eq5E+6+uueh45lt/V5ebypfDJ7bvxVsa9aHpmcLU91OnnocvvWGP+pP4ud7h2w43xfC7qX8Q/dy/iH7mX8Q/dqMf77OtEPYPe1+vz/pAP9AHZf0/i37AddxP0/dC/jH7qX8Q9daa4vNv6SvECwKojCXdENwQ4FnX5nAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAaI//AgAA//9Lr+a0")
rename(&(0x7f0000000000)='./file2\x00', &(0x7f0000000040)='./file1\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x58)
pwritev2(r1, &(0x7f0000000100)=[{&(0x7f0000000080)="ff", 0xabfb}], 0x1, 0x5405, 0x0, 0x0)
ioctl$EXT4_IOC_MOVE_EXT(r0, 0x40305829, &(0x7f00000000c0)={0x17c04, 0xffffffffffffffff, 0xf4ff, 0x100000001})

5.38828795s ago: executing program 6 (id=1109):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xd, &(0x7f0000000000)=ANY=[@ANYRESHEX=r0, @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x7)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b000000"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000140)=@raw={'raw\x00', 0x8, 0x3, 0x498, 0x320, 0xa, 0x148, 0x368, 0x60, 0x400, 0x2a8, 0x2a8, 0x400, 0x2a8, 0x7fffffe, 0x0, {[{{@ip={@multicast2, @multicast2, 0x0, 0x0, 'bridge0\x00', 'rose0\x00'}, 0x0, 0x2f8, 0x368, 0x0, {0x200003ae, 0x7f00}, [@common=@inet=@hashlimit1={{0x58}, {'veth1_to_team\x00', {0x0, 0x0, 0x2, 0x0, 0x0, 0xffffffff, 0x7}}}, @common=@unspec=@bpf1={{0x230, 'bpf\x00', 0x0}, @pinned={0x1, 0x8601, 0x6, './file0\x00'}}]}, @common=@unspec=@NFLOG={0x70, 'NFLOG\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, "f2f7b9f28413d9d8ad470ad2b60c45cb4ea6e7bf902bdc2ff8a9304d9f655c746adc0bdc773506378bc2d27efd6abb05175089830cc46186074d7de46d5af300"}}}, {{@ip={@empty, @empty, 0x0, 0x0, 'syzkaller0\x00', 'veth0_to_team\x00'}, 0x0, 0x70, 0x98}, @common=@unspec=@MARK={0x28}}], {{'\x00', 0xc8, 0x70, 0x98}, {0x28}}}}, 0x4f8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000540)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f0000000480), 0x400034f, 0x2, 0x0)
setxattr$incfs_id(0x0, &(0x7f0000000440), 0x0, 0x0, 0x2)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x7, 0x9, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0xd, 0x3, 0x4, 0x1, 0x0, r5, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r7 = syz_io_uring_setup(0x1eb1, &(0x7f0000000480)={0x0, 0x100000, 0x1, 0x1}, &(0x7f0000000080)=<r8=>0x0, &(0x7f0000000040))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r8, 0x40, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_complete(r8)
io_uring_enter(r7, 0x8a4, 0x0, 0x1, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008031, 0xffffffffffffffff, 0x5b76c000)
epoll_create1(0x0)
r9 = syz_open_procfs(0x0, &(0x7f0000000240)='fdinfo/3\x00')
lseek(r9, 0x4, 0x0)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000e80)={r6, &(0x7f0000000680)="5d81c1421cf671cf10365538cb6bb390c7806ac113f849eef9a76fe29dd8c716516db694291d0e725f6dcc941223b123987c35852da3d1cf1a81098ffa3aa195d02faa55be6a6ccacdc8384263f2ea565029b4be52caf91611fb25304c979a6f7b05b9085ba4babd8e4425b0f94c04dcd3456383f825ad020cb3c61043325ba57547eced13a02de1bb8db10251c310ff180391187ce109", 0x0}, 0x20)

5.180642123s ago: executing program 7 (id=1110):
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
ioctl$UI_ABS_SETUP(r0, 0x401c5504, &(0x7f0000000340)={0x400000100002f})
write$uinput_user_dev(r0, &(0x7f0000000380)={'syz0\x00', {0xff, 0x6, 0x7fff, 0x8d5}, 0x24, [0x10000, 0xeba, 0x7, 0xe6a, 0x8, 0x1, 0x5, 0x7ff, 0x54, 0x7fffdfff, 0x2, 0xc, 0x8, 0x9, 0x9, 0xfffffff7, 0x7, 0x40000, 0xa, 0x23, 0x2, 0x0, 0x3ff, 0xfffffff4, 0x1, 0xda6, 0x3, 0xa7, 0xeb36, 0x2, 0x9, 0x76c9, 0x200, 0x1, 0x1, 0x1, 0x7, 0x9, 0xf, 0xb, 0x10, 0x80000000, 0x9, 0xb50, 0x0, 0x800, 0x3, 0xffffffff, 0x7, 0xfffffffe, 0x5, 0x8, 0x24, 0x7fff, 0x8, 0x1, 0x200, 0x0, 0x0, 0x7f, 0x964e, 0x2d5, 0x149, 0x1], [0x66ac, 0xfffffff9, 0x4, 0x3, 0x8e, 0x7, 0x13e, 0x9, 0x4, 0x2, 0x0, 0x7, 0x6, 0x8001, 0x9, 0x8, 0x2, 0x5, 0x40, 0x7ff, 0x7ff, 0x5, 0x9, 0xc00, 0x89, 0x7ff, 0x0, 0x1, 0xfffffff7, 0x9, 0x9, 0x4d26, 0x10000, 0x8, 0x1, 0x6, 0x0, 0x4, 0x4c, 0x9, 0x8, 0x5, 0xe66, 0x8, 0x2, 0x81, 0x4b, 0x80, 0x6, 0xb, 0x4, 0x9, 0x1, 0x8d1, 0x8fd, 0xfffffffa, 0xe0, 0x8e, 0x10001, 0x4, 0x401, 0xade, 0x7f, 0x9], [0x8396, 0x7, 0x6, 0x9, 0x8000, 0x1, 0x9, 0xe88, 0x8, 0x6, 0x0, 0x400, 0x1000, 0x9, 0x6e, 0x8000, 0x7, 0x3, 0x6, 0x5, 0x3, 0xc9, 0x2, 0x3, 0x0, 0x2, 0x2, 0xc, 0x5, 0xb0f, 0x1e, 0x3, 0x800, 0x8, 0x9, 0x3, 0x4, 0xfffffff7, 0x4, 0xe, 0x464b, 0x6, 0x2e7, 0x7ff, 0x1ff, 0x6, 0x87ff, 0x2, 0x7fffffff, 0xffffffff, 0x4, 0xffff, 0xd5d, 0xa0c787d, 0xffffff4e, 0x9, 0x4, 0x40, 0x3, 0x0, 0x1fc1, 0x9, 0x1, 0x3], [0x10000010, 0x7, 0x9, 0x2, 0xa5e, 0xfe, 0xff, 0x3, 0x80000000, 0x0, 0xe, 0x2, 0x4, 0x7, 0x7, 0x0, 0xfffffffd, 0xfffffff8, 0xc, 0x4, 0x3, 0x103, 0x6, 0xcc, 0x6, 0x4000400, 0xffffffff, 0xfffffffb, 0x40, 0x80000000, 0x4, 0x7, 0xfff, 0x40, 0x9, 0x0, 0x9, 0x1, 0x0, 0x7, 0x8ac1, 0x3, 0x4, 0x80000002, 0x80000002, 0xff, 0x6, 0x3, 0xfffff801, 0xffffffff, 0x37d, 0xfffffff8, 0xd, 0x7, 0xd, 0x9, 0x6eaf, 0x0, 0x401, 0x5e02, 0x2, 0x3, 0x5, 0x400]}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x3)
ioctl$UI_DEV_CREATE(r0, 0x5501)

5.069978614s ago: executing program 7 (id=1111):
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005165c0f63cdc2e82818254950ee03568b8809a1ff4c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab60c1aae1314d7381fcfeb970bea672cf1e926f6a51479343144648a07a975bd89dc398712376610f6254f12495b4658319684387f6f3543205d4bc4ce05b8b961103673dff7f158052e62b20f05fd24108d8363d44fcd0f8f3647899762a17282a1914452d11f557c28f396eebdc858558db0276d14f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5de2503dab358f42a2624c7daa9ed44039aab46419496362e54cfad05a0004ac71a003d7b85d07191bed4e5a890826300214146f7ed569985439baa355c2766dd056f5d79e454f3d873095e7a237bc06d035a8d601f21746d886419f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c66b0f65021829f87d988b4e2d71753b1549fa734f0b2e56dbd21ed2e09d0cddad721971637f384eed3034597c93e1c52f42cad0ed09c395dc6e9703660fefa1c80f467367c006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0c9be9654db05fb918086cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f717f13fa7552d92c51dbd32ea50c490ecd085d2811a7555c538cffffff7f00000000dd872244bfa64779e0f43a9c277e2910b7ccdc3d6726d34ad2101033a623ca2a49ad344884289130bc71cee2b7de62bf48129ae1af052a2d46a61625735a9eea7f793946b3229e861d8ea49806b3f7d4295f6b000000000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c00000099b13ecda2a5b37de0519e974cba92ebaf0f701611a9b027ce04340bda4594cc9049c3f101629ab028145e004209ebe71a6fe84af50804000000000000004a27213354964e250a98fe357676f94b6947383e320fbb1118f586d5b9b1b977e1e1a4490ff67703a9b5900f8a6f8a805879dd91ec5ff435b219c53680c0ae04dcc4ef69b98fcb0d6b6a03a8b71a66b4e2876dc4b610444bf10000000000b046b6ae5d68156bcbd6d8793ade9a22ac8fc7857e5bbc14adc4e12b08f350c6789283b9990c72e64372a1f79769a8bdc632fc1a0b3417855d8b7d25ca4d404c23631ad3d2f55dcd385371c86170a4bca58c2b2b4eabc365f45bd10bb45b0c5bc354456a52be18d9b44014d20a3c51c8f013dade83562e73278662829e4f5a9ac00fd91178468c737f0872d97d38d11a176be5a0d7294c51eb161eddcfefa8837c7430721851ec2a107af0df6d43e732bbc01e76c66895eb85d36798d61622773591ee21ad9f6a1b73fa9cf3ffeb8a00b63af800a81d0fb8aa29df8b8ad6fbafefb5802a23cbdeeabceda5bfc5ff2fa5c1d61d04a1324794c6ed000696d9f04010c35474e690545c3d9bd836d4cef2585ba616e01c3d000000000000000000470ebc6f3453ecbf3047e4547d7632d3ad21798e730cb5d1da059b5bdb8107815dff995c0788906790406dfb4f8ee9f24ff94233e2e6e581e6e5de33a5f254c9a8b612547473c3001df3928dac9203b744619082421a8da7c00000000000000000000000000000018a73ef40cca690fb7595c6962984f8276677be6f66cbdbccf1896433808c9c84d74ac4a7c186a04a2250972f7acb156b21f9826b6acb7db32c4e3b3ec8b59fd972975edb1da872d81a35e4fda2f5cbde6b40bea20418c6e9dad30b791eea58f53e80fee4dd7fe08373ea2784fcd3a65261de71eb866458d2c22a"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000300)=ANY=[@ANYRES32=r0, @ANYRES32=r1, @ANYBLOB="02"], 0x10)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000380)={@cgroup=r2, 0x2, 0x0, 0x0, &(0x7f0000000280)=[0x0], 0x1, 0x0, &(0x7f00000014c0), 0x0, 0x0}, 0x40)

4.803968357s ago: executing program 2 (id=1112):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000680)=@newtaction={0x8c, 0x30, 0xffff, 0x0, 0x0, {}, [{0x78, 0x1, [@m_police={0x74, 0x1, 0x0, 0x0, {{0xb}, {0x48, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c, 0x1, {0x0, 0x4, 0x0, 0x0, 0x0, {0x0, 0x0, 0x4}, {}, 0x0, 0x7}}], [@TCA_POLICE_AVRATE={0x8, 0x4, 0xa5}]]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x8c}, 0x1, 0x0, 0x0, 0x40640f4}, 0x0)
r3 = dup(r2)
ioctl$KVM_SET_MSRS(r3, 0xc008ae88, &(0x7f00000000c0)=ANY=[@ANYBLOB="8200"])

4.767006138s ago: executing program 7 (id=1114):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x8914, &(0x7f0000000040)={'vcan0\x00', 0x1})
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
bpf$PROG_LOAD(0x5, &(0x7f0000000d00)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xac2d5e22244f85e2, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @value}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ff, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000040)='qdisc_destroy\x00', r4}, 0x18)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000140)={'pim6reg1\x00', 0x1})
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='qdisc_destroy\x00', r6}, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r7, 0x8914, &(0x7f0000000100)={'pim6reg1\x00', @link_local})
close(r5)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0)
fcntl$lock(r8, 0x26, &(0x7f0000000000)={0x1})
fcntl$lock(r8, 0x25, &(0x7f0000000180)={0x0, 0x1, 0x0, 0x80000000})
sendmsg$nl_xfrm(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="fc0000001900674c0000000000000000e0000001000000000000000000000000e000000200000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000400000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000044000500000000000000000000000000000000000000000033"], 0xfc}}, 0x0)

3.209788388s ago: executing program 6 (id=1116):
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file1\x00', 0x10, &(0x7f00000004c0)={[{@i_version}, {@nodiscard}, {@min_batch_time={'min_batch_time', 0x3d, 0x3ff}}]}, 0x1, 0x3f7, &(0x7f0000003080)="$eJzs3U1vG0UfAPD/bt7atE+TSs+Bl4sFSERCJE3aApVAIuLCoT3RA0es2C1RnQYlRqJVxItA3EAC8QHgAHwEjnDgO8AZOEClCOVAys1o7V3HxHbapA6ukt9PGnlmZ+2Z9XjW68nsJIBjqxQRL0fESESci4ipfHuah3i/FbL9trc2lv7e2lhKotF47c8kknxb8VpJ/ngqf4GZNCL9KInHe5S7fuv2jXKtVl3L03P1lbfm1m/dfnZ5pXy9er16c+G58xcuXnzh0sLzAzvWzZXkk6e+ufzbZx9XPv/pj++ns/qezvM6j2NQSlFqvye7XRp0YUN2oiOejA6xIgAA7CnNr/1Hm9f/UzESOxdvU/Hpj0OtHAAAADAQjUbxCAAAABxdid/+AAAAcMQV8wC2tzaWijDE6Qj8xzYXI2K61f5389DKGW3f0zu26/7eQSpFxKsnrixkIQ7pPmwAAACA4+yHxdbCf93jf2k80rHfyYiYLNb2G6DSrnT3+E96Z8BF0mFzMeLFiLjbNf6XFrtMj+Sp/zWHCseSa8u16rmIOBMRMzE2kaXn9yjj3SdufNsvr3P878tfX5/Pys8ed/ZI74xO/Ps5lXK9/CDHzI7NDyIeG+3V/kl7zLdzncyDeGN5+6V+eVn7Z+1dhO725zA1vop4umf/31m5NNl7fda55vlgLj8rTHSX8cvprz/sV35n/89CVn7xtwAOX9b/J/du/+Y6ue31etf3X8Z3f135uV/evdu/9/l/PLnarOB4vu2dcr2+Nh8xnlzu3u7T1Fa8H8X7lbX/zJO9v/+L678k/+4/07E+9H688t7Zq/3y9P/hytq/sq/+v//Im5OPzvQr//76/4VmZYoXcf13b/fbQMOuJwAAAAAAAACDkTbn9iXpbDueprOzrXm+/4/JtLa6Xn/m2urbNyutOYDTMZYW8z+nOuaDzrduI2+nF3alz0fE2Yj4YupkMz27tFqrDPvgAQAA4Jg41ef3f+b3g9zsAQAAADycpoddAQAAAODQ+f0PAAAAR9qDrOtfq64V/yLogE8XETlYZCT/4D0s9Tl6kSGelAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACIfwIAAP//keS8Nw==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x58)
pwritev2(r1, &(0x7f0000000100)=[{&(0x7f0000000080)="ff", 0xabfb}], 0x1, 0x5405, 0x0, 0x0)
truncate(&(0x7f0000000000)='./file1\x00', 0x800088c)
ioctl$EXT4_IOC_MOVE_EXT(r0, 0x40305829, &(0x7f00000000c0)={0x17c04, 0xffffffffffffffff, 0xf4ff, 0x100000001})

3.07240113s ago: executing program 7 (id=1118):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18090000002300810000000000000000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000002c0), 0x2, 0x0)
close_range(r1, 0xffffffffffffffff, 0x0)

3.001511271s ago: executing program 6 (id=1121):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000000000106a05310300000000000109022400010000800009040002010300010009210000000122f80409058103"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000000c0)='./file1\x00', 0x0, &(0x7f0000000080)={[{@block_validity}, {@jqfmt_vfsv1}, {@test_dummy_encryption_v1}, {@minixdf}]}, 0xfe, 0x4a1, &(0x7f00000001c0)="$eJzs3M1vVFUbAPDn3mnLN+3Li6h8SBWNjR8tLags3Gh0p4mJLnBjUttCKgM1tCRCiFZjcGlI3BvdGKJ/gSvdGHVl4lb3hoQoMQFdmDF35t4yU2ZKW6YdcH6/5JZz5p7pOc+ce+499x6mAXStwexHErE1In6JiP5atrHAYO2f61fPT/x19fxEEpXKq78n1XLXrp6fKIoW79uSZ4bSiPTDJK+k0ezZcyfGy+Wp03l+ZO7k2yOzZ889OX1y/PjU8alTY0eOHD40+szTY0+1Jc4srmu7353Zm/S8fvHliaMX3/zhqzQidu2r7a+P47akWxaSg1ngf1SqFhd7pC2V3Tm21aWTng42hBUpRUTWXb3V8d8fpbjRef3x4gcdbRywprJr04bWu+crwH9YEp1uAdAZxYU+u/8ttnWaetwRrjxXuwHK4r6eb7U9PZHmZXrXsP77IuLo/N+fZlvk/fDP1jWsEADoet9k858nms3/0thVV257voYyEBH/i4gdEfH/iNgZEfdEVMvem89nVqK2NFRayN88/0wvrzq4Zcjmf8/ma1uN879i9hcDpTy3rRp/b3Jsujx1MP9MhqJ3Q5YfXaKOb1/4+eNW+wbr5n/ZltVfzAXzdlzuWfSAbnJ8brxdk9Ir70fs7mkWf7KwEpBExP0RsXtlv3p7kZh+7NLeVoVuHf8S2rDOVPks4tFa/8/HovgLydLrkyMbozx1cKQ4Km72408XXmle+8bbi78Nsv7f3Hj8LyrR/2dSv147u/I6Lvz6Uct7ytUe/33Ja9Ux2Ze/9s743Nzp0Yi+5KVqvuH1sRvvLfJF+Sz+oQPNx/+O/D1Z/HsiIjuI90XEAxGxP2/7gxHxUEQcWCL+759/+K0VxT+9vv0/2fT8t3D8DzT2/8oTpRPffd2q/jz+4mTbov8PV1ND+SvV898ttG5OlKciKpVVH80AAABw98luvLdGkg4vpNN0eLj2f/h3xua0PDM79/ixmTOnJmvfERiI3rR40tWfPw/N7rZHk/n8N9aej47lz4qL56WH8ufGn5Q2VfPDEzPlyQ7HDt1uS4vxn/mt1OnWAWvO97Wgey0e/2mH2gGsP9d/6F7GP3Qv4x+6V934//LMhT3VxHvVn/sXdjRdC1jiL4cAd4dF1/9Ln3eqIcC6M/+H7mX8Q/cy/qEr3c73+juT2JS3/FaF+zrf1NUlvuidLWXx1e1KeiI637DGRKRLlXkjmu8ajIg1aljcER9LuxPJMg715SaOHc+HznIKd/KsBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0D7/BgAA//9ajd4t")
syz_emit_ethernet(0x36, &(0x7f00000001c0)=ANY=[@ANYBLOB="aaaaaaaaaaaa1a0e2c5f"], 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000340)={0x24, 0x0, 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="00220508"], 0x0}, 0x0)

2.973673152s ago: executing program 2 (id=1122):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000080)=0xf)
ioctl$TCFLSH(r1, 0x400455c8, 0x4)
ioctl$sock_bt_hci(r0, 0x400448de, &(0x7f0000000040))

2.937722662s ago: executing program 5 (id=1124):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5, 0x1000, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000210018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='percpu_create_chunk\x00', r1}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xa, 0x101, 0x7fff, 0xcc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)

2.825657654s ago: executing program 4 (id=1125):
r0 = syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x14000, &(0x7f0000000100), 0x22, 0x4e9, &(0x7f0000001080)="$eJzs3c9vG1kdAPDvTOIkm81usrASPwRsWRbKqqqTuLvRak8LBxBaVUJUnDi0IXFDFCeuEqc0oYf0f0CiEif4EzggcUDqiTs3uHFpD0gFKlCDxMFo7ElIEzsxaeKp4s9HGvn9mPj7nq15b/zc+gUwsC5FxE5EjETErYiYzMuT/IhP2kd23vNn9xd2n91fSKLZvPH3pFWflcWBv8m8nj/nWET84LsRP06Oxt3Y2l6Zr9Wq63l+Om0XXl1enV+qLlXXKpW52bmZj659WDmzvr6z+pun31n+9Ie//92XH/9x5/2fZc2ayOsO9uMstbte2o+TGY6IT88jWAGG8v6MFN0QTiW77D4TEe9m13/zaP37RTQKADhXzeZkNCcP5gGAiy5trYElaTlfC5iINC2X22t4b8d4WqtvNK7crm+uLbbXyqailN5erlVn8rXCqSglWX62lf5fvnIofy0i3oqIn4++1sqXF+q1xSJvfABggL1+aP7/12h7/gcALrixohsAAPRdr/P/t8+5HQBA//j8DwCDx/wPAIPH/A8Ag8f8DwCDx/wPAAPl+9evZ0dzN//968W7W5sr9btXF6sbK+XVzYXyQn39TnmpXl9q/WbP6knPV6vX78x+EJv3phvVjcb0xtb2zdX65lrjZut3vW9WS33pFQBwnLfeefTnJCJ2Pn6tdcSBvRzM1XCxpUU3ACjMUNENAAozXHQDgML4jA902KL3BZ3/idBIxMNzaQ7QB5e/YP0fBpX1fxhcndf/zfwwCKz/w+BqNhN7/gPAgDn+k/5o3+5DgOKc7vv/8P0/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA22idSRpOd8LfCLStFyOeCMipqKU3F6uVWci4s2I+NNoaTTLzxbdaADgJaV/TfL9vy5PvjdxuHYk+XdrE8CRiPjpL2/84t58o7E+m5X/Y7+88TAvrxTRfgDgJHvz9N48vuf5s/sLe0c/2/P0W+3NRbO4u/nRrhmO4dbjWJQiYvyfSZ5vy+5Xhs4g/s6DiPh8p/4nrbWRqXzn08Pxs9hv9DV++kL8tFXXfsxei8+eQVtg0DzKxp9POl1/aVxqPXa+/sdaI9TL2xv/do+Mf+n++DfUZfy71GuMD/7wva51DyK+ONwpfrIfP+kS/70e4//lS195t1td81cRl6Nz/IOxphurd6Y3travLq/OL1WXqmuVytzs3MxH1z6sTLfWqKf3VqqP+tvHV948rv/jXeKPndD/r/fY/1//59aPvnpM/G9+rfP7//Yx8bM58Rs9xp8f/23X7buz+Itd+n/S+3+lx/iPn2wv9ngqANAHG1vbK/O1WnU9TwyvHy6ROE0iOeac7N6tsIbt5G/8q/JCXYTEk5+0X9Oe/6r0/5x8TOJzL5Z0u6hPlShoQAL65ujgAQAAAAAAAAAAAAAAvGr68d+kiu4jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF9d/AwAA///I5sxW")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x0)
pwrite64(r2, &(0x7f0000000000)='2', 0x1, 0x4fed0)
ioctl$EXT4_IOC_MOVE_EXT(r1, 0x40305829, &(0x7f00000001c0)={0x17c04, r0, 0x2, 0x100000001, 0x5, 0x2000000000000})

2.792757034s ago: executing program 5 (id=1126):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bf"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1700", @ANYBLOB], 0x50)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x18)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000005000000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x10, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000740)=ANY=[@ANYRES16=r1, @ANYRESDEC=r2, @ANYRESDEC=r1, @ANYRES8=r1, @ANYBLOB="cf18dfcc825654c2fefb820dd41e9e38d2b05a1ae4a95adcdb280d9bb2b799d952849b988e0276b8ad3da83c83ecbf59ce0aa2db4bf40cbc434380df26c02b487d26cd4906b81a7a95235572bd2002ded79c2582c436c71ec67d52375e7ef9477002f65f3891d90b9c1dc44c2580b9b8f3d24f74020eed11b0dab2cdfba25d772fc3fd3d7ed0105e8fd65339c5689c1dbefe81e199fab801e991226759fc7fd77f98b0806c8d6a633ea5b1050c1828d5ff1d1e5f98", @ANYRES64=r2], 0x0, 0x22, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x30, 0x0, 0x0, 0x0, 0x5, @void, @value}, 0x94)
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x2, 0x0, &(0x7f0000000140)={0x0, 0x0})
r5 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000500)={'pim6reg0\x00', <r6=>0x0})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r5, 0x89f1, &(0x7f00000005c0)={'syztnl0\x00', &(0x7f0000000540)={'ip6gre0\x00', r6, 0x4, 0x2, 0x6, 0x4, 0x1, @rand_addr=' \x01\x00', @private1, 0x7800, 0x3c00, 0x7ff, 0x7}})
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@textreal={0x8, &(0x7f00000001c0)="0f285907660f06f40f070f20d86635200000000f22d8673e0f01ca66b9800000c00f326635000100000f309467650f3066660f3881aaf60f", 0x38}], 0x1, 0x0, 0x0, 0x0)
r8 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000200), 0x80002, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000440)={0x1b, 0x0, 0x0, 0x7, 0x0, r1, 0x2, '\x00', 0x0, r8, 0x5, 0x0, 0x1, 0x0, @void, @value, @void, @value}, 0x50)
write(r4, &(0x7f0000000000)="fa", 0xfffffdef)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r9, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="9000000000010904001000000000000002000000240001801400018008000100e000000208000201000000000c00028005000100000000002c00028014000180080001007f00000108000200e000000114000180080001000a01010208000200ac1414aa080007400000000024000e801400018008000100ac1414bb08000200640101010c0002800500010084000000"], 0x90}, 0x1, 0x0, 0x0, 0x4}, 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200080, &(0x7f0000000040)={[{@jqfmt_vfsv1}]}, 0xfe, 0x56c, &(0x7f0000000940)="$eJzs3c9rFFccAPDvbBKjxtYIIm0PJeChFuvGJP1hoQd7LK1UaO92SdYg2biS3YhJheqhXnopUiilQukf0HuP0n+gf4XQClIktIdepsw6azbJ7ibG1WzdzwdG35s3mzdvZr6P9/btsgEMrInsn0LEqxHxbRJxuKVsOPLCiUfHrT28PpttSaTpZ38lkeT7mscn+f9jeeaViPjt64iTha311lZWF0qVSnkpz0/WF69M1lZWT11aLM2X58uXp2dmzrwzM/3+e+9uffHo7tr65vl/fvj07kdnvjm+9v0v94/cTuJsHMrLWtvxFG60ZiZiIr8mI3F204FTPaisnyR7fQLsylAe5yOR9QGHYyiPeuDF91VEpMCASsQ/DKjmOKA5t+86D05fvFnegw8bE6DRre1PHr03Evsbc6ODa8mGmVF2JcZ7UH9Wx69/3rmdbdG79yEAtnXjZkScHh7e0P+9HC393+6d3sExm+vQ/8Hzczcb/7w12mb8V3g8/ok245+xNrG7G9vHf+F+D6rpKBv/fdB2/Pt40Wp8KM+91BjzjSQXL1XKWd+WdZMnYmQ0y3dbzzmzdi/tVNY6/su2rP7mWDA/j/vDm9a75kr10tO0udWDmxGvDbdr//r4N2lz/7PrcX6HdRwr33m9U9n27X+20p8j3mh7/9fnOkn39cnJxvMw2Xwqtvr71rHfO9W/1+3P7v/B7u0fT1rXa2tPXsdP+/8tdyqbSPJF0yd8/vclnzfS+/J910r1+tJUxL7kk637p9df28w3j8/af+J4+/jv9vwfiIgvdtj+W0dvdTy0H+7/3BPd/w6JNOlYdO/jL3/sVP/O+r+3G6kT+Z6d9H9dznRD4mmuHQAAAAAAAPSbQkQciqRQfJwuFIrFR5/vOBoHC5VqrX7yYnX58lw0vis7HiOF5kr3WMvnIabyz8M289Ob8jMRcSQivhs60MgXZ6uVub1uPAAAAAAAAAAAAAAAAAAAAPSJsQ7f/8/8MbTXZwc8c37yGwbXtvHfi196AvpSl/h/8X7xF9jA+B8Gl/iHwSX+YXCJfxhc4h8Gl/iHwSX+AQAAAAAAAAAAAAAAAAAAAAAAAAAAoKfOnzuXbenaw+uzWX7u6sryQvXqqblybaG4uDxbnK0uXSnOV6vzlXJxthrj2/y9SrV6ZWo6lq9N1stJfbK2snphsbp8uX7h0mJpvnyhPPJ8mgUAAAAAAAAAAAAAAAAAAAD/K7WV1YVSpVJekpDYVWK4P06jN4k0TdM+OI1+SOx1zwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6/4LAAD//6lkOFk=")
r10 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='sys_enter\x00', r10}, 0x10)
renameat2(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0xffffffffffffff9c, &(0x7f0000000040)='./file0/file0\x00', 0x2)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
getrandom(&(0x7f0000000080)=""/240, 0xfffffffffffffe77, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x2, 0x0)

2.589124567s ago: executing program 4 (id=1127):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xd, &(0x7f0000000000)=ANY=[@ANYRESHEX=r0, @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x7)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b000000"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000140)=@raw={'raw\x00', 0x8, 0x3, 0x498, 0x320, 0xa, 0x148, 0x368, 0x60, 0x400, 0x2a8, 0x2a8, 0x400, 0x2a8, 0x7fffffe, 0x0, {[{{@ip={@multicast2, @multicast2, 0x0, 0x0, 'bridge0\x00', 'rose0\x00'}, 0x0, 0x2f8, 0x368, 0x0, {0x200003ae, 0x7f00}, [@common=@inet=@hashlimit1={{0x58}, {'veth1_to_team\x00', {0x0, 0x0, 0x2, 0x0, 0x0, 0xffffffff, 0x7}}}, @common=@unspec=@bpf1={{0x230, 'bpf\x00', 0x0}, @pinned={0x1, 0x8601, 0x6, './file0\x00'}}]}, @common=@unspec=@NFLOG={0x70, 'NFLOG\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, "f2f7b9f28413d9d8ad470ad2b60c45cb4ea6e7bf902bdc2ff8a9304d9f655c746adc0bdc773506378bc2d27efd6abb05175089830cc46186074d7de46d5af300"}}}, {{@ip={@empty, @empty, 0x0, 0x0, 'syzkaller0\x00', 'veth0_to_team\x00'}, 0x0, 0x70, 0x98}, @common=@unspec=@MARK={0x28}}], {{'\x00', 0xc8, 0x70, 0x98}, {0x28}}}}, 0x4f8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000540)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f0000000480), 0x400034f, 0x2, 0x0)
setxattr$incfs_id(0x0, &(0x7f0000000440), 0x0, 0x0, 0x2)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x7, 0x9, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0xd, 0x3, 0x4, 0x1, 0x0, r5, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r7 = syz_io_uring_setup(0x1eb1, &(0x7f0000000480)={0x0, 0x100000, 0x1, 0x1}, &(0x7f0000000080)=<r8=>0x0, &(0x7f0000000040))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r8, 0x40, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_complete(r8)
io_uring_enter(r7, 0x8a4, 0x0, 0x1, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008031, 0xffffffffffffffff, 0x5b76c000)
epoll_create1(0x0)
r9 = syz_open_procfs(0x0, &(0x7f0000000240)='fdinfo/3\x00')
lseek(r9, 0x4, 0x0)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000e80)={r6, &(0x7f0000000680)="5d81c1421cf671cf10365538cb6bb390c7806ac113f849eef9a76fe29dd8c716516db694291d0e725f6dcc941223b123987c35852da3d1cf1a81098ffa3aa195d02faa55be6a6ccacdc8384263f2ea565029b4be52caf91611fb25304c979a6f7b05b9085ba4babd8e4425b0f94c04dcd3456383f825ad020cb3c61043325ba57547eced13a02de1bb8db10251c310ff180391187ce109", 0x0}, 0x20)

1.140785276s ago: executing program 4 (id=1128):
r0 = socket(0xa, 0x2, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r1=>0x0}, &(0x7f0000cab000)=0xa)
setresuid(r1, 0x0, 0x0)
r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
syz_mount_image$fuse(&(0x7f0000002040), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r2, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0], 0x0, 0x0, 0x0)

1.064045767s ago: executing program 4 (id=1129):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
bpf$PROG_LOAD(0x5, &(0x7f0000000d00)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xac2d5e22244f85e2, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @value}, 0x94)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/13, @ANYRES32=r4], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ff, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000040)='qdisc_destroy\x00', r5}, 0x18)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f0000000140)={'pim6reg1\x00', 0x1})
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='qdisc_destroy\x00', r7}, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r8, 0x8914, &(0x7f0000000100)={'pim6reg1\x00', @link_local})
close(r6)
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0)
fcntl$lock(r9, 0x26, &(0x7f0000000000)={0x1})
fcntl$lock(r9, 0x25, &(0x7f0000000180)={0x0, 0x1, 0x0, 0x80000000})
sendmsg$nl_xfrm(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="fc0000001900674c0000000000000000e0000001000000000000000000000000e000000200000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000400000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000044000500000000000000000000000000000000000000000033"], 0xfc}}, 0x0)

658.242632ms ago: executing program 5 (id=1130):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x17, 0x3, &(0x7f0000000180)=@framed, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sysctl, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
r1 = fsopen(&(0x7f00000003c0)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
r2 = fsmount(r1, 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000200)={@cgroup=r2, r0, 0x12, 0x6, 0x0, @void, @value}, 0x10)

605.775563ms ago: executing program 2 (id=1131):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f00000006c0)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x18)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000340)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="0100000000000000000005000000180001801400020073797a5f74756e0000000800000000001800038014000380"], 0x44}}, 0x0)

502.889844ms ago: executing program 2 (id=1132):
bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0b0000004f000000cc0002000600000005"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000300)=ANY=[@ANYBLOB="180000000000000000000000a9000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r1}, 0x10)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000200), &(0x7f0000000240), 0x4af, r0}, 0x38)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x2, r0}, 0x38)

502.268154ms ago: executing program 5 (id=1133):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x8001, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={0x0}, 0x1, 0x0, 0x0, 0x85}, 0x4000000)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000000)=ANY=[@ANYBLOB="020000000000000010"])

363.441556ms ago: executing program 2 (id=1134):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10)
syz_read_part_table(0x59d, &(0x7f0000000000)="$eJzs0r1Ls1cYB+CTwEsoVCIiONhBMLg0KsRBh2SwEtMsRsSKFGfBQQfBwUFSorMf/4DiF4iL2NlRjCAKcZKM4lxQXDKltD6FtnZpiyl9ua4lnHPf59w5/J7A/1o8/NRsNmMhhGbi75/+7jQ/XuyZHJ2aDiEW5kII+a++/LUSizp+u/U8WpeidTGRqe3fjL2ctt/23ldTh/GofhEP4YcQwuLjUfLfvo3P31nuKrm+sVzYXM0tPBTWnobm+/PdW/mlneGDbHmmKzsbfVgX8dbMT9VGju+apefdtoFP1Vojcx31pWMfM5//1p/z3+us1CuNib6TlcF0R/2yvB3l/ip/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgg53lrpLrG8uFzdXcwkNh7Wlovj/fvZVf2hk+yJZnurKz8be+i3hr5qdqI8d3zdLzbtvAp2qtkbmO+tKxd0e/+fFj/hIt9HX4Y/57nZV6pTHRd7IymO6oX5a3o9xf3+cPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPCX8uPFnsnRqekQYmEuhPDt/fe9v+w3E2/1WNR3Hv2Wov1iIlPbvxl7OW2/7b2vpg4nEyEkfnfv4uNR8otWPoR/5OcAAAD//2wlhu4=")

275.356097ms ago: executing program 5 (id=1135):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f00000012c0)={[{@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x4739}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x800}}, {@norecovery}]}, 0x1, 0x4fa, &(0x7f00000005c0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='pids.current\x00', 0x275a, 0x0)
r1 = creat(&(0x7f0000000040)='./bus\x00', 0x4feccde29fb25841)
newfstatat(0xffffffffffffff9c, &(0x7f00000000c0)='.\x00', &(0x7f0000000c80)={0x0, 0x0, 0x0, 0x0, <r2=>0x0}, 0x0)
setreuid(0x0, r2)
ioctl$EXT4_IOC_MOVE_EXT(r0, 0xc028660f, &(0x7f0000000140)={0xc, r1, 0x0, 0x2})

178.934038ms ago: executing program 5 (id=1136):
syz_mount_image$ext4(&(0x7f0000000280)='ext4\x00', &(0x7f0000000740)='./file0\x00', 0x10040, &(0x7f0000000380)={[{@journal_ioprio={'journal_ioprio', 0x3d, 0x2}}, {@nouid32}]}, 0xfd, 0x269, &(0x7f0000000780)="$eJzs3U9oHFUcB/Df7B/jJotEvQjiHxARDYR4E7zEi0JAQhARVIiIeJJEiAnesp68eNCzSkDwEkpvTXssvYReWgo9pW0O6aXQhh4aemgPW3Znt2ySDW33b9n5fGCYmbz35r0J832zLMxsAJk1GRGzEZGPiKmIKEZE0lrh7XSZbOxulLYXI6rVL+4m9XrpfqrZbiIiKhHxUUShWba29c3e/Z3P3vtjtfju/1tflwZ1fq3293Y/P/h3/vczcx+uXb56ez6J2Sg3ylrPo5eSNn8rJBGv9KOz50RSGPYIeBoLv56+Vsv9qxHxTj3/xcg1IvvnygsXivHBPye1/evOldcHOVag96rVYu0eWKkCmZOLiHIkuemISLdzuenp9DP89fx47qfllV+mflxeXfph2DMV0CvlSHY/PTd2duJI/m/l0/wDo6scsfvlwuaN2vZBftijAfqm9dv2N9JVLf9T362/H/IPmSP/kF3yD9kl/zACOsyu/EN2dZP/F/s0JmAw3P9hhBWbG5W2xfIP2SX/MKL+a/fU6WHyD9nVmn8AIFuqY8N+AhkYlmHPPwAAAAAAAAAAAAAAAAAAwHEbpe3F5jKoPi/+HbH/SUQU2vWfr/8ecfNt4+P3klq1x5K0WVe+favLA3TpVM+evi511Oqlm73qvzOX3uzPcX87vHviP2d9KaJSqzxTKBy//pLG9de5l59QXvy+yw6e0dG3An781WD7P+rh5nD7n9uJOF+bf2bazT+5eK2+bj//lFtfsdyhnx90eQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAG5lEAAAD//4oibec=")
symlink(&(0x7f0000000540)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000800)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
symlink(&(0x7f0000001f80)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000dc0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x0)
rename(&(0x7f00000003c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000f40)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000680)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x804051, 0x0, 0x1, 0x0, &(0x7f0000000d40))

139.201079ms ago: executing program 4 (id=1137):
r0 = syz_open_procfs(0x0, &(0x7f00000009c0)='net/tcp6\x00')
read$FUSE(r0, &(0x7f00000082c0)={0x2020}, 0x2020)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r1, 0x0)
read$FUSE(r0, &(0x7f0000012400)={0x2020}, 0x2020)

101.913099ms ago: executing program 2 (id=1138):
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000580)='./file1\x00', 0x800040, &(0x7f0000000340), 0x1, 0x597, &(0x7f0000000b80)="$eJzs3U1sG2UaAOB3xvH2L9t0pV1pd9VDtYtUpKpO0h8onNorolKlHpC4lMhxoyhOHMUONFEO6b1C9IAA9VJucOAI4sABcUHiwpULiDNSRSOQmh7AyH9pm9jBKXWdxs8jjT3ffON5v2/G73hmNCMHMLCO1V7SiP9ExKUkYuShuqFoVh5rzLe+tpK/v7aST6JavfxzEklE3FtbybfmT5rvhyJiNSL+HRFfZSNOpFvjlpeWZyaKxcJCszxamZ0fLS8tn5yenZgqTBXmTr/40tlzZ86Onxrv3Pjszvp644ebb9/49pXbNz/+5Ohq/t2JJM7HcLPu4X48SY11ko3zm6af6UWwPkr63QAeS6aZ57VU+leMRKaZ9e1UR55q04Aeq+6LqO5Esrqj2YHdLNlZ/gN7Rus4oHb+2xoeOUDI9Pb4486FxglILe56c2jUDDWuTcT++rnJwV+SR85MauebR3rbNAbA6vWIGBsa2vr9T5rfv8c39iQaSE99eaGxobZu/3Rj/xNt9j/DrWunf1Fr/7e+Zf/3IH6mw/7vUpcxfnv9xw86xr8e8d+28ZON+Emb+GlEvNFl/FuvfX6uU131w4jj0T5+S7L99eHRq9PFwljjtW2ML44ffXm7/h/sEL9xzXZ//Wem3fqf77L/n3396f9Wt4n//P+33/7t1v+BiHiny/j/uPfRq53q7lxP7taOAna6/WvTbncZ/4Xzx77vUHWgy0UAAAAAAAAAAABtpPV72ZI0tzGeprlc4xnef8bBtFgqV05cLS3OTTbueTsS2bR1p9VIo5zUyuPN+3Fb5VObyqdb9xFnDtTLuXypONnnvgMAAAAAAAAAAAAAAAAAAMBucWjT8/+/ZurP/2/+u2pgr+r8l9/AXif/YXA9mv9JxL6+NQV4yvz+w8Cqyn8YXPIfBpf8h8El/2FwyX8YXPIfBpf8BwAAAAAAAAAAAAAAAAAAAAAAAACAnrh08WJtqN5fW8nXypNDS4szpTdPThbKM7nZxXwuX1qYz02VSlPFQi5fmv2z5RVLpfmxmFu8NloplCuj5aXlK7OlxbnKlenZianClUL2qfQKAAAAAAAAAAAAAAAAAAAAni3D9SFJcxGR1sfTNJeL+HtEHIlscnW6WBiLiMMR8V0mu69WHu93owEAAAAAAAAAAAAAAAAAAGCPKS8tz0wUi4WFARkZ2jLlm84zR8Tqk21GbYk7/lS2ua12yzp81kYObz9PJvrewt040ucdEwAAAAAAAAAAAAAAAAAADKAHD/12+4nfe9sgAAAAAAAAAAAAAAAAAAAAGEjpT0lE1IbjI88Nb679W7Keqb9HxFu3Lr93baJSWRivTb+7Mb3yfnP6qX60H+hWK09beQwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8UF5anpkoFgsLPRzpdx8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHscfAQAA//+aXtbd")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x441, 0x14a)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x0)
writev(r0, &(0x7f0000000500)=[{&(0x7f0000000200)="9c56790c1eeb8b93da2a29ed5b22fd3105333f318708f9811865b543c99a6a0f966f9d9a8f533e0999f78e573a85b30c3a821782637179d3540cafd937a57da15cdcd33eb8e5bf40a540404550311bebcfe42f53af50c1c7dfb5849bad4146360f7bf76032132e070d150b8ed791bee105d95d581a6c85945da6c54763994f7fd6047308f74fc4237f3a2ce9944c48f31fd7889648f028f2dd89cf51a6059efe58490356124e084f545ec7f602b04978f8fed598ad0aa5ccc971c8c4270bcd60f703c91674697b8850c2d9365caaa7a64e344e929c95d3446a2fed38fbef48a9ce12362a7525f010dc873c9e4354793487be50df3b69366c1d91bfd27b1a", 0xfe}, {&(0x7f0000002740)="29c28554527a20976257237687df86789151860c5da997c97d362938633891c49407672ee55c8cac7098e0a7adc7e5ad8d76a8707ed59d68b01877bf01edd86e75d9ec1e7e05789ce563162cc2e17d75b1808d5b9f65ce4840201510d62c4f98f19843b1b646e5fe7e1a6c471ddbdc154272d6ce27eb88825f1697c330ce79c71457bd9e0cec2c09ffbe5fc98163a1584b27c7739c7eb6326f08d4ea7dc2114c394d7042b205b06209c25b4ba9af3158ca66531e55f19e0a1164d18aed7f0bdf9dce1809645b6bed4daaa6625bfef9b0f594d571089ad27e8250cfd1c3c663a66b039773a7343fe88e41a039643a989cc5e9d0b5bc51e137514aa91c951cc46cadf8b4d01c1c4bd12a1061077628df1d06a20a6716e2e41b94d03236c5782b71e4252a8ac7a6fb9603655b7fb8c6f923038b66c667fbe388d7683e6abeb4f1faa2a4703b41ef5ef491895a0dd6c85b0d3606468d194ad842934737f119c07dd3efbe9e79e63340f8722d7c380d083183d8231f4baa375f4ab4c1e307b12d714bb2dc02290c30857f10b7501d763c08fbde96ba2f17df4039b8d9f6044623c07e2b8ae0ad33dc24f772b55905066992f67b8dfcc00379e565e7a4709c92e0beac4f2b99674c5cfeb3169f3c6349ce84e43cf5e8858ff8b812b2940e40b1dbd4fe23fd8b25352c190cab6be41b1ab6e53a2f024c879b9911c8b8e0e8a5d86293e1a01bfb1fbd0ca640ff484c59660d15c34146a5bf75e9e5bd9aee376cd5d620e3e71d1674e29e32a6f5cb2cdcde6cc75fc077c2c05e0b102b833c604bc861940c592e008bb678d86ac576ac93e4f23caf4a81e0da72ae0defb46304751bf8f484d0bc5b980739e13a99b7bebfd0a0390e2575cafb237efcbd2e9b66df709fcdc68a3f5105a837e3cfe3956991ce97daffc15b4d80ffaa9835988877520a4fab7ed4cbb539348f7c269dce05b8e5c39872feb9e680130125651787c530325601848ebe3eb207e978638053eb8d786ef5001f25f9c052d4de5ec9ad636c31c296993cf993f571bb01b8d0115d8fa453332026eb7127a3ec5e8915", 0x2f9}], 0x2)
pwrite64(r1, &(0x7f00000005c0)='\"', 0x1, 0x4fed0)
fallocate(r0, 0x20, 0x4000, 0x8000)

0s ago: executing program 4 (id=1139):
r0 = add_key$keyring(&(0x7f0000000080), &(0x7f0000001100)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="0e00000004000000080000000c"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r2}, 0x18)
socket$nl_generic(0x10, 0x3, 0x10)
add_key(&(0x7f0000000040)='asymmetric\x00', 0x0, &(0x7f0000000300)='0', 0x1, r0)

kernel console output (not intermixed with test programs):

] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[   89.226225][ T2132] SELinux: failed to load policy
[   89.262077][ T2134] loop2: detected capacity change from 0 to 1024
[   89.272993][ T2134] EXT4-fs: Ignoring removed bh option
[   89.278889][ T2134] EXT4-fs: dax option not supported
[   89.330873][ T2134] loop2: detected capacity change from 0 to 512
[   89.502556][  T284] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[   90.000248][ T2142] tipc: Enabling of bearer <udp:syz1> rejected, already enabled
[   90.302959][  T284] usb 5-1: Using ep0 maxpacket: 32
[   90.313623][  T284] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   90.338356][  T284] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   90.358577][  T284] usb 5-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[   90.372596][  T284] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   90.392996][  T284] usb 5-1: config 0 descriptor??
[   90.400506][  T284] hub 5-1:0.0: USB hub found
[   90.437686][ T2156] loop2: detected capacity change from 0 to 1024
[   90.526408][ T2160] SELinux:  Context } is not valid (left unmapped).
[   90.534453][ T2156] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   90.547122][ T2162] loop5: detected capacity change from 0 to 512
[   90.601017][  T284] hub 5-1:0.0: config failed, hub doesn't have any ports! (err -19)
[   90.626980][ T2162] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[   90.675049][ T2162] EXT4-fs (loop5): Couldn't remount RDWR because of unprocessed orphan inode list.  Please umount/remount instead
[   90.764337][  T549] EXT4-fs (loop5): unmounting filesystem.
[   90.772302][ T2167] loop1: detected capacity change from 0 to 1024
[   90.817552][ T2167] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[   90.842632][ T2167] ext4 filesystem being mounted at /144/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   90.854808][ T2169] kvm: apic: phys broadcast and lowest prio
[   90.904524][   T28] audit: type=1400 audit(1746108021.024:346): avc:  denied  { map } for  pid=2166 comm="syz.1.710" path="/144/file1/file1" dev="loop1" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   90.974457][ T1321] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[   91.004775][  T284] hid-generic 0003:046D:C31C.0008: hidraw0: USB HID v8.00 Device [HID 046d:c31c] on usb-dummy_hcd.4-1/input0
[   91.024147][ T1321] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[   91.036494][   T28] audit: type=1400 audit(1746108021.044:347): avc:  denied  { execute } for  pid=2166 comm="syz.1.710" path="/144/file1/file1" dev="loop1" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   91.094136][ T1321] EXT4-fs (loop1): This should not happen!! Data will be lost
[   91.094136][ T1321] 
[   91.130348][ T2178] loop5: detected capacity change from 0 to 512
[   91.131907][   T28] audit: type=1400 audit(1746108021.204:348): avc:  denied  { read } for  pid=2175 comm="syz.5.714" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   91.138033][ T1321] EXT4-fs (loop1): Total free blocks count 0
[   91.172849][ T2178] EXT4-fs: Ignoring removed mblk_io_submit option
[   91.192644][ T2178] EXT4-fs: Ignoring removed mblk_io_submit option
[   91.210199][ T2178] EXT4-fs (loop5): Test dummy encryption mode enabled
[   91.212566][ T1321] EXT4-fs (loop1): Free/Dirty block details
[   91.232576][ T2178] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[   91.233291][ T1321] EXT4-fs (loop1): free_blocks=4293918720
[   91.272917][ T2178] EXT4-fs (loop5): 1 truncate cleaned up
[   91.278720][ T2178] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[   91.287649][ T1321] EXT4-fs (loop1): dirty_blocks=16
[   91.302613][ T1321] EXT4-fs (loop1): Block reservation details
[   91.325745][  T223] usb 5-1: USB disconnect, device number 5
[   91.342704][ T1321] EXT4-fs (loop1): i_reserved_data_blocks=1
[   91.349487][  T276] EXT4-fs (loop1): unmounting filesystem.
[   91.387137][  T549] EXT4-fs (loop5): unmounting filesystem.
[   91.438220][ T2188] loop5: detected capacity change from 0 to 512
[   91.438978][  T279] EXT4-fs (loop2): unmounting filesystem.
[   91.466957][ T2188] EXT4-fs (loop5): 1 orphan inode deleted
[   91.472866][ T2188] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[   91.482126][ T2188] ext4 filesystem being mounted at /126/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   91.493146][ T1321] Quota error (device loop5): do_check_range: Getting dqdh_entries 15 out of range 0-14
[   91.506717][ T1321] EXT4-fs error (device loop5): ext4_release_dquot:6812: comm kworker/u4:6: Failed to release dquot type 1
[   91.537854][ T2188] EXT4-fs (loop5): shut down requested (0)
[   91.548173][ T2188] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop5 ino=12
[   91.557330][ T2188] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop5 ino=12
[   91.573022][   T28] audit: type=1400 audit(1746108021.694:349): avc:  denied  { setattr } for  pid=2187 comm="syz.5.718" name="file0" dev="loop5" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   91.601467][ T2194] loop2: detected capacity change from 0 to 1024
[   91.632428][ T2194] EXT4-fs: Ignoring removed bh option
[   91.638162][ T2194] EXT4-fs: dax option not supported
[   91.643265][  T549] EXT4-fs (loop5): unmounting filesystem.
[   91.718965][  T306] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[   91.738556][ T2194] loop2: detected capacity change from 0 to 512
[   92.002857][  T306] usb 4-1: Using ep0 maxpacket: 16
[   92.176715][ T2208] xt_CT: You must specify a L4 protocol and not use inversions on it
[   92.394494][ T2210] tipc: Enabling of bearer <udp:syz1> rejected, already enabled
[   92.900069][  T306] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[   92.963348][  T306] usb 4-1: New USB device found, idVendor=1e7d, idProduct=3138, bcdDevice= 0.00
[   92.972571][  T306] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   92.990296][  T306] usb 4-1: config 0 descriptor??
[   93.122159][ T2216] loop4: detected capacity change from 0 to 256
[   93.128959][ T2216] exfat: Deprecated parameter 'utf8'
[   93.148942][ T2216] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d)
[   93.342554][ T2219] xt_CT: You must specify a L4 protocol and not use inversions on it
[   93.682834][  T306] ryos 0003:1E7D:3138.0009: hidraw0: USB HID v0.06 Device [HID 1e7d:3138] on usb-dummy_hcd.3-1/input0
[   93.762788][ T2229] loop5: detected capacity change from 0 to 1024
[   93.845758][ T2229] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[   93.867997][  T306] usb 4-1: USB disconnect, device number 5
[   94.237842][ T2220] loop4: detected capacity change from 0 to 40427
[   94.279079][ T2220] F2FS-fs (loop4): fault_injection options not supported
[   94.308562][ T2220] F2FS-fs (loop4): Image doesn't support compression
[   94.336886][ T2220] F2FS-fs (loop4): Image doesn't support compression
[   94.367222][ T2220] F2FS-fs (loop4): fault_type options not supported
[   94.400741][ T2220] F2FS-fs (loop4): invalid crc value
[   94.425654][ T2220] F2FS-fs (loop4): Found nat_bits in checkpoint
[   94.615493][ T2220] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[   94.726964][  T280] syz-executor: attempt to access beyond end of device
[   94.726964][  T280] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[   94.754041][  T549] EXT4-fs (loop5): unmounting filesystem.
[   94.933441][  T306] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[   94.977255][ T2251] loop5: detected capacity change from 0 to 256
[   94.997066][ T2251] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xd062253d, utbl_chksum : 0xe619d30d)
[   95.037521][ T2251] loop5: Can't mount, would change RO state
[   95.084295][ T2257] loop5: detected capacity change from 0 to 512
[   95.096441][ T2257] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[   95.117460][ T2257] EXT4-fs (loop5): 1 truncate cleaned up
[   95.126697][ T2257] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[   95.136406][  T306] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   95.153607][  T306] usb 3-1: New USB device found, idVendor=046d, idProduct=08c1, bcdDevice=ee.8d
[   95.181963][  T306] usb 3-1: New USB device strings: Mfr=32, Product=0, SerialNumber=9
[   95.210873][  T549] EXT4-fs (loop5): unmounting filesystem.
[   95.216961][  T306] usb 3-1: Manufacturer: syz
[   95.222957][  T306] usb 3-1: SerialNumber: syz
[   95.235992][  T306] usb 3-1: config 0 descriptor??
[   95.383195][  T284] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[   95.423602][ T2264] loop1: detected capacity change from 0 to 1024
[   95.443584][  T752] usb 3-1: USB disconnect, device number 4
[   95.479286][ T2264] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[   95.530615][ T2268] loop4: detected capacity change from 0 to 512
[   95.561569][ T2268] EXT4-fs: Ignoring removed oldalloc option
[   95.572528][  T284] usb 4-1: Using ep0 maxpacket: 16
[   95.581300][  T284] usb 4-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 9.00
[   95.587426][ T2260] loop5: detected capacity change from 0 to 40427
[   95.600217][  T284] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   95.615084][ T2268] EXT4-fs error (device loop4): ext4_xattr_inode_iget:400: comm syz.4.744: Parent and EA inode have the same ino 15
[   95.628139][ T2260] F2FS-fs (loop5): Found nat_bits in checkpoint
[   95.634252][  T284] usb 4-1: Product: syz
[   95.638974][  T284] usb 4-1: Manufacturer: syz
[   95.640146][ T2268] EXT4-fs (loop4): Remounting filesystem read-only
[   95.644025][  T284] usb 4-1: SerialNumber: syz
[   95.660112][  T284] usb 4-1: config 0 descriptor??
[   95.663126][ T2268] EXT4-fs error (device loop4): ext4_xattr_inode_iget:400: comm syz.4.744: Parent and EA inode have the same ino 15
[   95.675009][  T284] ftdi_sio 4-1:0.0: FTDI USB Serial Device converter detected
[   95.693832][ T2268] EXT4-fs (loop4): Remounting filesystem read-only
[   95.697674][  T284] usb 4-1: Detected FT232H
[   95.700498][ T2268] EXT4-fs (loop4): 1 orphan inode deleted
[   95.723283][ T2268] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[   95.733588][ T2260] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[   95.749586][ T2268] EXT4-fs (loop4): unmounting filesystem.
[   95.860813][  T549] syz-executor: attempt to access beyond end of device
[   95.860813][  T549] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[   95.874617][  T284] ftdi_sio ttyUSB0: Unable to read latency timer: -121
[   96.075397][  T284] ftdi_sio ttyUSB0: Unable to write latency timer: -71
[   96.082961][  T284] ftdi_sio 4-1:0.0: GPIO initialisation failed: -71
[   96.105344][  T284] usb 4-1: FTDI USB Serial Device converter now attached to ttyUSB0
[   96.135863][  T284] usb 4-1: USB disconnect, device number 6
[   96.159598][ T2284] loop2: detected capacity change from 0 to 1024
[   96.159751][  T284] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[   96.184661][ T2284] EXT4-fs: Ignoring removed bh option
[   96.221504][ T2284] EXT4-fs: dax option not supported
[   96.230111][  T284] ftdi_sio 4-1:0.0: device disconnected
[   96.279354][ T2284] loop2: detected capacity change from 0 to 512
[   96.371139][   T28] audit: type=1400 audit(1746108026.484:350): avc:  denied  { name_bind } for  pid=2292 comm="syz.5.752" src=20128 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1
[   96.414229][   T28] audit: type=1400 audit(1746108026.484:351): avc:  denied  { node_bind } for  pid=2292 comm="syz.5.752" src=20128 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1
[   96.478501][ T2296] tipc: Enabling of bearer <udp:syz1> rejected, already enabled
[   96.725097][  T276] EXT4-fs (loop1): unmounting filesystem.
[   96.871220][ T2303] usb usb2: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[   97.114188][ T2319] loop2: detected capacity change from 0 to 1024
[   97.120933][ T2319] EXT4-fs: Ignoring removed bh option
[   97.126819][ T2319] EXT4-fs: dax option not supported
[   97.136318][ T2319] loop2: detected capacity change from 0 to 512
[   97.213162][  T324] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[   97.292551][  T284] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[   97.359683][ T2329] loop4: detected capacity change from 0 to 1024
[   97.438615][ T2330] tipc: Enabling of bearer <udp:syz1> rejected, already enabled
[   97.658895][ T2329] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[   97.752547][  T284] usb 4-1: Using ep0 maxpacket: 8
[   97.760160][  T284] usb 4-1: config index 0 descriptor too short (expected 12562, got 18)
[   97.789380][  T284] usb 4-1: config 52 has too many interfaces: 56, using maximum allowed: 32
[   97.816775][  T284] usb 4-1: config 52 has an invalid descriptor of length 52, skipping remainder of the config
[   97.840803][  T284] usb 4-1: config 52 has 0 interfaces, different from the descriptor's value: 56
[   97.862588][  T284] usb 4-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[   97.880008][  T284] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   98.015153][ T2334] IPv6: NLM_F_REPLACE set, but no existing node found!
[   98.224620][  T280] EXT4-fs (loop4): unmounting filesystem.
[   98.311108][  T284] usb 4-1: USB disconnect, device number 7
[   98.348953][ T2343] loop4: detected capacity change from 0 to 1024
[   98.373025][ T2343] EXT4-fs: Ignoring removed bh option
[   98.382802][ T2343] EXT4-fs: dax option not supported
[   98.439492][ T2343] loop4: detected capacity change from 0 to 512
[   98.493157][  T324] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[   98.700606][ T2346] tipc: Enabling of bearer <udp:syz1> rejected, already enabled
[   99.020437][ T2353] loop2: detected capacity change from 0 to 256
[   99.059397][ T2353] exFAT-fs (loop2): failed to load upcase table (idx : 0x0001e4a3, chksum : 0x009ea0b8, utbl_chksum : 0x7319d30d)
[   99.215830][ T2362] loop2: detected capacity change from 0 to 1024
[   99.227039][ T2362] EXT4-fs: Ignoring removed bh option
[   99.232689][ T2362] EXT4-fs: dax option not supported
[   99.417794][ T2366] xt_CT: You must specify a L4 protocol and not use inversions on it
[  102.316439][ T2372] rtc_cmos 00:00: Alarms can be up to one day in the future
[  102.406570][  T324] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  102.497886][ T2380] loop5: detected capacity change from 0 to 1024
[  102.562425][ T2382] xt_CT: You must specify a L4 protocol and not use inversions on it
[  102.711628][   T28] audit: type=1400 audit(1746108032.614:352): avc:  denied  { map } for  pid=2376 comm="syz.3.780" path="/dev/zero" dev="devtmpfs" ino=5 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:zero_device_t tclass=chr_file permissive=1
[  103.094241][  T284] rtc_cmos 00:00: Alarms can be up to one day in the future
[  103.153356][  T284] rtc_cmos 00:00: Alarms can be up to one day in the future
[  103.170984][ T2380] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  103.190343][  T284] rtc_cmos 00:00: Alarms can be up to one day in the future
[  103.220179][   T28] audit: type=1400 audit(1746108033.294:353): avc:  denied  { execute } for  pid=2376 comm="syz.3.780" path="/dev/zero" dev="devtmpfs" ino=5 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:zero_device_t tclass=chr_file permissive=1
[  103.256776][  T284] rtc_cmos 00:00: Alarms can be up to one day in the future
[  103.294459][  T284] rtc rtc0: __rtc_set_alarm: err=-22
[  103.391521][   T28] audit: type=1400 audit(1746108033.474:354): avc:  denied  { mount } for  pid=2391 comm="syz.2.782" name="/" dev="tracefs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=filesystem permissive=1
[  103.535061][   T28] audit: type=1400 audit(1746108033.474:355): avc:  denied  { remount } for  pid=2391 comm="syz.2.782" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=filesystem permissive=1
[  103.692559][   T28] audit: type=1400 audit(1746108033.544:356): avc:  denied  { unmount } for  pid=279 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=filesystem permissive=1
[  103.784613][ T2404] loop3: detected capacity change from 0 to 512
[  103.823589][ T2404] SELinux: security_context_str_to_sid (system_u) failed with errno=-22
[  103.899357][  T549] EXT4-fs (loop5): unmounting filesystem.
[  104.000872][ T2410] syz.4.790[2410] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  104.000973][ T2410] syz.4.790[2410] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  104.082878][ T2421] loop3: detected capacity change from 0 to 1024
[  104.114116][ T2421] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  104.163159][   T28] audit: type=1400 audit(1746108034.284:357): avc:  denied  { unlink } for  pid=277 comm="syz-executor" name="file1" dev="loop3" ino=14 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=lnk_file permissive=1
[  104.190038][  T277] EXT4-fs (loop3): unmounting filesystem.
[  104.222299][ T2434] loop5: detected capacity change from 0 to 128
[  104.229750][ T2435] loop3: detected capacity change from 0 to 256
[  104.256026][ T2434] syz.5.799: attempt to access beyond end of device
[  104.256026][ T2434] loop5: rw=2049, sector=145, nr_sectors = 95 limit=128
[  104.271239][ T2435] exfat: Deprecated parameter 'namecase'
[  104.281282][ T2434] syz.5.799: attempt to access beyond end of device
[  104.281282][ T2434] loop5: rw=0, sector=97, nr_sectors = 32 limit=128
[  104.294716][ T2434] syz.5.799: attempt to access beyond end of device
[  104.294716][ T2434] loop5: rw=0, sector=145, nr_sectors = 88 limit=128
[  104.311446][ T2435] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d)
[  104.358010][   T28] audit: type=1400 audit(1746108034.474:358): avc:  denied  { map } for  pid=2432 comm="syz.3.798" path="/151/file0/cpu.stat" dev="loop3" ino=1048680 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  104.408245][ T2431] loop4: detected capacity change from 0 to 40427
[  104.415627][ T2431] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  104.423770][ T2431] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  104.435053][ T2431] F2FS-fs (loop4): Found nat_bits in checkpoint
[  104.469130][ T2431] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  104.476680][ T2431] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  104.516525][ T2448] loop2: detected capacity change from 0 to 512
[  104.523561][ T2448] SELinux: security_context_str_to_sid (system_u) failed with errno=-22
[  104.577754][   T28] audit: type=1400 audit(1746108034.684:359): avc:  denied  { link } for  pid=2430 comm="syz.4.797" name="file1" dev="loop4" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  104.609913][  T324] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  104.773843][ T2451] syz.2.804[2451] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  104.773949][ T2451] syz.2.804[2451] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  104.788056][  T822] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  104.839255][ T2457] loop5: detected capacity change from 0 to 2048
[  104.842025][ T2459] loop2: detected capacity change from 0 to 1024
[  104.853932][ T2459] EXT4-fs: Ignoring removed nobh option
[  104.859663][ T2459] EXT4-fs: Ignoring removed bh option
[  104.866323][ T2459] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  104.867717][ T2457] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  104.884419][ T2459] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  104.895584][ T2457] EXT4-fs error (device loop5): ext4_find_extent:936: inode #2: comm syz.5.808: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[  104.915216][ T2459] EXT4-fs (loop2): shut down requested (2)
[  104.918807][ T2457] EXT4-fs (loop5): Remounting filesystem read-only
[  104.930514][  T279] EXT4-fs (loop2): unmounting filesystem.
[  104.946802][  T549] EXT4-fs (loop5): unmounting filesystem.
[  105.022803][  T822] usb 4-1: Using ep0 maxpacket: 16
[  105.029075][  T822] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  105.040297][  T822] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  105.050098][  T822] usb 4-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[  105.119679][ T2470] xt_CT: You must specify a L4 protocol and not use inversions on it
[  105.136472][  T752] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  105.227421][  T822] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  105.236497][  T822] usb 4-1: config 0 descriptor??
[  105.382689][  T752] usb 5-1: Using ep0 maxpacket: 8
[  105.389440][  T752] usb 5-1: config index 0 descriptor too short (expected 12562, got 18)
[  105.398481][  T752] usb 5-1: config 52 has too many interfaces: 56, using maximum allowed: 32
[  105.407534][  T752] usb 5-1: config 52 has an invalid descriptor of length 52, skipping remainder of the config
[  105.418155][  T752] usb 5-1: config 52 has 0 interfaces, different from the descriptor's value: 56
[  105.427817][  T752] usb 5-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  105.437319][  T752] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  105.821246][ T2473] loop5: detected capacity change from 0 to 128
[  105.855374][  T752] usb 5-1: USB disconnect, device number 6
[  105.871370][ T2473] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
[  105.901040][ T2473] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  105.909827][ T2473] ext2 filesystem being mounted at /147/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  105.949185][   T28] audit: type=1400 audit(1746108036.064:360): avc:  denied  { create } for  pid=2472 comm="syz.5.821" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=lnk_file permissive=1
[  105.999851][ T2473] EXT4-fs error (device loop5): make_indexed_dir:2333: inode #2: block 63: comm syz.5.821: bad entry in directory: rec_len is smaller than minimal - offset=36, inode=0, rec_len=5, size=1000 fake=1
[  106.032006][  T549] EXT4-fs (loop5): unmounting filesystem.
[  106.221613][ T2483] loop2: detected capacity change from 0 to 256
[  106.321351][ T2485] loop2: detected capacity change from 0 to 8192
[  106.359700][  T822] appleir 0003:05AC:8241.000A: unknown main item tag 0x0
[  106.379776][  T822] appleir 0003:05AC:8241.000A: unknown main item tag 0x0
[  106.388187][  T822] appleir 0003:05AC:8241.000A: item fetching failed at offset 2/5
[  106.396746][  T822] appleir 0003:05AC:8241.000A: parse failed
[  106.403545][  T822] appleir: probe of 0003:05AC:8241.000A failed with error -22
[  106.574105][  T306] usb 4-1: USB disconnect, device number 8
[  106.609333][ T2497] loop4: detected capacity change from 0 to 1024
[  106.626478][ T2497] EXT4-fs: Ignoring removed bh option
[  106.632095][ T2497] EXT4-fs: dax option not supported
[  106.642546][  T752] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  106.650163][  T284] usb 6-1: new low-speed USB device number 5 using dummy_hcd
[  106.664156][   T28] audit: type=1400 audit(1746108036.784:361): avc:  denied  { watch } for  pid=2499 comm="syz.2.820" path="/160" dev="tmpfs" ino=866 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  107.162574][  T752] usb 2-1: Using ep0 maxpacket: 32
[  107.169571][  T284] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  107.185018][  T752] usb 2-1: config 0 has an invalid interface number: 1 but max is 0
[  107.193256][  T752] usb 2-1: config 0 has no interface number 0
[  107.205847][  T284] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 32, setting to 8
[  107.215641][ T2509] loop3: detected capacity change from 0 to 512
[  107.216829][  T752] usb 2-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  107.237944][  T284] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  107.251176][  T752] usb 2-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  107.261408][  T284] usb 6-1: New USB device found, idVendor=06a3, idProduct=0621, bcdDevice= 0.00
[  107.261791][ T2509] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  107.273431][  T752] usb 2-1: New USB device found, idVendor=28bd, idProduct=0094, bcdDevice= 0.00
[  107.287824][  T284] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  107.291348][ T2509] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e040e018, mo2=0002]
[  107.299817][  T284] usb 6-1: config 0 descriptor??
[  107.310321][  T752] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  107.318702][ T2489] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22
[  107.322624][ T2509] System zones: 0-1, 15-15, 18-18, 34-34
[  107.329613][  T752] usb 2-1: config 0 descriptor??
[  107.343071][ T2509] EXT4-fs (loop3): orphan cleanup on readonly fs
[  107.349555][ T2509] EXT4-fs warning (device loop3): ext4_enable_quotas:7024: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  107.364333][ T2509] EXT4-fs (loop3): Cannot turn on quotas: error -22
[  107.371293][ T2509] EXT4-fs error (device loop3): ext4_orphan_get:1426: comm syz.3.824: bad orphan inode 16
[  107.381832][ T2509] ext4_test_bit(bit=15, block=18) = 1
[  107.387539][ T2509] is_bad_inode(inode)=0
[  107.391948][ T2509] NEXT_ORPHAN(inode)=0
[  107.397358][ T2509] max_ino=32
[  107.400639][ T2509] i_nlink=2
[  107.404244][ T2509] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  107.456166][  T277] EXT4-fs error (device loop3): ext4_ext_check_inode:520: inode #13: comm syz-executor: pblk 0 bad header/extent: invalid magic - magic f300, entries 1, max 4(0), depth 0(0)
[  107.474115][  T277] EXT4-fs error (device loop3): ext4_ext_check_inode:520: inode #13: comm syz-executor: pblk 0 bad header/extent: invalid magic - magic f300, entries 1, max 4(0), depth 0(0)
[  107.555127][  T277] EXT4-fs (loop3): unmounting filesystem.
[  107.561924][  T297] tipc: Disabling bearer <udp:syz1>
[  107.571417][  T297] tipc: Left network mode
[  107.702350][ T2503] loop2: detected capacity change from 0 to 131072
[  107.721410][ T2503] F2FS-fs (loop2): Test dummy encryption mode enabled
[  107.741974][   T28] kauditd_printk_skb: 7 callbacks suppressed
[  107.741988][   T28] audit: type=1400 audit(1746108037.854:368): avc:  denied  { bpf } for  pid=2514 comm="syz.4.827" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  107.769990][ T2516] xt_CT: You must specify a L4 protocol and not use inversions on it
[  107.772785][  T284] saitek 0003:06A3:0621.000C: unbalanced collection at end of report description
[  107.788747][ T2503] F2FS-fs (loop2): invalid crc value
[  107.795303][  T284] saitek 0003:06A3:0621.000C: parse failed
[  107.801419][  T284] saitek: probe of 0003:06A3:0621.000C failed with error -22
[  107.808946][   T28] audit: type=1400 audit(1746108037.854:369): avc:  denied  { prog_load } for  pid=2514 comm="syz.4.827" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  107.829769][   T28] audit: type=1400 audit(1746108037.854:370): avc:  denied  { perfmon } for  pid=2514 comm="syz.4.827" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  107.883331][ T2503] F2FS-fs (loop2): Found nat_bits in checkpoint
[  107.891649][   T28] audit: type=1400 audit(1746108037.854:371): avc:  denied  { prog_run } for  pid=2514 comm="syz.4.827" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  107.910607][   T28] audit: type=1400 audit(1746108037.854:372): avc:  denied  { ioctl } for  pid=2487 comm="syz.1.816" path="/dev/raw-gadget" dev="devtmpfs" ino=258 ioctlcmd=0x5502 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  107.936345][   T28] audit: type=1400 audit(1746108038.014:373): avc:  denied  { read } for  pid=84 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1
[  107.962846][   T28] audit: type=1400 audit(1746108038.014:374): avc:  denied  { search } for  pid=84 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  107.988015][  T752] input: HID 28bd:0094 Pen as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.1/0003:28BD:0094.000B/input/input9
[  108.023496][  T752] uclogic 0003:28BD:0094.000B: input,hiddev96,hidraw0: USB HID v0.00 Device [HID 28bd:0094] on usb-dummy_hcd.1-1/input1
[  108.038351][ T2503] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  108.089709][   T28] audit: type=1400 audit(1746108038.014:375): avc:  denied  { open } for  pid=84 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=6 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  108.158403][  T752] usb 6-1: USB disconnect, device number 5
[  108.223439][   T28] audit: type=1400 audit(1746108038.014:376): avc:  denied  { getattr } for  pid=84 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=6 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  108.257701][  T284] usb 2-1: USB disconnect, device number 7
[  108.299879][ T2522] bridge0: port 1(bridge_slave_0) entered blocking state
[  108.316549][ T2522] bridge0: port 1(bridge_slave_0) entered disabled state
[  108.354846][   T28] audit: type=1400 audit(1746108038.054:377): avc:  denied  { write } for  pid=2514 comm="syz.4.827" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1
[  108.378584][ T2522] device bridge_slave_0 entered promiscuous mode
[  108.712635][ T2530] loop5: detected capacity change from 0 to 1024
[  108.735630][ T2530] EXT4-fs: Ignoring removed nobh option
[  108.741748][ T2530] EXT4-fs: Ignoring removed bh option
[  108.748144][ T2530] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  108.774754][ T2530] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  109.928790][ T2522] bridge0: port 2(bridge_slave_1) entered blocking state
[  109.936321][ T2522] bridge0: port 2(bridge_slave_1) entered disabled state
[  109.950243][  T549] EXT4-fs (loop5): unmounting filesystem.
[  109.958511][ T2522] device bridge_slave_1 entered promiscuous mode
[  110.933542][  T297] device bridge_slave_1 left promiscuous mode
[  110.933608][  T297] bridge0: port 2(bridge_slave_1) entered disabled state
[  110.934110][  T297] device bridge_slave_0 left promiscuous mode
[  110.934188][  T297] bridge0: port 1(bridge_slave_0) entered disabled state
[  110.935573][  T297] device veth1_macvtap left promiscuous mode
[  110.935634][  T297] device veth0_vlan left promiscuous mode
[  111.136789][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  111.137069][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  111.157190][ T1215] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  111.157519][ T1215] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  111.157707][ T1215] bridge0: port 1(bridge_slave_0) entered blocking state
[  111.157725][ T1215] bridge0: port 1(bridge_slave_0) entered forwarding state
[  111.158236][ T1215] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  111.160528][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  111.160805][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  111.160998][   T10] bridge0: port 2(bridge_slave_1) entered blocking state
[  111.161015][   T10] bridge0: port 2(bridge_slave_1) entered forwarding state
[  111.223845][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  111.340432][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  111.357407][ T1215] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  111.362603][ T2522] device veth0_vlan entered promiscuous mode
[  111.365713][ T1215] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  111.366108][ T1215] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  111.366312][ T1215] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  111.379786][ T2522] device veth1_macvtap entered promiscuous mode
[  111.383786][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  111.394772][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  111.395049][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  111.396376][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  111.396656][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  111.440824][ T2557] loop5: detected capacity change from 0 to 256
[  111.520456][ T2546] loop2: detected capacity change from 0 to 40427
[  111.572104][ T2561] loop1: detected capacity change from 0 to 1024
[  111.572381][ T2561] EXT4-fs: Ignoring removed bh option
[  111.572416][ T2561] EXT4-fs: dax option not supported
[  111.620937][ T2546] F2FS-fs (loop2): Found nat_bits in checkpoint
[  111.636759][  T324] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  111.654249][ T2559] loop1: detected capacity change from 0 to 512
[  111.752584][ T2546] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  111.823346][ T2571] tipc: Enabling of bearer <udp:syz1> rejected, already enabled
[  111.872574][  T284] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[  111.973056][ T2577] loop5: detected capacity change from 0 to 512
[  111.986244][ T2577] EXT4-fs: Ignoring removed i_version option
[  112.000689][ T2577] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  112.028024][ T2577] EXT4-fs (loop5): 1 truncate cleaned up
[  112.033875][ T2577] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  112.069097][  T549] EXT4-fs (loop5): unmounting filesystem.
[  112.092585][  T284] usb 7-1: Using ep0 maxpacket: 8
[  112.101012][  T284] usb 7-1: config index 0 descriptor too short (expected 12562, got 18)
[  112.109787][  T284] usb 7-1: config 52 has too many interfaces: 56, using maximum allowed: 32
[  112.118951][  T284] usb 7-1: config 52 has an invalid descriptor of length 52, skipping remainder of the config
[  112.129795][  T284] usb 7-1: config 52 has 0 interfaces, different from the descriptor's value: 56
[  112.130148][  T279] syz-executor: attempt to access beyond end of device
[  112.130148][  T279] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  112.139697][  T284] usb 7-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  112.162428][  T284] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  112.312743][  T752] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  112.372595][ T1096] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  112.380596][ T2590] loop1: detected capacity change from 0 to 512
[  112.389987][ T2590] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -13
[  112.398714][ T2590] EXT4-fs warning (device loop1): ext4_block_to_path:107: block 3279945729 > max in inode 13
[  112.409182][ T2590] EXT4-fs warning (device loop1): ext4_block_to_path:107: block 3279945730 > max in inode 13
[  112.419603][ T2590] EXT4-fs (loop1): 1 truncate cleaned up
[  112.425389][ T2590] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  112.439412][ T2590] fscrypt (loop1, inode 2): Error -61 getting encryption context
[  112.442809][ T2593] loop2: detected capacity change from 0 to 1024
[  112.457167][  T276] EXT4-fs (loop1): unmounting filesystem.
[  112.471649][ T2593] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  112.480482][ T2593] ext4 filesystem being mounted at /165/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  112.522592][  T752] usb 5-1: Using ep0 maxpacket: 16
[  112.529576][  T279] EXT4-fs (loop2): unmounting filesystem.
[  112.536166][  T752] usb 5-1: config 0 has an invalid interface number: 41 but max is 0
[  112.545588][  T752] usb 5-1: config 0 has no interface number 0
[  112.566314][  T752] usb 5-1: config 0 interface 41 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16
[  112.576438][  T752] usb 5-1: config 0 interface 41 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64
[  112.582561][ T1096] usb 6-1: Using ep0 maxpacket: 16
[  112.593228][  T752] usb 5-1: config 0 interface 41 has no altsetting 0
[  112.594190][ T1096] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  112.606229][  T284] usb 7-1: USB disconnect, device number 2
[  112.626935][ T2601] loop2: detected capacity change from 0 to 512
[  112.627548][  T752] usb 5-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=d1.9a
[  112.638569][ T1096] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  112.652896][  T752] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  112.655889][ T1096] usb 6-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[  112.670545][  T752] usb 5-1: Product: syz
[  112.675632][  T752] usb 5-1: Manufacturer: syz
[  112.680434][  T752] usb 5-1: SerialNumber: syz
[  112.680688][ T1096] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  112.694094][ T2601] EXT4-fs warning (device loop2): ext4_multi_mount_protect:298: Invalid MMP block in superblock
[  112.704977][  T752] usb 5-1: config 0 descriptor??
[  112.710634][ T2583] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  112.713800][ T1096] usb 6-1: config 0 descriptor??
[  112.726043][ T2583] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  112.793837][   T28] kauditd_printk_skb: 49 callbacks suppressed
[  112.793852][   T28] audit: type=1400 audit(1746108042.914:427): avc:  denied  { write } for  pid=2596 comm="syz.1.850" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  112.821358][   T28] audit: type=1400 audit(1746108042.944:428): avc:  denied  { nlmsg_write } for  pid=2596 comm="syz.1.850" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  112.958600][ T2583] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  112.967726][ T2583] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  113.191509][   T28] audit: type=1400 audit(1746108043.304:429): avc:  denied  { write } for  pid=2606 comm="syz.6.853" name="cgroup.subtree_control" dev="cgroup2" ino=252 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  113.258010][   T28] audit: type=1400 audit(1746108043.344:430): avc:  denied  { open } for  pid=2606 comm="syz.6.853" path="<too_long>" dev="cgroup2" ino=252 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  113.304614][ T2605] loop2: detected capacity change from 0 to 131072
[  113.314756][ T2605] F2FS-fs (loop2): invalid crc value
[  113.321259][ T1096] appleir 0003:05AC:8241.000D: unknown main item tag 0x0
[  113.328467][ T1096] appleir 0003:05AC:8241.000D: unknown main item tag 0x0
[  113.341224][ T2605] F2FS-fs (loop2): Found nat_bits in checkpoint
[  113.371639][ T1096] appleir 0003:05AC:8241.000D: item fetching failed at offset 2/5
[  113.379765][ T1096] appleir 0003:05AC:8241.000D: parse failed
[  113.385842][ T1096] appleir: probe of 0003:05AC:8241.000D failed with error -22
[  113.386805][  T752] CoreChips: probe of 5-1:0.41 failed with error -71
[  113.415088][ T2605] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4
[  113.423462][   T45] Bluetooth: hci0: sending frame failed (-49)
[  113.429634][ T2575] Bluetooth: hci0: Opcode 0x1003 failed: -49
[  113.438639][  T752] usb 5-1: USB disconnect, device number 7
[  113.533611][  T284] usb 6-1: USB disconnect, device number 6
[  113.582613][    T6] usb 7-1: new full-speed USB device number 3 using dummy_hcd
[  113.756627][ T2625] loop2: detected capacity change from 0 to 40427
[  113.764686][ T2625] F2FS-fs (loop2): invalid crc value
[  113.771152][ T2625] F2FS-fs (loop2): Found nat_bits in checkpoint
[  113.778695][    T6] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64
[  113.789875][    T6] usb 7-1: New USB device found, idVendor=5543, idProduct=0003, bcdDevice= 0.00
[  113.798983][    T6] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  113.807297][  T306] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  113.812325][ T2625] F2FS-fs (loop2): Start checkpoint disabled!
[  113.815977][    T6] usb 7-1: config 0 descriptor??
[  113.826495][ T2609] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[  113.827053][ T2625] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[  113.853683][ T2625] syz.2.857: attempt to access beyond end of device
[  113.853683][ T2625] loop2: rw=2049, sector=77824, nr_sectors = 800 limit=40427
[  113.869455][ T2625] syz.2.857: attempt to access beyond end of device
[  113.869455][ T2625] loop2: rw=2049, sector=77824, nr_sectors = 128 limit=40427
[  113.903023][   T10] kworker/u4:1: attempt to access beyond end of device
[  113.903023][   T10] loop2: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  113.937099][   T28] audit: type=1400 audit(1746108044.054:431): avc:  denied  { write } for  pid=2628 comm="syz.4.860" name="kvm" dev="devtmpfs" ino=83 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  114.023747][  T306] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  114.037701][  T306] usb 2-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  114.050377][  T306] usb 2-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  114.073713][  T306] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  114.083922][  T306] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  114.092298][  T306] usb 2-1: Product: syz
[  114.099107][  T306] usb 2-1: Manufacturer: syz
[  114.103986][  T306] usb 2-1: SerialNumber: syz
[  114.166141][ T2639] loop2: detected capacity change from 0 to 256
[  114.249673][ T2641] loop2: detected capacity change from 0 to 256
[  114.257934][    T6] uclogic 0003:5543:0003.000E: item fetching failed at offset 0/1
[  114.272762][    T6] uclogic 0003:5543:0003.000E: parse failed
[  114.282581][    T6] uclogic: probe of 0003:5543:0003.000E failed with error -22
[  114.290521][ T2641] exfat: Deprecated parameter 'utf8'
[  114.309019][ T2632] loop4: detected capacity change from 0 to 40427
[  114.316858][ T2641] exfat: Deprecated parameter 'utf8'
[  114.323664][ T2641] exfat: Deprecated parameter 'namecase'
[  114.330254][  T306] usblp 2-1:1.0: usblp0: USB Unidirectional printer dev 8 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  114.343284][ T2632] F2FS-fs (loop4): fault_injection options not supported
[  114.359895][ T2641] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d)
[  114.368358][ T2632] F2FS-fs (loop4): invalid crc value
[  114.391298][ T2632] F2FS-fs (loop4): Found nat_bits in checkpoint
[  114.399778][   T28] audit: type=1400 audit(1746108044.524:432): avc:  denied  { write } for  pid=2640 comm="syz.2.864" name="/" dev="loop2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  114.437504][   T28] audit: type=1400 audit(1746108044.524:433): avc:  denied  { add_name } for  pid=2640 comm="syz.2.864" name="cpu.stat" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  114.463323][  T306] usb 7-1: USB disconnect, device number 3
[  114.478401][   T28] audit: type=1400 audit(1746108044.524:434): avc:  denied  { associate } for  pid=2640 comm="syz.2.864" name="cpu.stat" scontext=root:object_r:unlabeled_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  114.500429][   T28] audit: type=1400 audit(1746108044.534:435): avc:  denied  { read append } for  pid=2640 comm="syz.2.864" path="/171/file0/cpu.stat" dev="loop2" ino=1048688 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  114.525346][   T28] audit: type=1400 audit(1746108044.544:436): avc:  denied  { map } for  pid=2640 comm="syz.2.864" path="/171/file0/cpu.stat" dev="loop2" ino=1048688 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  114.597272][ T2632] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  114.606764][ T2501] usb 2-1: USB disconnect, device number 8
[  114.813956][ T2621] usblp0: removed
[  114.884106][  T280] syz-executor: attempt to access beyond end of device
[  114.884106][  T280] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  114.926453][ T2637] loop5: detected capacity change from 0 to 131072
[  115.229538][ T2637] F2FS-fs (loop5): Found nat_bits in checkpoint
[  115.279794][ T2637] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  115.361828][ T2664] loop4: detected capacity change from 0 to 512
[  115.368795][ T2664] EXT4-fs: Ignoring removed orlov option
[  115.375504][ T2664] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[  115.384610][ T2664] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[  115.407135][ T2664] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2186: inode #15: comm syz.4.867: corrupted in-inode xattr
[  115.436665][ T2664] EXT4-fs error (device loop4): ext4_orphan_get:1405: comm syz.4.867: couldn't read orphan inode 15 (err -117)
[  115.461565][ T2664] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  115.531057][  T280] EXT4-fs (loop4): unmounting filesystem.
[  115.683000][ T2668] loop6: detected capacity change from 0 to 40427
[  115.718924][ T2668] F2FS-fs (loop6): fault_injection options not supported
[  115.770065][ T2668] F2FS-fs (loop6): heap/no_heap options were deprecated
[  115.777196][ T2668] F2FS-fs (loop6): Image doesn't support compression
[  115.837200][ T2668] F2FS-fs (loop6): invalid crc value
[  115.854566][ T2668] F2FS-fs (loop6): Found nat_bits in checkpoint
[  115.907462][ T2675] loop4: detected capacity change from 0 to 40427
[  115.918781][ T2675] F2FS-fs (loop4): fault_injection options not supported
[  115.926926][ T2675] F2FS-fs (loop4): invalid crc value
[  115.943410][ T2675] F2FS-fs (loop4): Found nat_bits in checkpoint
[  116.041375][ T2675] F2FS-fs (loop4): Start checkpoint disabled!
[  116.106243][ T2668] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  116.150146][ T2675] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6
[  116.223956][ T2668] syz.6.871: attempt to access beyond end of device
[  116.223956][ T2668] loop6: rw=2049, sector=45096, nr_sectors = 112 limit=40427
[  116.270535][ T2522] syz-executor: attempt to access beyond end of device
[  116.270535][ T2522] loop6: rw=2049, sector=45208, nr_sectors = 8 limit=40427
[  116.340336][ T1215] kworker/u4:5: attempt to access beyond end of device
[  116.340336][ T1215] loop4: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  116.791185][ T2707] loop6: detected capacity change from 0 to 1024
[  116.922539][ T2501] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  117.026167][ T2682] loop5: detected capacity change from 0 to 131072
[  117.035460][ T2707] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[  117.044883][ T2707] ext4 filesystem being mounted at /7/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  117.056775][ T2682] F2FS-fs (loop5): Test dummy encryption mode enabled
[  117.068156][    T8] EXT4-fs error (device loop6): ext4_validate_block_bitmap:438: comm kworker/u4:0: bg 0: block 393: padding at end of block bitmap is not set
[  117.111164][ T2682] F2FS-fs (loop5): invalid crc value
[  117.123149][ T2501] usb 3-1: Using ep0 maxpacket: 32
[  117.140213][ T2501] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  117.169611][    T8] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 2050 with max blocks 1 with error 28
[  117.193008][ T2501] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  117.202572][    T8] EXT4-fs (loop6): This should not happen!! Data will be lost
[  117.202572][    T8] 
[  117.212565][ T2501] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  117.212596][ T2501] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  117.216895][ T2501] usb 3-1: config 0 descriptor??
[  117.226174][    T8] EXT4-fs (loop6): Total free blocks count 0
[  117.241464][ T2682] F2FS-fs (loop5): Found nat_bits in checkpoint
[  117.260198][    T8] EXT4-fs (loop6): Free/Dirty block details
[  117.279942][    T8] EXT4-fs (loop6): free_blocks=0
[  117.285689][    T8] EXT4-fs (loop6): dirty_blocks=16
[  117.290824][    T8] EXT4-fs (loop6): Block reservation details
[  117.296939][    T8] EXT4-fs (loop6): i_reserved_data_blocks=1
[  117.314752][ T2522] EXT4-fs (loop6): unmounting filesystem.
[  117.323886][ T2682] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  117.372259][ T2724] loop6: detected capacity change from 0 to 256
[  117.405020][ T2724] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0x88000078, utbl_chksum : 0xe619d30d)
[  117.610487][ T2736] loop1: detected capacity change from 0 to 16
[  117.624435][ T2736] erofs: (device loop1): mounted with root inode @ nid 36.
[  117.644644][ T2736] erofs: (device loop1): z_erofs_readahead: readahead error at page 86 @ nid 36
[  117.646292][ T2501] savu 0003:1E7D:2D5A.000F: hiddev96,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.2-1/input0
[  117.654152][ T2736] erofs: (device loop1): z_erofs_readahead: readahead error at page 84 @ nid 36
[  117.674713][ T2736] erofs: (device loop1): z_erofs_readahead: readahead error at page 80 @ nid 36
[  117.683911][ T2736] erofs: (device loop1): z_erofs_readahead: readahead error at page 74 @ nid 36
[  117.693335][ T2736] erofs: (device loop1): z_erofs_readahead: readahead error at page 72 @ nid 36
[  117.702569][ T2736] erofs: (device loop1): z_erofs_readahead: readahead error at page 70 @ nid 36
[  117.711639][ T2736] erofs: (device loop1): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  117.720969][ T2736] erofs: (device loop1): z_erofs_readahead: readahead error at page 63 @ nid 36
[  117.730049][ T2736] erofs: (device loop1): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  117.739572][ T2736] erofs: (device loop1): z_erofs_readahead: readahead error at page 62 @ nid 36
[  117.748814][ T2736] erofs: (device loop1): z_erofs_readahead: readahead error at page 58 @ nid 36
[  117.757979][ T2736] erofs: (device loop1): z_erofs_readahead: readahead error at page 57 @ nid 36
[  117.767122][ T2736] erofs: (device loop1): z_erofs_readahead: readahead error at page 54 @ nid 36
[  117.776183][ T2736] erofs: (device loop1): z_erofs_readahead: readahead error at page 53 @ nid 36
[  117.785244][ T2736] erofs: (device loop1): z_erofs_readahead: readahead error at page 52 @ nid 36
[  117.794312][ T2736] erofs: (device loop1): z_erofs_readahead: readahead error at page 51 @ nid 36
[  117.803376][ T2736] erofs: (device loop1): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  117.812713][ T2736] erofs: (device loop1): z_erofs_readahead: readahead error at page 50 @ nid 36
[  117.821806][ T2736] erofs: (device loop1): z_erofs_readahead: readahead error at page 47 @ nid 36
[  117.830945][ T2736] erofs: (device loop1): z_erofs_readahead: readahead error at page 46 @ nid 36
[  117.840095][ T2736] erofs: (device loop1): z_erofs_readahead: readahead error at page 40 @ nid 36
[  117.849289][ T2736] erofs: (device loop1): z_erofs_readahead: readahead error at page 39 @ nid 36
[  117.858499][ T2736] erofs: (device loop1): z_erofs_readahead: readahead error at page 38 @ nid 36
[  117.867592][ T2736] erofs: (device loop1): z_erofs_readahead: readahead error at page 34 @ nid 36
[  117.876799][ T2736] erofs: (device loop1): z_erofs_readahead: readahead error at page 32 @ nid 36
[  117.885913][ T2736] erofs: (device loop1): z_erofs_readahead: readahead error at page 30 @ nid 36
[  117.895023][ T2736] erofs: (device loop1): z_erofs_readahead: readahead error at page 27 @ nid 36
[  117.904098][ T2736] erofs: (device loop1): z_erofs_readahead: readahead error at page 26 @ nid 36
[  117.913344][ T2736] erofs: (device loop1): z_erofs_readahead: readahead error at page 25 @ nid 36
[  117.922543][ T2736] erofs: (device loop1): z_erofs_readahead: readahead error at page 24 @ nid 36
[  117.931712][ T2736] erofs: (device loop1): z_erofs_readahead: readahead error at page 23 @ nid 36
[  117.940809][ T2736] erofs: (device loop1): z_erofs_readahead: readahead error at page 22 @ nid 36
[  117.949958][ T2736] erofs: (device loop1): z_erofs_readahead: readahead error at page 21 @ nid 36
[  117.959123][ T2736] erofs: (device loop1): z_erofs_readahead: readahead error at page 20 @ nid 36
[  117.968206][ T2736] erofs: (device loop1): z_erofs_readahead: readahead error at page 18 @ nid 36
[  117.977346][ T2736] erofs: (device loop1): z_erofs_readahead: readahead error at page 12 @ nid 36
[  117.986462][ T2736] erofs: (device loop1): z_erofs_readahead: readahead error at page 10 @ nid 36
[  117.995797][ T2736] erofs: (device loop1): z_erofs_readahead: readahead error at page 6 @ nid 36
[  118.004827][ T2736] erofs: (device loop1): z_erofs_readahead: readahead error at page 4 @ nid 36
[  118.013899][ T2736] erofs: (device loop1): z_erofs_do_map_blocks: invalid logical cluster 0 at nid 36
[  118.014210][   T28] kauditd_printk_skb: 17 callbacks suppressed
[  118.014226][   T28] audit: type=1400 audit(1746108048.134:454): avc:  denied  { read write } for  pid=2741 comm="syz.4.895" name="uinput" dev="devtmpfs" ino=262 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  118.023323][ T2736] erofs: (device loop1): z_erofs_readahead: readahead error at page 0 @ nid 36
[  118.023394][ T2736] syz.1.893: attempt to access beyond end of device
[  118.023394][ T2736] loop1: rw=524288, sector=1049264, nr_sectors = 16 limit=16
[  118.059503][   T28] audit: type=1400 audit(1746108048.144:455): avc:  denied  { open } for  pid=2741 comm="syz.4.895" path="/dev/uinput" dev="devtmpfs" ino=262 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  118.061853][ T2736] syz.1.893: attempt to access beyond end of device
[  118.061853][ T2736] loop1: rw=524288, sector=6520, nr_sectors = 16 limit=16
[  118.095336][   T28] audit: type=1400 audit(1746108048.144:456): avc:  denied  { ioctl } for  pid=2741 comm="syz.4.895" path="/dev/uinput" dev="devtmpfs" ino=262 ioctlcmd=0x5568 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  118.099099][ T2736] syz.1.893: attempt to access beyond end of device
[  118.099099][ T2736] loop1: rw=524288, sector=34359736328, nr_sectors = 16 limit=16
[  118.152740][ T2736] syz.1.893: attempt to access beyond end of device
[  118.152740][ T2736] loop1: rw=524288, sector=720, nr_sectors = 16 limit=16
[  118.166287][ T2736] syz.1.893: attempt to access beyond end of device
[  118.166287][ T2736] loop1: rw=524288, sector=536576856, nr_sectors = 16 limit=16
[  118.180540][ T2736] syz.1.893: attempt to access beyond end of device
[  118.180540][ T2736] loop1: rw=524288, sector=13478624032, nr_sectors = 8 limit=16
[  118.194811][ T2736] syz.1.893: attempt to access beyond end of device
[  118.194811][ T2736] loop1: rw=524288, sector=13716630376, nr_sectors = 8 limit=16
[  118.209162][ T2736] syz.1.893: attempt to access beyond end of device
[  118.209162][ T2736] loop1: rw=524288, sector=133693448, nr_sectors = 8 limit=16
[  118.223171][ T2736] syz.1.893: attempt to access beyond end of device
[  118.223171][ T2736] loop1: rw=524288, sector=790384, nr_sectors = 16 limit=16
[  118.236992][ T2736] syz.1.893: attempt to access beyond end of device
[  118.236992][ T2736] loop1: rw=524288, sector=72, nr_sectors = 16 limit=16
[  118.253249][ T2501] usb 3-1: USB disconnect, device number 5
[  118.751652][ T2762] xt_CT: You must specify a L4 protocol and not use inversions on it
[  119.028241][ T2764] xt_CT: You must specify a L4 protocol and not use inversions on it
[  122.441810][ T2783] loop1: detected capacity change from 0 to 1024
[  122.533046][ T2783] EXT4-fs: Ignoring removed bh option
[  122.538507][ T2783] EXT4-fs: dax option not supported
[  122.595502][   T28] audit: type=1400 audit(1746108052.714:457): avc:  denied  { append } for  pid=2790 comm="syz.6.909" name="ptp0" dev="devtmpfs" ino=264 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  122.629937][ T2796] loop4: detected capacity change from 0 to 512
[  122.637676][   T28] audit: type=1400 audit(1746108052.734:458): avc:  denied  { open } for  pid=2790 comm="syz.6.909" path="/dev/ptp0" dev="devtmpfs" ino=264 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  122.661393][ T2796] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  122.668773][   T28] audit: type=1400 audit(1746108052.744:459): avc:  denied  { ioctl } for  pid=2790 comm="syz.6.909" path="/dev/ptp0" dev="devtmpfs" ino=264 ioctlcmd=0x3d01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  122.673400][ T2796] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem
[  122.710506][ T2773] loop1: detected capacity change from 0 to 512
[  122.735042][ T2796] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended
[  122.744673][ T2796] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006]
[  122.753510][ T2796] System zones: 0-2, 18-18, 34-35
[  122.759585][ T2796] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  122.806843][   T28] audit: type=1400 audit(1746108052.924:460): avc:  denied  { map } for  pid=2795 comm="syz.4.912" path="/214/file0/file1" dev="loop4" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  122.836434][ T2796] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.912: bg 0: block 353: padding at end of block bitmap is not set
[  122.852888][ T2799] xt_CT: You must specify a L4 protocol and not use inversions on it
[  122.860808][ T2796] syz.4.912 (2796) used greatest stack depth: 20720 bytes left
[  122.870099][  T280] EXT4-fs (loop4): unmounting filesystem.
[  124.106094][ T2816] xt_CT: You must specify a L4 protocol and not use inversions on it
[  124.114793][  T486] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  124.268168][ T2820] loop1: detected capacity change from 0 to 512
[  124.295108][ T2820] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  124.304182][ T2820] ext4 filesystem being mounted at /177/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  124.329141][ T2820] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.918: bg 0: block 217: padding at end of block bitmap is not set
[  124.334563][ T2824] loop4: detected capacity change from 0 to 1024
[  124.349926][   T28] audit: type=1400 audit(1746108054.464:461): avc:  denied  { create } for  pid=2819 comm="syz.1.918" name=2E02 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=lnk_file permissive=1
[  124.356197][ T2824] EXT4-fs: Ignoring removed bh option
[  124.376532][ T2824] EXT4-fs: dax option not supported
[  124.377130][  T276] EXT4-fs (loop1): unmounting filesystem.
[  124.503538][  T486] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  124.514050][  T486] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 2
[  124.523220][  T486] usb 6-1: config 1 has no interface number 0
[  124.529826][  T486] usb 6-1: config 1 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  124.541137][  T486] usb 6-1: Duplicate descriptor for config 1 interface 1 altsetting 0, skipping
[  124.551006][  T486] usb 6-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[  124.561229][  T486] usb 6-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0
[  124.571240][  T486] usb 6-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  124.659613][  T486] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  124.672279][  T486] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  124.683348][  T486] usb 6-1: Product: syz
[  124.687893][  T486] usb 6-1: Manufacturer: syz
[  124.696231][  T486] usb 6-1: SerialNumber: syz
[  125.162540][ T1310] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[  125.305107][ T2841] loop1: detected capacity change from 0 to 1024
[  125.311831][ T2841] EXT4-fs: Ignoring removed bh option
[  125.317785][ T2841] EXT4-fs: dax option not supported
[  125.327407][ T2841] loop1: detected capacity change from 0 to 512
[  125.407624][ T1310] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  125.418689][ T1310] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  125.428538][ T1310] usb 7-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  125.437669][ T1310] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  125.452907][ T1310] usb 7-1: config 0 descriptor??
[  125.709626][  T486] cdc_ncm 6-1:1.1: bind() failure
[  125.816995][ T2839] loop4: detected capacity change from 0 to 40427
[  125.909195][ T2839] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  126.016797][ T2839] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  126.024591][  T486] usb 6-1: USB disconnect, device number 7
[  126.047304][ T2839] F2FS-fs (loop4): invalid crc value
[  126.054482][ T2839] F2FS-fs (loop4): Found nat_bits in checkpoint
[  126.098345][ T2839] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  126.105659][ T2839] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  126.157734][   T28] audit: type=1400 audit(1746108056.274:462): avc:  denied  { remove_name } for  pid=2838 comm="syz.4.924" name="bus" dev="loop4" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  126.180480][   T28] audit: type=1400 audit(1746108056.274:463): avc:  denied  { unlink } for  pid=2838 comm="syz.4.924" name="bus" dev="loop4" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  126.935400][ T1310] usb 7-1: string descriptor 0 read error: -22
[  126.948083][ T2855] loop1: detected capacity change from 0 to 256
[  126.968803][ T2855] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  127.014780][ T2857] loop1: detected capacity change from 0 to 128
[  127.032573][ T2857] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  127.042352][ T2857] ext4 filesystem being mounted at /181/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  127.075269][   T28] audit: type=1400 audit(1746108057.194:464): avc:  denied  { create } for  pid=2856 comm="syz.1.929" name="encrypted_dir" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[  127.098417][ T2857] fscrypt (loop1, inode 12): Mutually exclusive encryption flags (0x1f)
[  127.115256][  T276] EXT4-fs (loop1): unmounting filesystem.
[  127.147736][ T1310] input: HID 256c:006d Pen as /devices/platform/dummy_hcd.6/usb7/7-1/7-1:0.0/0003:256C:006D.0010/input/input11
[  127.161832][   T28] audit: type=1400 audit(1746108057.284:465): avc:  denied  { write } for  pid=2861 comm="syz.4.928" path="socket:[29530]" dev="sockfs" ino=29530 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  127.193340][ T1310] input: HID 256c:006d Pad as /devices/platform/dummy_hcd.6/usb7/7-1/7-1:0.0/0003:256C:006D.0010/input/input12
[  127.214042][ T1310] input: HID 256c:006d Touch Strip as /devices/platform/dummy_hcd.6/usb7/7-1/7-1:0.0/0003:256C:006D.0010/input/input13
[  127.229341][ T1310] input: HID 256c:006d Dial as /devices/platform/dummy_hcd.6/usb7/7-1/7-1:0.0/0003:256C:006D.0010/input/input14
[  127.231293][   T28] audit: type=1400 audit(1746108057.354:466): avc:  denied  { read write } for  pid=2868 comm="syz.1.933" name="ppp" dev="devtmpfs" ino=158 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  127.259552][ T1310] uclogic 0003:256C:006D.0010: input,hiddev96,hidraw0: USB HID v0.00 Keypad [HID 256c:006d] on usb-dummy_hcd.6-1/input0
[  127.276612][   T28] audit: type=1400 audit(1746108057.364:467): avc:  denied  { open } for  pid=2868 comm="syz.1.933" path="/dev/ppp" dev="devtmpfs" ino=158 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  127.301766][   T28] audit: type=1400 audit(1746108057.374:468): avc:  denied  { ioctl } for  pid=2868 comm="syz.1.933" path="/dev/ppp" dev="devtmpfs" ino=158 ioctlcmd=0x743e scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  127.372786][    T6] usb 7-1: USB disconnect, device number 4
[  127.390861][ T2876] loop1: detected capacity change from 0 to 512
[  127.397551][ T2876] EXT4-fs: Ignoring removed mblk_io_submit option
[  127.404320][ T2876] EXT4-fs: Ignoring removed i_version option
[  127.410430][ T2876] ext4: Unknown parameter 'smackfsroot'
[  127.452551][  T486] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  127.452557][ T2501] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  127.579126][ T2885] loop1: detected capacity change from 0 to 512
[  127.586262][ T2885] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  127.597602][ T2885] EXT4-fs (loop1): 1 truncate cleaned up
[  127.603328][ T2885] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  127.622085][  T276] EXT4-fs (loop1): unmounting filesystem.
[  127.636494][   T28] audit: type=1400 audit(1746108057.754:469): avc:  denied  { read write } for  pid=2888 comm="syz.1.941" name="uhid" dev="devtmpfs" ino=267 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  127.660414][   T28] audit: type=1400 audit(1746108057.754:470): avc:  denied  { open } for  pid=2888 comm="syz.1.941" path="/dev/uhid" dev="devtmpfs" ino=267 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  127.661979][  T486] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  127.685916][ T2501] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  127.694540][  T486] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  127.694569][  T486] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  127.706058][ T2501] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  127.714563][  T486] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  127.732667][ T2501] usb 3-1: config 1 interface 0 altsetting 0 has an invalid endpoint with address 0x0, skipping
[  127.736948][  T486] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  127.745754][ T2501] usb 3-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  127.760667][  T486] usb 5-1: config 0 descriptor??
[  127.764967][ T2501] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  127.790881][ T2501] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  127.799011][ T2501] usb 3-1: SerialNumber: syz
[  128.008573][ T2501] usb 3-1: 0:2 : does not exist
[  128.016336][ T2501] usb 3-1: unit 5 not found!
[  128.043203][ T2501] usb 3-1: USB disconnect, device number 6
[  128.175676][ T2894] loop6: detected capacity change from 0 to 40427
[  128.183072][ T2894] F2FS-fs (loop6): fault_injection options not supported
[  128.184058][  T486] plantronics 0003:047F:FFFF.0011: unknown main item tag 0x0
[  128.197894][  T486] plantronics 0003:047F:FFFF.0011: unknown main item tag 0x0
[  128.205371][ T2894] F2FS-fs (loop6): invalid crc value
[  128.210752][  T486] plantronics 0003:047F:FFFF.0011: unknown main item tag 0x0
[  128.218306][  T486] plantronics 0003:047F:FFFF.0011: unknown main item tag 0x0
[  128.226454][  T486] plantronics 0003:047F:FFFF.0011: unknown main item tag 0x0
[  128.234181][  T486] plantronics 0003:047F:FFFF.0011: unknown main item tag 0x0
[  128.241925][  T486] plantronics 0003:047F:FFFF.0011: unknown main item tag 0x0
[  128.241950][ T2894] F2FS-fs (loop6): Found nat_bits in checkpoint
[  128.283895][  T486] plantronics 0003:047F:FFFF.0011: unknown main item tag 0x0
[  128.293405][  T486] plantronics 0003:047F:FFFF.0011: unknown main item tag 0x0
[  128.301668][  T486] plantronics 0003:047F:FFFF.0011: unknown main item tag 0x0
[  128.309291][  T486] plantronics 0003:047F:FFFF.0011: unknown main item tag 0x0
[  128.316824][ T2894] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  128.324915][  T486] plantronics 0003:047F:FFFF.0011: No inputs registered, leaving
[  128.342410][ T2904] loop5: detected capacity change from 0 to 512
[  128.349171][  T486] plantronics 0003:047F:FFFF.0011: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[  128.349464][ T2904] EXT4-fs: Ignoring removed mblk_io_submit option
[  128.419310][ T2904] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  128.486137][  T549] EXT4-fs (loop5): unmounting filesystem.
[  128.497686][ T2907] loop2: detected capacity change from 0 to 7
[  128.514847][  T486] usb 5-1: USB disconnect, device number 8
[  128.526268][  T337] Bluetooth: hci0: Frame reassembly failed (-84)
[  128.552366][ T2909] loop1: detected capacity change from 0 to 1024
[  128.559386][ T2909] EXT4-fs: Ignoring removed bh option
[  128.565637][ T2914] loop6: detected capacity change from 0 to 512
[  128.566657][ T2909] EXT4-fs: dax option not supported
[  128.592990][ T2916] loop2: detected capacity change from 0 to 256
[  128.600795][ T2909] loop1: detected capacity change from 0 to 512
[  128.602772][ T2914] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  128.620037][ T2916] FAT-fs (loop2): Directory bread(block 64) failed
[  128.626908][ T2916] FAT-fs (loop2): Directory bread(block 65) failed
[  128.634372][ T2916] FAT-fs (loop2): Directory bread(block 66) failed
[  128.640924][ T2916] FAT-fs (loop2): Directory bread(block 67) failed
[  128.649044][ T2914] EXT4-fs (loop6): 1 truncate cleaned up
[  128.651093][ T2916] FAT-fs (loop2): Directory bread(block 68) failed
[  128.655220][ T2914] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[  128.661548][ T2916] FAT-fs (loop2): Directory bread(block 69) failed
[  128.681309][ T2916] FAT-fs (loop2): Directory bread(block 70) failed
[  128.688148][ T2916] FAT-fs (loop2): Directory bread(block 71) failed
[  128.694908][ T2916] FAT-fs (loop2): Directory bread(block 72) failed
[  128.701455][ T2916] FAT-fs (loop2): Directory bread(block 73) failed
[  128.736780][ T2522] EXT4-fs (loop6): unmounting filesystem.
[  128.762268][ T2920] loop6: detected capacity change from 0 to 128
[  128.771345][ T2920] EXT4-fs (loop6): Test dummy encryption mode enabled
[  128.781976][ T2920] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[  128.791172][ T2920] ext4 filesystem being mounted at /21/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  129.202266][ T2522] EXT4-fs (loop6): unmounting filesystem.
[  129.347973][ T2937] loop2: detected capacity change from 0 to 512
[  129.354971][ T2937] EXT4-fs: Ignoring removed orlov option
[  129.369570][ T2939] loop4: detected capacity change from 0 to 2048
[  129.374824][ T2937] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  129.392749][ T2937] ext4 filesystem being mounted at /186/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  129.745857][ T2939] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  130.215306][   T28] kauditd_printk_skb: 15 callbacks suppressed
[  130.215322][   T28] audit: type=1400 audit(1746108060.334:486): avc:  denied  { mounton } for  pid=2938 comm="syz.4.959" path="/221/file0/file0" dev="loop4" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  130.256241][  T279] EXT4-fs (loop2): unmounting filesystem.
[  130.294125][   T28] audit: type=1400 audit(1746108060.374:487): avc:  denied  { ioctl } for  pid=2938 comm="syz.4.959" path="/221/file0/file0/.pending_reads" dev="incremental-fs" ino=2 ioctlcmd=0x671e scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  130.411225][   T28] audit: type=1400 audit(1746108060.384:488): avc:  denied  { rmdir } for  pid=280 comm="syz-executor" name="lost+found" dev="loop4" ino=11 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  130.434881][   T28] audit: type=1400 audit(1746108060.394:489): avc:  denied  { rmdir } for  pid=280 comm="syz-executor" name=".index" dev="loop4" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[  130.457442][   T28] audit: type=1400 audit(1746108060.394:490): avc:  denied  { unlink } for  pid=280 comm="syz-executor" name="file0" dev="loop4" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  130.831485][ T2617] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  130.831662][ T2575] Bluetooth: hci0: command 0x1003 tx timeout
[  130.928228][   T28] audit: type=1400 audit(1746108060.394:491): avc:  denied  { unlink } for  pid=280 comm="syz-executor" name="file1" dev="loop4" ino=14 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=lnk_file permissive=1
[  130.944936][ T2956] loop6: detected capacity change from 0 to 512
[  130.953120][  T280] EXT4-fs (loop4): unmounting filesystem.
[  131.052132][ T2956] EXT4-fs error (device loop6): ext4_xattr_inode_iget:404: comm syz.6.966: inode #1: comm syz.6.966: iget: illegal inode #
[  131.299935][ T2956] EXT4-fs error (device loop6): ext4_xattr_inode_iget:409: comm syz.6.966: error while reading EA inode 1 err=-117
[  131.325299][   T28] audit: type=1400 audit(1746108061.274:492): avc:  denied  { read } for  pid=2958 comm="syz.2.962" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  131.366206][ T2956] EXT4-fs (loop6): 1 orphan inode deleted
[  131.372089][ T2956] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[  131.389544][ T2956] EXT4-fs error (device loop6): htree_dirblock_to_tree:1112: inode #2: block 13: comm syz.6.966: bad entry in directory: rec_len is smaller than minimal - offset=76, inode=0, rec_len=0, size=1024 fake=0
[  131.418601][ T2522] EXT4-fs (loop6): unmounting filesystem.
[  131.608461][ T2966] loop5: detected capacity change from 0 to 256
[  131.620624][   T28] audit: type=1400 audit(1746108061.744:493): avc:  denied  { create } for  pid=2968 comm="syz.1.968" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  131.651188][   T28] audit: type=1400 audit(1746108061.764:494): avc:  denied  { connect } for  pid=2968 comm="syz.1.968" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  131.666461][ T2966] FAT-fs (loop5): Directory bread(block 64) failed
[  131.679974][ T2973] loop2: detected capacity change from 0 to 256
[  131.699684][ T2966] FAT-fs (loop5): Directory bread(block 65) failed
[  131.714967][ T2966] FAT-fs (loop5): Directory bread(block 66) failed
[  131.722966][ T2976] loop2: detected capacity change from 0 to 128
[  131.727725][ T2974] loop1: detected capacity change from 0 to 8192
[  131.729289][ T2966] FAT-fs (loop5): Directory bread(block 67) failed
[  131.743517][ T2976] EXT4-fs (loop2): Test dummy encryption mode enabled
[  131.745025][ T2966] FAT-fs (loop5): Directory bread(block 68) failed
[  131.756688][ T2976] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  131.759540][ T2966] FAT-fs (loop5): Directory bread(block 69) failed
[  131.766264][ T2976] ext4 filesystem being mounted at /190/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  131.772928][ T2966] FAT-fs (loop5): Directory bread(block 70) failed
[  131.783058][   T28] audit: type=1400 audit(1746108061.904:495): avc:  denied  { mounton } for  pid=2972 comm="syz.1.972" path="/195/file1/bus" dev="loop1" ino=1048696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=file permissive=1
[  131.801849][ T2966] FAT-fs (loop5): Directory bread(block 71) failed
[  131.820205][ T2966] FAT-fs (loop5): Directory bread(block 72) failed
[  131.827140][ T2966] FAT-fs (loop5): Directory bread(block 73) failed
[  131.829854][  T276] FAT-fs (loop1): error, corrupted directory (invalid entries)
[  131.833803][ T2976] EXT4-fs (loop2): re-mounted. Quota mode: none.
[  131.841396][  T276] FAT-fs (loop1): Filesystem has been set read-only
[  131.854954][  T276] FAT-fs (loop1): error, corrupted directory (invalid entries)
[  131.875460][ T2976] EXT4-fs (loop2): re-mounted. Quota mode: none.
[  131.882646][ T2501] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[  131.899748][  T279] EXT4-fs (loop2): unmounting filesystem.
[  131.909015][   T10] tipc: Disabling bearer <udp:syz1>
[  131.925508][   T10] tipc: Left network mode
[  131.958586][ T2981] loop5: detected capacity change from 0 to 512
[  131.996427][ T2981] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  132.015723][ T2981] ext4 filesystem being mounted at /169/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  132.064277][ T2981] EXT4-fs error (device loop5): ext4_empty_dir:3136: inode #12: comm syz.5.976: invalid size
[  132.083874][ T2501] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  132.102551][ T2501] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  132.122574][ T2501] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  132.152532][ T2501] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  132.162668][ T2979] loop2: detected capacity change from 0 to 40427
[  132.176648][ T2979] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  132.184639][ T2501] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  132.189342][ T2979] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  132.203171][  T549] EXT4-fs (loop5): unmounting filesystem.
[  132.217006][ T2501] usb 7-1: config 0 descriptor??
[  133.218310][ T2979] F2FS-fs (loop2): Found nat_bits in checkpoint
[  133.574008][ T2979] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  133.584772][ T2979] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  133.717351][ T2501] plantronics 0003:047F:FFFF.0012: unknown main item tag 0x0
[  133.737954][ T2501] plantronics 0003:047F:FFFF.0012: unknown main item tag 0x0
[  133.745724][ T2501] plantronics 0003:047F:FFFF.0012: unknown main item tag 0x0
[  133.753428][ T2501] plantronics 0003:047F:FFFF.0012: unknown main item tag 0x0
[  133.760913][ T2501] plantronics 0003:047F:FFFF.0012: unknown main item tag 0x0
[  133.769261][ T2501] plantronics 0003:047F:FFFF.0012: unknown main item tag 0x0
[  133.776975][ T2501] plantronics 0003:047F:FFFF.0012: unknown main item tag 0x0
[  133.784668][ T2501] plantronics 0003:047F:FFFF.0012: unknown main item tag 0x0
[  133.785025][ T2994] bridge0: port 1(bridge_slave_0) entered blocking state
[  133.792130][ T2501] plantronics 0003:047F:FFFF.0012: unknown main item tag 0x0
[  133.802690][ T2994] bridge0: port 1(bridge_slave_0) entered disabled state
[  133.808359][ T2501] plantronics 0003:047F:FFFF.0012: unknown main item tag 0x0
[  133.815041][ T2994] device bridge_slave_0 entered promiscuous mode
[  133.828800][   T10] device bridge_slave_1 left promiscuous mode
[  133.829474][ T2501] plantronics 0003:047F:FFFF.0012: unknown main item tag 0x0
[  133.835675][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[  133.846712][ T2501] plantronics 0003:047F:FFFF.0012: No inputs registered, leaving
[  133.859776][ T2501] plantronics 0003:047F:FFFF.0012: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.6-1/input0
[  133.872714][   T10] device bridge_slave_0 left promiscuous mode
[  133.885017][ T2979] bio_check_eod: 12 callbacks suppressed
[  133.885033][ T2979] syz.2.975: attempt to access beyond end of device
[  133.885033][ T2979] loop2: rw=2049, sector=77824, nr_sectors = 2048 limit=40427
[  133.890861][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[  133.911939][ T2979] syz.2.975: attempt to access beyond end of device
[  133.911939][ T2979] loop2: rw=2049, sector=79872, nr_sectors = 2048 limit=40427
[  133.931082][ T2979] syz.2.975: attempt to access beyond end of device
[  133.931082][ T2979] loop2: rw=2049, sector=49152, nr_sectors = 1744 limit=40427
[  133.945232][   T10] device veth1_macvtap left promiscuous mode
[  133.955711][   T10] device veth0_vlan left promiscuous mode
[  133.959204][ T2501] usb 7-1: USB disconnect, device number 5
[  134.065623][ T2994] bridge0: port 2(bridge_slave_1) entered blocking state
[  134.074940][ T2994] bridge0: port 2(bridge_slave_1) entered disabled state
[  134.082779][ T2994] device bridge_slave_1 entered promiscuous mode
[  134.172047][ T2994] bridge0: port 2(bridge_slave_1) entered blocking state
[  134.179200][ T2994] bridge0: port 2(bridge_slave_1) entered forwarding state
[  134.186573][ T2994] bridge0: port 1(bridge_slave_0) entered blocking state
[  134.193816][ T2994] bridge0: port 1(bridge_slave_0) entered forwarding state
[  134.203617][  T337] bridge0: port 1(bridge_slave_0) entered disabled state
[  134.211039][  T337] bridge0: port 2(bridge_slave_1) entered disabled state
[  134.241127][  T337] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  134.249339][  T337] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  134.264453][  T337] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  134.326120][  T337] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  134.330782][ T3009] loop2: detected capacity change from 0 to 40427
[  134.336433][  T337] bridge0: port 1(bridge_slave_0) entered blocking state
[  134.347903][  T337] bridge0: port 1(bridge_slave_0) entered forwarding state
[  134.357255][  T337] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  134.361132][ T3009] F2FS-fs (loop2): invalid crc value
[  134.365882][  T337] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  134.379429][  T337] bridge0: port 2(bridge_slave_1) entered blocking state
[  134.386525][  T337] bridge0: port 2(bridge_slave_1) entered forwarding state
[  134.402674][  T337] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  134.410260][ T3009] F2FS-fs (loop2): Found nat_bits in checkpoint
[  134.451506][ T3009] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  134.473718][  T337] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  134.482196][  T337] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  134.490548][  T337] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  134.522980][  T337] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  134.562261][ T3016] loop5: detected capacity change from 0 to 40427
[  134.573442][ T3016] F2FS-fs (loop5): heap/no_heap options were deprecated
[  134.580538][  T337] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  134.590205][ T3016] F2FS-fs (loop5): invalid crc value
[  134.603680][ T3016] F2FS-fs (loop5): Found nat_bits in checkpoint
[  134.621010][ T2994] device veth0_vlan entered promiscuous mode
[  134.643810][  T337] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  134.651045][ T3021] syz.2.983: attempt to access beyond end of device
[  134.651045][ T3021] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  134.652429][  T337] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  134.682738][ T3016] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  134.707656][  T337] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  134.721863][  T337] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  134.735025][ T2994] device veth1_macvtap entered promiscuous mode
[  134.752304][  T337] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  134.760698][  T337] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  134.769301][  T337] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  134.781373][  T549] syz-executor: attempt to access beyond end of device
[  134.781373][  T549] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  134.785647][  T337] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  134.806562][  T337] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  134.816659][  T337] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  134.992286][ T2501] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[  135.092930][  T337] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  135.920058][   T28] kauditd_printk_skb: 6 callbacks suppressed
[  135.920073][   T28] audit: type=1400 audit(1746108066.034:502): avc:  denied  { create } for  pid=3028 comm="syz.7.978" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  135.970322][   T28] audit: type=1400 audit(1746108066.074:503): avc:  denied  { ioctl } for  pid=3028 comm="syz.7.978" path="socket:[31041]" dev="sockfs" ino=31041 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  136.000190][   T28] audit: type=1400 audit(1746108066.074:504): avc:  denied  { connect } for  pid=3028 comm="syz.7.978" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  136.020153][   T28] audit: type=1400 audit(1746108066.074:505): avc:  denied  { write } for  pid=3028 comm="syz.7.978" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  136.048813][ T3031] loop7: detected capacity change from 0 to 1024
[  136.062934][ T3031] EXT4-fs: Ignoring removed bh option
[  136.068528][ T3031] EXT4-fs: dax option not supported
[  136.128129][ T3031] loop7: detected capacity change from 0 to 512
[  136.225214][ T3034] loop4: detected capacity change from 0 to 512
[  136.273628][ T3036] loop2: detected capacity change from 0 to 1024
[  136.280781][ T3036] EXT4-fs: Ignoring removed bh option
[  136.317224][ T2501] usb 7-1: Using ep0 maxpacket: 8
[  136.322427][ T3036] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  136.335019][ T2501] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  136.335408][ T3034] EXT4-fs (loop4): orphan cleanup on readonly fs
[  136.353111][ T3034] EXT4-fs error (device loop4): ext4_quota_enable:6976: comm syz.4.991: Bad quota inum: 11, type: 1
[  136.356474][ T2501] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  136.364600][ T3034] EXT4-fs warning (device loop4): ext4_enable_quotas:7024: Failed to enable quota tracking (type=1, err=-117, ino=11). Please run e2fsck to fix.
[  136.389507][ T3034] EXT4-fs (loop4): Cannot turn on quotas: error -117
[  136.396852][ T3034] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  136.455169][ T3040] tipc: Started in network mode
[  136.460363][ T3040] tipc: Node identity 00000000000000000000000000000001, cluster identity 4711
[  136.470036][ T3040] tipc: New replicast peer: fe80:0000:0000:0000:0000:0000:0000:00bb
[  136.479172][ T3040] tipc: Enabled bearer <udp:syz1>, priority 10
[  136.629021][ T2501] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  136.642003][ T2501] usb 7-1: New USB device found, idVendor=046d, idProduct=c293, bcdDevice= 0.00
[  136.648021][ T3043] loop5: detected capacity change from 0 to 256
[  136.651135][ T2501] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  136.664243][ T3036] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  136.666650][ T2501] usb 7-1: config 0 descriptor??
[  136.703099][ T3036] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:3841: comm syz.2.988: Allocating blocks 497-513 which overlap fs metadata
[  136.714181][ T3034] EXT4-fs (loop4): shut down requested (1)
[  136.723882][ T3036] EXT4-fs (loop2): pa ffff8881149530a8: logic 256, phys. 385, len 8
[  136.725881][ T3034] EXT4-fs (loop4): warning: mounting fs with errors, running e2fsck is recommended
[  136.731951][ T3036] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:4881: group 0, free 0, pa_free 1
[  136.753263][ T3034] EXT4-fs warning (device loop4): ext4_enable_quotas:7024: Failed to enable quota tracking (type=1, err=-117, ino=11). Please run e2fsck to fix.
[  136.782380][  T280] EXT4-fs (loop4): unmounting filesystem.
[  136.807250][  T279] EXT4-fs (loop2): unmounting filesystem.
[  136.831419][ T3049] loop4: detected capacity change from 0 to 1024
[  136.848175][ T3049] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  136.848517][ T3051] loop2: detected capacity change from 0 to 2048
[  136.859327][ T3049] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  136.876606][ T3049] JBD2: no valid journal superblock found
[  136.885346][ T3049] EXT4-fs (loop4): error loading journal
[  136.926422][ T3055] loop5: detected capacity change from 0 to 256
[  136.935497][ T2501] usbhid 7-1:0.0: can't add hid device: -71
[  136.941828][ T2501] usbhid: probe of 7-1:0.0 failed with error -71
[  136.958367][ T3055] exFAT-fs (loop5): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[  136.973337][ T3051] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  137.008089][ T3051] incfs: iterate_incfs_dir / -22
[  137.016195][ T2501] usb 7-1: USB disconnect, device number 6
[  137.026460][ T3059] loop7: detected capacity change from 0 to 512
[  137.046858][  T279] EXT4-fs (loop2): unmounting filesystem.
[  137.055667][ T3059] EXT4-fs: Ignoring removed mblk_io_submit option
[  137.069879][ T3061] loop4: detected capacity change from 0 to 256
[  137.095975][ T3059] EXT4-fs error (device loop7): ext4_get_branch:178: inode #13: block 2: comm syz.7.996: invalid block
[  137.109578][ T3066] loop5: detected capacity change from 0 to 256
[  137.117180][ T3066] exFAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  137.117174][ T3059] EXT4-fs error (device loop7): ext4_free_branches:1030: inode #13: comm syz.7.996: invalid indirect mapped block 10 (level 1)
[  137.132169][ T3059] EXT4-fs error (device loop7): ext4_free_branches:1030: inode #13: comm syz.7.996: invalid indirect mapped block 8 (level 1)
[  137.167669][ T3059] EXT4-fs (loop7): 1 truncate cleaned up
[  137.173448][ T3059] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[  137.202147][ T3066] exFAT-fs (loop5): Medium has reported failures. Some data may be lost.
[  137.271603][ T3070] loop4: detected capacity change from 0 to 128
[  137.290651][   T28] audit: type=1400 audit(1746108067.404:506): avc:  denied  { mounton } for  pid=3069 comm="syz.4.1001" path="/230/file0/file0" dev="loop4" ino=1048713 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=dir permissive=1
[  137.311097][ T2994] EXT4-fs (loop7): unmounting filesystem.
[  137.320505][ T3066] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  137.333137][   T28] audit: type=1400 audit(1746108067.444:507): avc:  denied  { write } for  pid=3071 comm="syz.2.1003" name="001" dev="devtmpfs" ino=179 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  137.397477][ T3076] loop7: detected capacity change from 0 to 1024
[  137.414303][   T28] audit: type=1400 audit(1746108067.534:508): avc:  denied  { bind } for  pid=3079 comm="syz.4.1004" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  137.431686][ T3076] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  137.445159][   T28] audit: type=1400 audit(1746108067.534:509): avc:  denied  { name_bind } for  pid=3079 comm="syz.4.1004" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=rawip_socket permissive=1
[  137.445378][   T28] audit: type=1400 audit(1746108067.534:510): avc:  denied  { node_bind } for  pid=3079 comm="syz.4.1004" saddr=ff02::1 src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=rawip_socket permissive=1
[  137.472283][ T3084] loop2: detected capacity change from 0 to 1024
[  137.517233][ T3083] loop6: detected capacity change from 0 to 16
[  137.521768][ T3084] EXT4-fs: Ignoring removed bh option
[  137.537401][ T3084] EXT4-fs: dax option not supported
[  137.548406][ T3083] erofs: (device loop6): mounted with root inode @ nid 36.
[  137.593945][  T408] tipc: Node number set to 1
[  137.609916][ T3076] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[  137.616640][ T3093] loop4: detected capacity change from 0 to 128
[  137.625325][ T3076] ext4 filesystem being mounted at /4/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  137.639032][ T3078] loop2: detected capacity change from 0 to 512
[  137.647911][ T3093] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  137.697759][ T3098] loop6: detected capacity change from 0 to 512
[  137.770829][ T3093] ext4 filesystem being mounted at /233/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  137.779794][ T3098] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[  137.782006][ T2994] EXT4-fs (loop7): unmounting filesystem.
[  137.815311][  T280] EXT4-fs (loop4): unmounting filesystem.
[  137.825850][ T3098] EXT4-fs warning (device loop6): dx_probe:869: inode #2: comm syz.6.1013: Unimplemented hash flags: 0x0001
[  137.839371][ T3098] EXT4-fs warning (device loop6): dx_probe:966: inode #2: comm syz.6.1013: Corrupt directory, running e2fsck is recommended
[  137.877322][ T3104] loop4: detected capacity change from 0 to 256
[  137.910873][ T3105] tipc: Enabling of bearer <udp:syz1> rejected, already enabled
[  137.934529][ T3098] EXT4-fs error (device loop6): ext4_readdir:263: inode #2: block 3: comm syz.6.1013: path /29/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=4294967295, rec_len=7, size=1024 fake=0
[  138.053320][ T3102] loop7: detected capacity change from 0 to 40427
[  138.064745][ T2522] EXT4-fs (loop6): unmounting filesystem.
[  138.075487][ T3102] F2FS-fs (loop7): Insane cp_payload (553648128 >= 504)
[  138.086228][ T3102] F2FS-fs (loop7): Can't find valid F2FS filesystem in 1th superblock
[  138.099535][ T3107] loop6: detected capacity change from 0 to 16
[  138.111304][ T3102] F2FS-fs (loop7): invalid crc value
[  138.121416][ T3107] erofs: Unknown parameter 'ÿÿÿÿ'
[  138.128960][ T3102] F2FS-fs (loop7): Found nat_bits in checkpoint
[  138.172250][ T3102] F2FS-fs (loop7): Try to recover 1th superblock, ret: 0
[  138.181017][   T28] audit: type=1400 audit(1746108068.294:511): avc:  denied  { create } for  pid=3106 comm="syz.6.1015" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  138.193718][ T3102] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5
[  138.208622][ T2501] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  138.251968][ T3113] loop6: detected capacity change from 0 to 256
[  138.331172][ T3108] f2fs_ckpt-7:7: attempt to access beyond end of device
[  138.331172][ T3108] loop7: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  138.365235][ T3120] loop6: detected capacity change from 0 to 256
[  138.372309][ T3120] exfat: Deprecated parameter 'utf8'
[  138.378020][ T3120] exfat: Deprecated parameter 'utf8'
[  138.383872][ T3120] exfat: Deprecated parameter 'utf8'
[  138.391674][ T3120] exFAT-fs (loop6): failed to load upcase table (idx : 0x00011f3f, chksum : 0x96b62a4c, utbl_chksum : 0xe619d30d)
[  138.412597][ T2501] usb 5-1: Using ep0 maxpacket: 16
[  138.419119][ T2501] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  138.444637][ T2501] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  138.468440][ T2501] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  138.477284][ T2501] usb 5-1: Product: syz
[  138.481643][ T2501] usb 5-1: Manufacturer: syz
[  138.486305][ T2501] usb 5-1: SerialNumber: syz
[  138.649798][ T3143] loop6: detected capacity change from 0 to 1024
[  138.693651][ T3143] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[  138.717849][ T3154] overlayfs: missing 'lowerdir'
[  138.751751][ T3156] loop5: detected capacity change from 0 to 256
[  138.833261][ T3156] exFAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  138.876447][ T3156] exFAT-fs (loop5): Medium has reported failures. Some data may be lost.
[  138.892769][ T3156] exFAT-fs (loop5): failed to load upcase table (idx : 0x0000ff98, chksum : 0xc64c1d22, utbl_chksum : 0xe619d30d)
[  138.895853][ T2501] usb 5-1: 0:2 : does not exist
[  139.053693][ T3175] device batadv_slave_1 entered promiscuous mode
[  139.073261][ T3174] device batadv_slave_1 left promiscuous mode
[  139.125634][ T3177] loop5: detected capacity change from 0 to 512
[  139.166949][ T3180] loop2: detected capacity change from 0 to 128
[  139.177632][ T3181] loop7: detected capacity change from 0 to 1024
[  139.212789][ T3177] EXT4-fs warning (device loop5): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  139.269894][ T3181] EXT4-fs: Ignoring removed oldalloc option
[  139.287477][ T3184] loop2: detected capacity change from 0 to 512
[  139.298818][ T2501] usb 5-1: 5:0: failed to get current value for ch 0 (-22)
[  139.303696][ T3177] EXT4-fs warning (device loop5): dx_probe:881: Enable large directory feature to access it
[  139.316943][ T2501] usb 5-1: USB disconnect, device number 10
[  139.331850][ T3177] EXT4-fs warning (device loop5): dx_probe:966: inode #2: comm syz.5.1043: Corrupt directory, running e2fsck is recommended
[  139.345717][ T3184] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349)
[  139.369634][ T3177] EXT4-fs (loop5): Cannot turn on journaled quota: type 1: error -117
[  139.387341][ T3184] EXT4-fs (loop2): orphan cleanup on readonly fs
[  139.393064][ T3181] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[  139.393935][ T3184] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:511: comm syz.2.1046: Block bitmap for bg 0 marked uninitialized
[  139.422765][ T3177] EXT4-fs error (device loop5): ext4_xattr_ibody_find:2186: inode #15: comm syz.5.1043: corrupted in-inode xattr
[  139.429020][ T3184] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6170: Corrupt filesystem
[  139.444165][ T3184] EXT4-fs (loop2): 1 orphan inode deleted
[  139.450121][ T3184] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  139.466297][ T3181] EXT4-fs (loop7): Online defrag not supported with bigalloc
[  139.474340][ T3177] EXT4-fs error (device loop5): ext4_orphan_get:1405: comm syz.5.1043: couldn't read orphan inode 15 (err -117)
[  139.486818][ T3177] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  139.503787][ T3184] EXT4-fs (loop2): warning: mounting fs with errors, running e2fsck is recommended
[  139.513575][ T3184] EXT4-fs (loop2): re-mounted. Quota mode: none.
[  139.532236][ T3184] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:511: comm syz.2.1046: Block bitmap for bg 0 marked uninitialized
[  139.536469][ T3177] EXT4-fs error (device loop5): __ext4_remount:6598: comm syz.5.1043: Abort forced by user
[  139.556854][ T3177] EXT4-fs (loop5): Remounting filesystem read-only
[  139.557210][  T324] udevd[324]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[  139.566487][ T2522] EXT4-fs (loop6): unmounting filesystem.
[  139.580639][ T2994] EXT4-fs (loop7): unmounting filesystem.
[  139.592117][ T3177] EXT4-fs (loop5): re-mounted. Quota mode: writeback.
[  139.608110][  T279] EXT4-fs (loop2): unmounting filesystem.
[  139.635178][  T549] EXT4-fs (loop5): unmounting filesystem.
[  139.650459][ T3194] loop2: detected capacity change from 0 to 256
[  139.676053][ T3192] loop6: detected capacity change from 0 to 2048
[  139.698512][ T3196] loop7: detected capacity change from 0 to 1024
[  139.730656][ T3192] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[  139.744679][ T3196] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[  139.863296][ T2522] EXT4-fs (loop6): unmounting filesystem.
[  139.943171][ T2501] hid-generic 0000:0000:0000.0013: unknown main item tag 0x0
[  139.957243][ T3213] loop2: detected capacity change from 0 to 128
[  139.968585][ T2501] hid-generic 0000:0000:0000.0013: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  139.983096][ T3213] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  139.995118][ T3213] ext4 filesystem being mounted at /214/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  140.040600][  T279] EXT4-fs (loop2): unmounting filesystem.
[  140.461952][ T3227] xt_CT: You must specify a L4 protocol and not use inversions on it
[  141.224379][ T3205] loop5: detected capacity change from 0 to 40427
[  141.297269][ T3205] F2FS-fs (loop5): fault_injection options not supported
[  141.313774][ T3205] F2FS-fs (loop5): invalid crc value
[  141.340330][ T3205] F2FS-fs (loop5): Found nat_bits in checkpoint
[  141.420587][ T3205] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  141.451314][ T2994] EXT4-fs (loop7): unmounting filesystem.
[  141.703329][ T3237] loop2: detected capacity change from 0 to 1024
[  141.730482][   T28] kauditd_printk_skb: 21 callbacks suppressed
[  141.730504][   T28] audit: type=1400 audit(1746108071.844:533): avc:  denied  { reparent } for  pid=3204 comm="syz.5.1052" name="file0" dev="loop5" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[  141.763093][ T3237] EXT4-fs: Ignoring removed nomblk_io_submit option
[  141.789093][ T3237] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  141.798048][  T549] syz-executor: attempt to access beyond end of device
[  141.798048][  T549] loop5: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  141.812964][   T28] audit: type=1400 audit(1746108071.884:534): avc:  denied  { mounton } for  pid=3236 comm="syz.2.1062" path="/217/file1" dev="tmpfs" ino=1184 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  141.820931][ T3237] EXT4-fs (loop2): unmounting filesystem.
[  141.835791][   T28] audit: type=1400 audit(1746108071.884:535): avc:  denied  { unmount } for  pid=2522 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  141.857209][ T3246] loop6: detected capacity change from 0 to 1024
[  141.899518][ T3246] EXT4-fs: Ignoring removed bh option
[  141.909284][ T3246] EXT4-fs: dax option not supported
[  141.985271][ T3245] loop6: detected capacity change from 0 to 512
[  142.067348][ T3240] loop7: detected capacity change from 0 to 40427
[  142.103075][ T3240] F2FS-fs (loop7): fault_injection options not supported
[  142.122389][ T3240] F2FS-fs (loop7): Image doesn't support compression
[  142.134419][ T3240] F2FS-fs (loop7): Image doesn't support compression
[  142.142260][  T337] Bluetooth: hci0: Frame reassembly failed (-84)
[  142.149522][ T3240] F2FS-fs (loop7): invalid crc value
[  142.173125][ T3240] F2FS-fs (loop7): Found nat_bits in checkpoint
[  142.218040][ T3240] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5
[  142.293994][ T3262] loop2: detected capacity change from 0 to 256
[  142.324047][ T3262] FAT-fs (loop2): Directory bread(block 64) failed
[  142.330732][ T3262] FAT-fs (loop2): Directory bread(block 65) failed
[  142.333229][ T3240] syz.7.1063: attempt to access beyond end of device
[  142.333229][ T3240] loop7: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  142.338025][ T3262] FAT-fs (loop2): Directory bread(block 66) failed
[  142.358211][ T3262] FAT-fs (loop2): Directory bread(block 67) failed
[  142.365505][ T3262] FAT-fs (loop2): Directory bread(block 68) failed
[  142.368557][ T3240] syz.7.1063: attempt to access beyond end of device
[  142.368557][ T3240] loop7: rw=2049, sector=77824, nr_sectors = 2056 limit=40427
[  142.372267][ T3262] FAT-fs (loop2): Directory bread(block 69) failed
[  142.393016][ T3262] FAT-fs (loop2): Directory bread(block 70) failed
[  142.399635][ T3262] FAT-fs (loop2): Directory bread(block 71) failed
[  142.406382][ T3262] FAT-fs (loop2): Directory bread(block 72) failed
[  142.412996][ T3262] FAT-fs (loop2): Directory bread(block 73) failed
[  142.422006][ T2994] syz-executor: attempt to access beyond end of device
[  142.422006][ T2994] loop7: rw=2049, sector=45112, nr_sectors = 8 limit=40427
[  142.606682][ T3270] loop4: detected capacity change from 0 to 1024
[  142.756230][ T3270] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  142.764911][  T306] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  142.772398][ T3272] loop7: detected capacity change from 0 to 40427
[  142.779555][ T3272] F2FS-fs (loop7): fault_injection options not supported
[  142.787789][ T3272] F2FS-fs (loop7): invalid crc value
[  142.813385][ T3272] F2FS-fs (loop7): Found nat_bits in checkpoint
[  142.854713][ T3272] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5
[  142.856104][   T28] audit: type=1400 audit(1746108072.974:536): avc:  denied  { read write } for  pid=3277 comm="syz.6.1075" name="fuse" dev="devtmpfs" ino=93 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[  142.942552][   T28] audit: type=1400 audit(1746108073.014:537): avc:  denied  { open } for  pid=3277 comm="syz.6.1075" path="/dev/fuse" dev="devtmpfs" ino=93 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[  142.985996][   T28] audit: type=1400 audit(1746108073.034:538): avc:  denied  { unmount } for  pid=2522 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1
[  143.022501][  T306] usb 3-1: Using ep0 maxpacket: 16
[  143.028780][  T306] usb 3-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  143.067636][  T306] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  143.098178][  T306] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  143.129461][  T306] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  143.152536][  T306] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  143.173210][  T306] usb 3-1: Product: syz
[  143.177436][  T306] usb 3-1: Manufacturer: syz
[  143.182053][  T306] usb 3-1: SerialNumber: syz
[  143.250109][   T28] audit: type=1400 audit(1746108073.364:539): avc:  denied  { rmdir } for  pid=3287 comm="syz.7.1077" name="control" dev="incremental-fs" ino=110 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  143.403657][ T3292] loop7: detected capacity change from 0 to 1024
[  143.490735][ T3292] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[  143.528495][ T2994] EXT4-fs (loop7): unmounting filesystem.
[  143.571318][  T280] EXT4-fs (loop4): unmounting filesystem.
[  143.604737][  T306] usb 3-1: 0:2 : does not exist
[  143.663325][ T3294] loop6: detected capacity change from 0 to 40427
[  143.670446][ T3294] F2FS-fs (loop6): Insane cp_payload (553648128 >= 504)
[  143.677550][ T3294] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock
[  143.685863][ T3294] F2FS-fs (loop6): fault_injection options not supported
[  143.693246][ T3294] F2FS-fs (loop6): fault_type options not supported
[  143.700833][ T3294] F2FS-fs (loop6): invalid crc value
[  143.708070][ T3294] F2FS-fs (loop6): Found nat_bits in checkpoint
[  143.743948][ T3294] F2FS-fs (loop6): Try to recover 1th superblock, ret: 0
[  143.751194][ T3294] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  143.792069][ T2522] syz-executor: attempt to access beyond end of device
[  143.792069][ T2522] loop6: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  143.892420][ T3310] loop6: detected capacity change from 0 to 128
[  143.900091][ T3310] FAT-fs (loop6): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  143.912931][ T3310] FAT-fs (loop6): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  143.922519][ T1203] usb 8-1: new full-speed USB device number 2 using dummy_hcd
[  143.948707][ T3312] netlink: 'syz.6.1087': attribute type 4 has an invalid length.
[  144.142537][ T2575] Bluetooth: hci0: command 0x1003 tx timeout
[  144.148696][   T45] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  144.191250][   T28] audit: type=1400 audit(1746108074.304:540): avc:  denied  { bind } for  pid=3319 comm="syz.5.1090" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  144.195668][ T3320] binder: 3319:3320 ioctl c018620b 0 returned -14
[  144.218408][ T1203] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  144.224492][   T28] audit: type=1400 audit(1746108074.304:541): avc:  denied  { read } for  pid=3319 comm="syz.5.1090" name="binder0" dev="binder" ino=7 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  144.240307][ T1203] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  144.253109][   T28] audit: type=1400 audit(1746108074.304:542): avc:  denied  { open } for  pid=3319 comm="syz.5.1090" path="/dev/binderfs/binder0" dev="binder" ino=7 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  144.271872][ T1203] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  144.293801][  T306] usb 3-1: 1:0: failed to get current value for ch 0 (-22)
[  144.307911][ T1203] usb 8-1: New USB device found, idVendor=10c4, idProduct=8acf, bcdDevice= 0.00
[  144.317563][ T1203] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  144.317781][  T306] usb 3-1: USB disconnect, device number 7
[  144.338659][ T1203] usb 8-1: config 0 descriptor??
[  144.362541][  T408] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  144.423325][ T3327] loop5: detected capacity change from 0 to 128
[  144.430119][ T3327] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  144.443028][ T3327] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  144.594046][  T408] usb 5-1: config index 0 descriptor too short (expected 3133, got 61)
[  144.602404][  T408] usb 5-1: config 0 has an invalid interface number: 156 but max is 1
[  144.610649][  T408] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  144.621174][  T408] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 2
[  144.630230][  T408] usb 5-1: config 0 has no interface number 0
[  144.636875][  T408] usb 5-1: config 0 interface 156 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[  144.650513][  T408] usb 5-1: New USB device found, idVendor=abcd, idProduct=cdee, bcdDevice= 5.b9
[  144.663280][ T1203] usbhid 8-1:0.0: can't add hid device: -71
[  144.735771][  T408] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  144.750602][ T1203] usbhid: probe of 8-1:0.0 failed with error -71
[  144.979397][  T408] usb 5-1: config 0 descriptor??
[  144.997762][ T1203] usb 8-1: USB disconnect, device number 2
[  145.006457][  T408] usb 5-1: MIDIStreaming interface descriptor not found
[  145.126356][ T3347] loop2: detected capacity change from 0 to 512
[  145.144832][ T3347] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  145.154235][ T3347] ext4 filesystem being mounted at /226/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  145.201146][ T3341] loop6: detected capacity change from 0 to 40427
[  145.201604][  T279] EXT4-fs (loop2): unmounting filesystem.
[  145.219351][ T3341] F2FS-fs (loop6): Invalid SB checksum offset: 0
[  145.226451][ T3341] F2FS-fs (loop6): Can't find valid F2FS filesystem in 2th superblock
[  145.229760][    T6] usb 5-1: USB disconnect, device number 11
[  145.241588][ T3341] F2FS-fs (loop6): invalid crc value
[  145.258081][ T3341] F2FS-fs (loop6): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[  145.272372][ T3354] input: syz1 as /devices/virtual/input/input15
[  145.298844][ T3341] F2FS-fs (loop6): Try to recover 2th superblock, ret: 0
[  145.310734][ T3341] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  145.394018][ T3341] syz.6.1098: attempt to access beyond end of device
[  145.394018][ T3341] loop6: rw=10241, sector=53248, nr_sectors = 8 limit=40427
[  145.443367][ T2522] syz-executor: attempt to access beyond end of device
[  145.443367][ T2522] loop6: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  145.462617][ T3368] loop7: detected capacity change from 0 to 512
[  145.469612][ T3368] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  145.494000][ T3368] EXT4-fs (loop7): 1 truncate cleaned up
[  145.499709][ T3368] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  145.547498][ T3368] EXT4-fs error (device loop7): ext4_free_branches:1030: inode #16: comm syz.7.1108: invalid indirect mapped block 6 (level 1)
[  145.579137][ T3362] loop2: detected capacity change from 0 to 40427
[  145.592773][ T3362] F2FS-fs (loop2): fault_type options not supported
[  145.613661][ T2994] EXT4-fs (loop7): unmounting filesystem.
[  145.614337][ T3362] F2FS-fs (loop2): invalid crc value
[  145.621464][ T3362] F2FS-fs (loop2): Found nat_bits in checkpoint
[  145.667341][ T3362] F2FS-fs (loop2): Start checkpoint disabled!
[  145.674289][ T3362] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[  145.692169][ T3362] syz.2.1105: attempt to access beyond end of device
[  145.692169][ T3362] loop2: rw=2049, sector=45096, nr_sectors = 96 limit=40427
[  145.718685][ T3377] input: syz0 as /devices/virtual/input/input16
[  145.726054][ T3362] syz.2.1105: attempt to access beyond end of device
[  145.726054][ T3362] loop2: rw=2049, sector=77824, nr_sectors = 40 limit=40427
[  145.740248][ T3362] syz.2.1105: attempt to access beyond end of device
[  145.740248][ T3362] loop2: rw=2049, sector=45096, nr_sectors = 96 limit=40427
[  147.631431][ T3388] loop5: detected capacity change from 0 to 1024
[  147.663550][ T3388] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  147.664809][ T3394] loop6: detected capacity change from 0 to 512
[  147.682130][ T3394] EXT4-fs: Ignoring removed i_version option
[  147.690354][  T297] tipc: Disabling bearer <udp:syz1>
[  147.702443][  T297] tipc: Left network mode
[  147.719828][ T3394] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[  147.729657][   T28] kauditd_printk_skb: 2 callbacks suppressed
[  147.729672][   T28] audit: type=1400 audit(1746108077.844:545): avc:  denied  { execute } for  pid=3384 comm="syz.5.1115" path="/198/file1/file1" dev="loop5" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  147.789496][  T549] EXT4-fs (loop5): unmounting filesystem.
[  147.834550][ T2522] EXT4-fs (loop6): unmounting filesystem.
[  147.882691][ T1321] Bluetooth: hci0: Frame reassembly failed (-84)
[  147.894307][   T28] audit: type=1400 audit(1746108078.014:546): avc:  denied  { ioctl } for  pid=3400 comm="syz.2.1122" path="socket:[32145]" dev="sockfs" ino=32145 ioctlcmd=0x48de scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  147.932818][ T3405] SELinux:  policydb version 192 does not match my version range 15-33
[  147.942154][   T28] audit: type=1400 audit(1746108078.054:547): avc:  denied  { load_policy } for  pid=3404 comm="syz.4.1123" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[  147.949973][ T3405] SELinux: failed to load policy
[  148.021940][ T3412] loop4: detected capacity change from 0 to 512
[  148.058085][ T3412] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  148.067640][ T3412] ext4 filesystem being mounted at /244/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  148.087778][ T3412] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  148.106218][ T3412] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 159 with max blocks 1 with error 28
[  148.118793][ T3412] EXT4-fs (loop4): This should not happen!! Data will be lost
[  148.118793][ T3412] 
[  148.128921][ T3412] EXT4-fs (loop4): Total free blocks count 0
[  148.131358][ T3410] bridge0: port 1(bridge_slave_0) entered blocking state
[  148.137670][ T3412] EXT4-fs (loop4): Free/Dirty block details
[  148.150423][ T3421] loop5: detected capacity change from 0 to 1024
[  148.150975][ T3412] EXT4-fs (loop4): free_blocks=65280
[  148.159846][ T3410] bridge0: port 1(bridge_slave_0) entered disabled state
[  148.162333][ T3412] EXT4-fs (loop4): dirty_blocks=1
[  148.174919][ T3412] EXT4-fs (loop4): Block reservation details
[  148.182659][ T3412] EXT4-fs (loop4): i_reserved_data_blocks=1
[  148.188699][ T3410] device bridge_slave_0 entered promiscuous mode
[  148.195204][  T408] usb 7-1: new high-speed USB device number 7 using dummy_hcd
[  148.205936][ T3410] bridge0: port 2(bridge_slave_1) entered blocking state
[  148.219897][ T3410] bridge0: port 2(bridge_slave_1) entered disabled state
[  148.228049][ T3410] device bridge_slave_1 entered promiscuous mode
[  148.232894][ T3421] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  148.244712][  T280] EXT4-fs (loop4): unmounting filesystem.
[  148.442559][  T408] usb 7-1: Using ep0 maxpacket: 16
[  148.450411][  T408] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  148.680603][  T297] device bridge_slave_1 left promiscuous mode
[  148.687303][  T297] bridge0: port 2(bridge_slave_1) entered disabled state
[  148.715201][  T297] device bridge_slave_0 left promiscuous mode
[  149.084533][  T408] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0
[  149.168313][  T297] bridge0: port 1(bridge_slave_0) entered disabled state
[  149.342532][  T408] usb 7-1: config 0 interface 0 has no altsetting 0
[  149.361423][  T408] usb 7-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[  149.387302][  T408] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  149.416268][  T297] device veth1_macvtap left promiscuous mode
[  149.422391][  T297] device veth0_vlan left promiscuous mode
[  149.479778][  T408] usb 7-1: config 0 descriptor??
[  149.899539][ T3409] loop6: detected capacity change from 0 to 512
[  149.912538][   T45] Bluetooth: hci0: command 0x1003 tx timeout
[  149.918737][ T2617] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  149.922688][ T1321] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  149.932093][ T3401] Bluetooth: hci0: Opcode 0x0c20 failed: -4
[  149.953016][ T3409] EXT4-fs (loop6): Test dummy encryption mode enabled
[  149.980579][ T1321] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  150.089809][ T3409] EXT4-fs error (device loop6): ext4_orphan_get:1400: inode #15: comm syz.6.1121: casefold flag without casefold feature
[  150.117372][ T1321] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  150.167760][  T549] EXT4-fs (loop5): unmounting filesystem.
[  150.230083][ T1321] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  150.238234][ T3409] EXT4-fs error (device loop6): ext4_orphan_get:1405: comm syz.6.1121: couldn't read orphan inode 15 (err -117)
[  150.250555][ T1321] bridge0: port 1(bridge_slave_0) entered blocking state
[  150.257669][ T1321] bridge0: port 1(bridge_slave_0) entered forwarding state
[  150.277500][ T1321] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  150.285119][ T3409] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[  150.306166][ T1321] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  150.323355][  T408] hid (null): nested delimiters
[  150.332062][  T408] hid (null): bogus close delimiter
[  150.337097][ T1321] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  150.348445][  T408] hid (null): report_id 10372 is invalid
[  150.354549][  T408] hid (null): unknown global tag 0xe
[  150.360117][  T408] hid (null): invalid report_count 58995
[  150.361010][ T1321] bridge0: port 2(bridge_slave_1) entered blocking state
[  150.365897][  T408] hid (null): unknown global tag 0xa6
[  150.372963][ T1321] bridge0: port 2(bridge_slave_1) entered forwarding state
[  150.382660][ T1321] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  150.386082][  T408] hid (null): unknown global tag 0xd
[  150.399260][  T408] hid (null): unknown global tag 0x24
[  150.404942][  T408] hid (null): unknown global tag 0xd
[  150.413080][ T1321] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  150.435840][ T1321] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  150.444266][ T1321] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  150.468533][ T1321] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  150.477480][ T1321] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  150.490870][ T3453] loop2: detected capacity change from 0 to 2048
[  150.503422][ T3410] device veth0_vlan entered promiscuous mode
[  150.510254][ T1321] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  150.514954][ T3455] loop5: detected capacity change from 0 to 512
[  150.519228][ T1321] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  150.540552][ T3410] device veth1_macvtap entered promiscuous mode
[  150.548379][ T1321] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  150.557566][ T1321] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  150.562212][ T1203] usb 7-1: USB disconnect, device number 7
[  150.565735][ T1321] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  150.574737][ T3455] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  150.583626][ T3453] Alternate GPT is invalid, using primary GPT.
[  150.593655][  T297] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  150.594544][ T3453]  loop2: p2 p3 p7
[  150.602397][  T297] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  150.607160][ T3455] ext4 filesystem being mounted at /204/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  150.616200][  T297] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  150.635878][  T297] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  150.646542][  T549] EXT4-fs (loop5): unmounting filesystem.
[  150.719711][   T28] audit: type=1400 audit(1746108080.834:548): avc:  denied  { write } for  pid=3458 comm="syz.4.1137" name="tcp6" dev="proc" ino=4026532515 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1
[  150.754848][ T3461] loop5: detected capacity change from 0 to 128
[  150.771974][ T3461] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  150.785842][  T438] udevd[438]: inotify_add_watch(7, /dev/loop2p7, 10) failed: No such file or directory
[  150.794944][ T3464] loop2: detected capacity change from 0 to 1024
[  150.797757][  T324] udevd[324]: inotify_add_watch(7, /dev/loop2p2, 10) failed: No such file or directory
[  150.804571][ T2613] udevd[2613]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory
[  150.812695][ T3461] ext4 filesystem being mounted at /205/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  150.837294][   T28] audit: type=1400 audit(1746108080.954:549): avc:  denied  { rename } for  pid=3460 comm="syz.5.1136" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="loop5" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=lnk_file permissive=1
[  150.883883][  T549] EXT4-fs (loop5): unmounting filesystem.
[  150.902521][  T284] ==================================================================
[  150.910738][  T284] BUG: KASAN: use-after-free in enqueue_timer+0xae/0x480
[  150.917795][  T284] Write of size 8 at addr ffff88810f374a00 by task kworker/0:2/284
[  150.925695][  T284] 
[  150.928031][  T284] CPU: 0 PID: 284 Comm: kworker/0:2 Tainted: G        W          6.1.134-syzkaller-00033-g0c1a07d9c284 #0
[  150.939318][  T284] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  150.949397][  T284] Workqueue: ipv6_addrconf addrconf_dad_work
[  150.955403][  T284] Call Trace:
[  150.958679][  T284]  <TASK>
[  150.961608][  T284]  __dump_stack+0x21/0x24
[  150.965945][  T284]  dump_stack_lvl+0xee/0x150
[  150.970540][  T284]  ? __cfi_dump_stack_lvl+0x8/0x8
[  150.975584][  T284]  ? enqueue_timer+0xae/0x480
[  150.980267][  T284]  print_address_description+0x71/0x210
[  150.985901][  T284]  print_report+0x4a/0x60
[  150.990229][  T284]  kasan_report+0x122/0x150
[  150.994733][  T284]  ? enqueue_timer+0xae/0x480
[  150.999413][  T284]  __asan_report_store8_noabort+0x17/0x20
[  151.005227][  T284]  enqueue_timer+0xae/0x480
[  151.009739][  T284]  __mod_timer+0x79f/0xb30
[  151.014185][  T284]  add_timer+0x68/0x80
[  151.018256][  T284]  __queue_delayed_work+0x173/0x200
[  151.023464][  T284]  mod_delayed_work_on+0x74/0xe0
[  151.028455][  T284]  addrconf_mod_dad_work+0x7d/0x120
[  151.033669][  T284]  addrconf_dad_work+0x933/0x14b0
[  151.038733][  T284]  ? __cfi_addrconf_dad_work+0x10/0x10
[  151.044208][  T284]  ? __schedule+0xb8f/0x14e0
[  151.048828][  T284]  ? __kasan_check_read+0x11/0x20
[  151.053980][  T284]  ? read_word_at_a_time+0x12/0x20
[  151.059121][  T284]  ? strscpy+0x9b/0x290
[  151.063311][  T284]  process_one_work+0x71f/0xc40
[  151.068176][  T284]  worker_thread+0xa29/0x11f0
[  151.072863][  T284]  kthread+0x281/0x320
[  151.076943][  T284]  ? __cfi_worker_thread+0x10/0x10
[  151.082330][  T284]  ? __cfi_kthread+0x10/0x10
[  151.086944][  T284]  ret_from_fork+0x1f/0x30
[  151.091374][  T284]  </TASK>
[  151.094391][  T284] 
[  151.096796][  T284] Allocated by task 3401:
[  151.101121][  T284]  kasan_set_track+0x4b/0x70
[  151.105710][  T284]  kasan_save_alloc_info+0x25/0x30
[  151.110831][  T284]  __kasan_kmalloc+0x95/0xb0
[  151.115432][  T284]  __kmalloc+0xb1/0x1e0
[  151.119619][  T284]  hci_alloc_dev_priv+0x27/0x1bd0
[  151.124667][  T284]  hci_uart_tty_ioctl+0x3c8/0xa00
[  151.129702][  T284]  tty_ioctl+0x8ef/0xc60
[  151.133959][  T284]  __se_sys_ioctl+0x12f/0x1b0
[  151.138647][  T284]  __x64_sys_ioctl+0x7b/0x90
[  151.143253][  T284]  x64_sys_call+0x58b/0x9a0
[  151.147784][  T284]  do_syscall_64+0x4c/0xa0
[  151.152212][  T284]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  151.158128][  T284] 
[  151.160453][  T284] Freed by task 3401:
[  151.164428][  T284]  kasan_set_track+0x4b/0x70
[  151.169024][  T284]  kasan_save_free_info+0x31/0x50
[  151.174054][  T284]  ____kasan_slab_free+0x132/0x180
[  151.179183][  T284]  __kasan_slab_free+0x11/0x20
[  151.184038][  T284]  slab_free_freelist_hook+0xc2/0x190
[  151.189421][  T284]  __kmem_cache_free+0xb7/0x1b0
[  151.194278][  T284]  kfree+0x6f/0xf0
[  151.198009][  T284]  hci_release_dev+0x13ad/0x1500
[  151.202950][  T284]  bt_host_release+0x82/0x90
[  151.207542][  T284]  device_release+0xa4/0x1d0
[  151.212150][  T284]  kobject_put+0x19d/0x280
[  151.216576][  T284]  put_device+0x1f/0x30
[  151.220735][  T284]  hci_dev_cmd+0x265/0x720
[  151.225163][  T284]  hci_sock_ioctl+0x41e/0x7f0
[  151.229930][  T284]  sock_do_ioctl+0x101/0x310
[  151.234586][  T284]  sock_ioctl+0x4d8/0x6e0
[  151.238935][  T284]  __se_sys_ioctl+0x12f/0x1b0
[  151.243664][  T284]  __x64_sys_ioctl+0x7b/0x90
[  151.248273][  T284]  x64_sys_call+0x58b/0x9a0
[  151.252817][  T284]  do_syscall_64+0x4c/0xa0
[  151.257440][  T284]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  151.263354][  T284] 
[  151.265685][  T284] Last potentially related work creation:
[  151.271394][  T284]  kasan_save_stack+0x3a/0x60
[  151.276078][  T284]  __kasan_record_aux_stack+0xb6/0xc0
[  151.281458][  T284]  kasan_record_aux_stack_noalloc+0xb/0x10
[  151.287380][  T284]  insert_work+0x51/0x300
[  151.291725][  T284]  __queue_work+0x9b1/0xd30
[  151.296251][  T284]  queue_work_on+0xd2/0x140
[  151.300770][  T284]  __hci_cmd_sync_sk+0xa3e/0xcf0
[  151.305727][  T284]  hci_cmd_sync_status+0x53/0x120
[  151.310767][  T284]  hci_dev_cmd+0x628/0x720
[  151.315191][  T284]  hci_sock_ioctl+0x41e/0x7f0
[  151.319874][  T284]  sock_do_ioctl+0x101/0x310
[  151.324489][  T284]  sock_ioctl+0x4d8/0x6e0
[  151.328830][  T284]  __se_sys_ioctl+0x12f/0x1b0
[  151.333524][  T284]  __x64_sys_ioctl+0x7b/0x90
[  151.338127][  T284]  x64_sys_call+0x58b/0x9a0
[  151.342643][  T284]  do_syscall_64+0x4c/0xa0
[  151.347073][  T284]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  151.352986][  T284] 
[  151.355307][  T284] Second to last potentially related work creation:
[  151.361887][  T284]  kasan_save_stack+0x3a/0x60
[  151.366572][  T284]  __kasan_record_aux_stack+0xb6/0xc0
[  151.371958][  T284]  kasan_record_aux_stack_noalloc+0xb/0x10
[  151.377875][  T284]  insert_work+0x51/0x300
[  151.382218][  T284]  __queue_work+0x9b1/0xd30
[  151.387521][  T284]  queue_work_on+0xd2/0x140
[  151.392044][  T284]  hci_cmd_timeout+0x191/0x200
[  151.396834][  T284]  process_one_work+0x71f/0xc40
[  151.401706][  T284]  worker_thread+0xa29/0x11f0
[  151.406393][  T284]  kthread+0x281/0x320
[  151.410467][  T284]  ret_from_fork+0x1f/0x30
[  151.414900][  T284] 
[  151.417238][  T284] The buggy address belongs to the object at ffff88810f374000
[  151.417238][  T284]  which belongs to the cache kmalloc-8k of size 8192
[  151.431376][  T284] The buggy address is located 2560 bytes inside of
[  151.431376][  T284]  8192-byte region [ffff88810f374000, ffff88810f376000)
[  151.444830][  T284] 
[  151.447239][  T284] The buggy address belongs to the physical page:
[  151.453689][  T284] page:ffffea00043cdc00 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10f370
[  151.463953][  T284] head:ffffea00043cdc00 order:3 compound_mapcount:0 compound_pincount:0
[  151.472284][  T284] flags: 0x4000000000010200(slab|head|zone=1)
[  151.478373][  T284] raw: 4000000000010200 ffffea00043a3a00 dead000000000002 ffff888100043500
[  151.486974][  T284] raw: 0000000000000000 0000000000020002 00000001ffffffff 0000000000000000
[  151.495659][  T284] page dumped because: kasan: bad access detected
[  151.502077][  T284] page_owner tracks the page as allocated
[  151.507786][  T284] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x1d20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL), pid 3016, tgid 3013 (syz.5.985), ts 134602707245, free_ts 134322033945
[  151.530457][  T284]  post_alloc_hook+0x1f5/0x210
[  151.535277][  T284]  prep_new_page+0x1c/0x110
[  151.539784][  T284]  get_page_from_freelist+0x2c6e/0x2ce0
[  151.545365][  T284]  __alloc_pages+0x19e/0x3a0
[  151.549956][  T284]  alloc_slab_page+0x6e/0xf0
[  151.554555][  T284]  new_slab+0x98/0x3d0
[  151.558630][  T284]  ___slab_alloc+0x6f6/0xb50
[  151.563304][  T284]  __slab_alloc+0x5e/0xa0
[  151.567633][  T284]  __kmem_cache_alloc_node+0x203/0x2c0
[  151.573091][  T284]  __kmalloc_node+0xa1/0x1e0
[  151.577774][  T284]  kvmalloc_node+0x294/0x480
[  151.582369][  T284]  f2fs_build_segment_manager+0xfec/0x2a10
[  151.588175][  T284]  f2fs_fill_super+0x4221/0x6c70
[  151.593287][  T284]  mount_bdev+0x2bc/0x3f0
[  151.597620][  T284]  f2fs_mount+0x34/0x40
[  151.601797][  T284]  legacy_get_tree+0xfe/0x1a0
[  151.606514][  T284] page last free stack trace:
[  151.611179][  T284]  free_unref_page_prepare+0x742/0x750
[  151.616641][  T284]  free_unref_page+0x8f/0x530
[  151.621318][  T284]  __free_pages+0x67/0x100
[  151.625738][  T284]  __free_slab+0xca/0x1a0
[  151.630073][  T284]  discard_slab+0x29/0x40
[  151.634412][  T284]  __slab_free+0x201/0x280
[  151.638832][  T284]  ___cache_free+0xbf/0xd0
[  151.643247][  T284]  qlist_free_all+0xc6/0x140
[  151.647870][  T284]  kasan_quarantine_reduce+0x14a/0x170
[  151.653399][  T284]  __kasan_slab_alloc+0x24/0x80
[  151.658274][  T284]  slab_post_alloc_hook+0x4f/0x2d0
[  151.663388][  T284]  kmem_cache_alloc+0x16e/0x330
[  151.668239][  T284]  getname_flags+0xb9/0x500
[  151.672757][  T284]  user_path_at_empty+0x30/0x1c0
[  151.677692][  T284]  __x64_sys_umount+0xf1/0x160
[  151.682464][  T284]  x64_sys_call+0x86a/0x9a0
[  151.686975][  T284] 
[  151.689296][  T284] Memory state around the buggy address:
[  151.694921][  T284]  ffff88810f374900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  151.702976][  T284]  ffff88810f374980: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  151.711030][  T284] >ffff88810f374a00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  151.719084][  T284]                    ^
[  151.723147][  T284]  ffff88810f374a80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  151.731206][  T284]  ffff88810f374b00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  151.739268][  T284] ==================================================================
[  151.747590][  T284] Disabling lock debugging due to kernel taint
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  151.777664][ T3464] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  151.796007][ T3464] ext4 filesystem being mounted at /236/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  151.811114][   T28] audit: type=1400 audit(1746108081.914:550): avc:  denied  { write } for  pid=251 comm="syz-executor" path="pipe:[14204]" dev="pipefs" ino=14204 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1
[  151.872949][ T3464] EXT4-fs (loop2): unmounting filesystem.
[  151.893152][ T3409] EXT4-fs (loop6): unmounting filesystem.
[  151.982571][    C0] general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN
[  151.994354][    C0] KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]
[  152.002779][    C0] CPU: 0 PID: 3472 Comm: syz-executor Tainted: G    B   W          6.1.134-syzkaller-00033-g0c1a07d9c284 #0
[  152.014228][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  152.024277][    C0] RIP: 0010:__queue_work+0x575/0xd30
[  152.029563][    C0] Code: 39 2b 0f 84 b9 00 00 00 e8 58 ce 28 00 4c 89 ff e8 90 7d a8 03 49 bc 00 00 00 00 00 fc ff df 4c 8b 6d d0 4c 89 e8 48 c1 e8 03 <42> 80 3c 20 00 74 08 4c 89 ef e8 dc 1f 6d 00 49 8b 7d 00 e8 73 79
[  152.049159][    C0] RSP: 0018:ffffc90000007c70 EFLAGS: 00010046
[  152.055230][    C0] RAX: 0000000000000000 RBX: 000000007fffffff RCX: ffff88811bb2d100
[  152.063381][    C0] RDX: 0000000000000100 RSI: 000000007fffffff RDI: 000000007fffffff
[  152.071362][    C0] RBP: ffffc90000007d08 R08: fffffffffffffffb R09: 0000000000000007
[  152.079355][    C0] R10: ffffed1021e6e939 R11: 1ffff11021e6e939 R12: dffffc0000000000
[  152.087320][    C0] R13: 0000000000000000 R14: ffff88810f3749c8 R15: 0000000000000008
[  152.095279][    C0] FS:  0000000000000000(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[  152.104719][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  152.111293][    C0] CR2: 00005598fd7590f8 CR3: 0000000123533000 CR4: 00000000003506b0
[  152.119258][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  152.127240][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  152.135200][    C0] Call Trace:
[  152.138493][    C0]  <IRQ>
[  152.141328][    C0]  delayed_work_timer_fn+0x61/0x80
[  152.146469][    C0]  ? __cfi_delayed_work_timer_fn+0x10/0x10
[  152.152295][    C0]  call_timer_fn+0x46/0x2a0
[  152.156790][    C0]  ? __cfi_delayed_work_timer_fn+0x10/0x10
[  152.162594][    C0]  __run_timers+0x667/0x9a0
[  152.167122][    C0]  ? calc_index+0x200/0x200
[  152.171624][    C0]  ? kvm_sched_clock_read+0x18/0x40
[  152.176827][    C0]  run_timer_softirq+0x6a/0xf0
[  152.181600][    C0]  handle_softirqs+0x1d7/0x600
[  152.186370][    C0]  ? irqtime_account_irq+0xc4/0x240
[  152.191603][    C0]  __irq_exit_rcu+0x52/0xf0
[  152.196097][    C0]  irq_exit_rcu+0x9/0x10
[  152.200345][    C0]  sysvec_apic_timer_interrupt+0xa9/0xc0
[  152.206072][    C0]  </IRQ>
[  152.209016][    C0]  <TASK>
[  152.211957][    C0]  asm_sysvec_apic_timer_interrupt+0x1b/0x20
[  152.217943][    C0] RIP: 0010:_raw_spin_unlock_irqrestore+0x55/0x80
[  152.224482][    C0] Code: 40 e4 ed 86 e8 bc a1 c4 fc 4c 89 f7 48 83 3d d1 4d fe 01 00 74 30 e8 1e 0d 00 00 90 f7 c3 00 02 00 00 74 01 fb bf 01 00 00 00 <e8> 96 f3 5b fc 65 8b 05 37 d7 12 7b 85 c0 74 05 5b 41 5e 5d c3 e8
[  152.244170][    C0] RSP: 0018:ffffc90002af7260 EFLAGS: 00000206
[  152.250238][    C0] RAX: 0000000000000001 RBX: 0000000000000a06 RCX: dffffc0000000000
[  152.258413][    C0] RDX: 0000000000000000 RSI: 0000000000000a06 RDI: 0000000000000001
[  152.266384][    C0] RBP: ffffc90002af7270 R08: dffffc0000000000 R09: fffff94000a3cc21
[  152.274461][    C0] R10: fffff94000a3cc21 R11: 1ffffd4000a3cc20 R12: dffffc0000000000
[  152.282869][    C0] R13: dffffc0000000000 R14: ffffea00051e6140 R15: 0000000000000020
[  152.290847][    C0]  release_pages+0x1b6/0xb20
[  152.295456][    C0]  ? lru_add_drain_cpu+0x383/0x4b0
[  152.300573][    C0]  ? __cfi_release_pages+0x10/0x10
[  152.305694][    C0]  ? __this_cpu_preempt_check+0x13/0x20
[  152.311250][    C0]  ? __kasan_check_read+0x11/0x20
[  152.316341][    C0]  free_pages_and_swap_cache+0x86/0xa0
[  152.321811][    C0]  tlb_flush_mmu+0x101/0x1e0
[  152.326419][    C0]  unmap_page_range+0x20c6/0x2310
[  152.331451][    C0]  ? __cfi_unmap_page_range+0x10/0x10
[  152.336855][    C0]  ? __switch_to+0x51f/0xe30
[  152.341554][    C0]  unmap_vmas+0x31c/0x430
[  152.345896][    C0]  ? __cfi_unmap_vmas+0x10/0x10
[  152.351185][    C0]  ? __cfi_lru_add_drain_cpu+0x10/0x10
[  152.356659][    C0]  ? __kasan_check_write+0x14/0x20
[  152.361881][    C0]  exit_mmap+0x263/0xa40
[  152.366127][    C0]  ? __cfi_exit_mmap+0x10/0x10
[  152.370943][    C0]  ? preempt_schedule+0xa7/0xb0
[  152.375807][    C0]  ? __cfi_exit_aio+0x10/0x10
[  152.380498][    C0]  ? uprobe_clear_state+0x2c1/0x320
[  152.385704][    C0]  __mmput+0x93/0x320
[  152.389768][    C0]  ? mmput+0x43/0x150
[  152.393850][    C0]  mmput+0x4b/0x150
[  152.397665][    C0]  begin_new_exec+0x1672/0x2170
[  152.402529][    C0]  load_elf_binary+0x981/0x2710
[  152.407388][    C0]  ? __cfi___kernel_read+0x10/0x10
[  152.412503][    C0]  ? selinux_bprm_creds_for_exec+0x756/0x1060
[  152.418575][    C0]  ? __cfi_load_elf_binary+0x10/0x10
[  152.423860][    C0]  ? _raw_read_unlock+0x25/0x40
[  152.428717][    C0]  ? load_misc_binary+0x5cf/0xb10
[  152.433747][    C0]  bprm_execve+0x787/0x1440
[  152.438251][    C0]  ? alloc_bprm+0x750/0x750
[  152.442760][    C0]  do_execveat_common+0x915/0xa70
[  152.447791][    C0]  __x64_sys_execve+0x92/0xb0
[  152.452469][    C0]  x64_sys_call+0x98/0x9a0
[  152.456890][    C0]  do_syscall_64+0x4c/0xa0
[  152.461441][    C0]  ? clear_bhb_loop+0x15/0x70
[  152.466292][    C0]  ? clear_bhb_loop+0x15/0x70
[  152.470968][    C0]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  152.476893][    C0] RIP: 0033:0x7f35237c2037
[  152.481348][    C0] Code: Unable to access opcode bytes at 0x7f35237c200d.
[  152.488364][    C0] RSP: 002b:00007f3524591df8 EFLAGS: 00000206 ORIG_RAX: 000000000000003b
[  152.497397][    C0] RAX: ffffffffffffffda RBX: 00007ffd9e1a7ef2 RCX: 00007f35237c2037
[  152.505368][    C0] RDX: 00007ffd9e1a5c00 RSI: 00007ffd9e1a5e40 RDI: 00007ffd9e1a7ef2
[  152.513350][    C0] RBP: 00007f3524591e70 R08: 00007f3524591f20 R09: 0000000000000000
[  152.521329][    C0] R10: 0000000000000008 R11: 0000000000000206 R12: 00007ffd9e1a5e40
[  152.529304][    C0] R13: 00007ffd9e1a5c00 R14: 0000000000000000 R15: 0000000000000000
[  152.537280][    C0]  </TASK>
[  152.540311][    C0] Modules linked in:
[  152.544212][    C0] ---[ end trace 0000000000000000 ]---
[  152.549663][    C0] RIP: 0010:__queue_work+0x575/0xd30
[  152.554957][    C0] Code: 39 2b 0f 84 b9 00 00 00 e8 58 ce 28 00 4c 89 ff e8 90 7d a8 03 49 bc 00 00 00 00 00 fc ff df 4c 8b 6d d0 4c 89 e8 48 c1 e8 03 <42> 80 3c 20 00 74 08 4c 89 ef e8 dc 1f 6d 00 49 8b 7d 00 e8 73 79
[  152.574562][    C0] RSP: 0018:ffffc90000007c70 EFLAGS: 00010046
[  152.580640][    C0] RAX: 0000000000000000 RBX: 000000007fffffff RCX: ffff88811bb2d100
[  152.589217][    C0] RDX: 0000000000000100 RSI: 000000007fffffff RDI: 000000007fffffff
[  152.597189][    C0] RBP: ffffc90000007d08 R08: fffffffffffffffb R09: 0000000000000007
[  152.605159][    C0] R10: ffffed1021e6e939 R11: 1ffff11021e6e939 R12: dffffc0000000000
[  152.613131][    C0] R13: 0000000000000000 R14: ffff88810f3749c8 R15: 0000000000000008
[  152.621103][    C0] FS:  0000000000000000(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[  152.630034][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  152.636617][    C0] CR2: 00007f35237c200d CR3: 0000000123533000 CR4: 00000000003506b0
[  152.644591][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  152.652564][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  152.660539][    C0] Kernel panic - not syncing: Fatal exception in interrupt
[  152.667998][    C0] Kernel Offset: disabled
[  152.672349][    C0] Rebooting in 86400 seconds..