last executing test programs: 22m36.178335206s ago: executing program 32 (id=170): socket$nl_route(0x10, 0x3, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000005c0)=ANY=[@ANYRESDEC=0x0, @ANYRES16, @ANYRESOCT=0x0, @ANYRESOCT=0x0], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x39}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$inet6_int(r3, 0x29, 0x19, &(0x7f0000000000)=0x94b, 0x4) syz_emit_ethernet(0x6e, &(0x7f0000000240)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, @random="695641aeaf4a", @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "cb8000", 0x38, 0x3a, 0xff, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}, @mcast2, {[], @time_exceed={0x4, 0x1, 0x0, 0x9, '\x00', {0x0, 0x6, "f99063", 0x800, 0x3a, 0xff, @mcast1, @mcast1, [], "af34000000000000"}}}}}}}, 0x0) recvmmsg(r3, &(0x7f0000001740), 0x0, 0x0, 0x0) ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r1, 0x8983, &(0x7f0000000100)={0x0, 'veth0_to_batadv\x00', {0x1}, 0x2a}) syz_open_procfs(0x0, &(0x7f00000001c0)='maps\x00') init_module(0x0, 0xa99, &(0x7f0000001800)='GPL\x00') r4 = socket$inet6_sctp(0xa, 0x801, 0x84) sendmmsg$inet6(r4, &(0x7f0000000d00)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @private1={0xfc, 0x1, '\x00', 0x1}, 0xfffffffc}, 0x1c, &(0x7f0000000300)=[{&(0x7f0000000400)="b8", 0x1}], 0x1, 0x0, 0x0, 0xff000000}}, {{&(0x7f0000000080)={0xa, 0x4e20, 0x1, @private2={0xfc, 0x2, '\x00', 0x1}, 0x45af}, 0x1c, &(0x7f0000000580)=[{&(0x7f0000000340)="01", 0x1}], 0x1b6}}], 0x2, 0x0) setsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x1, 0x0, 0x0) madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa) r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/bus/input/handlers\x00', 0x0, 0x0) syz_clone3(&(0x7f0000000080)={0x2a694b000, &(0x7f0000000040), 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0, 0x0, {r5}}, 0x58) creat(&(0x7f00000000c0)='./file0\x00', 0x48) 22m21.613507641s ago: executing program 33 (id=177): openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi1\x00', 0x1, 0x0) r0 = memfd_create(&(0x7f0000000d80)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9\xd6\x1c\x1b*\x9a!?\x7f\xa5\xad\x9a,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf#2\x99\x1e\xa1`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\f<\x8f\xc1\x99\x89r\xe1?\xbdu\x98\xc3\xf8\xd2Q#\xc6g\xa0\x85\xd6G\x85\x11X\x8d,\x02\xd45\xb8\xca\x97\x9d\xcb\x1e\x80\xd6\xd5>N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec\x8aog\x87BR\x9d\xad\xd4FcB\xda\x95\xc3\xdd\x9d\x8f\x1a\xce\x18\x80\"j\xe1\xba\x1e\x97uX\xccv\xd6\vcz\x92A^\xbc\xceF\xf7\xe5:\xaf\xc5~\xbcJ e\r\x88c\x9d\xb92\xb6i4zq\xb3c\x0f\xb2t\x93\xf2E6b\xfa\xcdJ5\xe3W]`4\xd8D\x05\v\xfc)\xca\xedQ\xd0]Ot\'\xc2tDF\xf9\xa7\xb5(\x83\xa5\x0f\x1d\x1d\x06Dg\x13>\x19\xe85#\aaT\x89=\x104\xd5\x85Q\x96\x91\xea\x172P\xb3:\xadZ\xbc\xbe\x00\xf0\x14\x96\xd9M\xd7\x88QZs\xb2\xe1+$jfQodH\x05/y`~Mx\x02\x00(v\xe6`\x026\xfcgC\xb5\xf0\x13.zb\xc5bj+@\x00\x00\x00\x00\x00\x8e[\xb3\xa3\x87\xb9\xe2_Z\x11\xef\xc2]V\xf3\x03\x94\xb9\xe1\xa68\x8d\\\xe5\xef\xacpM\xf0\xa6\x04\x10\xb7\xc0t\x83\\\xf7\x12k\x9f\x10\xd5Z\x19\xc1\xc1\x80\\o\x97\xce=U\xdd\xaa\x1b\x05\x14\x13\xa6\xbd#\xde\x04\xe6$\xec$3\xf6\x97\xc6\xeaSL\xb7A72M\x88k@\xe5\xa3\n&\x1e\xc84\xa9\xe2\xccM\x906\x95xQ-2p\xd62\'\xec\x0f\x13;I\x95fE_\r\xe7\t!A\x05\xe4\x8f\x9e0\xf8/T\x18\xf7\xa1\x9f\xde1\xd5\x80<\xf5\b\xa9\xec\x85\xaeW\xb3\xd8#)bn \xfb\xf2\x88\xfaR\xff\xdd\x80\x96_\xec5\xf0\x1c\a\x8a\x80\x00@=\r8u+%f:\x1e\x82\xfap\xf6\x89\xea\xba\xe3\xbbM%F\xdb\\\xd1eJJ*\xc67\xca\x03\xa3\xf7(\xbb\xecN\xd4\xe7\xf2:u\x8a\b\xd5\v\xca\xfd\\\xd6\xe3\x05\xb3\x03\xd5\xe0\xd2\xf2{&\x8b\xdf\xa1\xbe}\xb2\xe4y\xbb\xe6\x1f\x10c\xf5WQ\x82\x04\x01C\x83,\x90\x1a\xfa\x8e\x17\x89\xe2\xedX\x8d\rmq\t\xb5$\xb4\x9b\x92z\xd6/-\x13,\xb5%\x8eM/\x04\xa7\x7f\x1b\x85\xf1\xa4X\x17\xbb\x1cR14\xfb!\b\x10\xe8\xb2\xd41gK\xe4\xea\xe39d\bL\xe5\x1b\xbd[\x9bWD:\r&\xe9\vn^\xcc\x86\xe3\xce1>3{\xaa{\xbd0P\x9f\xa68\xf5\x82\xb8\x9aD\x9c{\xe6\xf8\xcbD\xb5aJ\xb0\x92\x89\xbc\x80\x1ch\x89\xe7\xdd]q\x0e,>/\xaf|\xf0\x01V\x7f\xc9?\xba\x16\xe4$+\x02\x00\x00\x00\x00\x00\x00\x00\xa5\x94d9\xaf\xcfq\x8b=\x026\xef\r\x91\x18\xc5\xb6\xb9fM\x8ayZ\xbcd\xa5\x8a\x88\x98\xc3\xfc`\xa6\xba\x1f\x17\v$\x88g\xb4\xad\b\xc1\xddW\xa6\xc1\xb7\xb0\xa3\x84Q\x13GoU\xe2\xb7\x03\x9c\xd5\x0f\xa8\x0ef\"\x15\x82\xe7\xbd\xf8\xca\x10f\xfe6h\xe9\xc3\xc2\xa0O:\xac~\x1a\xf7\xbeF\xbe\xe5\xf0\x81\xd6&\xc00x0], 0x0, 0x0, 0x0, 0x1}) ioctl$DRM_IOCTL_MODE_CURSOR(r1, 0xc01c64a3, &(0x7f0000000340)={0x3, r2, 0xfffffffa, 0x4, 0xb, 0x1fd, 0x1}) ioctl$DRM_IOCTL_MODE_CURSOR(r1, 0xc01c64a3, &(0x7f0000001880)={0x1, r2, 0x8fff, 0x3ff, 0x4, 0x944}) r3 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000001300)=ANY=[@ANYBLOB="12010000000000205804115000000000000109022400010000000009040000050300000009210000000122940309058103"], 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) openat$snapshot(0xffffffffffffff9c, 0x0, 0x3f, 0x0) syz_usb_control_io(r3, 0x0, 0x0) timer_create(0x9, &(0x7f0000000180)={0x0, 0x21, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000480)) r4 = socket$inet6_sctp(0xa, 0x5, 0x84) shutdown(r4, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r4, 0x84, 0x6f, &(0x7f0000000200)={0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e23, @rand_addr=0x64010100}]}, &(0x7f0000000140)=0x10) getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r4, 0x84, 0x7a, &(0x7f0000000340)={r5, @in6={{0xa, 0x3, 0x3, @mcast1}}}, &(0x7f0000000040)=0x84) 15m45.535290047s ago: executing program 34 (id=498): socket$key(0xf, 0x3, 0x2) sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB="020100090e000000030000000000000405000600000000000a0000000000000400000000000000000000002100000000000100000000000002000100010000000000010200fd000005000500000000000a"], 0x70}}, 0x0) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) syz_usb_connect(0x5, 0x0, 0x0, 0x0) bind$netlink(r0, &(0x7f0000000080)={0x10, 0x0, 0x0, 0x1}, 0xc) r1 = socket$inet6(0xa, 0x80003, 0x6) connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000340)={{{@in=@broadcast, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0xa}, {0x0, 0x800000000000, 0x4}, {0x0, 0x4, 0x0, 0xa78a}, 0xfffffffe, 0x0, 0x1}, {{@in=@private, 0x0, 0x33}, 0x0, @in=@rand_addr=0x64010101, 0x0, 0x3, 0x1, 0x7}}, 0xe8) sendmmsg(r1, &(0x7f0000000480), 0x2e9, 0x0) 13m38.745411522s ago: executing program 35 (id=691): socket$key(0xf, 0x3, 0x2) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB="020100090e000000030000000000000405000600000000000a0000000000000400000000000000000000002100000000000100000000000002000100010000000000010200fd000005000500000000000a"], 0x70}}, 0x0) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = syz_open_dev$tty1(0xc, 0x4, 0x2) r2 = dup(r1) ioctl$TIOCL_SETSEL(r2, 0x541c, &(0x7f0000000100)={0x2, {0x2, 0x103, 0x100, 0x551}}) ioctl$TIOCL_SETSEL(r2, 0x541c, 0x0) syz_usb_connect(0x5, 0x0, 0x0, 0x0) bind$netlink(r0, &(0x7f0000000080)={0x10, 0x0, 0x0, 0x1}, 0xc) r3 = socket$inet6(0xa, 0x80003, 0x6) connect$inet6(r3, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_IPV6_XFRM_POLICY(r3, 0x29, 0x23, &(0x7f0000000340)={{{@in=@broadcast, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0xa}, {0x0, 0x800000000000, 0x4}, {0x0, 0x4, 0x0, 0xa78a}, 0xfffffffe, 0x0, 0x1}, {{@in=@private, 0x0, 0x33}, 0x0, @in=@rand_addr=0x64010101, 0x0, 0x3, 0x1, 0x7}}, 0xe8) sendmmsg(r3, &(0x7f0000000480), 0x2e9, 0x0) socket$key(0xf, 0x3, 0x2) futex(0x0, 0x109, 0x0, 0x0, 0x0, 0x0) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x400) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r4, 0xc0189375, 0x0) 10m57.882141404s ago: executing program 36 (id=909): r0 = socket(0x10, 0x3, 0x0) close(0x3) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r1 = getpid() sched_setscheduler(r1, 0x1, &(0x7f0000000100)=0x5) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) getrusage(0x1, &(0x7f0000000980)) r4 = socket$nl_route(0x10, 0x3, 0x0) r5 = socket(0x10, 0x3, 0x0) r6 = socket$nl_route(0x10, 0x3, 0x0) r7 = socket(0x10, 0x803, 0x0) getsockname$packet(r7, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14) sendmsg$nl_route(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff00", @ANYRES32=r8, @ANYBLOB="01000000010000001c0012000c00010062726964"], 0x3c}}, 0x0) sendmsg$nl_route_sched(r5, &(0x7f0000005840)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r8, {0x0, 0xa}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c}}]}, 0x78}, 0x1, 0x0, 0x0, 0x4004000}, 0x0) sendmsg$nl_route_sched(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000014c0)=@newtfilter={0x30, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r8, {}, {}, {0xd}}, [@filter_kind_options=@f_bpf={{0x8}, {0x4}}]}, 0x30}}, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x1}, 0x10) write(r0, &(0x7f0000000000), 0x0) r9 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]}) close_range(r9, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x17, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sysctl, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) unshare(0x22020400) 10m32.504124355s ago: executing program 37 (id=956): r0 = socket$inet_smc(0x2b, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x4ec, 0x340, 0x25, 0x148, 0x0, 0x60, 0x458, 0x2a8, 0x2a8, 0x458, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x0, 0x2f8, 0x340, 0x0, {0x200003ae, 0x7f00}, [@common=@inet=@hashlimit1={{0x58}, {'geneve0\x00', {0x44, 0x0, 0x9, 0x0, 0x0, 0xffffffff, 0x7}}}, @common=@unspec=@bpf1={{0x230, 'bpf\x00', 0x0}, @pinned={0x1, 0x0, 0x6, './file0\x00'}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x6, 'syz0\x00'}}}, {{@ip={@broadcast, @multicast1, 0x0, 0x0, 'veth1_to_bond\x00', 'veth0\x00', {0xff}}, 0x0, 0xd0, 0x118, 0x0, {}, [@common=@unspec=@cgroup0={{0x28}, {0x4}}, @common=@unspec=@statistic={{0x38}, {0x20}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x8000, 'syz0\x00', {0x481c}}}}], {{'\x00', 0xc8, 0x70, 0x94}, {0x24}}}}, 0x548) r1 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000740)={{0x1, 0x1, 0x18, r1, {r1}}, './file0\x00'}) socket$nl_netfilter(0x10, 0x3, 0xc) fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, &(0x7f0000000700)='source', &(0x7f0000000580)='c:::/\x83\xc1\xcfD\xc4AO\x06)\xb03\xfcI\x95w\x96\x9b\xe9\xa6\x1a\x96\xael\x11\xa6\x06\xe3G\xb1\x1d$\xc2;\x8f\xf3\x13\xebB\x93\x94\x01\x8b\x88\xeb\xa3\x01\rx\x86bK&\x13a~\x04/\x18\x14ZM\xcb\xad\x92>\xe5\x01V\xdc\x05#\x13\xe9F\xa0\x1b\xf8\xe12\xe9\x80\x988\xd8?\x86\xe9i\x7f\xa8\xe0c\x94\xc1\xae\x9c\xba\x1c\xfa\xbc\xa8\xbf\xff\xfe\xfe!\x7f2\xf1\xc7P\x80A\x1c2k\xf6}P\x19\xee:i|0\x1c\x13u\xb0I\xaa\xe3\x14\x9a\x1f\x9f(\xd1$\x06\xa8&t&A0\xa7\xef\x9cL\x8e1K', 0x0) prlimit64(0x0, 0x7, 0x0, 0x0) timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000200)=0x0) fcntl$lock(0xffffffffffffffff, 0x26, &(0x7f0000000040)={0x0, 0x1, 0x3fe, 0x6}) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) r3 = syz_open_dev$sg(&(0x7f00000003c0), 0x1, 0x40002) writev(r3, &(0x7f00000002c0)=[{&(0x7f0000000080)="aefdda9d240300005a90f57f07703aeff0f64ebbee07962c22772e11b44e", 0x1e}], 0x1) close(r3) timer_settime(r2, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0) mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000) r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x2]}, 0x8, 0x0) read$FUSE(r4, &(0x7f0000001b40)={0x2020}, 0x205c) timer_create(0x2, &(0x7f0000533fa0)={0x0, 0x21}, &(0x7f0000bbdffc)) r5 = syz_usb_connect(0x0, 0x3f, &(0x7f00000000c0)=ANY=[@ANYBLOB="11010000733336088dee1edb23610000000109022d0101100000000904000003fe03010009cd8d1f0002000000090505020000fcffff09058b1e20"], 0x0) syz_usb_control_io$uac1(r5, 0x0, &(0x7f00000009c0)={0x44, &(0x7f0000000700)=ANY=[@ANYBLOB="40000f000000012721dcfe14c639a500ba17162716"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r6 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) ioctl$EVIOCGMASK(r6, 0x40015b13, 0x0) 9m12.764169735s ago: executing program 38 (id=1058): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100000008e}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e20}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x28ca5b2a26f5de9a) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00') lseek(r3, 0x200000000007d2, 0x1) sysinfo(&(0x7f0000000080)=""/6) r4 = socket$nl_xfrm(0x10, 0x3, 0x6) connect$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$SO_TIMESTAMPING(r4, 0x1, 0x41, &(0x7f0000000000)=0x4030, 0x4) sendmmsg(0xffffffffffffffff, &(0x7f0000000480), 0x2e9, 0x0) 9m3.534075143s ago: executing program 39 (id=1075): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mkdir(&(0x7f0000000100)='./file1\x00', 0x13b) mkdir(&(0x7f0000000000)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000380)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]}) chdir(&(0x7f0000000140)='./bus\x00') connect$unix(0xffffffffffffffff, 0x0, 0x0) mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0) openat$fuse(0xffffffffffffff9c, &(0x7f0000000100), 0x42, 0x0) lsetxattr$system_posix_acl(&(0x7f0000000180)='./file0\x00', &(0x7f00000002c0)='system.posix_acl_access\x00', &(0x7f0000000300)={{}, {0x1, 0x3}, [], {}, [{}], {0x10, 0x5}, {0x20, 0x1}}, 0x9, 0x0) 7m30.832625382s ago: executing program 9 (id=1277): syz_mount_image$vfat(&(0x7f0000000240), &(0x7f0000000280)='./file0\x00', 0x2000800, &(0x7f00000002c0)=ANY=[@ANYBLOB="636865636b3d7374726963742c757466383d312c757466383d302c757466383d312c6e66732c6572726f72733d72656d6f756e742d726f2c73686f72746e616d653d77696e6e742c00043518f9aad8a4f2c1cdb3e993cf0444d9d2d40bb509d4da042c2c85e3650de97db42c38cafa7a9d7503c3c985486cf7fc80515e9bef7e9e56fb346de370b3eb3ecbc59d343c36bf04efc3d68033308b0014b0c677ae5ef2932cc05f566112668fa4f6844dcf823618a2993da771384e8fc12467a56b33e3b00030dbfd82ea2f8ddbeb1d04bac86815ebe0b9d084d63c810deed3cb637e9a737a0edf56b15e74589892dce86962f611a4313120b738dddfd38d20b443570197dc795020ecf541601ef9a5618869febf769dd50261849a47e170ba166b97e76a0261d0dc1fb3e2646595f1c8b490", @ANYRES8, @ANYRES16, @ANYRES16=0x0], 0x3, 0x24f, &(0x7f0000001540)="$eJzs2k9rXFUYB+D3pqmpielE/EcL4kEX6ubSZC3SIC2IAUUboQrSW3OjQ64zIXcIjIjNSrd+BNfi0p0gXbrJxr3gwl02WXYhXplOqh2ZKCHqjPo8m3nh3N+cc5gzh8PlHLzw2Qdbm3W+WfRiJsti5nLsxZ0slmIm7tmL55+9/u2Tb1x/65XVtbUrr6d0dfXa8kpK6fxT37z90ZdP3+4tvPnV+a/nYn/pnYPDlR/3H9+/cPDztffbdWrXqdPtpSLd7HZ7xc2qTBvteitP6bWqLOoytTt1uTPSvll1t7f7qehsLM5v75R1nYpOP22V/dTrpt5OPxXvFe1OyvM8Lc4Hp7H+xZ2micPm7I1omubBz2Phdiz+EK3IHk7ZI5ezx25kT+xlFw6bpjXpofK38Pv/v923qZ+LqD7dXd9dH34O21c3ox1VlHEpWvFTDJbJkWF99eW1K5fSXUvxSXXrKH9rd/3MaH45WrE0Pr88zKfR/FzMR5yNOMqvRCseHZ9fGZs/F889c1//ebTiu3ejG1VsxCD7W/7j5ZReenVtND938e5zAAD/NXn61djzW54f1z7Mn+B8+Lvz2WxcnJ3s3Imo+x9uFVVV7kykuPeO6dhnHjp9X4Pvn8QEZ/9oXtNVvPj9VAzjBMVcnCiVRewN1sFUDP6Bqfjr/VmxMLEtiX/Q6D4JAAAAAAAAAADAv8VffnnwzPgbuAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMf5JQAA//9q+cXu") socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r0 = creat(&(0x7f0000000240)='./file1\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6000) io_setup(0x200, &(0x7f0000000140)=0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000540)={0x0, &(0x7f00000000c0)=""/220, 0x0, 0xdc}, 0x20) io_submit(r1, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0x0, 0x2, 0x1, 0x0, r0, &(0x7f0000000000), 0x4000}]) 7m29.820804107s ago: executing program 9 (id=1280): syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x0, &(0x7f0000000240)={[{@dioread_nolock}, {@oldalloc}, {@barrier_val={'barrier', 0x3d, 0x9}}]}, 0xff, 0x4b2, &(0x7f0000000540)="$eJzs3c1vG2UaAPDHdpMmaXb7satV25W2lbpS90ON86FVk4ULJ+BQCVGJC0glJG4oceIodkoT9ZDCrQcOCAQS4sCdv4ALPVEhIc5wRxxQEZQgARKS0YztNF8OFqQxyvx+0sQz8zrzvK+t59XMOzOeADLrbPInFzEYEZ9GxNHG4uY3nG28rN2/OZVMuajXL3+TS9+XLLfe2vq/IxGxGhF9EfH04xEv5LbHrS6vzE6Wy6XF5nKxNrdQrC6vXLg2NzlTminNj4xfnJgYHx4bndiztt5+7aXblz54svf9H169d/f1jz5MqjXYLNvYjr3UaHpPHN+w7lBEPPowgnVBodme/m5XhN8k+f7+EhHn0vw/GoX02wSyoF6v13+uH25XvFoHDqx8ug+cyw9FRGM+nx8aauzD/zUG8uVKtfbfq5Wl+enGvvKx6MlfvVYuDTePFY5FTy5ZHknnHyyPblkei0j3gd8o9KfLQ1OV8vT+dnXAFkea+d/fzP/vC438BzJi50P+tgcFwAFiyA+yS/5Ddsl/yC75D9kl/yG75D9kl/yH7JL/kF3yH7JL/kMmPXXpUjLVW/e/T19fXpqtXL8wXarODs0tTQ1NVRYXhmYqlZn0np25X9teuVJZGPlfLN0o1krVWrG6vHJlrrI0X7uS3td/pdSzL60COnH8zJ3PcxGx+v/+dEr0NsvkKhxs9Xouun0PMtAdhW53QEDXGPqD7HKMD+zwE72b9LUrWNj7ugD7I9/tCgBdc/6U83+QVcb/IbuM/0N22ccHjP9D9hj/h+wabPP8rz9teHbXcET8OSI+K/Qcbj3rCzgI8l/lIvLJ/v/5o/8c3Fram/sxPUXQGxEvv3P5rRuTtdriSLL+2/X1tbeb60e7UX+gU608beUxAJBda/dvTrWm/Yz79WONixC2xz/UHJvsS89RDqzlNl2rkNujaxdWb0XEyZ3i55rPO2+c+RhYK2yLf6L5mmtsIq3vofS56fsT/9SG+P/YEP/07/5UIBvuJP3P8E75l09zOtbzb3P/M7hH10607//y6/1foU3/d6bDGC+++8qXbePfiji9Y/xWvL401tb4Sd3OdxY+d++5Z/7WrrD+XmM7O8Vf30BEFGtzC8Xq8sqF9HfkZkrzI+MXJybGh8dGJ4rpGHWxNVK93SMnP7m7W/sHHsTvj4iO2p+s+3dn7Y+f/v7xs2d3if+vczt//yd2iZ9U9D8dxv9u9Ivn25Ul8afbfP75XeIn68Y6jF998wnPEgeAP5Dq8srsZLlcWjRjxoyZ9Zlu90zAw/Yg6btdEwAAAAAAAAAAAKBT+3E5cbfbCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwEPwSAAD//2vj04Y=") bind$packet(0xffffffffffffffff, 0x0, 0x0) socket(0x200000000000011, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0xffffffffffffffff}, 0x0) sched_setscheduler(0x0, 0x2, 0x0) sched_setscheduler(0x0, 0x1, 0x0) socketpair$unix(0x1, 0x2, 0x0, 0x0) sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000000d40)=ANY=[@ANYBLOB="61128c000000000061134c0000000000bf20000000000000070000000f0000002d030100000000009500ffb1000000006926000000000000bf67000000000000150002000fff5d004507000007000000d60600000ee60000bf1500000000000040700000000000006507000002000000070700004c0000001f75000000000000bf54000000000000070400000400f900bd430100000000009500000000000000050000000000000095000000000000001c15a3ce747c693a74b62fd0758b15f09429c043a7bc4b29d2dc480dd7a0d981422b32d93bad720100010000000000b39d0af449deaa27ea949e8f9000d885dfea27834aa7eb8d33ac04060630e78a30fc835e29eb532ba8546fc020c196738b5f32b09f95f5d5b196b9ffc02f952ac53e817671d1000000008ba8583aa4c77097f1c75df9bdd8288fd2f8743924cd6dd4ed457183edc74ca79c79a3da0cea39dbacd0e4b608cece26817f0f53dde0d43388e8f92d0bfdd4b427ee5b708aa2685c735f840e055a163e38a276b7fd16492587edaec8bc43f312c7ddfa59a53c9e772832f527c0ae9afcf582413f6f8c442ce39039a64965facb4340f2249cc60a8dec5b8a9ac6d60e36f57dbe1664decf85b7cae19a1d0d7bce02902284aa9041366eed09c3baafb2a4c14a373f8ffdfe107d401b7b93866f8aadff4df0f226f411d43d579541275f0bacd2dc24faf2d4d992d9f8031a422f2a30cf35e9d00644acc1ff674781281c6b93447312cc93c738b6a83a2e83225af295e0776d033557913ac9096ee1e119a06a38fcd918a18f4c01f60692a1684c55086bec71e819f8b345a5f80d3e5bc7e6854e2ea7a035b975b96e9459382fafc5f6fd106fbbd3b014b5a546f523afd9c9bed9212d7bb745123259e8f46b413e633db1668ad038725e3e01bd6707aee08b267dcd54b961c4d56b608d903ae06cc23eb1d79b3384512f2c424739aba4297063005376b6b900f3416835151fb61f08dfb4ad3732fc0f5a05339608b003a80cce6b032f13b5f2890ec29130022ff6fa874ce885e91c8e4df772286210e5aca1a64dfb12f0a2c1e992aae6afb3514afd648230650e532e8ec540a25b65657a7259922602ffdd3375a4b0f864db09907c7b8e97abb824c1f3167cff71e96682f37f37b156833d729d7369af37345fb97f3ac3e9c01328a3d7f36ae6d48c94bcf630fe6e94c5a080fe3ccde9ff72f98bd0454203a5cbe34ab7df76e54ec26942835ca6b9e0db2b24d19de496bf22d5cac91b6deb25b5622ddd7bddad97d4850735df6fff37098b06d660e5d73efdce87be427bc79e67ad31d7768d65f811ed84f29db15b8456dc951dcb8be1da330fd0c1371dbbfcedaff57e29b95b4277b46aa41eab05a756d8556d4c14b570770bc0a3c9cdd688e3e583ee2284fc32c6eed47d70c6c22c8226ae8d4144fac10d2ca22673cbe55ee11b68bf18f4811cf943b9a7f3"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x94) sched_setaffinity(0x0, 0x0, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, 0x0, 0x0) connect$inet(r0, 0x0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) ftruncate(r1, 0x6000809) syz_mount_image$ext4(&(0x7f00000001c0)='ext4\x00', &(0x7f0000000340)='./file1\x00', 0x210000, &(0x7f00000000c0)={[{@nobarrier}, {@user_xattr}, {@barrier_val={'barrier', 0x3d, 0x4}}, {@nolazytime}, {@nobarrier}, {@lazytime}, {@nombcache}, {@stripe={'stripe', 0x3d, 0x11}}, {@bh}, {@nojournal_checksum}]}, 0xfc, 0x580, &(0x7f0000001100)="$eJzs3V9rW+UfAPDvSf/89u/nOhhDvZDCLpzMpWvrnwmC81J0OND7GdqsjKbLaNKx1oHbhbvxRoYg4kB8Ad57OXwDvoqBDoaMohciRE560mVt0rRZZrLl84HTPk/OSZ7zzXOeJ8+Tc8IJYGhNpn9yES9FxNdJxOGmdaORrZzc2G794fW5dEmiVvvkjySS7LHG9kn2/2CWeTEifvky4mRue7mV1bXFQqlUXM7yU9WlK1OV1bVTl5YKC8WF4uWZ2dkzb87OvPP2Wz2L9bXzf3338d0Pznx1fP3bn+4fuZ3E2TiUrWuO4wncaM5MFv7JUmNxdsuG0z0obJAk/d4BujKStfOxSPuAwzGStXrg+fdFRNSAIZVo/zCkGuOAxty+R/PgZ8aD9zcmQPXYx5vjH934biT21edGB9aTx2ZG6Xx3ogflp2X8/Pud2+kSO38Psb9DHmBPbtyMiNOjo9v7/yTr/+J/3b726fqXxzub3JIfts8f6Ke76fjn9Vbjv9zm+CdajH8Otmi73ejc/nP3e1BMW+n4792W49/NrmtiJMv9vz7mG0suXioVT0fECxFxImodT32cWb9Xa7euefyXLmn5jbFgth/3R7f0wPOFaiEixrsM+TEPbka8PNoq/mSz/pMW9Z++H+d3Wcax4p1X2q3rHP/TVfsx4tWW9f+oWpOdz09O1Y+HqcZRsd2ft4792q78fsef1v+BneOfSJrP11b2XsYP+/4utlvX7fE/nnxaTzcawbVCtbo8HTGefLT98ZlHz23kG9un8Z84vnP/1+r4Tydfn+0y/ltHb7XddBDqf35P9b/3xL0PP/++Xfm7q/836qkT2SNZ/9dadqzsdgef9P0DAAAAAACAQZKLiEOR5PKb6Vwun9+4vuNoHMiVypXqyYvllcvzUf+t7ESM5Rpnug83XQ8xnV0P28jPbMnPRsSRiPhmZH89n58rl+b7HTwAAAAAAAAAAAAAAAAAAAAMiINtfv+f+m2k33sHPHX1Gxt0fZsn4FnW8Zb/vbjTEzCQOrZ/4Lml/cPw0v5heGn/MLzq7f9Qv/cC6Aef/zC8tH8YXto/AAAAAAAAAAAAAAAAAAAAAAAAAAAA9NT5c+fSpbb+8Ppcmp+/urqyWL56ar5YWcwvrczl58rLV/IL5fJCqZifKy91er1SuXxleiZWrk1Vi5XqVGV17cJSeeVy9cKlpcJC8UJx7D+JCgAAAAAAAAAAAAAAAAAAAJ4tldW1xUKpVFzuVyK50c/Sd5V4LwZiN55mgBu6evrooEQh0SZxM6vevT2rj50SAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGzxbwAAAP//VZQxYg==") quotactl$Q_QUOTAON(0xffffffff80000202, &(0x7f0000000180)=@loop={'/dev/loop', 0x0}, 0xffffffffffffffff, 0x0) mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x9) r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000180)='hugetlb.1GB.usage_in_bytes\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xa, 0x28011, r2, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000400)={0x10, 0x2d, 0x1}, 0x10}], 0x1, 0x0, 0x0, 0x40040}, 0x4812) setxattr$trusted_overlay_upper(&(0x7f0000000300)='./file0/file0\x00', &(0x7f0000000240), &(0x7f0000001400)=ANY=[], 0x835, 0x0) 7m28.466172538s ago: executing program 9 (id=1283): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=@updpolicy={0x17c, 0x19, 0x1, 0x0, 0x0, {{@in6=@private2={0xfc, 0x2, '\x00', 0x1}, @in=@remote, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0x0, 0x80000, 0x100000000, 0xca8}}, [@tmpl={0xc4, 0x5, [{{@in=@local, 0x4d5, 0x3c}, 0x0, @in=@broadcast}, {{@in6=@remote, 0x0, 0x3c}, 0x0, @in6=@dev={0xfe, 0x80, '\x00', 0x4}, 0x0, 0x0, 0x0, 0x0, 0x800, 0x0, 0x1}, {{@in6=@ipv4={'\x00', '\xff\xff', @local}, 0x0, 0xff}, 0x0, @in6=@ipv4={'\x00', '\xff\xff', @broadcast}, 0x3, 0x0, 0x0, 0x81}]}]}, 0x17c}}, 0x0) 7m27.385030094s ago: executing program 9 (id=1285): syz_emit_ethernet(0x32, &(0x7f0000000000)={@local, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @void, {@ipv4={0x800, @dccp={{0x5, 0x4, 0x2, 0x3f, 0x24, 0x63, 0x0, 0x7, 0x21, 0x0, @remote, @local}, {{0x4e24, 0x4e24, 0x4, 0x1, 0x4, 0x0, 0x0, 0x9, 0x2, "d76c43", 0xa2, "4ee51d"}}}}}}, 0x0) 7m26.495769747s ago: executing program 9 (id=1286): syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000300)={[{@nombcache}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x7}}, {}, {@commit={'commit', 0x3d, 0x6}}, {@quota}, {@nomblk_io_submit}]}, 0xfe, 0x470, &(0x7f0000000580)="$eJzs3M9rHFUcAPDvTH71d6LWH62tRitY/JE06c+Dl4qCBwVBDxVPMUlLbdpoE8GWQquHepSCd/Eo+Bd40ouoJ0HwpHcpFOnFKggrMzuTrJvdmG222W7384Fp35t52/e+++btzLy32wB61mj2RxKxLSJ+jYhN1ex/C4xW/7p189L0XzcvTSdRqbzxR5KX+/PmpemyaPm6rdVMpVLkhxrUe/XtiKm5udnzRX588ex74wsXLj5/+uzUqdlTs+cmjx07dHDv4JHJw22Jczhr61DM79n1ylvXXps+ce2dH77K2rutOF4bR7uMVt/dlfraXVPnba9JJ/0Ni9yDUXe/rFOy7hrIx/9w9MXmpWPD8fLHHW0ccEdVKpVKo+tz4UqlTtTvALpYYkhDjyov9Nnzb7lt0K3HXeHG8Yj3j1bjv1Vs1SP9kRZlBuqeb9tpNCJOXPn782yLOzQPAQBQ65vjEfFco/u/NB6qKbejWEMZiYj7IuL+iHggInZGxIMRedmHI+KRFuuvXyFZef+TXr+twNYou/97oVjbWrr/+6eSx18Y6Sty2/P4B5KTp+dmDxTvyf4YGMryE6vU8e1LP3/a7Fjt/V+2ZfWX94JV6fX+ugm6manFqXWGveTGRxG7++vizyVRLuMkEbErIna39C8vP2GcfubLPc1KLce/OSIaxb+KxutMrbXyi4inq/1/JeriLyVN1ycnjh6ZPDy+KeZmD4yXZ8VKP/509fVm9f9//99ZWf9vqT//l3vvcnbKJ5siFi5cPJOv1y60XsfV3z5p+EyzZR3n/2DyZp4eLPZ9OLW4eH4iYjB5deX+yeXXlvmyfBb//n2Nzv80/4yLov8fjYjsJN4bEY9FxONF25+IiCcjYt8q8X//4lPvNjvWPP5VZuXbKIt/pkH/15z/I1lquf9bT/Sd+e7r1uMvZf1/KE/tL/as5fNvrQ1cz3sHAAAA3SLNvwOfpGNL6TQdG6t+h39nbEnn5hcWnz05/8G5mep35UdiIC1nuoZr5kMnirnhMj9Zlz9YzBt/1rc5z49Nz8/NdDp46HFbm4z/zO9+sQH3vjasowFdyviH3mX8Q+9aHv9HOtoOYOO5/kPvajT+L3egHcDGc/2H3mX8Q+8y/qF3Gf/Qk5r+Nj5d10/+uzbxy467ohldkIi09Vf1RyfbPNjR2m870b/m/8ziNhNDDQ91+pMJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgPf4NAAD//1xS8Ns=") creat(&(0x7f0000000240)='./file1\x00', 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, 0x0}], 0x1, 0x43, 0x0, 0x0) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0xe, 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000040)={0xd}) ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000000)={[0x4, 0x7, 0x3, 0x180, 0x2, 0x10, 0xf1, 0x100000001, 0x1, 0x5, 0x0, 0x800029, 0x0, 0x6, 0x0, 0xbd9], 0xffff1001, 0x43100}) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(0xffffffffffffffff, 0x10e, 0x1, &(0x7f0000000000)=0x3, 0x4) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_SREGS(0xffffffffffffffff, 0x4138ae84, &(0x7f00000001c0)={{0x3000, 0x1, 0x8, 0x8, 0xb, 0xe6, 0x40, 0x0, 0x0, 0x81, 0x80}, {0x5000, 0x3000, 0x10, 0x0, 0x42, 0x5, 0x75, 0x3, 0x36, 0xfe, 0x2, 0x87}, {0xf000, 0xdddd0000, 0xe, 0x5, 0x3, 0x7, 0x0, 0x9, 0x1, 0xa4, 0x5, 0x8}, {0x1, 0xeeee0000, 0x19, 0x6, 0x5, 0x42, 0x0, 0xff, 0x0, 0x5, 0x6}, {0xc000, 0xd000, 0xf, 0x3, 0x16, 0x7, 0xaa, 0x8, 0x9, 0x9, 0xfa, 0x97}, {0xeeefa000, 0xdddd0000, 0xd, 0xa0, 0x1, 0x8, 0x1, 0xa0, 0x82, 0x2f, 0x1, 0x7}, {0x3000, 0xb000, 0xf, 0x5, 0x7, 0x5, 0x7, 0x3, 0x8, 0x81, 0x40, 0x70}, {0xdddd0000, 0x4000, 0xa, 0x5, 0xcd, 0x7, 0x1, 0x9, 0x2, 0x5, 0xb0, 0x81}, {0xeeee0000, 0x30}, {0x8000000, 0x9}, 0x80000031, 0x0, 0x40000, 0x2024, 0x800000a, 0xc001, 0x100000, [0xe5b5, 0x4, 0x3, 0x5]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 7m23.853053907s ago: executing program 9 (id=1294): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f00000001c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) socket$inet6_tcp(0xa, 0x1, 0x0) connect$unix(r1, &(0x7f0000000200)=@file={0x0, './file1\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8) fsopen(0x0, 0x0) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) r3 = socket(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000003c0)=@newqdisc={0x78, 0x24, 0x50b, 0x8, 0x0, {0x60, 0x0, 0x0, r5, {0x0, 0x8}, {0xffff, 0xffff}, {0x1}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x200, 0x5, 0x0, 0x0, 0xf407}, 0xfffffffb, 0x0, 0x0, 0x4, 0x7, 0x8, 0x40, 0x9, 0x0, 0x1ff, {0x0, 0x0, 0x0, 0x5}}}}]}, 0x78}, 0x1, 0x0, 0x0, 0x40000}, 0x0) syz_usb_disconnect(0xffffffffffffffff) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000480)='./file1\x00', 0x0, &(0x7f0000000280), 0x1, 0x783, &(0x7f0000001f80)="$eJzs3c9rHFUcAPDvbJKmSauJIGg9BQQNlG5Mja2Ch4oHESwU9Gy7bLahZpMt2U1pQg4tIngRVDwIeunZH/Xm1R9X/S88SEvVtFjxIJHZH+222U03bXY3kM8HXva9mdm89903P97sDDsB7FkT6Z9MxKGI+DiJGKtPTyJiqJobjDhRW+72+lo+TUlsbLz9Z1Jd5tb6Wj6a3pM6UC88HRE/fRBxOLO53vLK6nyuWCws1ctTlYXzU+WV1SPnFnJzhbnC4rHpmZmjx186fmznYv3719WD1z954/lvT/z7/lNXP/o5iRNxsD6vOY6dMhET9c9kKP0I7/H6TlfWZ0m/G8BDSTfNgdpWHodiLAaquTZGetkyAKBbNgCAPSgxBgCAPabxPcCt9bV8I/X3G4neuvFaROyvxd+4vlmbM1i/Zre/eh109FZyz5WRJCLGd6D+iYj48vt3v05T1PvBtTSgFy5djogz4xOb9//JpnsWtuuFrWZuDFdfJu6bvNeOP9BPP6Tjn5dbjf8yd8Y/0WL8M9xi230YD97+M9d2oJq20vHfq033tt1uir9ufKBeeqw65htKzp4rFtJ92+MRMRlDw2l5urpo65Hb5M3/brarv3n899en732V1p++3l0ic21w+N73zOYquUeNu+HG5YhnBlvFn9zp/6TN+PdUh3W8+cqHX7Sbl8afxttIm+Pvro0rEc+17P+7fZlseX/iVHV1mGqsFC1899vno+3qb+7/NKX1N84FeiHt/9Gt4x9Pmu/XLG+/jl+ujP3Ybt6D42+9/u9L3qnm99WnXcxVKkvTEfuStzZPP3r3vY1yY/k0/slnW2//tWpbr//pOeGZDuMfvP7HNw8ff3el8c9uq/+3n7l6e36gXf2d9f9MNTdZn9LJ/q/TBj7KZwcAAAAAAAAAAAAAAAAAAAAAAAAAncpExMFIMtk7+Uwmm609w/vJGM0US+XK4bOl5cXZqD4rezyGMo2fuhxr+j3U6frv4TfKR+8rvxgRT0TEZ8Mj1XI2XyrO9jt4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKg70Ob5/6nfh/vdOgCga/b3uwEAQM85/gPA3rO94/9I19oBAPSO838A2Hs6Pv6f6W47AIDecf4PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAl506eTJNG/+sr+XT8uyFleX50oUjs4XyfHZhOZ/Nl5bOZ+dKpbliIZsvLbT9R5dqL8VS6fxMLC5fnKoUypWp8srq6YXS8mLl9LmF3FzhdGGoZ5EBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQOfKK6vzuWKxsCSzZWZkdzRj12QGY1c0Q6Zrmea9xEj/dlAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAu9z/AQAA//+MoS4e") r6 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x143042, 0x80) pwritev2(r6, &(0x7f0000000100)=[{&(0x7f0000000080)="ff", 0xabfe}], 0x1, 0x5405, 0x0, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xac5) bpf$MAP_CREATE(0x0, &(0x7f0000000540)=@base={0x5, 0x1, 0x6, 0xb}, 0x50) r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x14, &(0x7f0000000280)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_BIND_MAP(0xa, &(0x7f00000004c0)={r7}, 0xc) syz_clone3(&(0x7f0000000900)={0x23800000, 0x0, 0x0, 0x0, {0x27}, 0x0, 0x0, 0x0, 0x0}, 0x58) io_setup(0x8, &(0x7f0000000600)) 7m8.432489442s ago: executing program 40 (id=1294): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f00000001c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) socket$inet6_tcp(0xa, 0x1, 0x0) connect$unix(r1, &(0x7f0000000200)=@file={0x0, './file1\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8) fsopen(0x0, 0x0) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) r3 = socket(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000003c0)=@newqdisc={0x78, 0x24, 0x50b, 0x8, 0x0, {0x60, 0x0, 0x0, r5, {0x0, 0x8}, {0xffff, 0xffff}, {0x1}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x200, 0x5, 0x0, 0x0, 0xf407}, 0xfffffffb, 0x0, 0x0, 0x4, 0x7, 0x8, 0x40, 0x9, 0x0, 0x1ff, {0x0, 0x0, 0x0, 0x5}}}}]}, 0x78}, 0x1, 0x0, 0x0, 0x40000}, 0x0) syz_usb_disconnect(0xffffffffffffffff) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000480)='./file1\x00', 0x0, &(0x7f0000000280), 0x1, 0x783, &(0x7f0000001f80)="$eJzs3c9rHFUcAPDvbJKmSauJIGg9BQQNlG5Mja2Ch4oHESwU9Gy7bLahZpMt2U1pQg4tIngRVDwIeunZH/Xm1R9X/S88SEvVtFjxIJHZH+222U03bXY3kM8HXva9mdm89903P97sDDsB7FkT6Z9MxKGI+DiJGKtPTyJiqJobjDhRW+72+lo+TUlsbLz9Z1Jd5tb6Wj6a3pM6UC88HRE/fRBxOLO53vLK6nyuWCws1ctTlYXzU+WV1SPnFnJzhbnC4rHpmZmjx186fmznYv3719WD1z954/lvT/z7/lNXP/o5iRNxsD6vOY6dMhET9c9kKP0I7/H6TlfWZ0m/G8BDSTfNgdpWHodiLAaquTZGetkyAKBbNgCAPSgxBgCAPabxPcCt9bV8I/X3G4neuvFaROyvxd+4vlmbM1i/Zre/eh109FZyz5WRJCLGd6D+iYj48vt3v05T1PvBtTSgFy5djogz4xOb9//JpnsWtuuFrWZuDFdfJu6bvNeOP9BPP6Tjn5dbjf8yd8Y/0WL8M9xi230YD97+M9d2oJq20vHfq033tt1uir9ufKBeeqw65htKzp4rFtJ92+MRMRlDw2l5urpo65Hb5M3/brarv3n899en732V1p++3l0ic21w+N73zOYquUeNu+HG5YhnBlvFn9zp/6TN+PdUh3W8+cqHX7Sbl8afxttIm+Pvro0rEc+17P+7fZlseX/iVHV1mGqsFC1899vno+3qb+7/NKX1N84FeiHt/9Gt4x9Pmu/XLG+/jl+ujP3Ybt6D42+9/u9L3qnm99WnXcxVKkvTEfuStzZPP3r3vY1yY/k0/slnW2//tWpbr//pOeGZDuMfvP7HNw8ff3el8c9uq/+3n7l6e36gXf2d9f9MNTdZn9LJ/q/TBj7KZwcAAAAAAAAAAAAAAAAAAAAAAAAAncpExMFIMtk7+Uwmm609w/vJGM0US+XK4bOl5cXZqD4rezyGMo2fuhxr+j3U6frv4TfKR+8rvxgRT0TEZ8Mj1XI2XyrO9jt4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKg70Ob5/6nfh/vdOgCga/b3uwEAQM85/gPA3rO94/9I19oBAPSO838A2Hs6Pv6f6W47AIDecf4PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAl506eTJNG/+sr+XT8uyFleX50oUjs4XyfHZhOZ/Nl5bOZ+dKpbliIZsvLbT9R5dqL8VS6fxMLC5fnKoUypWp8srq6YXS8mLl9LmF3FzhdGGoZ5EBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQOfKK6vzuWKxsCSzZWZkdzRj12QGY1c0Q6Zrmea9xEj/dlAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAu9z/AQAA//+MoS4e") r6 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x143042, 0x80) pwritev2(r6, &(0x7f0000000100)=[{&(0x7f0000000080)="ff", 0xabfe}], 0x1, 0x5405, 0x0, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xac5) bpf$MAP_CREATE(0x0, &(0x7f0000000540)=@base={0x5, 0x1, 0x6, 0xb}, 0x50) r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x14, &(0x7f0000000280)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_BIND_MAP(0xa, &(0x7f00000004c0)={r7}, 0xc) syz_clone3(&(0x7f0000000900)={0x23800000, 0x0, 0x0, 0x0, {0x27}, 0x0, 0x0, 0x0, 0x0}, 0x58) io_setup(0x8, &(0x7f0000000600)) 5m26.894263657s ago: executing program 2 (id=1510): syz_mount_image$vfat(&(0x7f0000001040), &(0x7f0000000040)='./file0\x00', 0x2000040, &(0x7f0000000840)={[{@rodir}, {@nonumtail}, {@uni_xlateno}, {@iocharset={'iocharset', 0x3d, 'cp850'}}, {@uni_xlate}, {@utf8}, {@fat=@codepage={'codepage', 0x3d, '775'}}, {@uni_xlateno}, {@shortname_winnt}, {@shortname_win95}, {@shortname_winnt}, {@iocharset={'iocharset', 0x3d, 'iso8859-3'}}, {@uni_xlate}]}, 0x1, 0x375, &(0x7f00000004c0)="$eJzs3U1oXNUXAPAzH5mZFPpPFn8ouhrdCVJaxYVuTJEKxSy0Mvi1caCp1ZlRyODAZNFpNopLxY2gK3dd6LJrcSHirgu3VpCquLFuLLT45M2befOVNCmYWPX3ox3uO/ece+97eWSSR3Lz6lq0zi3F+Rs3rketVojy2lNrcbMQq1GMUmQupS/lAAD+JW4mSfyaZIaBJ++U/cGRWMpalUNZHQBwEIbv/68dzQ6qo//7sd88AOCes/D9/86e3TH61oEtCwA4QFPv/4Vh4MGZ7rnH/OX8ZwIAgH+u5196+ZlT6xFn6/VaROfdXqPXiCcm/afOx+vRjo04EStxOyJ7UJA9LUhfnz6zfvpEPfXjajTSil4jojPoNbKvFE6VhvXVOBkrsTqqT/L6Ulp/clhfj4hLg+H80Sn0GktxZDT/d0diI45eWIn/L9RHnFk//XuSJMMBGp1x/SBqkf7LpOs/HitxtTg8OBdpbTZWMZZHSesz9b3L1WEeAAAAAAAAAAAAAAAAAAAAAAAchOPLlfrIar7/TdIZ9N45O0qoL/ZHbdBrZN2j/YG2s/2Bkup4d573SvP7A83uz9NrlKP4t545AAAAAAAAAAAAAAAAAAAA3Du6/Uo02+2NzW5/qzVpVNqDrFFMI29+/dmXyzGf80ZpEolyNtxMzigW/a1WKSLSrlLk5UlenpSGOXPLSEuySCGal6/kK57OqeZnsdVq3riaHUzGqY678kihnOccfeCHjxcm7W+1/phESpF31boLK/xtOV/TVFfnf1kojQw2F6t2bxS6/Uf2yLmWJMlu5Rc/WqyKWkR54QP3VzS+un7hvke7xx7rFsqt5hejTR8eenjlhWsffvpzq9mOQnYZ2u3KZvd2cvdTFCb36LirELNde4+zPYlsb3b7zdK3v7x4//vfZJHi+N4oRbeYV9Xy+yeZHvDt3ef6fD5SyRrpMiv7ONOlHW7+nRuv3Jq5w5fmrs+dy499sta8cvH7n8YXc6+qqU8SNuoAAAAAAAAAAAAAAAAAAIBDMfW74nfh8ecObkUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcPgmf/9/qrG9ENlP49YgFruqG5vdXSdfPtRTBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgP+zPAAAA//+wKGYo") syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file0\x00', 0x200000, &(0x7f0000000440)={[{@noauto_da_alloc}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x1}}, {@dioread_lock}, {@norecovery}, {@discard}, {@lazytime}, {@nogrpid}, {@usrquota}, {@noauto_da_alloc}]}, 0xfd, 0x55a, &(0x7f0000000b80)="$eJzs3c9vFFUcAPDvbFt+FaUkhKgH04SDGGRLW39g4gGPRokkesdNOzSkW7bpbgmtJMJBLl4MMTFGEuPNi3ePxH/Av4KDJMSQRg9e1sx2tix0t13ahS7u55MMvDcz2zdv33xf39u32w1gYI1n/xQiXo2Ib5OIIy3HhiM/OL5+3trD6zPZlkS9/tlfSST5vub5Sf7/aJ55JSJ+/zriVGFzudWV1flSuZwu5fmJ2sLiRHVl9fTlhdJcOpdemZqePvvO9NT7773bs7q+eeGfHz69+9HZb06sff/r/aO3kzgXh/NjrfXYhRutmfEYz5+TkTj3xImTPSisnyR7fQHsyFAe5yOR9QFHYiiPeuD/76uIqAMDKtlN/C/qPuDF1RwHNOf2PZoHvzAefLg+Adpc/+H110biQGNudGgteWxmlM13x3pQflbGb3/euZ1t0bvXIQC2deNmRJwZHt7c/yV5/7dzZ7o458ky9H/w/NzNxj9vtRv/FDbGP9Fm/DPaJnZ3Yvv4L9zvQTEdZeO/D9qOfzcWrcaG8txLjTHfSHLpcjnN+raXI+JkjOzP8lut55xdu1fvdKx1/JdtWfnNsWB+HfeH9z/+mNlSrbSbOrd6cDPitbbj32Sj/ZM27Z89Hxe6LON4euf1Tse2r/+zVf854o227f9oRSvZen1yonE/TDTvis3+vnX8j07l73X9s/Y/tHX9x5LW9drq05fx04F/007Hdnr/70s+b6T35fuulWq1pcmIfcknm/dPPXpsM988P6v/yRNb93/t7v+DEfFFl/W/dexWx1P7of1nn6r9nz5x7+Mvf+xUfnft/3YjdTLf003/1+0F7ua5AwAAAAAAgH5TiIjDkRSKG+lCoVhcf3/HsThUKFeqtVOXKstXZqPxWdmxGCk0V7pHW94PMZm/H7aZn3oiPx0RRyPiu6GDjXxxplKe3evKAwAAAAAAAAAAAAAAAAAAQJ8Y7fD5/8afUB/a66sDnjlf+Q2Da9v478U3PQF9ye9/GFziHwaX+IfBJf5hcIl/GFziHwaX+IfBJf4BAAAAAAAAAAAAAAAAAAAAAAAAAACgpy6cP59t9bWH12ey/OzVleX5ytXTs2l1vriwPFOcqSwtFucqlblyWpypLGz388qVyuLkVCxfm6il1dpEdWX14kJl+Urt4uWF0lx6MR15LrUCAAAAAAAAAAAAAAAAAACAF0t1ZXW+VC6nSxISO0oM98dlPOfEL/1xGc8wsdc9EwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA88l8AAAD//9Z+NIE=") pipe2(&(0x7f00000000c0), 0x80000) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) splice(r1, &(0x7f0000000040), r0, 0x0, 0x800000000ff, 0x0) 5m25.128748602s ago: executing program 2 (id=1517): bpf$MAP_CREATE(0x0, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = getpid() execveat(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x400) sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0x0, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) openat$binfmt_register(0xffffffffffffff9c, 0x0, 0x1, 0x0) openat$dir(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x100, 0x20) sendmsg$inet6(0xffffffffffffffff, 0x0, 0x2000c850) socket$nl_xfrm(0x10, 0x3, 0x6) mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x10) mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) openat(0xffffffffffffff9c, &(0x7f00000013c0)='./file0/file0\x00', 0x404c2, 0x0) prlimit64(0x0, 0xe, 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x1d7) mkdirat(0xffffffffffffff9c, &(0x7f0000000400)='./file1/file0\x00', 0x0) mount$bind(&(0x7f0000000100)='.\x00', &(0x7f0000000080)='./file1/file0\x00', 0x0, 0x1085408, 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f00000003c0), 0x40, &(0x7f00000004c0)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file1/file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) unlinkat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x200) 5m22.847729987s ago: executing program 5 (id=1525): open(0x0, 0x0, 0x0) r0 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000000000)=0x0) timer_settime(r1, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r2 = socket$unix(0x1, 0x2, 0x0) bind$unix(r2, &(0x7f0000000280)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) r3 = socket$unix(0x1, 0x2, 0x0) connect$unix(r3, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) sendmmsg(r3, &(0x7f0000002dc0), 0x307017fdb7a66cb, 0x0) 5m21.944529776s ago: executing program 5 (id=1528): socket$inet(0x2, 0x2, 0x1) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_open_procfs(0x0, 0x0) ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000440)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x44, 0x44, 0x2, [@var={0xa}, @func_proto={0x0, 0x5, 0x0, 0xd, 0x0, [{}, {0x6}, {}, {}, {}]}]}}, 0x0, 0x5e, 0x0, 0xfffffffd}, 0x28) r3 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace(0x10, r3) ptrace$setregset(0x4205, r3, 0x200, &(0x7f00000001c0)={&(0x7f0000000440)="c94522e546f93f6dedf11f1509685636", 0x60}) ioctl$VHOST_SET_VRING_ADDR(0xffffffffffffffff, 0x4028af11, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20041090}, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r4 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2182, 0x0) r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/meminfo\x00', 0x0, 0x0) sendfile(r4, r5, 0x0, 0x20000023896) mremap(&(0x7f000020e000/0x2000)=nil, 0x2000, 0x400000, 0x0, &(0x7f000082a000/0x400000)=nil) clock_gettime(0x5, 0x0) setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, &(0x7f0000000180)={0x1100005}, 0x10) 5m15.024037051s ago: executing program 2 (id=1539): r0 = syz_open_dev$evdev(&(0x7f0000000b80), 0x0, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) ioctl$EVIOCSKEYCODE_V2(r0, 0x80104592, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x80000, "207d3d0040b6000900"}) 5m14.226286934s ago: executing program 2 (id=1541): gettid() r0 = socket$inet6_tcp(0xa, 0x1, 0x0) socket$xdp(0x2c, 0x3, 0x0) pselect6(0x900, 0x0, 0x0, &(0x7f0000000240)={0x1f}, &(0x7f0000000280)={0x0, 0x3938700}, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4) connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback, 0x2}, 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000040)=0x2, 0x4) ioctl$int_in(r0, 0x5452, &(0x7f0000000180)=0x8000000001) writev(r0, &(0x7f0000000080)=[{&(0x7f00000002c0)="ec", 0xfdef}], 0x1) 5m12.733634685s ago: executing program 2 (id=1544): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NFC_CMD_GET_TARGET(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x14, 0x0, 0x4}, 0x14}}, 0x0) syz_genetlink_get_family_id$nfc(&(0x7f0000000140), r1) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000300), r1) sendmsg$NL802154_CMD_DEL_SEC_DEVKEY(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)={0x14, r2, 0xc07, 0x1, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x4040084}, 0xc050) 5m11.998803044s ago: executing program 5 (id=1548): syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000480)='./file1\x00', 0x0, &(0x7f0000000500)={[{@init_itable}]}, 0x1, 0x79f, &(0x7f0000000f80)="$eJzs3c1rHOUfAPDvbJKmSfv7JYKg9RQQNFC6MTVtFTxUPIhgoaBn27DZhppNtmQ3pQkBW0TwIqh4EPTSsy/15tWXq/4XHqSlalqseJDI7Eu7aXabbM3uhubzgck+z8xsnue7z8wzz+wMOwHsWWPpn0zEoYj4MIkYqc1PImKgkuqPOFld787aai6dklhff+P3pLLO7bXVXDS8J3WglnkyIn54L+JwZnO5peWVuelCIb9Yy0+U5y9MlJZXjpyfn57Nz+YXjk9OTR09cezE8Z2L9c+fVw7e+OjVZ78++fe7T1z74MckTsbB2rLGOHbKWIzVPpOB9CPc4JWdLqzHko3Zfb2qB+1Jd82+6l4eh2Ik+iqpFoa6WTMAoFPWAYC9651eVwAA6Jb69wC311Zz9am330h0182XI2J/Nf769c3qkv7aNbv9leugw7eTDVdGkogY3YHyxyLi82/f+jKdotYOyQ78X4CtXL4SEWdHxzb3/8mmexba9dyDFq4PVl7G7pu9144/0EvfpeOfF5qN/zJ3xz/RZPwz2GTffRhb7/+Z67VE3w4Ut0k6/nup4d62Ow3x14z21XL/q4z5BpJz5wv5tG/7f0SMx8Bgmp+srNp85DZ+659brcpvHP/98fHbX6Tlp6/31shc7x/c+J6Z6fL0f4277uaViKf6m8Wf3G3/pMX49/Q2y3jtxfc/a7UsjT+Ntz5tjr+z1q9GPNO0/e+1ZdLy/sT+YyeOT1Q2h4n6RtHEN798Otyq/Mb2T6e0/Pq5QDek7T/84PhHk8b7NUvtl/HT1ZHvWy3bOv7m2/++5M1Kun6j4aXpcnlxMmJf8vrm+Ufvvbeer6+fxj/+dPP9v1ps8+0/PSc8u834+2/89tXDx99ZafwzbbV/+4lrd+Za9t3ba/+pSmq8Nmc7/d8W9bocD701AwAAAAAAAAAAAAAAAAAAAAAAAED7MhFxMJJM9m46k8lmq8/wfjyGM4ViqXz4XHFpYSYqz8oejYFM/acuRxp+D3Wy9nv49fzR+/LPR8RjEfHJ4FAln80VCzO9Dh4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAag60eP5/6tfBXtcOAOiY/b2uAADQdY7/ALD3tHf8H+pYPQCA7nH+DwB7z7aP/2c7Ww8AoHvaPf/v61A9AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeGSdPnUqndb/WlvNpfmZi8tLc8WLR2bypbns/FIumysuXsjOFouzhXw2V5xv+Y8uV18KxeKFqVhYujRRzpfKE6XllTPzxaWF8pnz89Oz+TP5ga5FBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADbV1pemZsuFPKLEg9MDO2OauyaRH/simo8Com+2BXVuD/R2EsM9a6DAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANjl/g0AAP//3BEuHw==") r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x100, 0x52) ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r0, 0x8004587d, &(0x7f0000000080)={@id={0x2, 0x0, @d}}) r1 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0) ioctl$FS_IOC_GETFSMAP(r1, 0xc0c0583b, 0x0) 5m11.998381486s ago: executing program 2 (id=1549): bpf$MAP_CREATE(0x0, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = getpid() execveat(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x400) sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0x0, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) openat$binfmt_register(0xffffffffffffff9c, 0x0, 0x1, 0x0) openat$dir(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x100, 0x20) sendmsg$inet6(0xffffffffffffffff, 0x0, 0x2000c850) socket$nl_xfrm(0x10, 0x3, 0x6) mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x10) mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) openat(0xffffffffffffff9c, &(0x7f00000013c0)='./file0/file0\x00', 0x404c2, 0x0) prlimit64(0x0, 0xe, 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x1d7) mkdirat(0xffffffffffffff9c, &(0x7f0000000400)='./file1/file0\x00', 0x0) mount$bind(&(0x7f0000000100)='.\x00', &(0x7f0000000080)='./file1/file0\x00', 0x0, 0x1085408, 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f00000003c0), 0x40, &(0x7f00000004c0)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file1/file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) unlinkat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x200) 5m10.413146144s ago: executing program 5 (id=1553): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), r0) sendmsg$NL802154_CMD_SET_MAX_CSMA_BACKOFFS(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000280)={0x5c, r1, 0x1, 0x70bd25, 0x25dfdbfb, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x300000003}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x3}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x300000003}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}, @NL802154_ATTR_MAX_CSMA_BACKOFFS={0x5, 0x12, 0xf8}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_MAX_CSMA_BACKOFFS={0x5, 0x12, 0x4}]}, 0x5c}, 0x1, 0x0, 0x0, 0x4000010}, 0x0) 5m9.259559071s ago: executing program 5 (id=1557): socket$tipc(0x1e, 0x5, 0x0) timer_create(0x0, 0x0, 0x0) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x9) mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xfc778000) bpf$PROG_LOAD(0x5, 0x0, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x1d, 0x0) ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, 0x0) syz_mount_image$fuse(0x0, &(0x7f0000000040)='./file0\x00', 0x4028, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000001900)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, &(0x7f0000000000)=ANY=[@ANYBLOB="1500000065ffff0180000008003950323030302e75"], 0x15) r2 = dup(r1) write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18) write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f00000000c0)={0x14c}, 0x137) mount$9p_fd(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000180), 0x14000, &(0x7f0000000380)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2, @ANYBLOB=',version=9p2000.u,noextend']) chdir(&(0x7f0000000140)='./file0\x00') creat(&(0x7f0000000e40)='./file1\x00', 0x18) 5m7.054268334s ago: executing program 5 (id=1560): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="640000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000002400028014000180080001000000000008000200ac1e00010c00028005000100000000000800074000000001"], 0x64}}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x400000000008d}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x1, &(0x7f0000000240)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x4000087, 0x2, 0x0) sendmsg$IPCTNL_MSG_CT_GET_UNCONFIRMED(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x44800}, 0x80) sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="5c00000000010104000000000000000002000000240002801400018008000100e000000108000200e00000010c00028005000100000002000800084000000008140005"], 0x5c}, 0x1, 0x0, 0x0, 0x20008880}, 0x4000) 5m5.556068296s ago: executing program 4 (id=1561): syz_mount_image$ext4(&(0x7f0000000500)='ext4\x00', &(0x7f00000006c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x10040, &(0x7f0000000100)={[{@journal_ioprio={'journal_ioprio', 0x3d, 0x4}}, {@quota}]}, 0xfd, 0x269, &(0x7f0000000a00)="$eJzs3U9oHFUcB/Df7B/jJotEvQjiHxARDYR4E7zEi0JAQhARVIiIeJJEiAnesp68eNCzSkDwEkpvTXssvYReWgo9pW0O6aXQhh4aemgPW3Znt2ySDW33b9n5fGCYmbz35r0J832zLMxsAJk1GRGzEZGPiKmIKEZE0lrh7XSZbOxulLYXI6rVL+4m9XrpfqrZbiIiKhHxUUShWba29c3e/Z3P3vtjtfju/1tflwZ1fq3293Y/P/h3/vczcx+uXb56ez6J2Sg3ylrPo5eSNn8rJBGv9KOz50RSGPYIeBoLv56+Vsv9qxHxTj3/xcg1IvvnygsXivHBPye1/evOldcHOVag96rVYu0eWKkCmZOLiHIkuemISLdzuenp9DP89fx47qfllV+mflxeXfph2DMV0CvlSHY/PTd2duJI/m/l0/wDo6scsfvlwuaN2vZBftijAfqm9dv2N9JVLf9T362/H/IPmSP/kF3yD9kl/zACOsyu/EN2dZP/F/s0JmAw3P9hhBWbG5W2xfIP2SX/MKL+a/fU6WHyD9nVmn8AIFuqY8N+AhkYlmHPPwAAAAAAAAAAAAAAAAAAwHEbpe3F5jKoPi/+HbH/SUQU2vWfr/8ecfNt4+P3klq1x5K0WVe+favLA3TpVM+evi511Oqlm73qvzOX3uzPcX87vHviP2d9KaJSqzxTKBy//pLG9de5l59QXvy+yw6e0dG3An781WD7P+rh5nD7n9uJOF+bf2bazT+5eK2+bj//lFtfsdyhnx90eQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAG5lEAAAD//4oibec=") syz_mount_image$vfat(&(0x7f0000000b00), &(0x7f000001fc00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x1814011, 0x0, 0x44, 0x0, &(0x7f0000000140)) creat(&(0x7f0000000580)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r0, 0x8993, &(0x7f0000005b40)={'bridge_slave_1\x00', @local}) syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000780)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2c60a, 0x0, 0x1, 0x0, &(0x7f0000000000)) setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, &(0x7f00000001c0)='syz_tun\x00', 0x10) bind$inet6(0xffffffffffffffff, &(0x7f00000001c0)={0xa, 0x8000002, 0x0, @mcast2}, 0x50) syz_emit_ethernet(0x72, &(0x7f00000000c0)={@broadcast, @remote, @void, {@ipv6={0x86dd, @icmpv6={0x1, 0x6, '\x00', 0x3c, 0x3a, 0x1, @private1={0xfc, 0x1, '\x00', 0x1}, @local, {[], @pkt_toobig={0x2, 0x0, 0x0, 0x504, {0x6, 0x6, '8eE', 0x2, 0x3a, 0xff, @mcast2, @remote, [], "c4ed8236a5bf73508f638225"}}}}}}}, 0x0) 4m59.040868043s ago: executing program 4 (id=1564): r0 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'veth0\x00', 0x0}) setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f00000004c0)={r1, 0x3, 0x6}, 0x10) setsockopt$packet_drop_memb(r0, 0x107, 0x2, &(0x7f0000000000)={r1, 0x1, 0x6, @local}, 0x10) 4m57.207724946s ago: executing program 4 (id=1567): r0 = syz_open_procfs(0x0, 0x0) getdents64(r0, 0x0, 0x0) sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0) r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/debug/binder/stats\x00', 0x0, 0x0) read$FUSE(r1, &(0x7f0000007fc0)={0x2020}, 0x2020) syz_ublk_setup_io_uring(0x20, 0x0, 0x0, 0x0, 0x0) 4m56.310097881s ago: executing program 41 (id=1549): bpf$MAP_CREATE(0x0, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = getpid() execveat(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x400) sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0x0, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) openat$binfmt_register(0xffffffffffffff9c, 0x0, 0x1, 0x0) openat$dir(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x100, 0x20) sendmsg$inet6(0xffffffffffffffff, 0x0, 0x2000c850) socket$nl_xfrm(0x10, 0x3, 0x6) mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x10) mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) openat(0xffffffffffffff9c, &(0x7f00000013c0)='./file0/file0\x00', 0x404c2, 0x0) prlimit64(0x0, 0xe, 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x1d7) mkdirat(0xffffffffffffff9c, &(0x7f0000000400)='./file1/file0\x00', 0x0) mount$bind(&(0x7f0000000100)='.\x00', &(0x7f0000000080)='./file1/file0\x00', 0x0, 0x1085408, 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f00000003c0), 0x40, &(0x7f00000004c0)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file1/file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) unlinkat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x200) 4m55.728446844s ago: executing program 4 (id=1570): r0 = syz_usb_connect$hid(0x0, 0x36, 0x0, 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000040)='./file1\x00', 0x21081e, &(0x7f00000001c0)={[{@grpquota}, {@nogrpid}, {@quota}]}, 0x1, 0x4fa, &(0x7f00000005c0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=") quotactl$Q_SETQUOTA(0xffffffff80000800, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000001c0)='./bus\x00', 0x204b82f, 0x0, 0x3, 0x0, &(0x7f0000000240)) syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) setsockopt$inet6_mtu(0xffffffffffffffff, 0x29, 0x17, 0x0, 0x0) capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000}) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x3, 0x4, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xd}, 0x94) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0) unlinkat(r1, &(0x7f0000000040)='./bus\x00', 0x200) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000001c0)='./bus\x00', 0x5020, 0x0, 0x3, 0x0, &(0x7f0000000240)) 4m50.916074166s ago: executing program 42 (id=1560): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="640000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000002400028014000180080001000000000008000200ac1e00010c00028005000100000000000800074000000001"], 0x64}}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x400000000008d}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x1, &(0x7f0000000240)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x4000087, 0x2, 0x0) sendmsg$IPCTNL_MSG_CT_GET_UNCONFIRMED(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x44800}, 0x80) sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="5c00000000010104000000000000000002000000240002801400018008000100e000000108000200e00000010c00028005000100000002000800084000000008140005"], 0x5c}, 0x1, 0x0, 0x0, 0x20008880}, 0x4000) 4m50.622152269s ago: executing program 4 (id=1574): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000340)='./file1\x00', 0x210000, &(0x7f0000002f40)={[{@nodelalloc}, {@dioread_lock}, {@barrier_val={'barrier', 0x3d, 0x4}}, {@nolazytime}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@lazytime}, {@errors_remount}, {@stripe={'stripe', 0x3d, 0x5}}, {@bh}, {@init_itable}]}, 0xfc, 0x56f, &(0x7f0000003780)="$eJzs3d9rW1UcAPDvTdPup66DMdQHGezByVy6tv6YIDgfRYcDfZ+hzcpouowmHWsduD24F19kCCIOxD/Adx+H/4B/xUAHQ0bRBxEiN73psjZp2i4z2fL5wG3Pyb23535z7vf2nNyEBDC0jqU/chEvR8Q3ScShlnX5yFYeW9tu9eH1mXRJol7/9M8kkuyx5vZJ9vtAVnkpIn79KuJkbnO71eWV+WK5XFrM6hO1hSsT1eWVU5cWinOludLlqenpM29NT737zts9i/X1839//8ndD898fXz1u5/vH76dxNk4mK1rjeMJ3GitHCv+m5VG4+yGDSd70NggSfp9AOzKSJbno5FeAw7FSJb1wPPvy4ioA0Mqkf8wpJrjgObcvkfz4GfGgw/WJkCN2Mda48+vvTYSextzo/2ryWMzo3S+O96D9tM2fvnjzu10ia1fh9jXpQ6wIzduRsTpfH7z9T/Jrn+7d7rx4vHWNrYxbP9/oJ/upuOfN9qN/3Lr459oM/450CZ3d6N7/ufu96CZjtLx33ttx7/rl67xkaz2QmPMN5pcvFQunY6IFyPiRNS73vo4s3qv3mld6/gvXdL2m2PB7Dju5/c8vs9ssVaMiLFdhvyYBzcjXsm3iz9Z7/+kTf+nz8f5bbZxtHTn1U7rusf/dNV/initbf8/6tZk6/uTE43zYaJ5Vmz2162jv3Vqv9/xp/2/f+v4x5PW+7XVnbfx495/Sp3W7fb8H0s+a5SbSXCtWKstTkaMJR9vfnzq0b7NenP7NP4Tx7e+/rU7/9PJ1+fbjP/WkVsdNx2E/p/dUf/vvHDvoy9+6NT+9vr/zUbpRPZIdv1rLztXtnuAT/r8AQAAAAAAwCDJRcTBSHKF9XIuVyisvb/jSOzPlSvV2smLlaXLs9H4rOx4jOaad7oPtbwfYjJ7P2yzPrWhPh0RhyPi25F9jXphplKe7XfwAAAAAAAAAAAAAAAAAAAAMCAOdPj8f+r3kX4fHfDUNb7YYE+/jwLoh65f+d+Lb3oCBlLX/AeeW/Ifhpf8h+El/2F4yX8YXvIfhpf8h+El/wEAAAAAAAAAAAAAAAAAAAAAAAAAAKCnzp87ly711YfXZ9L67NXlpfnK1VOzpep8YWFppjBTWbxSmKtU5sqlwkxlodvfK1cqVyanYunaRK1UrU1Ul1cuLFSWLtcuXFoozpUulEb/l6gAAAAAAAAAAAAAAAAAAADg2VJdXpkvlsulRYWOhfdjIA7jaQa4Zle75wclCoUOhZtZ9+5srz5elAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgg/8CAAD//4yLMZo=") syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000b80), 0x8, &(0x7f0000000000)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]}) syz_mount_image$fuse(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x8820, &(0x7f0000000240)=ANY=[], 0x1, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000001040), &(0x7f0000000040)='./file1\x00', 0x2000040, &(0x7f0000001140)=ANY=[@ANYBLOB="726f6469722c73686f72746e616d653d6c6f7765722c756e695f786c6174653d302c696f636861727365743d63703835302c636f6465706167653d3835322c757466383d312c636f6465706167653d3836392c756e695f786c6174653d302c73686f72746ee16d653d77696e6e742c757466383d312c756e695f786c6174653d312c696f636861727365743d69736f383835392d332c756e695f786c6174653d312c00"], 0x1, 0x36a, &(0x7f0000001200)="$eJzs3T9oXHUcAPDv/cndpVCTQSg6nW6ClFZx0MUEqVDMoJXDf4sHTa3enUIODy5Dr1kUR8VF0Mmtg46dxUHErYOrFaQqLmay0OKTu/fu/6VJwcSqnw+0/O775/1+7+WRSx7JL6+vReP8UlzY3b0RlUouimvPrMXNXKxGPgqRuhwAwH/JzSSJ35PUIPD0nao/OhZL6ah0JKsDAA7D4P3/jePpi3L27yAOWgcA3HPmvv9f7PmF0XcObVkAwCGaeP/PDQIPT6VnHvMXRz8TAAD8e734yqvPrW9EnKtWKxGt9zu1Ti2eGufXL8Sb0YzNOBUrcTsifVCQPi3o///s2Y0zp6p9P69Grd/RqUW0ep1a+pXCemHQX47TsRKrWX8y6i/0+08P+qsRcbk3mD9auU5tKY5l8/9wLDbj+MWVuH+uP+Lsxpk/kiQZHKDWGvb3InaiMjyJ/vpPxkpcyw9enI9+b3qsfCxnRRtT/Z0r5UEdAAAAAAAAAAAAAAAAAAAAAAAchpPLpWpmdbT/TdLqdd47lxVU5/OD/X3SdLY/0E66P1BSHu7O80Fhdn+g6f15OrVi5P/RMwcAAAAAAAAAAAAAAAAAAIB7R7tbinqzubnV7m43xoNSs5cO8v3I299+8fVyzNa8VRhHopgebqomi0V3u1GIiH6qEKP2ZNSeFAY1M8vot6SRXNSvXB2teLKmPDqL7UZ991r6Ynyc8jA1iuSKo5rjD/306dyk3e3Gn+NIIUapSnt+hd3tXDb/RKp1XxrqR3pbC7v2GOTa3cf2qbmeJMle7Zc+me+KSkRx7gP3dwy+uXHxgcfbJ55o54qN+lfZpg+PPLry0vWPP/+1UW9GdmmazdJW+3Zy91PkxvfoMJWL6dT+x9kZR3a22t164fvfXn7ww+/SSH54bxSinV/QnkxG3t17ri9nI6V00F9m6QBnurTg5l88eO3W1B2+NHN97tx+4rO1+tVLP/4yvJj7dU18krBRBwAAAAAAAAAAAAAAAAAAHImJ3xW/C0++cHgrAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICjN/77/xODnbnIQQa3ejGfKm9utfecfPlITxUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgP+xvwIAAP//7vhoSw==") creat(&(0x7f0000000580)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x8) 4m48.223773217s ago: executing program 4 (id=1576): syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000000)='./file1\x00', 0x1010c10, &(0x7f0000000080)=ANY=[], 0x7, 0x1524, &(0x7f0000000340)="$eJzs3AuYjtX6MPD7Xms9Y2jwNslhWGvdD28aLJMkOSTJIUmSJDknJE2SZCMx5JSEJOQ4SQ5DSA4Tk8b5fMgpSZMtSZKQkGR912S3tb/2/qqr//789577d13P9a571nOvZ63nfud9n/eZw1fdR9ZuWqdGYyKCP0r8MsBLDykAEAsAQwAgPwAEAFAhvkJ8dn9uiSl/+CDs3+iBtCs9A3Ylcf1zNq7/f7uY/2cv1z9n4/rnbFz/nI3rn7Nx/XM2rj9jOdn22UWu5i3nbn/m/v8lsZceMO9PD3z//z8Jv//nbFz//zanc/+Rvbn+/00ueu//WAbXP2fj+udsXP+cjeufs3H9czauP2M52ZW+/8zbn9uat5wZ92fyr/TzjzHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcZYznDOX6YA4Of2lZ4XY4wxxhhjjDHG/uf4XFd6BowxxhhjjDHGGPv3QxAgQUEAMZALYiE35IGrIA7yQj7IDxG4GuLhGigA10JBKASFoQgkQFEoBhoMWCAIoTiUgChcByXhekiEUlAayoCDspAEN0A5uBHKw01QAW6GinALVILKUAWqwq1QDW6D6nA71IA7oCbUgtpQB+6EunAX1IO7oT7cAw3gXmgI90EjuB8awwPQBB6EpvAQNIPm0AJaQitoDW1+kR/7u/Ofhd7wHPSBvpAC/aA/PA8DYCAMgsEwBF6AofAiDIOXYDiMgJHwMoyCV2A0vApjYCyMg9dgPEyAiTAJJsMUSIXXYSq8AdPgTZgOM2AmzII0mA1z4C2YC/NgPrwNC+AdWAiLYDEsgXR4F5bCMsiA92A5vA+ZsAJWwipYDWtgLayD9bABNsIm2AxbYCtsg+3wAeyAnbALdsMe+BD2wkewDz6G/fAJZMGnfzD/7D/mX/TeI6BAgQoVxmAMxmIs5sE8GIdxmA/zYQQjGI/xWAALYEEsiIWxMCZgAhbDYmjQICFhcSyOUYxiSSyJiZiIpbE0OnSYhElYDm/E8lgeK2AFrIgVsRJWRsCqWBWrIUB1rI41sAbWxJpYG2vjnXgn3oX1sB7Wx/rYABtgQ2yIjbARNsbG2ASbxGQ/YZthM2yBLbAVtsI22AbbYltsh+2wgwLsiB2xE3bCZEzGztgZu2AX7IpdsRt2w+7YHXtgT+yJz+Kz+Bw+h32xpuiH/bE/DsABOAgH42B8AYfii/givoTDcQSOxJfxZXwFR+MZHINjcRyOw2piAk7ESUhiCqZiKk7FqTgNp+F0nIEzcBam4Wycg3NwLs7Defg2LsB38B1chItwCaZjOi7FZZiBGbgcz2ImrsCVuApX4xpcjetwPa7DjbgJN+IW3ILbcBt+gB/gTtyJu3E3fogf4kf4EX6MH+NwzMIsPIAH8CAexEN4CA/jYTyCR/AoHsVjeAyP43E8gSfxFJ7E03gaz+BZPIfn8Dyexwt4AS/ixexvfpFNCSViRIyIFbEij8gj4kScyCfyiYiIiHgRLwqIAqKgKCgKi8IiQSSIYqKYMMIIEqEoLoqLqIiKkqKkSBSJorQoLZxwIkkkiXKinCgvyosK4mZRUdwiKonKor2rKqqKaqKDqy5uFzVEDVFT1BK1RR1RR9QVdUU9UU/UF/VFA9FANBT3iUaiHw7CB0R2ZZqKEdhMjMQWoqVoJVqLV/Bh0VaMxnaiveggHhVjcQx2Em1dsnhCdBYTsYt4SkzCp0U3MQW7i7+IHqKn6CWeFb1FO9dH9BXTsZ/oL2bhADFQDBKDxVysJbIrVlu8JIaLEWKkeFkswVfEaPGqGCPGinHiNTFeTBATxSQxWUwRqeJ1MVW8IaaJN8V0MUPMFLNEmpgt5oi3xFwxT8wXb4sF4h2xUCwSi8USkS7eFUvFMpEh3hPLxfsiU6wQK8UqsVqsEWvFOrFebBAbxSaxWWwRW8U2sV18IHaInWKX2C32CPHzi7bYLz4RWeJTcUD8VRwUn4lD4nNxWHwhjogvxVHxlTgmvhbHxTfihDgpTolvxWnxnTgjzopz4ntxXvwgLogfxUXhBfQDACmlkoGMkblkrMwt88irZJzMK/PJ/DIir5bx8hpZQF4rC8pCsrAsIhNkUVlMammklSRDWVyWkFF5nSwpr5eJspQsLctIJ8vKJHmDLCdvlOXlTbKCvFlWlLfISrKyrCKryltlNXmbrC5vlzXkHbKmrCVryzryTllX3iXrybtlfXmPbCDvlQ3lfbKRvF82lg/IJvJB2VQ+JJvJ5rKFbClbydayjXxYtpWPyHayvewgH5Ud5WOyk3xcJssnZGf5pOwin5Jd5dOym3xGdpd/kT1kT9lL/igvSi/7yL4yRfaT/eXzcoAcKAfJwXKIfEEOlS/KYfIlOVyOkCPly3KUfEWOlq/KMXKsHCdfk+PlBDlRTpKT5RSZKl+XU+Ubcpp8U06XM+RMOUumydly0N9Gmv878t/4J/nDfjr6NrldfiB3yJ1yl9wt98gP5V65V+6T++R+uV9mySx5QB6QB+VBeUgekoflYXlEHpFH5VF5TB6Tx+VxeUKelN/Lb+Vp+Z08I8/Ks/J7eV6elxf+dg5AoRJKKqUCFaNyqViVW+VRV6k4lVflU/lVRF2t4tU1qoC6VhVUhVRhVUQlqKKqmNLKKKtIhaq4KqGi6jpVUl2vElUpVVqVUU6VVUnqhj+d/1vza6PaqLaqrWqn2qkOqoPqqDqqTqqTSlbJqrPqrLqoLqqr6qq6qW6qu+queqgeqpfqpXqr3soDQIpKUf3V82qAGqgGqcFqiHpBDVVD1TA1TA1Xw9VINVKNUqPUaDVajVFj1Dg1To1X49VENVFNVpNVqkpVU9VUNU1NU9PVdDVTzVRpKk3NUXPUXDVXzVfz1QK1QC1UC9VitVilq3S1VC1VGSpDLVfLVaZaoVaoVWqVWqPWqHVqndqgNqhNapPaoraoTPXzL2juUrvUHrVH7VV71T61T+1X+1WWylIH1AF1UB1Uh9QhdVgdVkfUEXVUHVXH1DF1XB1XJ9QJdUqdUqfVaXVGnVHn1Dl1Xp1XF9QFdVFdzL7sC0QgAhWoICaICWKD2CBPkCeIC+KCfEG+IBJEgvggPigQXBsUDAoFhYMiQUJQNCgW6MAENqAgDIoHJYJocF1QMrg+SAxKBaWDMoELygZJwQ1BueDGoHxwU1AhuDmoGNwSVAoqB1WCqsGtQbXgtqB6cHtQI7gjqBnUCmoHdYI7g7rBXUG94O6gfnBP0CC4N2gY3Bc0Cu4PGgcPBE2CB4OmwUNBs6B50CJoGbQKWgdt/kfH9/5MoUdcH91Xp+h+ur9+Xg/QA/UgPVgP0S/oofpFPUy/pIfrEXqkflmP0q/o0fpVPUaP1eP0a3q8nqAn6kl6sp6iU/Xreqp+Q0/Tb+rpeoaeqWfpND1bz9Fv6bl6np6v39YL9Dt6oV6kF+slOl2/q5fqZTpDv6eX6/d1pl6hV+pVerVeo9fqdXq93qA36k16s96it+pterv+QO/QO/UuvVvv0R/qvfojvU9/rPfrT3SW/lQf0H/VB/Vn+pD+XB/WX+gj+kt9VH+lj+mv9XH9jT6hT+pT+lt9Wn+nz+iz+pz+Xp/XP+gL+kd9Ufvsi/vst3ejjDIxJsbEmliTx+QxcSbO5DP5TMRETLyJNwVMAVPQFDSFTWGTYBJMMVPMZCNDprgpbqImakqakibRJJrSprRxxpkkk2TKmXKmvClvKpgKpqKpaCqZSqaKyX5ru9XcZm4zt5vbzR3mDlPL1DJ1TB1T19Q19Uw9U9/UNw1MA9PQNDSNTCPT2DQ2TUwT09Q0Nc1MM9PCtDCtTCvTxrQxbU1b0860Mx1MB9PRdDSdTCeTbJJNZ9PZdDFdTFfT1XQz3Ux30930MD1ML9PL9Da9TR/Tx6SYFNPf9DcDzAAzyAwyQ8wQM9QMNcPMMDPcDDcjzUgzyowyo81oM8aMNePMa2a8mWAmmklmspliUk2qmWqmmmlmmpluppuZZqZJM2lmjplj5pq5Zr6ZbxaYBWahWWgWm8Um3aSbpWapyTAZZrlZbjJNpllpVprVZrVZa9aa9Wa92Wg2ms1ms9lqtppcsN3sMDvMLrPL7DF7zF6z1+wz+8x+s99kmSxzwBwwB81Bc8gcMofNYXPEHDFHzVFzzBwzx81xc8KcwFPmlDltTpsz5ow5Z86Z8+YHc8H8aC4ab2JtbpvHXmXjbF6bz+a3sTZ3XwD4e1zYFrEJtqgtZrUtaAv9Q2ystYm2lC1ty1hny9oke8Ov4kq2sq1iq9pbbTV7m63+q7iuvcvWs3fb+vYeW8fe+Q9xA3uvbWgfso1sc9vYtrRNbGvb1D5km9nmtoVtaVvZ1rajfcx2so/bZPuE7Wyf/FW81C6z6+0Gu9Fusvvsx/ac/d4etV/Z8/YH28f2tUPsC3aofdEOsy/Z4XbEr+Jx9jU73k6wE+0kO9lO+VU8086yaXa2nWPfsnPtvF/F6fZdu8Bm2IV2kV1sl/wUZ88pw75nl9v3baZdYVfaVXa1XWPX2nV/n+squ8VutdvsXvuR3WF32l12t91jP/wpzl7HfvuJzbKf2iP2S3vQfmYP2WP2sP3ipzh7fcfs1/a4/caesCftKfutPW2/s2fs2Z/Wn732b+2P9qL1FghJkCRFAcVQLoql3JSHrqI4ykv5KD9F6GqKp2uoAF1LBakQFaYilEBFqRhpMmSJKKTiVIKiJfJSSbqeEqkUlaYy5KgsJdENVI5upPJ0E1Wgm6ki3UKVqDJVoap0K1Wj26g63U416A6qSbWoNtWhO6ku3UX16G6qT/dQA7qXGtJ91Ijup8b0ADWhB6kpPUTNqDm1oJbUilpTG3qY2tIj1I7aUwd6lDrSY9SJHqdkeoI605PUhZ6irvQ0daNnqDv9hXpQT+pFz1Jveo76UF9KoX7Un56nATSQBtFgGkIv0FB6kYbRSzScRtBIeplG0Ss0ml6lMTSWxtFrNJ4m0ESaRJNpCqXS6zSV3qBp9CZNpxk0k2ZRGs2mOfQWzaV5NJ/epgX0Di2kRbSYllA6vUtLaRll0Hu0nN6nTFpBK2kVraY1tJbW0XraQBtpE22mLbSVttF2+oB20E7aRbtpD31Ie+kj2kcf0376hLLoUzpAf6WD9Bkdos/pMH1BR+hLOkpf0TH6mo7TN3SCTtIp+pZO03d0hs7SOfqeztMPdIF+pIvkCUIMRShDFQZhTJgrjA1zh3nCq8K4MG+YL8wfRsKrw/jwmrBAeG1YMCwUFkYIE8KiYbFQhya0IYVhWDwsEUbD68KS4fVhYlgqLB2WCV1YNkwKbwjLhTeG5cObwgrhzWHF8JawUlg5rBJWDW8Nq4W3hdXD28Ma4R1hzbBWWDusE94Z1g3vCuuFd4f1w3vC8uG9YcPwvrBReH/YOHwgbBI+GDYNHwqbhc3DFmHLsFXYOmwTPhy2DR8J24Xtww7ho2HH8LGwU/h4mBw+EXYOn/zN/pSwX9g/fD58PvT+brk4uiSaHn03ujS6LJoRfS+6PPp+NDO6Iroyuiq6Oromuja6Lro+uiG6Mbopujm6Jbo1ui3qfZ1c4NAJJ51ygYtxuVysy+3yuKtcnMvr8rn8LuKudvHuGlfAXesKukKusCviElxRV8xpZ5x15EJX3JVwUXedK+mud4mulCvtyjjnyrok19q1cW1cW/eIa+fauw7uUfeoe8w95h53j7snXGf3pOvinnJd3dOum3vGPRMDAK6n6+Wedb3dc66P6+tSXIrr7/q7AW6AG+QGuSFuiBvqhrphbpgb7oa7kW6kG+VGudFutBvjxrhxbpwb78a7iW6im+wmu1SX6qa6qW6am+amu+luppvp0lyam+PmuLlurpvv5rsFboFb6Ba6xW6xS3fpbqlb6jJchlvulrtMl+lWupVutVvt1rq1br1b7za6jW6z2+y2uq1uu9vudrgdbpfb5fa4PW6v2+v2iX1uv9vvslyWO+AOuIPuoDvkPneH3RfuiPvSHXVfuWPua3fcfeNOuJPulPvWnXbfuTPurDvnvnfn3Q/ugvvRXXTepUZej0yNvBGZFnkzMj0yIzIzMiuSFpkdmRN5KzI3Mi8yP/J2ZEHkncjCyKLI4siSSHrk3cjSyLJIRuS9yPLI+5HMyIrIysiqyOrImoj3RbPPsC/ho/46X9Jf7xN9KV/al/HOl/VJ/gZfzt/oy/ubfAV/s6/ob/GVfGVfxTf3LXxL38q39m38w76tf8S38+19B/+o7+gf85384z7ZP+E7+yd9F/+U7+qf9t38M767/4vv4Xv6Xv5Z39s/5/v4vj7F9/P9/fN+gB/oB/nBfoh/wQ/1L/ph/iU/3I/wI/3LfpR/xY/2r/oxfqwf51/z4/0EP9FP8pP9FJ/qX/dT/Rt+mn/TT/cz/Ew/y6f52X6Of8vP9fP8fP+2X+Df8Qv9Ir/YL/Hp/l2/1C/zGf49v9y/7zP9Cr/Sr/Kr/Rq/1q/z6/0Gv9Fv8pv9Fr/Vb/Pb/Qd+h9/pd/ndfo//0O/1H/l9/mO/33/is/yn/oD/qz/oP/OH/Of+sP/CH/Ff+qP+K3/Mf+2P+2/8CX/Sn/Lf+tO5wZ/xZ/05/70/73/wF/yP/iL/zRpjjDHG2O8if6O/37/I+fknUf0BIO/OIof/7/7NBS+1B+ZK6BgBgCf6dn/g561mzZSUlL/tmykhKLEIACKX87Mvo3+OV0AHeAySoT2U+3t/7C+ONVD0PE+/MX70ZoA8v8iJFZfbl8e/8Z+uf6CYsOCfj48/7xJEFwEklrickxsux5fHL/8vxi/U9jfmn/uzVIB2v8iJg8vx5fGT4BF4EpL/YU/GGGOMMcYYY+ySgaJKV/gdn88T1OWcXHA5/mefzxljjDHGGGOMMfa/y9M9ez3+cHJy+67/eQ11RY6OAD/dG4kEl07gv9o519+/4vNf2vPKnzFucON3N67kqxJjjDHGGGPs3+HyRf+v+0ZdiQkxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGM50P+Pfyd26Uh4pZfKGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMXTH/JwAA//+ksCrO") r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x800, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f0000000740)="440f20c03505000020440f22c0fb01c966bad104ed00000f23c00f21f866b846008ed00f23f80f01cbb8010000000f01c146a7b9670900000f3236660fc6b8730f0000c9b98f020000b8b9000000ba000000000f30460f01c8", 0x59}], 0x1, 0x0, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) ioctl$KVM_CAP_EXIT_HYPERCALL(r1, 0x4068aea3, &(0x7f0000000040)={0x79, 0x0, 0xc}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, 0x0}], 0x1, 0x42, 0x0, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f00000001c0)={"5fbcdbfb555ab7b6da2c492fe4db90aeaf8e5347c79716e75fe060d73e9de531ef8085f88b3a09f05bf084c593b4dab8756600000000077eebf9940a0b60f02d333a2c2aa407522edaabb8cfccecb9d7e0cfd915c17f32bc1ac7e430af977b671ede8605c7c72a5d1397639fd21bf848190fbdbfaeb7e166205def53caa18404ba077c2b5713acbc3d125aea78dfd962dd250511376c3a3b5732114cc92d27be04c7c146cedcc9081a8435f9c67a0c5174df503a84dc11d1d98a2473fbd39de5d9c56ffa28098914b4d47ea99e8134deb75f944afd0df95136c08e057e4d839936c0755318e58ae63dd46f7009df574d263f87508d7e496efb29de0496d4018e8d6c6f7d016752a1d10bb1df8b406bb488dbb43ffd11eb1eb9b36d57cee3b9e4e2e72e97a8059bb8e8120bf04b1d0b929692cc3e5508293bb205beba29259f18213a602dde8a8a19dd2a16b26476ca4f24e86b84ee76d86aacc862c59e154e6bec6ec6e86eb3d9dd50c4ecf6de82c2419674da3b885ac6abaea4765d256727d8560fb55d0bee0c11b1e8a05d4b932254673e8f67abfca2f184a23839164b15e021bff742605fbeb628ab93803e90954074762487b0afc90eec0e31e75dda865693dd655a190f16dbdf7ce7693d27aaf31758d97e25ab40fc44dbc911639d99b592dd0c660b820a46b8374f7e8030031c39768fb9361164f5dad133cf0d5d66c617d3d62b1f0b80e9f88ffc872df05fb5822601dfe4b39179ace0a4f6808b39bad72a80a9a9bd579d0f9a104191ef6e708083218053d3daf8211dff0a87568b7c734ab79b26cf2a65d66b00f2c2f0d3ffd5fc35b58795406446275afb8df4247add7730331b045d384b0c9fa06284463eec7167512277a435ced48980aab83b37a85b7a33ce8fd8b2a543af82bd15955b12833a59645e1de6bd6ab86c4a046a0323415351e6ddb9bcb869d2e7d092b234bfa8c5be098abcd24d8b4a659b36d8af4f3136d23f9115ea6bdc62fb89e2de415e0f08bd6ec5cc53ee3a666049168a88191c6911ea5fe7972f5627923e8b5b9e7c5323da43d48b25caee3016f88c8178fb8ab1149547e33d7fff442fa3ab42408c87cdfe35a82034bd77399a0861ce16141670ffecde05c7393ae522430425707a4c7d988f34a494727e0b1920e93c95af07d3affe9d41bb82d59ff2149705bb782c9d85e53320268fb57096c6c47e616c457a371dda361170f706e53bf9a9ac5692b72d44072217ecb8646e841b6929251a080f56be308c47dac5d59db54bd1ca7499cf3bf7cb8bb763fed9a75d2eb69573b118e3ee78fb11d41c1ce314538fec8fc542c7bf4865841a2e71fc1efd9fa385903372e3670d96398128e75d786f242a6dbf2c053dc48ee2398763b1ba3550136c14ac7ad77d3c8e97b2f36b6af200"}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 4m45.442723418s ago: executing program 43 (id=1576): syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000000)='./file1\x00', 0x1010c10, &(0x7f0000000080)=ANY=[], 0x7, 0x1524, &(0x7f0000000340)="$eJzs3AuYjtX6MPD7Xms9Y2jwNslhWGvdD28aLJMkOSTJIUmSJDknJE2SZCMx5JSEJOQ4SQ5DSA4Tk8b5fMgpSZMtSZKQkGR912S3tb/2/qqr//789577d13P9a571nOvZ63nfud9n/eZw1fdR9ZuWqdGYyKCP0r8MsBLDykAEAsAQwAgPwAEAFAhvkJ8dn9uiSl/+CDs3+iBtCs9A3Ylcf1zNq7/f7uY/2cv1z9n4/rnbFz/nI3rn7Nx/XM2rj9jOdn22UWu5i3nbn/m/v8lsZceMO9PD3z//z8Jv//nbFz//zanc/+Rvbn+/00ueu//WAbXP2fj+udsXP+cjeufs3H9czauP2M52ZW+/8zbn9uat5wZ92fyr/TzjzHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcZYznDOX6YA4Of2lZ4XY4wxxhhjjDHG/uf4XFd6BowxxhhjjDHGGPv3QxAgQUEAMZALYiE35IGrIA7yQj7IDxG4GuLhGigA10JBKASFoQgkQFEoBhoMWCAIoTiUgChcByXhekiEUlAayoCDspAEN0A5uBHKw01QAW6GinALVILKUAWqwq1QDW6D6nA71IA7oCbUgtpQB+6EunAX1IO7oT7cAw3gXmgI90EjuB8awwPQBB6EpvAQNIPm0AJaQitoDW1+kR/7u/Ofhd7wHPSBvpAC/aA/PA8DYCAMgsEwBF6AofAiDIOXYDiMgJHwMoyCV2A0vApjYCyMg9dgPEyAiTAJJsMUSIXXYSq8AdPgTZgOM2AmzII0mA1z4C2YC/NgPrwNC+AdWAiLYDEsgXR4F5bCMsiA92A5vA+ZsAJWwipYDWtgLayD9bABNsIm2AxbYCtsg+3wAeyAnbALdsMe+BD2wkewDz6G/fAJZMGnfzD/7D/mX/TeI6BAgQoVxmAMxmIs5sE8GIdxmA/zYQQjGI/xWAALYEEsiIWxMCZgAhbDYmjQICFhcSyOUYxiSSyJiZiIpbE0OnSYhElYDm/E8lgeK2AFrIgVsRJWRsCqWBWrIUB1rI41sAbWxJpYG2vjnXgn3oX1sB7Wx/rYABtgQ2yIjbARNsbG2ASbxGQ/YZthM2yBLbAVtsI22AbbYltsh+2wgwLsiB2xE3bCZEzGztgZu2AX7IpdsRt2w+7YHXtgT+yJz+Kz+Bw+h32xpuiH/bE/DsABOAgH42B8AYfii/givoTDcQSOxJfxZXwFR+MZHINjcRyOw2piAk7ESUhiCqZiKk7FqTgNp+F0nIEzcBam4Wycg3NwLs7Defg2LsB38B1chItwCaZjOi7FZZiBGbgcz2ImrsCVuApX4xpcjetwPa7DjbgJN+IW3ILbcBt+gB/gTtyJu3E3fogf4kf4EX6MH+NwzMIsPIAH8CAexEN4CA/jYTyCR/AoHsVjeAyP43E8gSfxFJ7E03gaz+BZPIfn8Dyexwt4AS/ixexvfpFNCSViRIyIFbEij8gj4kScyCfyiYiIiHgRLwqIAqKgKCgKi8IiQSSIYqKYMMIIEqEoLoqLqIiKkqKkSBSJorQoLZxwIkkkiXKinCgvyosK4mZRUdwiKonKor2rKqqKaqKDqy5uFzVEDVFT1BK1RR1RR9QVdUU9UU/UF/VFA9FANBT3iUaiHw7CB0R2ZZqKEdhMjMQWoqVoJVqLV/Bh0VaMxnaiveggHhVjcQx2Em1dsnhCdBYTsYt4SkzCp0U3MQW7i7+IHqKn6CWeFb1FO9dH9BXTsZ/oL2bhADFQDBKDxVysJbIrVlu8JIaLEWKkeFkswVfEaPGqGCPGinHiNTFeTBATxSQxWUwRqeJ1MVW8IaaJN8V0MUPMFLNEmpgt5oi3xFwxT8wXb4sF4h2xUCwSi8USkS7eFUvFMpEh3hPLxfsiU6wQK8UqsVqsEWvFOrFebBAbxSaxWWwRW8U2sV18IHaInWKX2C32CPHzi7bYLz4RWeJTcUD8VRwUn4lD4nNxWHwhjogvxVHxlTgmvhbHxTfihDgpTolvxWnxnTgjzopz4ntxXvwgLogfxUXhBfQDACmlkoGMkblkrMwt88irZJzMK/PJ/DIir5bx8hpZQF4rC8pCsrAsIhNkUVlMammklSRDWVyWkFF5nSwpr5eJspQsLctIJ8vKJHmDLCdvlOXlTbKCvFlWlLfISrKyrCKryltlNXmbrC5vlzXkHbKmrCVryzryTllX3iXrybtlfXmPbCDvlQ3lfbKRvF82lg/IJvJB2VQ+JJvJ5rKFbClbydayjXxYtpWPyHayvewgH5Ud5WOyk3xcJssnZGf5pOwin5Jd5dOym3xGdpd/kT1kT9lL/igvSi/7yL4yRfaT/eXzcoAcKAfJwXKIfEEOlS/KYfIlOVyOkCPly3KUfEWOlq/KMXKsHCdfk+PlBDlRTpKT5RSZKl+XU+Ubcpp8U06XM+RMOUumydly0N9Gmv878t/4J/nDfjr6NrldfiB3yJ1yl9wt98gP5V65V+6T++R+uV9mySx5QB6QB+VBeUgekoflYXlEHpFH5VF5TB6Tx+VxeUKelN/Lb+Vp+Z08I8/Ks/J7eV6elxf+dg5AoRJKKqUCFaNyqViVW+VRV6k4lVflU/lVRF2t4tU1qoC6VhVUhVRhVUQlqKKqmNLKKKtIhaq4KqGi6jpVUl2vElUpVVqVUU6VVUnqhj+d/1vza6PaqLaqrWqn2qkOqoPqqDqqTqqTSlbJqrPqrLqoLqqr6qq6qW6qu+queqgeqpfqpXqr3soDQIpKUf3V82qAGqgGqcFqiHpBDVVD1TA1TA1Xw9VINVKNUqPUaDVajVFj1Dg1To1X49VENVFNVpNVqkpVU9VUNU1NU9PVdDVTzVRpKk3NUXPUXDVXzVfz1QK1QC1UC9VitVilq3S1VC1VGSpDLVfLVaZaoVaoVWqVWqPWqHVqndqgNqhNapPaoraoTPXzL2juUrvUHrVH7VV71T61T+1X+1WWylIH1AF1UB1Uh9QhdVgdVkfUEXVUHVXH1DF1XB1XJ9QJdUqdUqfVaXVGnVHn1Dl1Xp1XF9QFdVFdzL7sC0QgAhWoICaICWKD2CBPkCeIC+KCfEG+IBJEgvggPigQXBsUDAoFhYMiQUJQNCgW6MAENqAgDIoHJYJocF1QMrg+SAxKBaWDMoELygZJwQ1BueDGoHxwU1AhuDmoGNwSVAoqB1WCqsGtQbXgtqB6cHtQI7gjqBnUCmoHdYI7g7rBXUG94O6gfnBP0CC4N2gY3Bc0Cu4PGgcPBE2CB4OmwUNBs6B50CJoGbQKWgdt/kfH9/5MoUdcH91Xp+h+ur9+Xg/QA/UgPVgP0S/oofpFPUy/pIfrEXqkflmP0q/o0fpVPUaP1eP0a3q8nqAn6kl6sp6iU/Xreqp+Q0/Tb+rpeoaeqWfpND1bz9Fv6bl6np6v39YL9Dt6oV6kF+slOl2/q5fqZTpDv6eX6/d1pl6hV+pVerVeo9fqdXq93qA36k16s96it+pterv+QO/QO/UuvVvv0R/qvfojvU9/rPfrT3SW/lQf0H/VB/Vn+pD+XB/WX+gj+kt9VH+lj+mv9XH9jT6hT+pT+lt9Wn+nz+iz+pz+Xp/XP+gL+kd9Ufvsi/vst3ejjDIxJsbEmliTx+QxcSbO5DP5TMRETLyJNwVMAVPQFDSFTWGTYBJMMVPMZCNDprgpbqImakqakibRJJrSprRxxpkkk2TKmXKmvClvKpgKpqKpaCqZSqaKyX5ru9XcZm4zt5vbzR3mDlPL1DJ1TB1T19Q19Uw9U9/UNw1MA9PQNDSNTCPT2DQ2TUwT09Q0Nc1MM9PCtDCtTCvTxrQxbU1b0860Mx1MB9PRdDSdTCeTbJJNZ9PZdDFdTFfT1XQz3Ux30930MD1ML9PL9Da9TR/Tx6SYFNPf9DcDzAAzyAwyQ8wQM9QMNcPMMDPcDDcjzUgzyowyo81oM8aMNePMa2a8mWAmmklmspliUk2qmWqmmmlmmpluppuZZqZJM2lmjplj5pq5Zr6ZbxaYBWahWWgWm8Um3aSbpWapyTAZZrlZbjJNpllpVprVZrVZa9aa9Wa92Wg2ms1ms9lqtppcsN3sMDvMLrPL7DF7zF6z1+wz+8x+s99kmSxzwBwwB81Bc8gcMofNYXPEHDFHzVFzzBwzx81xc8KcwFPmlDltTpsz5ow5Z86Z8+YHc8H8aC4ab2JtbpvHXmXjbF6bz+a3sTZ3XwD4e1zYFrEJtqgtZrUtaAv9Q2ystYm2lC1ty1hny9oke8Ov4kq2sq1iq9pbbTV7m63+q7iuvcvWs3fb+vYeW8fe+Q9xA3uvbWgfso1sc9vYtrRNbGvb1D5km9nmtoVtaVvZ1rajfcx2so/bZPuE7Wyf/FW81C6z6+0Gu9Fusvvsx/ac/d4etV/Z8/YH28f2tUPsC3aofdEOsy/Z4XbEr+Jx9jU73k6wE+0kO9lO+VU8086yaXa2nWPfsnPtvF/F6fZdu8Bm2IV2kV1sl/wUZ88pw75nl9v3baZdYVfaVXa1XWPX2nV/n+squ8VutdvsXvuR3WF32l12t91jP/wpzl7HfvuJzbKf2iP2S3vQfmYP2WP2sP3ipzh7fcfs1/a4/caesCftKfutPW2/s2fs2Z/Wn732b+2P9qL1FghJkCRFAcVQLoql3JSHrqI4ykv5KD9F6GqKp2uoAF1LBakQFaYilEBFqRhpMmSJKKTiVIKiJfJSSbqeEqkUlaYy5KgsJdENVI5upPJ0E1Wgm6ki3UKVqDJVoap0K1Wj26g63U416A6qSbWoNtWhO6ku3UX16G6qT/dQA7qXGtJ91Ijup8b0ADWhB6kpPUTNqDm1oJbUilpTG3qY2tIj1I7aUwd6lDrSY9SJHqdkeoI605PUhZ6irvQ0daNnqDv9hXpQT+pFz1Jveo76UF9KoX7Un56nATSQBtFgGkIv0FB6kYbRSzScRtBIeplG0Ss0ml6lMTSWxtFrNJ4m0ESaRJNpCqXS6zSV3qBp9CZNpxk0k2ZRGs2mOfQWzaV5NJ/epgX0Di2kRbSYllA6vUtLaRll0Hu0nN6nTFpBK2kVraY1tJbW0XraQBtpE22mLbSVttF2+oB20E7aRbtpD31Ie+kj2kcf0376hLLoUzpAf6WD9Bkdos/pMH1BR+hLOkpf0TH6mo7TN3SCTtIp+pZO03d0hs7SOfqeztMPdIF+pIvkCUIMRShDFQZhTJgrjA1zh3nCq8K4MG+YL8wfRsKrw/jwmrBAeG1YMCwUFkYIE8KiYbFQhya0IYVhWDwsEUbD68KS4fVhYlgqLB2WCV1YNkwKbwjLhTeG5cObwgrhzWHF8JawUlg5rBJWDW8Nq4W3hdXD28Ma4R1hzbBWWDusE94Z1g3vCuuFd4f1w3vC8uG9YcPwvrBReH/YOHwgbBI+GDYNHwqbhc3DFmHLsFXYOmwTPhy2DR8J24Xtww7ho2HH8LGwU/h4mBw+EXYOn/zN/pSwX9g/fD58PvT+brk4uiSaHn03ujS6LJoRfS+6PPp+NDO6Iroyuiq6Oromuja6Lro+uiG6Mbopujm6Jbo1ui3qfZ1c4NAJJ51ygYtxuVysy+3yuKtcnMvr8rn8LuKudvHuGlfAXesKukKusCviElxRV8xpZ5x15EJX3JVwUXedK+mud4mulCvtyjjnyrok19q1cW1cW/eIa+fauw7uUfeoe8w95h53j7snXGf3pOvinnJd3dOum3vGPRMDAK6n6+Wedb3dc66P6+tSXIrr7/q7AW6AG+QGuSFuiBvqhrphbpgb7oa7kW6kG+VGudFutBvjxrhxbpwb78a7iW6im+wmu1SX6qa6qW6am+amu+luppvp0lyam+PmuLlurpvv5rsFboFb6Ba6xW6xS3fpbqlb6jJchlvulrtMl+lWupVutVvt1rq1br1b7za6jW6z2+y2uq1uu9vudrgdbpfb5fa4PW6v2+v2iX1uv9vvslyWO+AOuIPuoDvkPneH3RfuiPvSHXVfuWPua3fcfeNOuJPulPvWnXbfuTPurDvnvnfn3Q/ugvvRXXTepUZej0yNvBGZFnkzMj0yIzIzMiuSFpkdmRN5KzI3Mi8yP/J2ZEHkncjCyKLI4siSSHrk3cjSyLJIRuS9yPLI+5HMyIrIysiqyOrImoj3RbPPsC/ho/46X9Jf7xN9KV/al/HOl/VJ/gZfzt/oy/ubfAV/s6/ob/GVfGVfxTf3LXxL38q39m38w76tf8S38+19B/+o7+gf85384z7ZP+E7+yd9F/+U7+qf9t38M767/4vv4Xv6Xv5Z39s/5/v4vj7F9/P9/fN+gB/oB/nBfoh/wQ/1L/ph/iU/3I/wI/3LfpR/xY/2r/oxfqwf51/z4/0EP9FP8pP9FJ/qX/dT/Rt+mn/TT/cz/Ew/y6f52X6Of8vP9fP8fP+2X+Df8Qv9Ir/YL/Hp/l2/1C/zGf49v9y/7zP9Cr/Sr/Kr/Rq/1q/z6/0Gv9Fv8pv9Fr/Vb/Pb/Qd+h9/pd/ndfo//0O/1H/l9/mO/33/is/yn/oD/qz/oP/OH/Of+sP/CH/Ff+qP+K3/Mf+2P+2/8CX/Sn/Lf+tO5wZ/xZ/05/70/73/wF/yP/iL/zRpjjDHG2O8if6O/37/I+fknUf0BIO/OIof/7/7NBS+1B+ZK6BgBgCf6dn/g561mzZSUlL/tmykhKLEIACKX87Mvo3+OV0AHeAySoT2U+3t/7C+ONVD0PE+/MX70ZoA8v8iJFZfbl8e/8Z+uf6CYsOCfj48/7xJEFwEklrickxsux5fHL/8vxi/U9jfmn/uzVIB2v8iJg8vx5fGT4BF4EpL/YU/GGGOMMcYYY+ySgaJKV/gdn88T1OWcXHA5/mefzxljjDHGGGOMMfa/y9M9ez3+cHJy+67/eQ11RY6OAD/dG4kEl07gv9o519+/4vNf2vPKnzFucON3N67kqxJjjDHGGGPs3+HyRf+v+0ZdiQkxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGM50P+Pfyd26Uh4pZfKGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMXTH/JwAA//+ksCrO") r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x800, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f0000000740)="440f20c03505000020440f22c0fb01c966bad104ed00000f23c00f21f866b846008ed00f23f80f01cbb8010000000f01c146a7b9670900000f3236660fc6b8730f0000c9b98f020000b8b9000000ba000000000f30460f01c8", 0x59}], 0x1, 0x0, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) ioctl$KVM_CAP_EXIT_HYPERCALL(r1, 0x4068aea3, &(0x7f0000000040)={0x79, 0x0, 0xc}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, 0x0}], 0x1, 0x42, 0x0, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f00000001c0)={"5fbcdbfb555ab7b6da2c492fe4db90aeaf8e5347c79716e75fe060d73e9de531ef8085f88b3a09f05bf084c593b4dab8756600000000077eebf9940a0b60f02d333a2c2aa407522edaabb8cfccecb9d7e0cfd915c17f32bc1ac7e430af977b671ede8605c7c72a5d1397639fd21bf848190fbdbfaeb7e166205def53caa18404ba077c2b5713acbc3d125aea78dfd962dd250511376c3a3b5732114cc92d27be04c7c146cedcc9081a8435f9c67a0c5174df503a84dc11d1d98a2473fbd39de5d9c56ffa28098914b4d47ea99e8134deb75f944afd0df95136c08e057e4d839936c0755318e58ae63dd46f7009df574d263f87508d7e496efb29de0496d4018e8d6c6f7d016752a1d10bb1df8b406bb488dbb43ffd11eb1eb9b36d57cee3b9e4e2e72e97a8059bb8e8120bf04b1d0b929692cc3e5508293bb205beba29259f18213a602dde8a8a19dd2a16b26476ca4f24e86b84ee76d86aacc862c59e154e6bec6ec6e86eb3d9dd50c4ecf6de82c2419674da3b885ac6abaea4765d256727d8560fb55d0bee0c11b1e8a05d4b932254673e8f67abfca2f184a23839164b15e021bff742605fbeb628ab93803e90954074762487b0afc90eec0e31e75dda865693dd655a190f16dbdf7ce7693d27aaf31758d97e25ab40fc44dbc911639d99b592dd0c660b820a46b8374f7e8030031c39768fb9361164f5dad133cf0d5d66c617d3d62b1f0b80e9f88ffc872df05fb5822601dfe4b39179ace0a4f6808b39bad72a80a9a9bd579d0f9a104191ef6e708083218053d3daf8211dff0a87568b7c734ab79b26cf2a65d66b00f2c2f0d3ffd5fc35b58795406446275afb8df4247add7730331b045d384b0c9fa06284463eec7167512277a435ced48980aab83b37a85b7a33ce8fd8b2a543af82bd15955b12833a59645e1de6bd6ab86c4a046a0323415351e6ddb9bcb869d2e7d092b234bfa8c5be098abcd24d8b4a659b36d8af4f3136d23f9115ea6bdc62fb89e2de415e0f08bd6ec5cc53ee3a666049168a88191c6911ea5fe7972f5627923e8b5b9e7c5323da43d48b25caee3016f88c8178fb8ab1149547e33d7fff442fa3ab42408c87cdfe35a82034bd77399a0861ce16141670ffecde05c7393ae522430425707a4c7d988f34a494727e0b1920e93c95af07d3affe9d41bb82d59ff2149705bb782c9d85e53320268fb57096c6c47e616c457a371dda361170f706e53bf9a9ac5692b72d44072217ecb8646e841b6929251a080f56be308c47dac5d59db54bd1ca7499cf3bf7cb8bb763fed9a75d2eb69573b118e3ee78fb11d41c1ce314538fec8fc542c7bf4865841a2e71fc1efd9fa385903372e3670d96398128e75d786f242a6dbf2c053dc48ee2398763b1ba3550136c14ac7ad77d3c8e97b2f36b6af200"}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 3m26.875833959s ago: executing program 3 (id=1709): mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = openat$cgroup_procs(r0, &(0x7f00000002c0)='tasks\x00', 0x2, 0x0) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r3 = openat$cgroup_procs(r2, &(0x7f0000000040)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r3, &(0x7f00000000c0), 0x12) pread64(r1, &(0x7f0000002840)=""/4096, 0x1000, 0x4) 3m26.075642858s ago: executing program 3 (id=1711): syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000240)='./file0\x00', 0x800700, &(0x7f0000000680)={[{@minixdf}, {@stripe}, {@norecovery}, {@noinit_itable}, {@max_batch_time={'max_batch_time', 0x3d, 0x6}}, {@minixdf}, {@usrjquota}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5c}}, {@errors_continue}, {@dioread_lock}, {@noblock_validity}, {@noquota}]}, 0x3, 0x465, &(0x7f0000000f00)="$eJzs3M9vFFUcAPDvzLYgP1sRf4CoVWJs/NHSgsrBi0YTDxhN9IDH2hZCWKihNRFCpBqDFxND1LPxaOJf4M2LUU8mXvVuSIhyAT3VzOwM7C67pYXtLnQ/n2SX92Ze+963b97Mm3m7BNC3RrK3JGJrRPwREUO1bGOBkdo/Vy+fnf738tnpJJaW3v47yctduXx2uixa/tyWIjOaRqSfJkUljeZPnzk+Va3Oniry4wsn3h+fP33muWMnpo7OHp09OXnw4IH9Ey++MPn8Mq3fuOI4s7iu7P5obs+u19+98Mb04Qvv/fJ91t6txf76ODplJAv8n6Vc3eYvs7cnO11Zj22rSycDPWwIq1KJiKy7BvPxPxSVuN55Q/HaJz1tHLCmsmvTMlfRxSVgHUtihcViZQWBu0V5oc/uf8tXl6Yed4RLL9dugLK4rxav2p6BSIsyg033t500EhGHF//7JnvFGj2HAACo9/n014fi2VbzvzQeqCu3vVhDGY6IeyNiR0TcFxE7I+L+iLzsgxHxUNuaNrTc2rw0dOP8J714y8GtQDb/e6lY22qc/5Wzv8pwpchty+MfTI4cq87uK/4mozG4MctPLFPHj6/+/kW7ffXzv+yV1V/OBYt2XBxoekA3M7UwlU9KO+DSxxG7B1rFn1xbCchu/XdFxO7V/ertZeLY09/taVfo5vEvowPrTEvfRjxV6//FaIq/lCy/Pjl+T1Rn942XR8WNfv3t/Fvt6r+t+Dsg6//Njcd/c5HhpH69dn71dZz/87O29zS3evxvSN7J+6U8q3w4tbBwaiJiQ3Iozzdsn7z+s2W+LJ/FP7q39fjfUUtsyt4ejojsIH4kIh6NiMeKtj8eEU9ExN5l4v/5lfb77oT+n2l5/rt2/Df1/+oTleM//dCu/pX1/4E8NVpsyc9/N7HSBt7O3w4AAADuFmn+GfgkHbuWTtOxsdpn+HfG5rQ6N7/wzJG5D07O1D4rPxyDafmka6jueehEslj8xlp+snhWXO7fXzw3/qqyKc+PTc9VZ3ocO/S7LW3Gf+avSq9bB6y5Vutoky3Xaxu+yAasA83jP23Mnnuzm40Busr3taF/3WT8p91qB9B9rv/Qv1qN/3NNeWsBsD65/kP/Mv6hfxn/0L+Mf+hLt/O9/n5OZKfMO6AZ1aGiH7tfe6S9jl1iLRKt/58mAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAu9X/AQAA//9l+OT1") r0 = syz_open_procfs(0x0, &(0x7f0000000040)='mountinfo\x00') lseek(r0, 0x10001, 0x0) 3m24.785979208s ago: executing program 3 (id=1715): openat$tun(0xffffffffffffff9c, 0x0, 0x48241, 0x0) socket(0x15, 0x80000, 0x1d8) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = socket$inet_udp(0x2, 0x2, 0x0) recvmsg(r0, &(0x7f0000001680)={0x0, 0x0, 0x0}, 0x0) r1 = socket$pppl2tp(0x18, 0x1, 0x1) r2 = socket$inet6_udp(0xa, 0x2, 0x0) connect$pppl2tp(r1, &(0x7f0000000740)=@pppol2tpv3={0x18, 0x1, {0x3, r2, {0x2, 0x4e23, @broadcast}, 0x2, 0x0, 0x2}}, 0x2e) bind$inet6(r2, &(0x7f0000000000)={0xa, 0xe22, 0x0, @empty}, 0x1c) syz_emit_ethernet(0x4c, &(0x7f0000000080)={@random="a70b49c5294f", @dev={'\xaa\xaa\xaa\xaa\xaa', 0x43}, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "010100", 0x16, 0x11, 0xff, @empty, @local, {[], {0x0, 0xe22, 0x16, 0x0, @gue={{0x2, 0x0, 0x0, 0x3}, "00000000ffff"}}}}}}}, 0x0) recvmmsg(r0, &(0x7f0000001100)=[{{0x0, 0x0, 0x0}, 0x3}, {{&(0x7f0000000340)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @multicast2}}}, 0x80, 0x0}, 0x1d5}], 0x2, 0x45833af92e4b39ff, 0x0) 3m23.046627713s ago: executing program 3 (id=1719): r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000000000)={0x2, {0xc, 0xa00, 0xffff, 0x181, 0x100}}) r1 = syz_usb_connect$hid(0x0, 0x36, 0x0, 0x0) syz_usb_control_io(r1, 0x0, 0x0) syz_usb_control_io(r1, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000040)='./file1\x00', 0x21081e, &(0x7f00000001c0)={[{@grpquota}, {@nogrpid}, {@quota}]}, 0x1, 0x4fa, &(0x7f00000005c0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=") quotactl$Q_SETQUOTA(0xffffffff80000800, &(0x7f00000003c0)=@loop={'/dev/loop', 0x0}, 0x0, &(0x7f0000000540)={0x4, 0x5, 0x2, 0x8, 0x6, 0x6, 0x20000001000, 0xf64, 0xfffffffd}) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000001c0)='./bus\x00', 0x204b82f, 0x0, 0x3, 0x0, &(0x7f0000000240)) syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) r2 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_mtu(r2, 0x29, 0x17, 0x0, 0x0) connect$inet6(r2, 0x0, 0x0) r3 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0) unlinkat(r3, &(0x7f0000000040)='./bus\x00', 0x200) mount(0x0, &(0x7f0000000400)='./file0\x00', 0x0, 0x2, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000001c0)='./bus\x00', 0x5020, 0x0, 0x3, 0x0, &(0x7f0000000240)) 3m19.859243983s ago: executing program 3 (id=1724): r0 = syz_usb_connect$uac1(0x2, 0x72, &(0x7f0000000200)={{0x12, 0x1, 0x250, 0x0, 0x0, 0x0, 0x20, 0x763, 0x2003, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x60, 0x3, 0x1, 0x6, 0x80, 0x7, "", {{{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, {{0xa, 0x24, 0x1, 0x8, 0xa}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {}, {{0x9, 0x5, 0x1, 0x9, 0x40, 0xa, 0x43, 0x2, {0x7, 0x25, 0x1, 0xc, 0x4, 0x94}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {}, {{0x9, 0x5, 0x82, 0x9, 0x3ff, 0x0, 0x5, 0x72, {0x7, 0x25, 0x1, 0xc, 0x1, 0xffff}}}}}}}}]}}, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x0, 0x0}]}) syz_usb_control_io$uac1(r0, &(0x7f0000000180)={0x14, 0x0, 0x0}, 0x0) 3m17.543829707s ago: executing program 3 (id=1729): r0 = socket$tipc(0x1e, 0x5, 0x0) r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]}) close_range(r1, 0xffffffffffffffff, 0x0) fcntl$setownex(r0, 0xf, 0x0) 3m14.69482468s ago: executing program 44 (id=1729): r0 = socket$tipc(0x1e, 0x5, 0x0) r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]}) close_range(r1, 0xffffffffffffffff, 0x0) fcntl$setownex(r0, 0xf, 0x0) 1m4.331535212s ago: executing program 8 (id=1999): r0 = socket$netlink(0x10, 0x3, 0x6) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000000)={0x1, &(0x7f0000000080)=[{0x6, 0x1, 0x6, 0x6}]}, 0x10) bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) r1 = socket$netlink(0x10, 0x3, 0x6) sendmsg$NL80211_CMD_RELOAD_REGDB(r1, &(0x7f0000001400)={&(0x7f0000001340)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f00000013c0)={&(0x7f0000001380)={0x14, 0x0, 0xc04, 0x2, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x4000040}, 0x4000) 1m3.37150709s ago: executing program 8 (id=2003): syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000bc0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2000884, &(0x7f00000007c0)={[{@shortname_lower}, {@iocharset={'iocharset', 0x3d, 'iso8859-7'}}, {@shortname_win95}, {@shortname_win95}, {@uni_xlateno}, {@shortname_winnt}, {@shortname_winnt}, {@uni_xlate}, {@fat=@check_normal}, {@fat=@codepage={'codepage', 0x3d, '861'}}, {@iocharset={'iocharset', 0x3d, 'iso8859-14'}}, {@numtail}, {@rodir}, {@uni_xlateno}, {@iocharset={'iocharset', 0x3d, 'macinuit'}}, {@utf8no}]}, 0x2, 0x289, &(0x7f00000001c0)="$eJzs3c1qA1UUAOAzzaRJdJEsXInQAV24Kq1P0CIVxIKgZKEutNgUpAmFFgJVMXblE7hx6/O4EV/AB1Dc2YU4ks7kTyctkbQp+n2bHs69J/fM3KHtZm4+eWVwfnpxdXbz5c/RbCaxdRAHcZtEJ7Zi4uuo9NOv1XkA4Jm7zfP4LS80itT14oz6ksp069GbAwAexfzf/033AgA8jfc/+PCdw+Pjo/eyrBkx+GbYTaL4WYwfnsVn0Y9e7EU7/ojIp4r4rbePjyLNxjrx2mA07I4rBx//UH7+4S8Rd/X70Y5Odf1+VpirHw279XihXP+gH713v492vFRd/8as/jYv66O7Ha+/Otf/brTjx0/jIvpxGsX/OpP6r/az7M3829+/+GicHdcno2G3EacLdyqvPfXeAAAAAAAAAAAAAAAAAAAAAADw37WbTXUWz9+ZHPx/z/g95wON5s7n2cuyLE+K+bP6NF5OI93ktQMAAAAAAAAAAAAAAAAAAMBzcXX9+flJv9+7XGswea2/Yij+XMw0ImLJ56QPr7WzaodRK1vrJxGrXVc9GneVD0+urXjHWuN+epdJGuvbgmSaac0P7USx1jjTKoK5zGpLfPfPjWvGXTB5us5PkmWbOwmaVQ/JGoK84vGrLa3a/numVV5BxeTWPatvv/ives7bS4aSiKhPb2Y51KqeXF/vPXy630EAAAAAAAAAAAAAAAAAAEBh9tJvxeDNBhoCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgA2Yff//CsGoLF42J6+NgzTKzIYvEQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgP+BvwIAAP//XAxp4w==") openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='freezer.self_freezing\x00', 0x275a, 0x0) 1m2.559665698s ago: executing program 8 (id=2005): write(0xffffffffffffffff, &(0x7f0000000000)="588d523c566ef88a999aded68248189ceabebca347d053c62c6ed126afa4719f75b6bca71571d4b06d493d93c266e3e6c1617528366d407992ea199434a2d952d9fc6d3b88f79db46ad2f46f0c299205c84f455f518089efb5b357205eba15e35ea0f79d5a6cf0e538473bf347d42e7f20c161b51903aae2bff42320bdc28d259af365e56e202e25695a24a413fea7eb66ac4117c8236a8cbaadab57522f1bfc431fa45d77fe68e3fe4813d9979e50484687fdccdb00415121958e12f38ba54f3008d0d51ec8eb5f26b5f7ffaec5320ead9a017af7d6ac8a9a623bf0bd6837319a0f0eb7efbe8d467716", 0xea) syz_io_uring_complete(0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x244}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x64, &(0x7f00000002c0)=0xffffffffffffff11) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000540)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0) r3 = socket$inet6(0xa, 0x2, 0x0) syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f0000000040)='./bus\x00', 0x1208002, &(0x7f0000000280)={[{@noquota}, {@grpjquota}, {@nobarrier}, {@inlinecrypt}, {@dioread_nolock}, {@discard}, {}, {@noauto_da_alloc}]}, 0x1, 0x5d8, &(0x7f00000005c0)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=") r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x84042, 0x1b1) write$P9_RUNLINKAT(r4, &(0x7f0000000000)={0xfffffffffffffecb, 0x4d, 0x1}, 0xffffffd7) write$FUSE_GETXATTR(r4, 0x0, 0x0) bind$inet6(r3, &(0x7f0000000040)={0xa, 0xe22}, 0x1c) connect$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23, 0xffff, @local, 0xfffffffd}, 0x1c) r5 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r5, &(0x7f0000000180)=[{&(0x7f0000000080)="580000001400add427323b472545b4560a117fffffff81000e220e227f00228c0008925aa80013007b00090080007f000001e809000000ff0000f03afdffffffffffffffffffffffffffffe7ee000000deff000000020000", 0x58}], 0x1) openat$vcsu(0xffffffffffffff9c, &(0x7f0000000000), 0x111005, 0x0) r6 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_TIOCOUTQ(r6, 0x5411, &(0x7f0000000000)) ioctl$F2FS_IOC_DEFRAGMENT(0xffffffffffffffff, 0xc010f508, &(0x7f0000000100)={0x4, 0x1}) 56.809063569s ago: executing program 8 (id=2017): r0 = syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x0, &(0x7f0000000300)={[{@errors_remount}, {@abort}, {@journal_checksum}]}, 0x1, 0x4b9, &(0x7f0000000b40)="$eJzs3EtvG0UcAPD/2nn0HVPKow9ooCAiCkmTFugBCYFA9IKEBAc4hjRUpWmLmiDRqqINQuWI+ATAEYlPwAkuCDiBuIK4IqQK9dLCARatvZs4sZu6dpxE9e8n2ZnZ18zs7Hhnd3YTQM8azr6SiG0R8WtEDNWiSxcYrv25ce3i1N/XLk4lkaav/TVYXe76tYtTxaLFelvzyEgpovRREnubpDt7/sKpyZmZ6XN5fGzu9Ltjs+cvPHny9OSJ6RPTZyaOHj1yePyZpyeeaqtcm5bFs3Jd3/PB2X27j7356StTabz1w1dZfrfl8+vLUVNpK916wzEcaZqmpSVTB6rfj3a89Y1le0TM5+Gkb50zQ8vKEZFVV3+1/Q9FORYrbyhe+nBdMwd0VXZ+GmyYWi7ngSSbv6luWeBOMq9dQ48qzvjZ9W/xWau+x0Zw9fnse7pa/hv5pzanL7Lr9qRSu2Ivdyn9bRHxxuV/Pss+0fQ+BADA6vom6/880az/V4p765bbkY+hVCLiYETsjIi7I2JXRNwTUV32voi4/7ZSr9TGn+YXpzT2f37e3EHxbinr/z2bj20t7f8tjNpUynlsezXH/cnbJ2emD+X7ZCT6B7P4+AppfPviL5/cbN5wXf8v+2TpF33BPB9/9i27QXd8cm6ykzLXuzofsaevWfmThZGAJCJ2R8SeNraf7bOTj3+5Lwvv2No4/9blX8nlNnK0VPpFxGO1+r8cy8pfSGpDJDcbnxzbFDPTh8aKo6LRjz9debU+3l8X7qz8ncvqf0vT4z8vf9EMivHa2RY3PLAYvPLbx/k2G5tyu8f/QPL6kmTen5ybOzceMTAQjdMnFtct4sXyWflHDkRcyQeC69v/zoh/P8/X2xsR2UH8QEQ8GBH787w/FBEPR8SBFXbF9y888s7KO2t96//4SvUfUUnqx+vbCJRPffd1sbGFqsx/XFqr/yPV0Eg+pZXfv1YzuBr7EAAAADa6UnUMOimNLoRLpdHR2jP8u2JLaebs7NzB4XjvzPHaWHUl+kvFna6huvuh4/m94SI+sSx+OCLuqj5ptLkaH506O7N9vQsPPW7rTdp/5o9uPfQCbBxL3te61ft2SXfzAqytviYDs0BvaPl97f7u5gNYe/5fA/Qu7R96V7P2fynixjpkBVhjt3X+f657+QDW3krt3y0/uLO5/ofepf1DT2p8Jb54FKidN/0XAzuPdbT6BgykSUQ3tlzuTp7/S9M0bmOt4hzQchJR2gCV0m6g1P7qv69aNvbngcGIaHWtS9U6vfByZ/+Ro5XAOv4oAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAArKL/AwAA///qmNiG") r1 = socket$inet6(0xa, 0x80002, 0x88) prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r2, 0x8, &(0x7f0000000040)=0x2) recvmmsg(r3, &(0x7f0000000040), 0x80002c1, 0x2, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000480)=ANY=[@ANYRES8=r0, @ANYBLOB="1907de680191fc90f7177853cc9732fb05c0fd58073771a087ee90e210728edb2ffadb945aaec7a880b7d62e447dbfb2cd2876166e25417070ed4a762565cbb5ddd7eb35baa2dd55b6d002d7cc2ecf811ade4af8053f19bb5c9ee1fb60753c9e5fdc21de31a237070ea232880b2e36a357dce72c82", @ANYRES8=r0, @ANYRES16=r3, @ANYRES64=r1, @ANYRES32=r2, @ANYBLOB="d8f4f4235711fcbb8725b4f432d5fa58a9573c6ab96796be21028c9eb0e53a0fda6741833b809ae0c9c0b4d9d4acd79de256e8b486cd42d8e85d9f0f53b75d9b6a8b1f636052c0f775a3bc41e02441f27d1234e487210f6430fbbba1b1"], 0x48) bpf$PROG_BIND_MAP(0xa, &(0x7f0000000080), 0xc) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file2\x00', 0x181) mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000140)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}], [], 0x2c}) syz_mount_image$fuse(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x414a1, &(0x7f0000000700)=ANY=[], 0x1, 0x0, 0x0) 51.68853953s ago: executing program 8 (id=2029): epoll_create1(0x80000) mknodat$loop(0xffffffffffffff9c, 0x0, 0x6004, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x17, 0x0, 0x0) syz_mount_image$msdos(&(0x7f0000000200), &(0x7f0000000140)='./file2\x00', 0x1000000, &(0x7f00000000c0)=ANY=[@ANYBLOB='nodots,dmask=00000000000000000000003,usefree,nodots,flush,dots,dots,gid=', @ANYRESHEX=0x0, @ANYBLOB], 0x1, 0x214, &(0x7f0000000840)="$eJzs3D1rW1cYB/AjWa6tlhZPhXbpoV3a5bb10qVDS3GhVNCSRCEv0zWWEyFFAl8NksmgOVM+RwhkCWQL+QL+DFmymYDx5Ck3OJKs2NixE0dy4vx+ix6e/z1X5+jARVy9bP5+91ZjNUtW004ozRdC8Y/QDzuFsBCKYaQffnpwZfvOxavX/v2zUlm6MDvsx/jVd4+v377//ZPOF5cf7nYKIYStxWcbX298s/ni0s16FutZbLU7MY3L7XYnXW7W4ko9ayQx/t+spVkt1ltZbW1fvtpsj5861LIspq1ebNR6sdOOnbVeTG+k9VZMkiTOB06lem8nz8NWnuf5XD/kef62JyhMZl5Myyn3n4/c3kU97l5Nn/e71W518DjI//6nsvRLfGVhPGq7263O7OW/DvK4P58Nnw/zxUPzz8KPPwzy3eyv/yoH8nJYmfzyAQAAAADgXErinkPv7yfJUfmgeu3zgQP370vh29K4MzP5pQAAAABHyHrrjbS5Mrs2KJq1Myvmwv7Ob4+GUzxu+M9Pjz9mQsWXwyK843nKIYSjjymGM9+U6RSj75EPO6PfF5xseOl9TaP8gbwao2I+HBaVw3pjbjqbAgAAnC/jN/0nHlKc6IQAAAAAAAAAAAAAAAAAAADgEzSNPzM76zUCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALzJywAAAP//ixdW4w==") creat(&(0x7f00000004c0)='./bus\x00', 0x20) mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000080)='./bus\x00', 0x0, 0x1000, 0x0) r0 = open(&(0x7f00000001c0)='./bus\x00', 0x105000, 0x0) read$msr(r0, &(0x7f0000000600)=""/175, 0xfffffe51) 50.457195227s ago: executing program 8 (id=2032): ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0) sendmsg$NL80211_CMD_NEW_KEY(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000580)={0x28, 0x0, 0x100, 0x70bd2d, 0x0, {{}, {@val={0x8}, @val={0xc, 0x99, {0x8d4, 0x33}}}}}, 0x28}}, 0x4000004) ioctl$sock_SIOCBRDELBR(0xffffffffffffffff, 0x89a2, &(0x7f0000000000)='veth1_vlan\x00') sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) preadv(0xffffffffffffffff, 0x0, 0x0, 0x202, 0xfffffff8) syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000040)='./file2\x00', 0x280400b, &(0x7f00000003c0)=ANY=[@ANYRES32=0x0, @ANYRES64, @ANYRES8, @ANYRES16], 0x41, 0x23a, &(0x7f0000000080)="$eJzsmb9rFEEUx7+zuzd7F0WsUlgJBoyod7m9Js2hEQQrm8RflR5mDfEuOblbwRyIBhFstLMQbCz8BywCphK08x8QtFBBsPBACxublbczuzuXy+3FJVZ5n2L4zrw3M++93X3FHRiG2bN8/fL78+MzswsnAOzHFFy9/t0GhFDaMvw/Pbt9/Gn97PNXH1++Wz1wd3PrebQlDAcXihn3OwDezNm4l9yU7P5DYorUW2ABltIALsDCMa0vQaCs9TVYuKi1D4ErWt80dJv8y+Ubyy2/fL3dWiQxQ0OVBo+G2tb4+usCi3oehmEoDHt3rddstFp+xxCOtm1jyiWSy5qTQ/UrQKI/Z6FuxEdVvPzowTrN49rMGPWrwsJPnUQNAvN6fRYu1SZ+3H7VyP+Qk55vD+W/bbbkSoZxSRaVqP/alWKRkPA7XTeNMMom8SlQJTPPmaZ0Tg+bDiJPPBjcVUBqsgcC+w9CZ+qMfxdP6XLluOv8TrN4UgKwewk+HGXKyMIeZZJx7pP9zfem6XAkvo2LJxRjY349sfP3p5jpI9Ms4g8xfzFL6DWtPM89WwAfNlT/CF8IHDX6k2P0j0qwcqvSXeudXF5pLPlL/qrn1dx9yhb15ko0DvW9tD+Xov40YZxfGOErLYk7jSDoVNUohUQJQdDxorlnfDbzG+0fV/W2AOcAHFETapsyOVF1Qte4Q0jlY0W+pKbtkcEzDMMwDMMwDMMwDMMwDMP8C/GPq2EWAriv/p75GwAA//+L71R8") ioctl$KDSKBENT(0xffffffffffffffff, 0x4b47, &(0x7f0000000000)={0x0, 0x38, 0x20f}) prlimit64(0x0, 0xe, &(0x7f0000000240)={0xa, 0x10001}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e) sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0) quotactl$Q_QUOTAON(0xffffffff80000200, &(0x7f0000000080)=@loop={'/dev/loop', 0x0}, 0x0, 0x0) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000300)={{{@in6=@initdev, @in=@private}}, {{@in=@initdev}, 0x0, @in=@dev}}, &(0x7f0000000400)=0xe8) 33.900281393s ago: executing program 45 (id=2032): ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0) sendmsg$NL80211_CMD_NEW_KEY(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000580)={0x28, 0x0, 0x100, 0x70bd2d, 0x0, {{}, {@val={0x8}, @val={0xc, 0x99, {0x8d4, 0x33}}}}}, 0x28}}, 0x4000004) ioctl$sock_SIOCBRDELBR(0xffffffffffffffff, 0x89a2, &(0x7f0000000000)='veth1_vlan\x00') sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) preadv(0xffffffffffffffff, 0x0, 0x0, 0x202, 0xfffffff8) syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000040)='./file2\x00', 0x280400b, &(0x7f00000003c0)=ANY=[@ANYRES32=0x0, @ANYRES64, @ANYRES8, @ANYRES16], 0x41, 0x23a, &(0x7f0000000080)="$eJzsmb9rFEEUx7+zuzd7F0WsUlgJBoyod7m9Js2hEQQrm8RflR5mDfEuOblbwRyIBhFstLMQbCz8BywCphK08x8QtFBBsPBACxublbczuzuXy+3FJVZ5n2L4zrw3M++93X3FHRiG2bN8/fL78+MzswsnAOzHFFy9/t0GhFDaMvw/Pbt9/Gn97PNXH1++Wz1wd3PrebQlDAcXihn3OwDezNm4l9yU7P5DYorUW2ABltIALsDCMa0vQaCs9TVYuKi1D4ErWt80dJv8y+Ubyy2/fL3dWiQxQ0OVBo+G2tb4+usCi3oehmEoDHt3rddstFp+xxCOtm1jyiWSy5qTQ/UrQKI/Z6FuxEdVvPzowTrN49rMGPWrwsJPnUQNAvN6fRYu1SZ+3H7VyP+Qk55vD+W/bbbkSoZxSRaVqP/alWKRkPA7XTeNMMom8SlQJTPPmaZ0Tg+bDiJPPBjcVUBqsgcC+w9CZ+qMfxdP6XLluOv8TrN4UgKwewk+HGXKyMIeZZJx7pP9zfem6XAkvo2LJxRjY349sfP3p5jpI9Ms4g8xfzFL6DWtPM89WwAfNlT/CF8IHDX6k2P0j0qwcqvSXeudXF5pLPlL/qrn1dx9yhb15ko0DvW9tD+Xov40YZxfGOErLYk7jSDoVNUohUQJQdDxorlnfDbzG+0fV/W2AOcAHFETapsyOVF1Qte4Q0jlY0W+pKbtkcEzDMMwDMMwDMMwDMMwDMP8C/GPq2EWAriv/p75GwAA//+L71R8") ioctl$KDSKBENT(0xffffffffffffffff, 0x4b47, &(0x7f0000000000)={0x0, 0x38, 0x20f}) prlimit64(0x0, 0xe, &(0x7f0000000240)={0xa, 0x10001}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e) sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0) quotactl$Q_QUOTAON(0xffffffff80000200, &(0x7f0000000080)=@loop={'/dev/loop', 0x0}, 0x0, 0x0) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000300)={{{@in6=@initdev, @in=@private}}, {{@in=@initdev}, 0x0, @in=@dev}}, &(0x7f0000000400)=0xe8) 15.322044125s ago: executing program 7 (id=2116): r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100)) r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0}) r2 = dup3(r1, r0, 0x0) r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0) mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000004a80)={0x73622a85, 0x100, 0x1}) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000004c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0}) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0}) r4 = openat$ttyS3(0xffffffffffffff9c, 0x0, 0x40440, 0x0) ioctl$int_in(r4, 0x5452, 0x0) openat$ttyS3(0xffffffffffffff9c, 0x0, 0x123202, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) ioctl$TIOCVHANGUP(r4, 0x5437, 0x0) ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x50, 0x0, &(0x7f0000000580)="b3185d7bb56f70f003360fa8bf71ac3086aedebf6fff904f92849a7a07395ee7f0e4cb1d78001c08a0ab73ffcf5ad07693727980eea946e6cba1723e81bfa5c3688803c8a124dcb27df7938e7ddfdd52"}) ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000004a40)={0x44, 0x0, &(0x7f00000002c0)=[@transaction={0x40406301, {0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0}) 14.573271839s ago: executing program 6 (id=2117): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000090024206d041cc340000000000109022400010000a00009040000010301010009210008000122010009058103"], 0x0) syz_usb_control_io$hid(r0, &(0x7f0000000240)={0x24, &(0x7f00000002c0)=ANY=[@ANYBLOB="00000c000000070001"], 0x0, 0x0, 0x0}, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000003000/0x18000)=nil, 0x0, 0x0, 0x2d, 0x0, 0x0) 14.33828517s ago: executing program 7 (id=2118): bpf$ENABLE_STATS(0x20, 0x0, 0x0) r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)=ANY=[], 0x48) socket(0xa, 0x3, 0x87) socket$inet6_tcp(0xa, 0x1, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$inet_opts(0xffffffffffffffff, 0x0, 0xd, &(0x7f0000000080)=""/2, 0x0) connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x800) socket(0x10, 0x3, 0x0) r4 = socket$pppl2tp(0x18, 0x1, 0x1) connect$pppl2tp(r4, &(0x7f0000000000)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x4e24, @broadcast}, 0x2, 0x0, 0x3}}, 0x26) r5 = getpid() sched_setscheduler(r5, 0x1, &(0x7f0000000240)=0x7) timer_create(0x7, &(0x7f0000000040)={0x0, 0x9, 0x1, @tid=r5}, &(0x7f0000000100)) r6 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$TCSETSW2(r6, 0x402c542c, &(0x7f0000000140)={0xffffffd0, 0x1016, 0x3, 0x811a, 0x3, "04ffff0400010000000000fdffff000800", 0x48, 0x1}) ioctl$TIOCSTI(r6, 0x5412, &(0x7f0000000080)=0xa) ioctl$TIOCSTI(r6, 0x5412, &(0x7f0000000000)=0xff) r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x16, 0xf, &(0x7f00000003c0)=@ringbuf={{0x18, 0x8}, {{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {0x85, 0x0, 0x0, 0x5}}, {{0x5, 0x0, 0x3}}, [], {{0x6, 0x1, 0xd, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x5}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r7, 0x18000000000002a0, 0xb, 0x0, &(0x7f0000000200)="9e36d448b388dd965f7a33", 0x0, 0x0, 0xe8030000, 0x0, 0x0, 0x0, 0x0}, 0x50) 13.42430652s ago: executing program 1 (id=2120): socket$nl_generic(0x10, 0x3, 0x10) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) sched_setaffinity(0x0, 0x0, 0x0) getpid() mkdir(0x0, 0x0) r0 = inotify_init1(0x0) mremap(&(0x7f0000ff9000/0x2000)=nil, 0x2000, 0x2000, 0x3, &(0x7f0000ffe000/0x2000)=nil) bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x4, 0x4, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x19}, 0x94) madvise(&(0x7f0000ff2000/0xd000)=nil, 0xd000, 0xe) mremap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x4000, 0x3, &(0x7f0000ff9000/0x4000)=nil) inotify_add_watch(r0, &(0x7f0000000200)='.\x00', 0x44000160) socket$nl_route(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = syz_open_dev$evdev(&(0x7f0000000040), 0x2, 0x0) ioctl$EVIOCSABS3F(r4, 0x401845ff, 0x0) 11.46759153s ago: executing program 6 (id=2122): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x28100, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_KVMCLOCK_CTRL(r2, 0xaead) 8.4383539s ago: executing program 0 (id=2123): bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB], 0x48) syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000200)='./file0\x00', 0x800, &(0x7f0000000000), 0x26, 0x756, &(0x7f00000002c0)="$eJzs3M1rXOUaAPDnnGaafuTeyYUL9+pChBZaKD1Jmk27aty4KxQKbmtITkLISSZkJrUTC7auhdpsFARR1y7dCqX+Ae6koOBeEK1xIW5GzuSjNGam0ybpSPr7wcl53vP1vE/m8GYO5D0BvLReL38kEUMRcTUiqpvb04g42o6ORdzeOG790a2pckmi1br2S1KeFuut6va1ks31yWifEv+PiAeViHPv/z1vvbk6P1kU+fJme6SxsDRSb66en1uYnM1n88Wx8UujF8fHL46OP7WG//VY6+m3Lh2/9+2ba2vffdW4+9rA+SQm2nXHZm09XuaZbPxOKjGxY/viQSTro6TfHQAAoCfl9/wjETHQ/pZajSPtCAAAADhMWoMtAAAA4NBLot89AAAAAA7W1v8BbM3tPah5sJ38/EZEDO+Wf6A9hzjiWFQi4sR68sTMhGTjNNiT23ci4v7Ezvvvi/IOu73Ha4/uaD85R/roHq/Ofrhfjj8Tu40/6fb4E7uMPwNb707Yo87j3+P8RzqMf1d7zPH1p69UOua/E/HqwG75k+38SYf8b/eY/+7aB/c67Wt9HnFm178/yRO5urwfYmJmruj6+oEHf5592K3+E53yJ93rX+qx/nfXf5vvNJaU+c+e6v7575a/vCc+3OxHGhH3Ntdle21HjlML33/Trf7piNbzfP6f9Vj/j18O3uzxUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGhLI2IokjTbjtM0yyJORsR/40Ra1OqNczO1lcXpcl/EcFTSmbkiH42I6kY7Kdtj7fhx+8KO9nhE/OeH4xtJ54o8m6oV0/0uHgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG0nI2IokjSLiDQifq+maZZFDPRw7uAL6B8AAACwT4b73QEAAADgwHn+BwAAgMPveZ//k33uBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHCoXb1ypVxa649uTZXt6RvNlfnajfPTeX0+W1iZyqZqy0vZbK02W+TZVG3hadcrarWlsUuxcnOkkdcbI/Xm6vWF2spi4/rcwuRsfj2vvJCqAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeFZD7SVJs4hI23GaZlnEvyJiOCrJzFyRj0bEvyPiYbUyWLbH+t1pAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9l29uTo/WRT5skAgeGHBexHxD+hGl6DfIxMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP1Qb67OTxZFvlzvd08AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADor/SnJCLK5Uz19NDOvUeTP6rtdUS888m1j25ONhrLY+X2X7e3Nz7e3H6hH/0HAACAl8LlZzl46zl96zkeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgV/Xm6vxkUeTLewsuR3O1lXQ4pt81AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAz+evAAAA//8KQsc4") r0 = open(&(0x7f00000000c0)='.\x00', 0x8000, 0x80) syz_usb_connect(0x3, 0x51, 0x0, 0x0) ioctl$FS_IOC_FIEMAP(r0, 0xc020660b, &(0x7f00000001c0)=ANY=[@ANYRESHEX]) 8.357119349s ago: executing program 6 (id=2124): r0 = syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x0) syz_usb_disconnect(r0) r1 = syz_usb_connect$rtl8150(0x0, 0x3f, &(0x7f0000000240)={{0x12, 0x1, 0x200, 0xff, 0xff, 0xff, 0x40, 0xbda, 0x8150, 0x0, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x2d}}]}}, 0x0) socket$inet6(0xa, 0x2, 0x0) ioctl$EVIOCRMFF(r0, 0x550c, 0x0) syz_usb_control_io(r1, 0x0, 0x0) 7.935822847s ago: executing program 1 (id=2125): r0 = socket$inet6(0xa, 0x802, 0x0) setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f00000000c0)={0x11}, 0x8) connect$inet6(r0, &(0x7f0000000240)={0xa, 0x6e23, 0x2, @mcast1, 0x9}, 0x1c) sendmmsg$inet6(r0, &(0x7f0000001840), 0x3b, 0x0) 7.935527978s ago: executing program 7 (id=2126): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x60880, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$TCFLSH(r0, 0x400455c8, 0x4) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$sock_bt_hci(r1, 0x400448e3, &(0x7f0000000080)) 6.90182012s ago: executing program 1 (id=2127): prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) connect$unix(0xffffffffffffffff, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0) r0 = socket$can_raw(0x1d, 0x3, 0x1) bind$can_raw(r0, &(0x7f0000000080), 0x10) setsockopt$CAN_RAW_FILTER(r0, 0x65, 0x1, 0x0, 0x0) unshare(0x6020400) r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000200), 0x140, 0x0) ioctl$RTC_UIE_ON(r1, 0x7003) ioctl$RTC_SET_TIME(r1, 0x4024700a, &(0x7f0000000100)={0x2b, 0x22, 0x0, 0x2, 0x8, 0xa9, 0x5, 0x2, 0x1}) 6.855207143s ago: executing program 0 (id=2128): r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100)) r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0}) r2 = dup3(r1, r0, 0x0) r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0) mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000004a80)={0x73622a85, 0x100, 0x1}) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000004c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0}) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0}) r4 = openat$ttyS3(0xffffffffffffff9c, 0x0, 0x40440, 0x0) ioctl$int_in(r4, 0x5452, 0x0) openat$ttyS3(0xffffffffffffff9c, 0x0, 0x123202, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) pselect6(0x40, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x10000000, 0x1}, &(0x7f0000000000)={0x18, 0x7, 0x6, 0x0, 0x7, 0x3fffff}, 0x0, 0x0, 0x0) ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x50, 0x0, &(0x7f0000000580)="b3185d7bb56f70f003360fa8bf71ac3086aedebf6fff904f92849a7a07395ee7f0e4cb1d78001c08a0ab73ffcf5ad07693727980eea946e6cba1723e81bfa5c3688803c8a124dcb27df7938e7ddfdd52"}) ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000004a40)={0x44, 0x0, &(0x7f00000002c0)=[@transaction={0x40406301, {0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0}) 5.972624691s ago: executing program 1 (id=2129): syz_mount_image$vfat(&(0x7f0000000880), &(0x7f0000003200)='./file1\x00', 0x4604, &(0x7f0000003240)=ANY=[], 0x3, 0x335, &(0x7f0000000a40)="$eJzs3M9rG0cUwPEnWZYlGVs6lJYWiof20l4WW+25VBQbSgU1tlVqFwxre9UKbSWjFS4qpbZPvZbccwrkYHz0zZD4H/Alt+SSS266BHKICSEb9pf107asyJFjfz8QdjQzTzujGYW3i1f1X///s5i3tLxelXBMSUhE5EQkJWEJhPxj2C1HpdmOfD3+4vHni8srP2Wy2dkFpeYyS9+klVKTUw/++ifudzsck+PUav15+tnxx8ef1t8s/VGwVMFSpXJV6Wqt/LSqr5mG2ihYRU2pedPQLUMVSpZR8drLXnveLG9u1pRe2phIbFYMy1J6qaaKRk1Vy6paqSn9d71QUpqmqYmE4ALOgi7omT6j1wc8GlyRSiWjj4hIvKMltzeUAQEAgKFqz//DTkrfV/4vk27+73Ru5P/7XxxVx385mDx0Ylfrh9Fu+f+3T7z3asn/YyLST/5/Vy6R/3dmRLdLbm+h//wf18NUtKMq1PLKyf8T/vfXtfvb/rRbIP8HAAAAAAAAAAAAAAAAAAAAAOBDcGLbSdu2k8Ex+Nd4hMB/jRvprPUfE5GYs/o263+TLS6vSMx9cM9ZY/O/rdxWzjv6HY5ExBRDpiUpr9394HPKwZNHypGSh+a2G//KOY64LZm8FNz4GUlKqj3etud+zM7OKI8ff/qYUqI5Pi1J+ah7fLo13hn/9lYuKl992RSvSVIerUtZTNlw93Uj/t8ZpX74OdsWH/dOAgAAAADADaApFfIvn1Ot17/e9bumKdW93fuVkUzevU10xv0B7/p6uuv1eST5WWTYswcAAAAA4Hawan8XddM0KucU4nJxn/4Lkd46R9tqRs/rPNI0w17HE3VvZIi867zu9fipthSCP6RoaYr5lf2NJ5j/wNZrp7kmLD1ERdoHP+VUqEuefdefyGlNcNsoesbnLPOd7xM+ZyeMDmw/f3Ln/svBfUG+Owh2wMWdd/s9V6x917mF0av+fwcAAADA+9dI+oOa75ubQ0MZFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAt8yV/KRfW2HYcwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACui7cBAAD//5Oa+gc=") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x15) write$P9_RGETLOCK(r0, &(0x7f00000001c0)={0x2e, 0x37, 0x1, {0x0, 0x8851, 0x316, 0x0, 0x10, 'nodioread_nmlock'}}, 0x2e) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) 5.83805321s ago: executing program 6 (id=2130): sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x200cc0c5, 0x0, 0x0) r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100)) r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0) setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x0, 0x28, &(0x7f0000000440)={@multicast2, @loopback, @empty}, 0xc) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0}) r2 = dup3(r1, r0, 0x0) r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f00000002c0)={0x73622a85, 0x10a}) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0}) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000001c0)={0x8, 0x0, &(0x7f0000000200)=[@acquire={0x40046305, 0x1}], 0x0, 0x0, 0x0}) 5.263008161s ago: executing program 0 (id=2131): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000540)=ANY=[@ANYBLOB="fc0000001900010029bd7000fbdbdf25ac1e0101000000000000000000000000ffffffff00000000000000000000000000000000000000000200000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000000001000080000000000000000000000000000000000000000000000000000000000200000000000000fdffffffefffffff00000000000000001000000000000000050000000000000000000000002000000000000000000000000000000000000001000202000000004400050000000000000000000000ffff0a010100000004d63c"], 0xfc}, 0x1, 0x0, 0x0, 0x20000004}, 0x0) r1 = socket$inet(0x2, 0x3, 0x6) sendmsg$inet(r1, &(0x7f00000000c0)={&(0x7f0000000040)={0x2, 0x0, @multicast1}, 0x10, 0x0, 0x0, &(0x7f0000000080)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @local, @remote}}}], 0x20}, 0x20000810) 4.880386144s ago: executing program 6 (id=2132): r0 = socket(0x1, 0x2, 0x0) r1 = socket(0x10, 0x803, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'bridge_slave_0\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newqdisc={0x40, 0x24, 0x4ee4e6a52ff56541, 0x70bd28, 0xffffffff, {0x0, 0x0, 0x0, r2, {0x0, 0x9}, {0xffff, 0xffff}, {0x4}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0xc, 0x2, [@TCA_FQ_CODEL_FLOWS={0x8, 0x5, 0x80000001}]}}]}, 0x40}}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x200000000000008b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x8) r3 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r3, 0x2, &(0x7f0000000000)=0x7) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000c80)='./file1\x00', 0x200040, &(0x7f0000005880)={[{@auto_da_alloc}], [{@seclabel}]}, 0xfc, 0x5b1, &(0x7f0000005a80)="$eJzs3U1rXFUfAPD/nUzStOnzJIVSnseFFLqwUjt586WC0LoULRZ0X4dkGkImnZKZlCYWbBd2464IIhbEreDeZfEL+CkKWihSgi5EiNzJnTQvM3nrpJNmfj+4yTn3Jef859xzc869M0wAXet0+iMX8f+I/jQ5uGZbPrKNp1f2W3p6eyJdklhe/uSPJJJsXWP/JPs9kGX+FxG/fBlxLre53OrC4kyxXC7NZfnh2uyN4erC4vnp2eJUaap0fWx8/MJb42PvvvN222J9/cpf33788IMLX51Z+uanxyfuJ3Epjmfb1sbxHO6szZwu/pOleuPShh1H21DYQZJ0ugLsSU/Wz3sjvQYMRk/W64HD74uIWN4syTdZuc7RZocBL5dER4Yu1RgHNOb2bZoHvzSevL8yAarH3rc2/vzKvZHor8+Nji0l62ZG6Xx3qA3lp2X8/PuD++kSW9+HOLpNHmBX7tyNiJF8fvP1P8muf3s3Ur95vLWNZXTb/x/opIfp+OeNZuO/3Or4J5qMfwaa9N292L7/5x63oZiW0vHfe03Hv6uXrqGeLPef+pivN7k2UC6NRBL/jYizEXFtulwa7V+5h97MhaVHy63KXzv+S5e0/MZYMKvH4/yR9cdMFmvFiOh73thTT+5GvJJvFn+y2v5Jk/ZPX48rOyzjVOnBq622bR///lr+IeK1pu3/7IlWsvXzyeG0/UdWfjYt4897p35tVf7u4m9Lk6+Ttv+xreMfStY+r63uvozv+/8utdrWMv7Vk635+d+XfFpPN16RW8VabW40oi/5aPP6sWfHNvKN/dP4z57Z+vrX7PxPJ1+f7TD+eyfvtdx1p+2/X5O9NP7JXbX/xkRasxabssSjDz//bu/xp+3/Zj11NluTXf+ay86VLaqzLvG8rx8AAAAAAAAcJLmIOB5JrrCazuUKhZX3d5yMY7lypVo7d60yf30y6p+VHYreXONJ92Dj/RDT5dJo9n7YRn5sQ348Ik5ExNc9R+v5wkSlPNnp4AEAAAAAAAAAAAAAAAAAAOCAGGjx+f/Ubz2drh2w7+pfbHCk07UAOmHbr/xvxzc9AQfStv0fOLTW9f+kc/UAXjz//6F76f/QvfR/6F76P3Qv/R+61076/6UXUA8AAAAAAAAAAAAAAAAAAAAAAAAAAAA4JK5cvpwuy0tPb0+k+cmbC/MzlZvnJ0vVmcLs/ERhojJ3ozBVqUyVS4WJymxEDG7198qVyo3RsZi/NVwrVWvD1YXFq7OV+eu1q9OzxanS1VLvC4sMAAAAAAAAAAAAAAAAAAAAXh7VhcWZYrlcmjsUiR/z+/GXL0an49rnxMWIO+nJsKfD8wclCokWibtZX9/dUZ29LgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAWv8GAAD//5bpLIE=") r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu\x00', 0x275a, 0x0) fcntl$lock(r4, 0x26, &(0x7f0000000280)={0x1, 0x0, 0x73f0, 0x9}) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r7 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r7, 0x0, 0xc000) ioctl$sock_SIOCETHTOOL(r0, 0x89f0, &(0x7f0000001440)={'ip_vti0\x00', &(0x7f0000000100)=@ethtool_ringparam={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}}) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x1f, 0x16, &(0x7f00000004c0)=ANY=[@ANYBLOB="6112a000000000006113500000000000bf2000000000000062000000180000003d030100000000009500f000000000006926f7b100000000bf67000000000000560602000fff07007706000020000000620200000ee60000bf250000000000003d350000000000006507000002080000070700004c0000001f75000000000000bf54000000000000070400000400f9ff2d35010000000000840400000000000014000000100000009500000000000000db13d5d8b741f2cdaabc8383c8f56b8c2b848b00ea6553f304000000815dcf00c3ee7b042d1937ba52037fdefeb0cff9fc56357d81b2cc1a9e37d7b75c020b070000003eb22062bafaca036d9cc7db6671573e202e0a92ee4ba12b064981cc32d1ac0b9ecc8f604dcac2463e1c1e762400"/300], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0xfffffffffffffc90}, 0x48) openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0) fsopen(&(0x7f0000000000)='pipefs\x00', 0x1) pipe2(&(0x7f0000001b40), 0x0) socket$packet(0x11, 0x2, 0x300) 4.879999924s ago: executing program 7 (id=2133): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mkdir(&(0x7f0000000100)='./file1\x00', 0x13b) mkdir(&(0x7f0000000000)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f00000003c0)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]}) chdir(&(0x7f0000000140)='./bus\x00') r0 = open(&(0x7f0000000580)='./file1\x00', 0x80242, 0x1df2a23c5997fa1f) ioctl$FIDEDUPERANGE(r0, 0xc0189436, &(0x7f0000000440)=ANY=[]) 4.808648213s ago: executing program 1 (id=2134): r0 = syz_usb_connect$uac2(0x3, 0x83, &(0x7f00000002c0)=ANY=[@ANYBLOB="120100020000002082052500400001020301090271000301f81005080b020001052008090400000001012000092401fdff0a11004708240a00000b7f00090401efff01022000090401010101022000090501"], 0x0) syz_usb_control_io$uac2(r0, &(0x7f0000000100)={0x14, 0x0, &(0x7f0000000000)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x445}}}, 0x0) syz_usb_control_io$uac2(r0, 0x0, 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000600)='./file0\x00', 0xc854, &(0x7f0000000140)=ANY=[], 0x1, 0x30e, &(0x7f0000000f00)="$eJzs3E1rE10UwPGTNEnTlHayeHhEQXrRjW6GNu7FIC2IAUttxBcQp81EQ8akZEIlIrZduXEhfggXpcvuCtov0I07V27cdSO4sAtxJDOTl7aJrWnSWPv/QZlD7j0z9+Y24dyBzPbdN0/zWVvPGmUJRpUERER2ROISlJqAfwy6cUSaLcvl4W+fzt++d/9mMpWanFFqKjl7JaGUGh17/+zFkN9tY1C24g+3vya+bP2/dXb75+yTnK1ytioUy8pQc8XPZWPOMlUmZ+d1paYt07BNlSvYZslrd5ZELFNlreLCQkUZhcxIbKFk2rYyChWVNyuqXFTlUkUZj41cQem6rkZigoOkV2dmjGSHyfNdHgx6pFRKGgMiMrSvJb3alwEBAIC+8uv/erUfrJb0ndT/oZb1/9qFzfLwnfVRv/7fiFTrf5Gm+v9R41ymygTr9X9URBr1f9HbH3S7/t9fEZ1sr3cvjjhOPYy06n+k+h8nRLX+j/mfX9fKg7VxN6D+BwAAAAAAAAAAAAAAAAAAAADgJNhxHM1xHM07DvivOtqgiETdX5B47X0eJnpk9/o3/lj/06Hx4I7QqIj1ajG9mPaOfodNEbHElHHR5If7/+CrxpFl5XZSVXH5YC35+UuLae+7JJmVnJs/IZrE9+Y7ztSN1OSE8uzOD0usOT8hmvzXOj+xNz9cPUbk0sWmfF00+TgvRbEk4/8yrpb/ckKp67dSe64/5PYDAAAAAOBfoKu6+v59sLld39/u7Y+9dm9/HZLW9we8/fV4y/19SM6F+jVrAAAAAABOF7vyPG9YllnqUbAiIj2+RJugNsPDZtUekNumT0AC7Zq6ENQu3ll6dWxdG0/4UO9YsKOhjkX+cFFaBrXbRu36yHQnZ3Y0kaO+h2fevvv++z7enTGRw5zw6nr0gJl2GkQOmmn42L6AAAAAABybRtFfe+VafwcEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMApdByP4uv3HAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIC/xa8AAAD//46ZAFE=") r1 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[], 0x48) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000003c0)={'netdevsim0\x00'}) sendmsg$DEVLINK_CMD_PORT_UNSPLIT(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40084}, 0x24008051) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xf, &(0x7f0000000000)=0x9, 0x4) syz_usb_control_io$uac2(r0, &(0x7f0000000340)={0x14, &(0x7f0000000180)={0x40, 0xa, 0x2, {0x2, 0x23}}, 0x0}, &(0x7f0000000680)={0x44, &(0x7f00000003c0)={0x20, 0x12}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) write$binfmt_script(r1, 0x0, 0x0) gettid() 3.996235133s ago: executing program 0 (id=2135): socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) r1 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000800)=ANY=[@ANYBLOB="0300000004000000040000000a"], 0x50) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0x8, &(0x7f0000000180)=ANY=[@ANYBLOB="1808000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b703000000000000850000000c000000b70000002000000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x67) setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f00000000c0)=r2, 0x4) r3 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$sock_int(r3, 0x1, 0xf, &(0x7f0000000000)=0x100002b3, 0x4) bind$inet(r3, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10) r4 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$sock_int(r4, 0x1, 0xf, &(0x7f0000000000)=0x100000b3, 0x4) bind$inet(r4, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10) connect$inet(r3, &(0x7f0000000180)={0x2, 0x4e22, @empty}, 0x10) syz_emit_ethernet(0x3a, &(0x7f00000000c0)={@multicast, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x2c, 0x0, 0x0, 0x0, 0x11, 0x0, @rand_addr=0xac141442, @empty=0xe0000001}, {0x0, 0x4e20, 0x18, 0x0, @wg=@data={0x4, 0xb, 0x3}}}}}}, 0x0) 2.136143065s ago: executing program 7 (id=2136): ioctl$sock_SIOCDELDLCI(0xffffffffffffffff, 0x8981, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f0000000400)='./file3\x00', 0x2218448, &(0x7f00000003c0)=ANY=[], 0xfd, 0x1de, &(0x7f0000000440)="$eJzsljurE0EUx/8zk7vJFUWwtLHwggq6d3ejIsgF01hZCD6ChWAwa4iuBpIUJiAxn8DezsKPIWjrh5Boo02stF6Zx2YnIZt3iHDPrzj578zZ2fNYzgYEQRxbfnz/O4j/HP0sADiJA+TN+i+R+nDL/1vh95svd26X3z3++DU/cPennRnHiz8/B+BzSaA9unf87gPzex98pB+A45LRZTC4Rj8Bx0OjQzA8Mvq5pRvS33Wf1aPQfdqIqlJ40vjSBNIUJ+Mb9hmqVnzM2m91ui8qURQ2tyjm1W9Y4jhK4hPj+y50tJ5VPx8cvtFFMNwz+gbySW10Saz8z+bS/MXM/B0sleTNy8CSFZGhLPGIM6cyW+UAWK0xe5vrPd6aV3ab71CGEFAi6eiGThYZWwKbzUIOpjk+yO2gqmu9UdN7IWZ259MtfU+yEvf0tfI5ndHcuLdghA5WySudT/EHhgvW/NSj5L361MgWHrY63Sv1l5VaWAtfBUHxunfV864Fh2oQaTtj/u2r+XQiPX/qN0niMAevK+1209d2dB1oOzlxmYlv2Oe4eD5dcybOLSRiL13jypeNbRMEQfxPnANTM1nN5USYrwms/7p3dxgjQRAEQRAEQRAEQRDr8S8AAP//p+Y+dA==") symlink(&(0x7f0000000dc0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000cc0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') 1.266122461s ago: executing program 0 (id=2137): r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x19, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="180000000100"/16], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @cgroup_sockopt=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r2 = fsopen(&(0x7f0000000400)='cgroup2\x00', 0x1) fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0) r3 = fsmount(r2, 0x0, 0x80) bpf$BPF_LINK_CREATE(0x1c, &(0x7f00000000c0)={r1, r3, 0x16, 0x0, @void}, 0x10) socket$nl_route(0x10, 0x3, 0x0) setsockopt$bt_BT_POWER(r0, 0x112, 0x9, &(0x7f00000005c0)=0x2, 0x1) 1.119800378s ago: executing program 6 (id=2138): syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f0000000000)='./file0\x00', 0x401e, &(0x7f0000000040)=ANY=[@ANYBLOB="666c7573685f6d657267652c6e6f666c7573685f6d657267652c6d6f64653d667261676d656e743a7365676d656e742c636f6d70726573735f63616368652c696e6c696e655f78617474722c636f6d70726573735f63616368652c6e6f696e6c696e655f78617474722c6e6f646973636172642c6261636b67726f756e645f67633d6f6e2c6261636b67726f756e645f67633d6f66662c636865636b706f696e743d64697361626c652c617467632c67635f6d657267652c6e6f626172726965722c004b1c091f21dfc606226168fd668d440f"], 0xfd, 0x5532, &(0x7f0000000540)="$eJzs3M1rI2UYAPB32u1+uxbx4G0HFqGFTWj6seit6i5+YJey6sGTpsk0ZDfJlCZNa08ePIoH/xNR8OTRv8GDZ2/iQfEmKJl3qltdQWja2M3vB5Nn3mfePPNODoFnJiQAU2s+/fXnJNwIV0IIsyGE6yEU+0m5FdZjeCGEcDOEMPPYlpT5PxMXQwhXQwg3RsVjzaQ89Pnt4a21n9765ZvvLl249sXX35dpYAqNvla6O3F/vxtj3orxYZmvD9tF7K4OyxgPdC7H49085vezraLCfv1oXr2IK604P9/Z64/idqfeGMVWe7vI7/TiCfvD1lGd4g0P67vFuJltFbHdz4vYOoznPTiM322H/UGs0yzrfVSUD4PBUYz57CCL17PzqIiN3qDMx7p5MzsYxWEZy9OFRt5pFuvYOsEH/T/3dru3d5AOs91+O++la9XaS9XanUptN29mg2y1Uu8276ymC63OaFplkNW76608b3WyaiPvLqYLrUajUqulC3ezrXa9l9Zq1ZXqUmVtsdy7nb5+/72000wXRvHVdm9v0O700+18N43vWEyXqysvL6a3auk7G5vp5oN79zY23/3g7vv3X9l487Vy0j+WlS4sLy0vV2pLleXa4hRd/yflosd4/XAiyaQXAHD+TLj/B6bUiyfo/7uPyvET+//dByGcfv8f9P9jca7632nv/0/h+uFE9P8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFPrh7kv3yh25uP4Wpl/pkw9V46TEMJMCOH3J5gNF4/VnC3rzP3L/Lm/reHbJBQVRue4VG5XQwjr5fbbs6f9KQAAAMDT66uPb34Wu/X4Mj/pBXGW4k2bmesfjqleEkKYm/9xTNVmRi/Pj6lYuFBsB2OqVtzAujymYvGW24VxVftPZo+Fy4+FJIaZM10OAABwJo53AmfbhQAAAHCWPp30ApiMJBw9yjx6Flz88v6vB4JXjo0AAACAcyiZ9AIAAACAU1f0//7/DwAAAJ5u8f//AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAP9i5nxu1gSgOwM82DuSfgqLc00puUEZKyDHHiALSBAXkQA1pgBrILSVEOMLjZWHFYSWPbS36PskMtsyPNxYcZkYaAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGNKfelfHj88/++Ycm37y9AYAAAC45VDv1u2bZTp/211/31362J0XEVFGxK2xexWvrjKrLqd+vP/X5f31kxp+R7QJp++Yd8ebiPjSHf8+DP0UAAAA4H7tN9tVGq2nl+XUBTGmNGlTvvuaKa+IiHr5N1Naecr7lCms/X3P4numtHYCa5EpLE25zXKlPUv7dz/P2i0umiI15c2PnYvM1ncAAGBE1VUz7igEAACAMX2bugCmUcTDUuZ5KXCemm557/XVGQAAAPACFVMXAAAAAAyuHf+PtP9fM9D+f02V7XEAAADAfUr7/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADCkQ71b7zfbVd+cY9NPnt4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPxnf95RIATCIAz2ru9M5v6HlQZNTU2qQPj4G4MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAePO7v/yfmBpnkrnXxtLzSLJ2amydGnvnxtEfxtevAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIv9eUmBEAiCKJgz/nfS9z+sJOgZRIiAhkcVtWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC+6He//J+YGmeSudPG0vFIsnbV2Lpq7D1oHD0Yb/8GAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIud+3mNo4oDAP5mZmdrq2KMkkNEFDzYi023tbUHQTwowYN/ghDSbY3d+qPNwZYi5uJNcu5F1JuIoMRbT/4DPbfQS731kEMF8TgyszO70zbYbbAz0+TzgbfvO8Pw3vfNQsh33iQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQGX73Wmc5B9z4zguz924e2U172/e1+eubd5azFseR00m/WR4uX4QLbSXCAAAAPtHUtX3IYTb6dZy3sdzRf2fVtfkNf/3z47jqp6/v+6v+qr2z9vvv915cTLR3HiefNAza6Ph0QdT6T2+VXbbcw+9olfc+eLZS1J8IfEHGy9sp8X9jL69fv29fhEeaCJbAGA3jlR9GVS/D+X9oM3EANg3erXCu6r/k7l2cwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABowvZGeLqKoxDCYm8a527evbK6U39t89Zi1U5evboZvp6OmQ+RhhDOrI2GRxtdTbddvHT53MpoNLwwQ/D24T9+zLIsm+nihwevhBD+j3F2E7xTLv/cRzNcHEILGe4m+KcbaXQtiMsvuyv5PBlBiz+UAADYk9Ky5XX97XRrOT8XzYeQ/XBv/f96LQ4z1v93Pj55oz5Xvf4fNLbC7ltaP//50sVLl99YO79ydnh2+OmbxwZvDY6fOnHi1FLxrGTJExMAAAAeWZZl2eSgX7Z6/R/PP7j/f6gWhxnr/y++G3xVnzhR/+9ouunXdiYAAAD72/Ov/v1XtMP5qN8PX66sr18YjD8nx8fGny2k+sgOlK1e/yfzbWcFAAAANGF7I7pn//90LQ4z7v8/89NLv9THTEIIB8v9/yOrn41ON7ecTmviz4nbXiMAAADtOli2+v5/Wrz/H09eeYhDCIdfG8flvwH8z/o/Lev/5P1vfq7PVX///3hzS+ykeGF8P4p+IYTeQtsZAQAAsJc9Vba82P8z3Vr+5NdDH/a9/w8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQtH8DAAD//4gjQ+s=") r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x183b41, 0x12b) ioctl$F2FS_IOC_SET_PIN_FILE(r0, 0x4004f50d, &(0x7f0000000340)=0xfffffff9) ioctl$FS_IOC_RESVSP(r0, 0x40305828, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x183b41, 0x12b) ioctl$FS_IOC_RESVSP(r1, 0x40305828, &(0x7f0000000040)={0x0, 0x0, 0xf, 0x800800}) llistxattr(&(0x7f00000005c0)='./bus\x00', &(0x7f0000000600)=""/33, 0x21) r2 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x1) r3 = epoll_create1(0x80000) close(r3) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f00000002c0)=ANY=[]) write$P9_RREADDIR(r2, &(0x7f0000000180)={0xb, 0x29, 0x1, {0x2}}, 0xb) 495.539134ms ago: executing program 7 (id=2139): r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x6, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="18020000fdffffff0000000000000000850000002c00000095"], &(0x7f0000000040)='GPL\x00', 0x5, 0xbf, &(0x7f00000020c0)=""/191}, 0x80) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'syz_tun\x00', 0x0}) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000500)={r1, r2, 0x25, 0x0, @val=@iter={0x0}}, 0x20) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000300)={'syztnl1\x00', 0x0}) syz_emit_ethernet(0xfdef, &(0x7f0000000300)=ANY=[], 0x0) 495.249966ms ago: executing program 1 (id=2140): r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100)) r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0}) r2 = dup3(r1, r0, 0x0) r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0) mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000004a80)={0x73622a85, 0x100, 0x1}) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000004c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0}) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0}) r4 = openat$ttyS3(0xffffffffffffff9c, 0x0, 0x40440, 0x0) ioctl$int_in(r4, 0x5452, 0x0) openat$ttyS3(0xffffffffffffff9c, 0x0, 0x123202, 0x0) pselect6(0x40, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x10000000, 0x1}, &(0x7f0000000000)={0x18, 0x7, 0x6, 0x0, 0x7, 0x3fffff}, 0x0, 0x0, 0x0) ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x50, 0x0, &(0x7f0000000580)="b3185d7bb56f70f003360fa8bf71ac3086aedebf6fff904f92849a7a07395ee7f0e4cb1d78001c08a0ab73ffcf5ad07693727980eea946e6cba1723e81bfa5c3688803c8a124dcb27df7938e7ddfdd52"}) ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000004a40)={0x44, 0x0, &(0x7f00000002c0)=[@transaction={0x40406301, {0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0}) 0s ago: executing program 0 (id=2141): r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='mounts\x00') mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x61) pipe2$9p(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x800) write$P9_RVERSION(r2, &(0x7f0000000280)=ANY=[@ANYBLOB="1500000065ffff097b00000800395032303030"], 0x15) r3 = dup(r2) write$FUSE_BMAP(r3, &(0x7f0000000100)={0x18}, 0x18) write$FUSE_NOTIFY_RETRIEVE(r3, &(0x7f00000000c0)={0x14c}, 0x137) mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@dfltgid}]}}) mount(0x0, 0x0, 0x0, 0x320089e, 0x0) socketpair$unix(0x1, 0x1, 0x0, 0x0) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) pread64(r0, &(0x7f0000002380)=""/253, 0xfdef, 0x4eb) kernel console output (not intermixed with test programs): 1509.324525][T14376] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 1509.538719][T14386] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1509.699597][T14386] EXT4-fs (loop3): shut down requested (2) [ 1510.166437][T11664] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1510.281181][T14394] loop0: detected capacity change from 0 to 256 [ 1510.379213][T14394] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 1510.395461][T10827] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1510.460304][T14394] exFAT-fs (loop0): Medium has reported failures. Some data may be lost. [ 1510.584836][T14394] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 1510.659241][T14394] exFAT-fs (loop0): failed to load alloc-bitmap [ 1510.713098][T14394] exFAT-fs (loop0): failed to recognize exfat type [ 1510.770636][T14398] loop7: detected capacity change from 0 to 512 [ 1510.880887][T14398] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1511.021796][T14398] ext4 filesystem being mounted at /2/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 1511.176815][T14408] loop3: detected capacity change from 0 to 512 [ 1511.238980][T14405] loop6: detected capacity change from 0 to 1024 [ 1511.300811][T14405] EXT4-fs: Ignoring removed bh option [ 1511.311265][T14408] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 1511.407645][T14405] EXT4-fs (loop6): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 1511.441411][T14408] ext4 filesystem being mounted at /130/file2 supports timestamps until 2038-01-19 (0x7fffffff) [ 1511.604828][T14405] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1511.795027][T13893] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1511.894297][T14405] EXT4-fs (loop6): re-mounted 00000000-0000-0000-0000-000000000000. [ 1512.323877][T14417] netlink: 92 bytes leftover after parsing attributes in process `syz.0.1647'. [ 1512.516436][T13925] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1513.617304][ T6975] usb 7-1: new high-speed USB device number 12 using dummy_hcd [ 1513.821442][ T6975] usb 7-1: Using ep0 maxpacket: 16 [ 1513.871331][ T6975] usb 7-1: config 0 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1513.885702][T14428] loop0: detected capacity change from 0 to 4096 [ 1513.927320][ T6975] usb 7-1: config 0 interface 0 has no altsetting 0 [ 1513.941041][T14428] EXT4-fs (loop0): Test dummy encryption mode enabled [ 1513.955892][ T6975] usb 7-1: New USB device found, idVendor=1e71, idProduct=2009, bcdDevice= 0.00 [ 1514.005129][ T6975] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1514.060198][T14428] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1514.063849][ T6975] usb 7-1: config 0 descriptor?? [ 1514.743865][ T6975] nzxt-smart2 0003:1E71:2009.0012: hidraw0: USB HID v0.05 Device [HID 1e71:2009] on usb-dummy_hcd.6-1/input0 [ 1514.863280][T14433] fscrypt (loop0): Missing crypto API support for AES-256-XTS (API name: "xts(aes)") [ 1515.064915][ T6975] usb 7-1: USB disconnect, device number 12 [ 1515.491558][T13879] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1515.843936][T11664] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 1515.927407][T14441] fido_id[14441]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.6/usb7/report_descriptor': No such file or directory [ 1515.953957][ T6975] usb 8-1: new high-speed USB device number 6 using dummy_hcd [ 1516.183604][ T6975] usb 8-1: Using ep0 maxpacket: 32 [ 1516.206771][ T6975] usb 8-1: unable to get BOS descriptor or descriptor too short [ 1516.280814][ T6975] usb 8-1: New USB device found, idVendor=0dba, idProduct=1000, bcdDevice= 0.40 [ 1516.324822][ T6975] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1516.395919][ T6975] usb 8-1: Product: syz [ 1516.418796][ T6975] usb 8-1: Manufacturer: syz [ 1516.442020][ T6975] usb 8-1: SerialNumber: syz [ 1516.692043][T14450] netlink: 4 bytes leftover after parsing attributes in process `syz.8.1655'. [ 1516.745829][T14447] loop0: detected capacity change from 0 to 2048 [ 1516.941932][T14444] loop7: detected capacity change from 0 to 512 [ 1516.995954][T14447] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1517.161857][T14447] EXT4-fs (loop0): shut down requested (2) [ 1517.591369][ T6975] usb 8-1: unit 0 not found! [ 1517.786413][T13879] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1517.936698][ T6975] snd-usb-audio 8-1:1.0: probe with driver snd-usb-audio failed with error -22 [ 1518.044735][ T6975] usb 8-1: unit 0 not found! [ 1518.127649][ T6975] snd-usb-audio 8-1:1.1: probe with driver snd-usb-audio failed with error -22 [ 1518.263259][ T6975] usb 8-1: unit 0 not found! [ 1519.010206][T14472] netlink: 8 bytes leftover after parsing attributes in process `syz.8.1660'. [ 1519.209900][ T6975] snd-usb-audio 8-1:1.2: probe with driver snd-usb-audio failed with error -22 [ 1519.283530][ T6975] usb 8-1: USB disconnect, device number 6 [ 1519.945698][T11277] udevd[11277]: error opening ATTR{/sys/devices/platform/dummy_hcd.7/usb8/8-1/8-1:1.2/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1520.111753][ T34] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1520.366906][ T34] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1520.644268][ T34] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1520.891506][ T34] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1521.765147][ T34] bridge_slave_1: left allmulticast mode [ 1521.814081][ T34] bridge_slave_1: left promiscuous mode [ 1521.840710][ T34] bridge0: port 2(bridge_slave_1) entered disabled state [ 1521.939900][ T34] bridge_slave_0: left allmulticast mode [ 1521.971851][ T34] bridge_slave_0: left promiscuous mode [ 1521.997509][ T34] bridge0: port 1(bridge_slave_0) entered disabled state [ 1522.396919][T14499] loop6: detected capacity change from 0 to 2048 [ 1522.556809][T14499] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1522.743105][T14499] EXT4-fs (loop6): shut down requested (2) [ 1523.223916][T13925] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1524.067238][ T34] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1524.194302][ T34] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1524.309056][ T34] bond0 (unregistering): Released all slaves [ 1524.832501][T14520] loop0: detected capacity change from 0 to 256 [ 1525.121897][T14520] FAT-fs (loop0): Directory bread(block 64) failed [ 1525.158388][T14520] FAT-fs (loop0): Directory bread(block 65) failed [ 1525.194237][ T6975] usb 8-1: new full-speed USB device number 7 using dummy_hcd [ 1525.209624][T14520] FAT-fs (loop0): Directory bread(block 66) failed [ 1525.250004][T14520] FAT-fs (loop0): Directory bread(block 67) failed [ 1525.262019][T14520] FAT-fs (loop0): Directory bread(block 68) failed [ 1525.301786][T14520] FAT-fs (loop0): Directory bread(block 69) failed [ 1525.332300][T14520] FAT-fs (loop0): Directory bread(block 70) failed [ 1525.382349][T14520] FAT-fs (loop0): Directory bread(block 71) failed [ 1525.424814][ T6975] usb 8-1: config 0 interface 0 altsetting 6 has 1 endpoint descriptor, different from the interface descriptor's value: 12 [ 1525.447033][T14520] FAT-fs (loop0): Directory bread(block 72) failed [ 1525.475507][ T6975] usb 8-1: config 0 interface 0 has no altsetting 0 [ 1525.515804][T14520] FAT-fs (loop0): Directory bread(block 73) failed [ 1525.536361][ T6975] usb 8-1: New USB device found, idVendor=5543, idProduct=0045, bcdDevice= 0.00 [ 1525.552354][ T34] hsr_slave_0: left promiscuous mode [ 1525.577435][ T6975] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1525.611573][ T34] hsr_slave_1: left promiscuous mode [ 1525.638297][ T34] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1525.675277][ T6975] usb 8-1: config 0 descriptor?? [ 1525.700555][ T34] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1525.761604][ T34] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1525.825726][ T34] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1525.888828][ T34] veth1_macvtap: left promiscuous mode [ 1525.947277][T14536] syz.0.1673(14536): Attempt to set a LOCK_MAND lock via flock(2). This support has been removed and the request ignored. [ 1525.999249][ T34] veth0_macvtap: left promiscuous mode [ 1526.025907][ T34] veth1_vlan: left promiscuous mode [ 1526.050939][ T34] veth0_vlan: left promiscuous mode [ 1526.136593][T14537] loop8: detected capacity change from 0 to 512 [ 1526.265944][T14537] EXT4-fs: Ignoring removed nobh option [ 1526.369465][ T6975] usb 8-1: string descriptor 0 read error: -71 [ 1526.399061][ T2160] usb 7-1: new high-speed USB device number 13 using dummy_hcd [ 1526.457361][ T6975] uclogic 0003:5543:0045.0013: failed retrieving string descriptor #200: -71 [ 1526.529698][T14537] ------------[ cut here ]------------ [ 1526.535537][T14537] EA inode 11 i_nlink=1026 [ 1526.535730][T14537] WARNING: fs/ext4/xattr.c:1059 at ext4_xattr_inode_update_ref+0x7a2/0x880, CPU#0: syz.8.1678/14537 [ 1526.551855][T14537] Modules linked in: [ 1526.556158][T14537] CPU: 0 UID: 0 PID: 14537 Comm: syz.8.1678 Not tainted syzkaller #0 PREEMPT(lazy) [ 1526.565946][T14537] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 1526.576330][T14537] RIP: 0010:ext4_xattr_inode_update_ref+0x81c/0x880 [ 1526.583224][T14537] Code: 06 00 00 44 89 ab 70 09 00 00 48 c7 83 80 0c 00 00 00 00 00 00 4d 85 f6 75 46 45 85 ff 75 55 48 8b 7d c0 48 8b 75 d0 8b 55 b8 <67> 48 0f b9 3a e9 d3 fc ff ff 44 89 e7 e8 b2 df 52 ff 89 c7 e8 cb [ 1526.603376][T14537] RSP: 0000:ffff8880a5bf7128 EFLAGS: 00010246 [ 1526.613198][T14537] RAX: 0000000000000000 RBX: ffff888119052d58 RCX: 00000000001bfebd [ 1526.622428][T14537] RDX: 0000000000000402 RSI: 000000000000000b RDI: ffffffff92d42f00 [ 1526.630962][T14537] RBP: ffff8880a5bf71b0 R08: ffffea000000000f R09: 0000000000000000 [ 1526.639302][T14537] R10: ffff8880a53f7070 R11: ffffffff81dda240 R12: 0000000000000000 [ 1526.647637][T14537] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1526.655913][T14537] FS: 0000000000000000(0000) GS:ffff8881aa610000(0063) knlGS:00000000f547db40 [ 1526.665159][T14537] CS: 0010 DS: 002b ES: 002b CR0: 0000000080050033 [ 1526.671917][T14537] CR2: 00007f3ae7063a10 CR3: 000000002cece000 CR4: 00000000003526f0 [ 1526.680193][T14537] Call Trace: [ 1526.684136][T14537] [ 1526.687226][T14537] ext4_xattr_inode_dec_ref_all+0x1011/0x17b0 [ 1526.693709][T14537] ? errseq_check+0x6f/0xd0 [ 1526.698590][T14537] ext4_xattr_delete_inode+0xd14/0x14c0 [ 1526.709415][T14537] ? ext4_truncate+0x178d/0x1c10 [ 1526.717891][T14537] ? __ext4_mark_inode_dirty+0x72e/0x9a0 [ 1526.724756][T14537] ext4_evict_inode+0x202b/0x2730 [ 1526.730151][T14537] ? __pfx_ext4_evict_inode+0x10/0x10 [ 1526.735987][T14537] evict+0x69b/0xc90 [ 1526.740279][T14537] ? kmsan_get_metadata+0xf1/0x160 [ 1526.746151][T14537] ? kmsan_internal_set_shadow_origin+0x7a/0x110 [ 1526.752843][T14537] iput+0x84b/0xca0 [ 1526.756984][T14537] ext4_process_orphan+0x49a/0x520 [ 1526.762448][T14537] ext4_orphan_cleanup+0x108a/0x1e10 [ 1526.768255][T14537] ext4_fill_super+0xa699/0xafa0 [ 1526.773752][T14537] ? sb_set_blocksize+0x24e/0x390 [ 1526.779254][T14537] get_tree_bdev_flags+0x6e6/0x920 [ 1526.784838][T14537] ? __pfx_ext4_fill_super+0x10/0x10 [ 1526.790359][T14537] ? __pfx_ext4_fill_super+0x10/0x10 [ 1526.796019][T14537] ? __pfx_ext4_get_tree+0x10/0x10 [ 1526.801367][T14537] get_tree_bdev+0x38/0x50 [ 1526.806141][T14537] ext4_get_tree+0x35/0x40 [ 1526.810781][T14537] vfs_get_tree+0xb3/0x5d0 [ 1526.818893][T14537] do_new_mount+0x885/0x1dd0 [ 1526.824694][T14537] ? apparmor_capable+0x2a2/0x380 [ 1526.830005][T14537] ? kmsan_get_metadata+0xf1/0x160 [ 1526.835716][T14537] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 1526.841884][T14537] path_mount+0x7a2/0x20b0 [ 1526.848951][T14537] ? user_path_at+0x1fc/0x330 [ 1526.854472][T14537] __se_sys_mount+0x704/0x7f0 [ 1526.859392][T14537] __ia32_sys_mount+0xe2/0x150 [ 1526.864546][T14537] ia32_sys_call+0x27fe/0x4360 [ 1526.874083][T14537] __do_fast_syscall_32+0x195/0x470 [ 1526.879951][T14537] do_fast_syscall_32+0x37/0x80 [ 1526.885154][T14537] do_SYSENTER_32+0x1f/0x30 [ 1526.890428][T14537] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1526.897215][T14537] RIP: 0023:0xf708f01c [ 1526.901471][T14537] Code: 90 85 d2 74 0a 89 ce 81 e6 ff 0f 00 00 89 32 85 c0 74 05 c1 e9 0c 89 08 31 c0 5e 5d c3 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 58 b8 [ 1526.928648][T14537] RSP: 002b:00000000f547d360 EFLAGS: 00000206 ORIG_RAX: 0000000000000015 [ 1526.946467][T14537] RAX: ffffffffffffffda RBX: 00000000f547d3c0 RCX: 0000000080000140 [ 1526.954822][T14537] RDX: 0000000080000180 RSI: 0000000000800718 RDI: 00000000f547d400 [ 1526.963039][T14537] RBP: 00000000f547d3c0 R08: 0000000000000000 R09: 0000000000000000 [ 1526.971305][T14537] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 1526.979573][T14537] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1526.987868][T14537] [ 1526.991034][T14537] ---[ end trace 0000000000000000 ]--- [ 1526.997238][ T6975] uclogic 0003:5543:0045.0013: failed retrieving pen parameters: -71 [ 1527.007873][ T6975] uclogic 0003:5543:0045.0013: failed probing pen v2 parameters: -71 [ 1527.024240][ T6975] uclogic 0003:5543:0045.0013: failed probing parameters: -71 [ 1527.040468][ T6975] uclogic 0003:5543:0045.0013: probe with driver uclogic failed with error -71 [ 1527.135929][T14537] EXT4-fs (loop8): 1 orphan inode deleted [ 1527.154589][ T2160] usb 7-1: Using ep0 maxpacket: 32 [ 1527.178073][ T2160] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1527.200064][T14537] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1527.226741][ T6975] usb 8-1: USB disconnect, device number 7 [ 1527.251488][ T2160] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1527.314677][ T2160] usb 7-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 1527.382308][ T2160] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1527.448770][T14537] EXT4-fs error (device loop8): htree_dirblock_to_tree:1080: inode #2: block 13: comm syz.8.1678: bad entry in directory: directory entry overrun - offset=76, inode=0, rec_len=1024, size=1024 fake=0 [ 1527.562157][ T2160] usb 7-1: config 0 descriptor?? [ 1527.649786][ T2160] hub 7-1:0.0: USB hub found [ 1527.888672][ T2160] hub 7-1:0.0: 1 port detected [ 1527.998007][T10827] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1528.105507][ T2160] hub 7-1:0.0: hub_hub_status failed (err = -71) [ 1528.151399][ T2160] hub 7-1:0.0: config failed, can't get hub status (err -71) [ 1528.238979][ T2160] usbhid 7-1:0.0: can't add hid device: -71 [ 1528.259369][ T2160] usbhid 7-1:0.0: probe with driver usbhid failed with error -71 [ 1528.380100][ T2160] usb 7-1: USB disconnect, device number 13 [ 1528.395576][ T40] usb 8-1: new high-speed USB device number 8 using dummy_hcd [ 1528.599742][ T40] usb 8-1: Using ep0 maxpacket: 32 [ 1528.629705][ T40] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1528.698233][ T40] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1528.720619][ T40] usb 8-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 1528.787739][ T40] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1528.847469][ T40] usb 8-1: config 0 descriptor?? [ 1528.975866][ T40] hub 8-1:0.0: USB hub found [ 1529.178902][ T40] hub 8-1:0.0: 1 port detected [ 1529.721235][ T34] team0 (unregistering): Port device team_slave_1 removed [ 1529.869393][ T40] hub 8-1:0.0: activate --> -90 [ 1529.968075][ T34] team0 (unregistering): Port device team_slave_0 removed [ 1530.306778][ T8471] usb 8-1: USB disconnect, device number 8 [ 1530.555626][ T40] usb 8-1-port1: config error [ 1533.077247][T14587] loop8: detected capacity change from 0 to 8192 [ 1534.142214][T14600] cgroup: name respecified [ 1535.958317][T14613] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1698'. [ 1536.084302][ T2160] usb 9-1: new high-speed USB device number 16 using dummy_hcd [ 1536.286031][ T2160] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1536.333093][ T2160] usb 9-1: config 0 interface 0 altsetting 129 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1536.405657][ T2160] usb 9-1: config 0 interface 0 altsetting 129 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1536.473793][ T2160] usb 9-1: config 0 interface 0 has no altsetting 0 [ 1536.516135][ T2160] usb 9-1: New USB device found, idVendor=046d, idProduct=c53a, bcdDevice= 0.00 [ 1536.568878][ T2160] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1536.628665][ T2160] usb 9-1: config 0 descriptor?? [ 1537.203949][ T2160] hid (null): unknown global tag 0xd [ 1537.241027][ T2160] hid (null): unknown global tag 0xd [ 1537.291159][ T2160] hid (null): unknown global tag 0xd [ 1537.446322][ T2160] logitech-djreceiver 0003:046D:C53A.0014: ignoring exceeding usage max [ 1537.509209][ T2160] logitech-djreceiver 0003:046D:C53A.0014: unknown global tag 0xd [ 1537.532041][ T2160] logitech-djreceiver 0003:046D:C53A.0014: item 0 4 1 13 parsing failed [ 1537.601036][ T2160] logitech-djreceiver 0003:046D:C53A.0014: logi_dj_probe: parse failed [ 1537.641712][ T2160] logitech-djreceiver 0003:046D:C53A.0014: probe with driver logitech-djreceiver failed with error -22 [ 1537.743272][ T2160] usb 9-1: USB disconnect, device number 16 [ 1538.236409][T14633] loop7: detected capacity change from 0 to 256 [ 1538.352446][T14633] exFAT-fs (loop7): failed to test first cluster bit of root dir(5) [ 1538.513756][ T29] audit: type=1804 audit(1780825718.670:36): pid=14633 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.7.1702" name=2F6E6577726F6F742F31342FE91F7189591E9233614B2F66696C6531 dev="loop7" ino=1048804 res=1 errno=0 [ 1538.839110][T14641] overlayfs: missing 'lowerdir' [ 1539.476554][T14649] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1707'. [ 1539.780130][T14654] loop8: detected capacity change from 0 to 256 [ 1539.840145][T14654] exfat: Deprecated parameter 'namecase' [ 1539.982838][T14654] exFAT-fs (loop8): failed to load upcase table (idx : 0x0001fe89, chksum : 0x5732d4a4, utbl_chksum : 0xe619d30d) [ 1540.681369][T14660] loop3: detected capacity change from 0 to 512 [ 1540.812291][T14660] EXT4-fs error (device loop3): ext4_iget_extra_inode:5128: inode #15: comm syz.3.1711: corrupted in-inode xattr: invalid ea_ino [ 1540.887036][T14660] loop3: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 1540.891503][T14660] EXT4-fs error (device loop3): ext4_orphan_get:1402: comm syz.3.1711: couldn't read orphan inode 15 (err -117) [ 1540.901195][ C1] EXT4-fs (loop3): error count since last fsck: 1 [ 1540.901276][ C1] EXT4-fs (loop3): initial error at time 1780825721: ext4_iget_extra_inode:5128: inode 15 [ 1540.901426][ C1] EXT4-fs (loop3): last error at time 1780825721: ext4_iget_extra_inode:5128: inode 15 [ 1540.984125][T14660] loop3: lost filesystem error report for type 5 error -117 [ 1540.990680][T14660] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1541.543150][T11664] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1541.982665][T14672] loop8: detected capacity change from 0 to 256 [ 1542.052003][T14672] exFAT-fs (loop8): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 1542.146786][T14672] exFAT-fs (loop8): Medium has reported failures. Some data may be lost. [ 1542.242008][T14672] exFAT-fs (loop8): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 1542.265192][T14676] loop7: detected capacity change from 0 to 1024 [ 1542.347691][T14672] exFAT-fs (loop8): failed to load alloc-bitmap [ 1542.411735][T14672] exFAT-fs (loop8): failed to recognize exfat type [ 1542.431585][T14676] EXT4-fs error (device loop7): ext4_orphan_get:1397: inode #13: comm syz.7.1716: iget: bad i_size value: -360287970189638630 [ 1542.455489][T14676] loop7: lost file I/O error report for ino 13 type 5 pos 0x0 len 0x0 error -117 [ 1542.463570][ C0] EXT4-fs (loop7): error count since last fsck: 1 [ 1542.479588][ C0] EXT4-fs (loop7): initial error at time 1780825722: ext4_orphan_get:1397: inode 13 [ 1542.489333][ C0] EXT4-fs (loop7): last error at time 1780825722: ext4_orphan_get:1397: inode 13 [ 1542.526668][T14676] EXT4-fs error (device loop7): ext4_orphan_get:1402: comm syz.7.1716: couldn't read orphan inode 13 (err -117) [ 1542.588854][T14676] loop7: lost filesystem error report for type 5 error -117 [ 1542.609969][T14676] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1542.868786][T14676] Quota error (device loop7): do_check_range: Getting block 64 out of range 1-5 [ 1542.965750][T14676] Quota error (device loop7): qtree_read_dquot: Can't read quota structure for id 0 [ 1543.014238][T14676] EXT4-fs error (device loop7): ext4_acquire_dquot:7034: comm syz.7.1716: Failed to acquire dquot type 0 [ 1543.212389][T14680] loop0: detected capacity change from 0 to 4096 [ 1543.347154][T14680] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1543.501901][T13893] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1543.643757][T14690] loop8: detected capacity change from 0 to 512 [ 1543.762322][T14690] EXT4-fs error (device loop8): ext4_iget_extra_inode:5128: inode #15: comm syz.8.1718: corrupted in-inode xattr: invalid ea_ino [ 1543.819846][T14690] loop8: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 1543.823566][ C1] EXT4-fs (loop8): error count since last fsck: 1 [ 1543.839616][ C1] EXT4-fs (loop8): initial error at time 1780825724: ext4_iget_extra_inode:5128: inode 15 [ 1543.849907][ C1] EXT4-fs (loop8): last error at time 1780825724: ext4_iget_extra_inode:5128: inode 15 [ 1543.971475][T14690] EXT4-fs (loop8): Remounting filesystem read-only [ 1543.989546][T14690] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1544.158270][T13879] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1544.242130][T14694] loop3: detected capacity change from 0 to 512 [ 1544.265717][T14690] syzkaller0: entered promiscuous mode [ 1544.265820][T14690] syzkaller0: entered allmulticast mode [ 1544.308738][T14696] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1720'. [ 1544.678487][T14694] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1544.755796][T14694] ext4 filesystem being mounted at /143/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 1544.989980][T10827] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1545.365470][T14693] EXT4-fs error (device loop3): ext4_lookup:1785: inode #12: comm syz.3.1719: iget: bad i_size value: 2533274857506816 [ 1545.490836][T14707] loop0: detected capacity change from 0 to 512 [ 1545.548453][T10551] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1545.683071][T14711] loop8: detected capacity change from 0 to 512 [ 1545.727262][T14707] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1545.751896][T14707] ext4 filesystem being mounted at /13/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 1545.773830][T14708] loop7: detected capacity change from 0 to 4096 [ 1545.782463][T14711] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 1545.881129][T14708] EXT4-fs (loop7): Test dummy encryption mode enabled [ 1545.954042][T14711] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1545.981097][T10551] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1546.035246][T14711] ext4 filesystem being mounted at /188/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 1546.091377][T14708] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1546.314195][T11664] EXT4-fs error (device loop3): ext4_lookup:1785: inode #12: comm syz-executor: iget: bad i_size value: 2533274857506816 [ 1546.386539][T11664] EXT4-fs error (device loop3): ext4_lookup:1785: inode #12: comm syz-executor: iget: bad i_size value: 2533274857506816 [ 1546.444468][T10551] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1546.629485][T13879] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1546.758931][T14708] fscrypt (loop7): Missing crypto API support for AES-256-XTS (API name: "xts(aes)") [ 1546.834535][T14720] fscrypt (loop7): Missing crypto API support for AES-256-XTS (API name: "xts(aes)") [ 1546.870468][T14708] overlayfs: upper fs does not support tmpfile. [ 1546.941796][T10551] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1546.960001][T14708] fscrypt (loop7): Missing crypto API support for AES-256-XTS (API name: "xts(aes)") [ 1547.118039][T10827] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1547.861252][T13893] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1547.886477][T14733] loop0: detected capacity change from 0 to 256 [ 1547.981017][T14733] exfat: Deprecated parameter 'utf8' [ 1548.032459][T14733] exfat: Deprecated parameter 'namecase' [ 1548.082319][T14733] exfat: Deprecated parameter 'utf8' [ 1548.210386][T14733] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d) [ 1548.446600][T14703] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1548.583303][T10551] bridge_slave_1: left allmulticast mode [ 1548.642376][T10551] bridge_slave_1: left promiscuous mode [ 1548.686680][T10551] bridge0: port 2(bridge_slave_1) entered disabled state [ 1548.768878][T14733] exFAT-fs (loop0): start_clu is invalid cluster(0x0) [ 1548.837543][T10551] bridge_slave_0: left allmulticast mode [ 1548.861560][T10551] bridge_slave_0: left promiscuous mode [ 1548.921311][T10551] bridge0: port 1(bridge_slave_0) entered disabled state [ 1550.487392][T10551] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1550.536201][ T1307] ieee802154 phy0 wpan0: encryption failed: -22 [ 1550.542976][ T1307] ieee802154 phy1 wpan1: encryption failed: -22 [ 1550.555550][T10551] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1550.619956][T10551] bond0 (unregistering): Released all slaves [ 1550.839841][T10551] tipc: Left network mode [ 1551.297818][T10551] hsr_slave_0: left promiscuous mode [ 1551.325488][T10551] hsr_slave_1: left promiscuous mode [ 1551.344492][T10551] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1551.375813][T10551] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1551.407389][T10551] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1551.435431][T10551] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1551.482859][T10551] veth1_macvtap: left promiscuous mode [ 1551.507418][T10551] veth0_macvtap: left promiscuous mode [ 1551.521789][T10551] veth1_vlan: left promiscuous mode [ 1551.534445][T10551] veth0_vlan: left promiscuous mode [ 1552.900144][T14774] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 1552.926466][T14774] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 1552.940142][T14774] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 1552.957037][T14774] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 1552.970669][T14774] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 1553.753980][T10551] team0 (unregistering): Port device team_slave_1 removed [ 1553.830379][T10551] team0 (unregistering): Port device team_slave_0 removed [ 1555.156529][T14774] Bluetooth: hci2: command tx timeout [ 1555.522121][T14794] loop7: detected capacity change from 0 to 256 [ 1555.558649][T10551] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1555.841883][T10551] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1556.165607][T10551] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1556.510677][T10551] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1557.061140][T14807] loop0: detected capacity change from 0 to 128 [ 1557.321095][T14807] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 1557.392532][T14774] Bluetooth: hci2: command tx timeout [ 1557.488248][T14807] ext4 filesystem being mounted at /20/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 1557.805796][T14807] fscrypt: AES-128-CBC-CTS using implementation "cts(cbc(ecb(aes-lib)))" [ 1558.150854][T14820] loop6: detected capacity change from 0 to 16 [ 1558.242561][T14820] erofs (device loop6): mounted with root inode @ nid 36. [ 1558.404039][T14820] overlayfs: "xino" feature enabled using 2 upper inode bits. [ 1558.480127][T13879] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 1559.114824][T10551] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1559.213094][T10551] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1559.295992][T10551] bond0 (unregistering): Released all slaves [ 1559.601795][T14774] Bluetooth: hci2: command tx timeout [ 1559.661598][T14827] loop0: detected capacity change from 0 to 128 [ 1559.666151][T10551] tipc: Left network mode [ 1559.715954][T14827] FAT-fs (loop0): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1) [ 1559.972983][ T6095] FAT-fs (loop0): error, invalid FAT chain (i_pos 548, last_block 8) [ 1560.009445][ T6095] FAT-fs (loop0): Filesystem has been set read-only [ 1560.068146][ T6095] FAT-fs (loop0): error, corrupted file size (i_pos 548, 522) [ 1560.778878][T10551] hsr_slave_0: left promiscuous mode [ 1560.832398][T10551] hsr_slave_1: left promiscuous mode [ 1560.857164][T10551] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1560.874981][T10551] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1560.928127][T10551] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1561.002387][T10551] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1561.111705][T10551] veth1_macvtap: left promiscuous mode [ 1561.128971][T10551] veth0_macvtap: left promiscuous mode [ 1561.140856][T10551] veth1_vlan: left promiscuous mode [ 1561.171928][T10551] veth0_vlan: left promiscuous mode [ 1561.566607][T14843] loop6: detected capacity change from 0 to 256 [ 1561.713065][T14843] exFAT-fs (loop6): failed to load upcase table (idx : 0x0001fe89, chksum : 0xbf24f927, utbl_chksum : 0xe619d30d) [ 1561.824876][T14774] Bluetooth: hci2: command tx timeout [ 1563.132878][T14856] loop8: detected capacity change from 0 to 512 [ 1563.262893][T14856] EXT4-fs error (device loop8): ext4_free_branches:1023: inode #11: comm syz.8.1754: invalid indirect mapped block 256 (level 2) [ 1563.307209][T10551] team0 (unregistering): Port device team_slave_1 removed [ 1563.395864][T14856] loop8: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 1563.398795][T14856] EXT4-fs (loop8): 2 truncates cleaned up [ 1563.408360][ C0] EXT4-fs (loop8): error count since last fsck: 1 [ 1563.408456][ C0] EXT4-fs (loop8): initial error at time 1780825742: ext4_free_branches:1023: inode 11 [ 1563.408605][ C0] EXT4-fs (loop8): last error at time 1780825742: ext4_free_branches:1023: inode 11 [ 1563.456849][T10551] team0 (unregistering): Port device team_slave_0 removed [ 1563.497260][T14856] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1563.610576][T14856] EXT4-fs (loop8): shut down requested (1) [ 1563.942148][T10827] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1564.632231][T14868] loop8: detected capacity change from 0 to 512 [ 1564.747748][T14868] EXT4-fs warning (device loop8): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 1564.818389][T14868] EXT4-fs warning (device loop8): dx_probe:849: Enable large directory feature to access it [ 1564.854836][T14868] EXT4-fs warning (device loop8): dx_probe:934: inode #2: comm syz.8.1757: Corrupt directory, running e2fsck is recommended [ 1564.904968][T14868] EXT4-fs (loop8): Cannot turn on journaled quota: type 1: error -117 [ 1564.942628][T14868] EXT4-fs error (device loop8): ext4_iget_extra_inode:5128: inode #15: comm syz.8.1757: corrupted in-inode xattr: invalid ea_ino [ 1565.031465][T14868] loop8: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 1565.035234][T14868] EXT4-fs error (device loop8): ext4_orphan_get:1402: comm syz.8.1757: couldn't read orphan inode 15 (err -117) [ 1565.044830][ C0] EXT4-fs (loop8): error count since last fsck: 1 [ 1565.044920][ C0] EXT4-fs (loop8): initial error at time 1780825744: ext4_iget_extra_inode:5128: inode 15 [ 1565.045073][ C0] EXT4-fs (loop8): last error at time 1780825744: ext4_iget_extra_inode:5128: inode 15 [ 1565.188433][T14868] loop8: lost filesystem error report for type 5 error -117 [ 1565.200744][T14868] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1565.356890][T14868] EXT4-fs warning (device loop8): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 1565.440102][T14868] EXT4-fs warning (device loop8): dx_probe:849: Enable large directory feature to access it [ 1565.477253][T14868] EXT4-fs warning (device loop8): dx_probe:934: inode #2: comm syz.8.1757: Corrupt directory, running e2fsck is recommended [ 1565.507416][T14868] EXT4-fs error (device loop8): ext4_readdir:265: inode #2: block 3: comm syz.8.1757: path /193/file0: bad entry in directory: directory entry overrun - offset=0, inode=4294967295, rec_len=65552, size=1024 fake=0 [ 1565.579451][T14868] EXT4-fs error (device loop8): ext4_readdir:265: inode #2: block 2: comm syz.8.1757: path /193/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=4, size=1024 fake=0 [ 1565.704917][T14868] EXT4-fs error (device loop8): ext4_readdir:265: inode #2: block 8: comm syz.8.1757: path /193/file0: bad entry in directory: directory entry overrun - offset=0, inode=33261, rec_len=132120, size=1024 fake=0 [ 1566.821476][T14884] loop6: detected capacity change from 0 to 4096 [ 1566.834511][T14890] loop0: detected capacity change from 0 to 256 [ 1566.888256][T14884] EXT4-fs: inline encryption not supported [ 1566.972226][T14890] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 1566.986573][T14884] EXT4-fs (loop6): Test dummy encryption mode enabled [ 1567.084365][T14884] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1567.143656][T14894] loop7: detected capacity change from 0 to 128 [ 1567.280970][T14890] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 1567.317777][T14890] FAT-fs (loop0): Filesystem has been set read-only [ 1567.378809][T10827] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1567.386389][T14890] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 1567.492172][T14890] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 1567.637643][ T29] audit: type=1800 audit(1780825746.787:37): pid=14890 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1759" name="file1" dev="loop0" ino=1048810 res=0 errno=0 [ 1567.689033][T14890] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000001) [ 1568.477020][T14773] bridge0: port 1(bridge_slave_0) entered blocking state [ 1568.514276][T14773] bridge0: port 1(bridge_slave_0) entered disabled state [ 1568.527236][T14906] loop7: detected capacity change from 0 to 512 [ 1568.560371][T14773] bridge_slave_0: entered allmulticast mode [ 1568.592066][T14906] EXT4-fs (loop7): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 1568.612057][T14773] bridge_slave_0: entered promiscuous mode [ 1568.641613][T14906] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e842e0a8, mo2=0002] [ 1568.684270][T14773] bridge0: port 2(bridge_slave_1) entered blocking state [ 1568.735047][T14906] System zones: 1-12 [ 1568.779812][T14906] EXT4-fs (loop7): orphan cleanup on readonly fs [ 1568.791110][T14773] bridge0: port 2(bridge_slave_1) entered disabled state [ 1568.819251][T14906] EXT4-fs error (device loop7): ext4_validate_block_bitmap:441: comm syz.7.1762: bg 0: block 361: padding at end of block bitmap is not set [ 1568.849317][T14773] bridge_slave_1: entered allmulticast mode [ 1568.877773][T14906] loop7: lost filesystem error report for type 5 error -117 [ 1568.879839][T14906] EXT4-fs (loop7): Remounting filesystem read-only [ 1568.903021][ C1] EXT4-fs (loop7): error count since last fsck: 1 [ 1568.903115][ C1] EXT4-fs (loop7): initial error at time 1780825747: ext4_validate_block_bitmap:441 [ 1568.903243][ C1] EXT4-fs (loop7): last error at time 1780825747: ext4_validate_block_bitmap:441 [ 1568.916322][T14773] bridge_slave_1: entered promiscuous mode [ 1569.035872][T14906] EXT4-fs (loop7): 1 truncate cleaned up [ 1569.085066][T14906] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: none. [ 1569.462485][T14884] fscrypt: AES-256-XTS using implementation "xts(ecb(aes-lib))" [ 1569.495526][T14773] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1569.557475][T14773] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1569.681602][T14884] overlayfs: failed index dir cleanup (-512) [ 1569.719815][T14884] overlayfs: try deleting index dir or mounting with '-o index=off' to disable inodes index. [ 1569.785088][T13893] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000007. [ 1569.855059][T14773] team0: Port device team_slave_0 added [ 1569.929141][T14773] team0: Port device team_slave_1 added [ 1570.296031][T14773] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1570.317369][T14773] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1570.424492][T14773] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1570.487382][T14773] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1570.503968][T13925] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1570.515667][T14773] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1570.524527][ T40] usb 8-1: new high-speed USB device number 9 using dummy_hcd [ 1570.570278][T14773] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1570.803917][ T40] usb 8-1: Using ep0 maxpacket: 32 [ 1570.825457][ T40] usb 8-1: unable to get BOS descriptor or descriptor too short [ 1570.894543][ T40] usb 8-1: New USB device found, idVendor=0dba, idProduct=1000, bcdDevice= 0.40 [ 1570.925972][ T40] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1570.957007][ T40] usb 8-1: Product: syz [ 1570.987441][ T40] usb 8-1: Manufacturer: syz [ 1571.008363][ T40] usb 8-1: SerialNumber: syz [ 1571.103956][T14773] hsr_slave_0: entered promiscuous mode [ 1571.148658][T14773] hsr_slave_1: entered promiscuous mode [ 1571.184854][T14773] debugfs: 'hsr0' already exists in 'hsr' [ 1571.215129][T14773] Cannot create hsr debugfs directory [ 1571.497587][ T40] usb 8-1: unit 0 not found! [ 1571.961919][ T40] snd-usb-audio 8-1:1.0: probe with driver snd-usb-audio failed with error -22 [ 1572.057533][ T40] usb 8-1: unit 0 not found! [ 1572.067398][T14932] loop6: detected capacity change from 0 to 1024 [ 1572.080789][T14932] EXT4-fs: Ignoring removed nomblk_io_submit option [ 1572.165002][T14932] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1572.235578][ T40] snd-usb-audio 8-1:1.1: probe with driver snd-usb-audio failed with error -22 [ 1572.382630][ T40] usb 8-1: unit 0 not found! [ 1572.902843][T13925] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1573.306654][ T40] snd-usb-audio 8-1:1.2: probe with driver snd-usb-audio failed with error -22 [ 1573.411316][ T40] usb 8-1: USB disconnect, device number 9 [ 1573.672822][T11125] udevd[11125]: error opening ATTR{/sys/devices/platform/dummy_hcd.7/usb8/8-1/8-1:1.2/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1573.794379][T14942] loop6: detected capacity change from 0 to 512 [ 1573.908619][T14942] EXT4-fs (loop6): 1 truncate cleaned up [ 1574.026927][T14942] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1574.367405][T14773] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 1574.496851][T14773] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 1574.513085][T13925] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1574.527598][T14773] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 1574.622500][T14773] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 1574.644960][T14773] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 1574.746734][T14773] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 1574.789783][T14773] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 1574.910420][T14773] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 1575.282984][ T8471] usb 7-1: new full-speed USB device number 14 using dummy_hcd [ 1575.500140][ T8471] usb 7-1: New USB device found, idVendor=04b8, idProduct=0202, bcdDevice= 0.40 [ 1575.537955][ T8471] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1575.585438][ T8471] usb 7-1: Product: syz [ 1575.600487][ T8471] usb 7-1: Manufacturer: syz [ 1575.617184][ T8471] usb 7-1: SerialNumber: syz [ 1576.083096][T14773] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1576.227179][ T8471] usblp 7-1:1.0: usblp0: USB Unidirectional printer dev 14 if 0 alt 0 proto 1 vid 0x04B8 pid 0x0202 [ 1576.339106][T14773] 8021q: adding VLAN 0 to HW filter on device team0 [ 1576.425120][T10551] bridge0: port 1(bridge_slave_0) entered blocking state [ 1576.432743][T10551] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1576.588280][T10551] bridge0: port 2(bridge_slave_1) entered blocking state [ 1576.595844][T10551] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1576.881727][T14961] syzkaller0: entered promiscuous mode [ 1576.939351][T14961] syzkaller0: entered allmulticast mode [ 1577.042740][T14964] tipc: Started in network mode [ 1577.170133][T14964] tipc: Node identity cefd8c13b41f, cluster identity 4711 [ 1577.216934][T14964] tipc: Enabled bearer , priority 0 [ 1577.338110][T14960] tipc: Resetting bearer [ 1577.438729][T14960] tipc: Disabling bearer [ 1578.156118][ C1] usblp0: nonzero write bulk status received: -71 [ 1578.158920][ T2160] usb 7-1: USB disconnect, device number 14 [ 1578.622190][T14954] usblp0: removed [ 1578.667443][ T40] usb 8-1: new high-speed USB device number 10 using dummy_hcd [ 1578.852319][ T40] usb 8-1: config 0 has an invalid interface number: 64 but max is 0 [ 1578.896901][ T40] usb 8-1: config 0 has an invalid descriptor of length 48, skipping remainder of the config [ 1578.938411][ T40] usb 8-1: config 0 has no interface number 0 [ 1578.995374][ T40] usb 8-1: New USB device found, idVendor=046d, idProduct=0823, bcdDevice=39.48 [ 1579.035040][ T40] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1579.068463][ T40] usb 8-1: Product: syz [ 1579.083559][ T40] usb 8-1: Manufacturer: syz [ 1579.094382][ T40] usb 8-1: SerialNumber: syz [ 1579.125985][ T40] usb 8-1: config 0 descriptor?? [ 1579.646541][ T40] uvcvideo 8-1:0.64: Found UVC 0.00 device syz (046d:0823) [ 1579.680761][ T40] uvcvideo 8-1:0.64: No valid video chain found. [ 1579.904423][ T8471] usb 8-1: USB disconnect, device number 10 [ 1579.919459][T14987] loop6: detected capacity change from 0 to 256 [ 1580.034469][ T7668] Bluetooth: hci4: command 0x0406 tx timeout [ 1580.045311][T14987] exFAT-fs (loop6): error, The cluster chain has a loop [ 1580.084095][T14987] exFAT-fs (loop6): Filesystem has been set read-only [ 1580.099237][T14987] exFAT-fs (loop6): failed to count the number of clusters in root [ 1580.110563][T14987] exFAT-fs (loop6): failed to recognize exfat type [ 1581.966917][T14773] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1582.056472][T15012] loop6: detected capacity change from 0 to 256 [ 1582.378041][T15012] FAT-fs (loop6): Directory bread(block 64) failed [ 1582.405675][T15012] FAT-fs (loop6): Directory bread(block 65) failed [ 1582.439821][T15012] FAT-fs (loop6): Directory bread(block 66) failed [ 1582.463659][T15012] FAT-fs (loop6): Directory bread(block 67) failed [ 1582.474593][T15017] binder: 15016:15017 unknown command 0 [ 1582.495802][T15012] FAT-fs (loop6): Directory bread(block 68) failed [ 1582.504278][T15017] binder: 15016:15017 ioctl c0306201 800001c0 returned -22 [ 1582.523661][T15012] FAT-fs (loop6): Directory bread(block 69) failed [ 1582.561824][T15012] FAT-fs (loop6): Directory bread(block 70) failed [ 1582.600057][T15012] FAT-fs (loop6): Directory bread(block 71) failed [ 1582.656831][T15012] FAT-fs (loop6): Directory bread(block 72) failed [ 1582.680926][T14773] veth0_vlan: entered promiscuous mode [ 1582.692474][T15012] FAT-fs (loop6): Directory bread(block 73) failed [ 1582.853260][T14773] veth1_vlan: entered promiscuous mode [ 1583.340864][T14773] veth0_macvtap: entered promiscuous mode [ 1583.483013][T14773] veth1_macvtap: entered promiscuous mode [ 1583.734863][T15028] loop7: detected capacity change from 0 to 256 [ 1583.790585][T15028] exfat: Deprecated parameter 'namecase' [ 1583.792043][T14773] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1583.833517][T15028] exfat: Deprecated parameter 'namecase' [ 1583.951585][T15028] exFAT-fs (loop7): failed to load upcase table (idx : 0x00010000, chksum : 0xfcc0b04e, utbl_chksum : 0xe619d30d) [ 1583.960579][T15030] loop8: detected capacity change from 0 to 256 [ 1583.978837][T14773] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1584.083454][T15030] exFAT-fs (loop8): error, The cluster chain has a loop [ 1584.133978][T15030] exFAT-fs (loop8): Filesystem has been set read-only [ 1584.164441][T15030] exFAT-fs (loop8): failed to count the number of clusters in root [ 1584.228558][T15030] exFAT-fs (loop8): failed to recognize exfat type [ 1584.267249][ T1288] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1584.329579][ T6093] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1584.415260][ T6093] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1584.444613][ T6093] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1584.962632][T15039] loop7: detected capacity change from 0 to 256 [ 1585.065632][T15039] exFAT-fs (loop7): error, The cluster chain has a loop [ 1585.121670][T15039] exFAT-fs (loop7): Filesystem has been set read-only [ 1585.180051][T15039] exFAT-fs (loop7): failed to count the number of clusters in root [ 1585.225227][T15039] exFAT-fs (loop7): failed to recognize exfat type [ 1585.469940][T15044] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 1585.505024][T14774] Bluetooth: hci5: command 0x0406 tx timeout [ 1586.019807][ T8167] usb 8-1: new high-speed USB device number 11 using dummy_hcd [ 1586.223453][ T8167] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1586.267749][ T8167] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1586.315029][ T8167] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 1586.365484][ T8167] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 1586.411626][ T8167] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1586.468465][ T8167] usb 8-1: config 0 descriptor?? [ 1587.129323][ T8167] plantronics 0003:047F:FFFF.0015: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.7-1/input0 [ 1587.295994][ T8167] usb 8-1: USB disconnect, device number 11 [ 1587.390881][T15056] loop0: detected capacity change from 0 to 4096 [ 1587.542733][T15064] loop8: detected capacity change from 0 to 2048 [ 1587.715311][T15064] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1587.768079][T15056] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1587.797698][T15065] fido_id[15065]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.7/usb8/report_descriptor': No such file or directory [ 1587.896008][T15064] EXT4-fs (loop8): shut down requested (2) [ 1588.344202][T10827] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1588.755142][T13879] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1588.992093][T15080] loop7: detected capacity change from 0 to 1024 [ 1589.023034][T15085] loop8: detected capacity change from 0 to 16 [ 1589.096392][T15085] erofs (device loop8): mounted with root inode @ nid 36. [ 1589.171589][T15080] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1589.597554][ T8167] usb 8-1: new high-speed USB device number 12 using dummy_hcd [ 1589.642629][T15091] loop6: detected capacity change from 0 to 256 [ 1589.780270][ T8167] usb 8-1: Using ep0 maxpacket: 8 [ 1589.840755][T15091] FAT-fs (loop6): Directory bread(block 64) failed [ 1589.845711][ T8167] usb 8-1: config 1 interface 0 has no altsetting 0 [ 1589.882217][T15091] FAT-fs (loop6): Directory bread(block 65) failed [ 1589.918355][ T8167] usb 8-1: string descriptor 0 read error: -22 [ 1589.927813][T15091] FAT-fs (loop6): Directory bread(block 66) failed [ 1589.939429][ T8167] usb 8-1: New USB device found, idVendor=1d34, idProduct=0004, bcdDevice= 0.40 [ 1589.973546][ T8167] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1589.974776][T15091] FAT-fs (loop6): Directory bread(block 67) failed [ 1590.040543][T15091] FAT-fs (loop6): Directory bread(block 68) failed [ 1590.066466][T15091] FAT-fs (loop6): Directory bread(block 69) failed [ 1590.083631][T15096] loop8: detected capacity change from 0 to 256 [ 1590.129397][T15091] FAT-fs (loop6): Directory bread(block 70) failed [ 1590.193069][T15091] FAT-fs (loop6): Directory bread(block 71) failed [ 1590.222461][T15096] exFAT-fs (loop8): error, The cluster chain has a loop [ 1590.249694][T15091] FAT-fs (loop6): Directory bread(block 72) failed [ 1590.279460][T15096] exFAT-fs (loop8): Filesystem has been set read-only [ 1590.309543][T15091] FAT-fs (loop6): Directory bread(block 73) failed [ 1590.341683][T15096] exFAT-fs (loop8): failed to count the number of clusters in root [ 1590.401610][T15096] exFAT-fs (loop8): failed to recognize exfat type [ 1590.731310][ T8167] usbhid 8-1:1.0: can't add hid device: -71 [ 1590.789304][ T8167] usbhid 8-1:1.0: probe with driver usbhid failed with error -71 [ 1590.878879][ T8167] usb 8-1: USB disconnect, device number 12 [ 1590.977348][T14774] Bluetooth: hci1: command 0x0406 tx timeout [ 1591.739893][T15108] loop8: detected capacity change from 0 to 128 [ 1591.806204][T15108] EXT4-fs (loop8): Test dummy encryption mode enabled [ 1591.889926][T15108] EXT4-fs (loop8): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 1591.967768][T13893] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1591.996758][T15108] ext4 filesystem being mounted at /204/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 1592.557692][ T1288] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1592.595293][ T1288] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1592.784621][T10827] EXT4-fs (loop8): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 1592.958766][ T1288] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1593.019118][ T1288] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1593.042864][T15117] loop6: detected capacity change from 0 to 1024 [ 1593.377443][T15125] loop8: detected capacity change from 0 to 1024 [ 1593.437443][T15117] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1593.584504][T15125] EXT4-fs (loop8): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 1593.702797][T15125] ext4 filesystem being mounted at /205/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 1594.340499][T15137] loop1: detected capacity change from 0 to 128 [ 1594.448435][T15137] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 1594.501281][T15137] ext4 filesystem being mounted at /0/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 1594.649647][ T6095] EXT4-fs error (device loop8): ext4_map_blocks:833: inode #15: comm kworker/u8:19: lblock 0 mapped to illegal pblock 0 (length 6) [ 1594.736680][ T6095] EXT4-fs (loop8): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 6 with error 117 [ 1594.798105][ T6095] EXT4-fs (loop8): This should not happen!! Data will be lost [ 1594.798105][ T6095] [ 1594.849073][ T6095] EXT4-fs error (device loop8): ext4_map_blocks:833: inode #15: block 8: comm kworker/u8:19: lblock 8 mapped to illegal pblock 8 (length 8) [ 1594.898988][ T6095] EXT4-fs (loop8): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 8 with error 117 [ 1594.945017][T14773] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 1594.991318][ T6095] EXT4-fs (loop8): This should not happen!! Data will be lost [ 1594.991318][ T6095] [ 1595.198240][T10827] EXT4-fs warning (device loop8): ext4_evict_inode:195: inode #15: comm syz-executor: data will be lost [ 1595.255027][T10827] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 1595.507230][T15126] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1317: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters [ 1595.624787][T10551] EXT4-fs (loop6): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1024 with error 28 [ 1595.696355][T10551] EXT4-fs (loop6): This should not happen!! Data will be lost [ 1595.696355][T10551] [ 1595.746276][T10551] EXT4-fs (loop6): Total free blocks count 0 [ 1595.770688][T10551] EXT4-fs (loop6): Free/Dirty block details [ 1595.805946][T10551] EXT4-fs (loop6): free_blocks=68451041280 [ 1595.828296][T10551] EXT4-fs (loop6): dirty_blocks=2048 [ 1595.845802][T10551] EXT4-fs (loop6): Block reservation details [ 1595.874526][T10551] EXT4-fs (loop6): i_reserved_data_blocks=128 [ 1596.197021][T15150] loop8: detected capacity change from 0 to 2048 [ 1596.209238][T13925] EXT4-fs warning (device loop6): ext4_evict_inode:195: inode #18: comm syz-executor: data will be lost [ 1596.338718][T15150] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1596.436419][T15150] EXT4-fs (loop8): shut down requested (2) [ 1596.632843][T10827] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1596.802155][T15156] loop0: detected capacity change from 0 to 1024 [ 1596.855963][T13925] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1596.894553][T15156] EXT4-fs: Ignoring removed bh option [ 1596.986054][T15156] EXT4-fs: inline encryption not supported [ 1597.043965][T15156] EXT4-fs: Ignoring removed oldalloc option [ 1597.138432][T15156] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 1597.208285][T15161] loop8: detected capacity change from 0 to 256 [ 1597.338405][T15161] exFAT-fs (loop8): error, The cluster chain has a loop [ 1597.417702][T15156] EXT4-fs error (device loop0): ext4_map_blocks:791: inode #3: block 2: comm syz.0.1809: lblock 2 mapped to illegal pblock 2 (length 1) [ 1597.419957][T15161] exFAT-fs (loop8): Filesystem has been set read-only [ 1597.489666][T15161] exFAT-fs (loop8): failed to count the number of clusters in root [ 1597.510625][T15161] exFAT-fs (loop8): failed to recognize exfat type [ 1597.511060][T15156] loop0: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117 [ 1597.592237][T15156] Quota error (device loop0): qtree_write_dquot: dquota write failed [ 1597.601626][ C0] EXT4-fs (loop0): error count since last fsck: 1 [ 1597.601721][ C0] EXT4-fs (loop0): initial error at time 1780825774: ext4_map_blocks:791: inode 3: block 2 [ 1597.601910][ C0] EXT4-fs (loop0): last error at time 1780825774: ext4_map_blocks:791: inode 3: block 2 [ 1597.812866][T15156] EXT4-fs error (device loop0): __ext4_get_inode_loc:4885: comm syz.0.1809: Invalid inode table block 1 in block_group 0 [ 1597.911757][T15156] loop0: lost filesystem error report for type 5 error -117 [ 1597.926840][T15156] EXT4-fs error (device loop0) in ext4_reserve_inode_write:6383: Corrupt filesystem [ 1598.015971][T15156] loop0: lost filesystem error report for type 5 error -117 [ 1598.035041][T15156] EXT4-fs error (device loop0): __ext4_ext_dirty:207: inode #3: comm syz.0.1809: mark_inode_dirty error [ 1598.249716][T15156] loop0: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117 [ 1598.257931][T15156] Quota error (device loop0): v2_write_file_info: Can't write info structure [ 1598.425249][T15156] EXT4-fs error (device loop0): ext4_acquire_dquot:7034: comm syz.0.1809: Failed to acquire dquot type 0 [ 1598.511890][T15156] loop0: lost filesystem error report for type 5 error -117 [ 1598.516482][T15156] EXT4-fs error (device loop0) in ext4_reserve_inode_write:6383: Corrupt filesystem [ 1598.642931][T15156] loop0: lost filesystem error report for type 5 error -117 [ 1598.663500][T15156] EXT4-fs error (device loop0): ext4_evict_inode:267: inode #11: comm syz.0.1809: mark_inode_dirty error [ 1598.707044][T15156] loop0: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 1598.717991][T15156] EXT4-fs warning (device loop0): ext4_evict_inode:270: couldn't mark inode dirty (err -117) [ 1598.864640][T15156] EXT4-fs (loop0): 1 orphan inode deleted [ 1598.901001][ T6093] EXT4-fs error (device loop0): ext4_map_blocks:791: inode #3: block 1: comm kworker/u8:17: lblock 1 mapped to illegal pblock 1 (length 1) [ 1598.920042][T15173] loop8: detected capacity change from 0 to 1024 [ 1598.969237][ T6093] loop0: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117 [ 1598.969959][ T6093] Quota error (device loop0): remove_tree: Can't read quota data block 1 [ 1598.986775][T15156] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1599.042055][ T6093] EXT4-fs error (device loop0): ext4_release_dquot:7070: comm kworker/u8:17: Failed to release dquot type 0 [ 1599.112203][ T6093] loop0: lost filesystem error report for type 5 error -117 [ 1599.119899][T15173] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1599.239960][T15179] loop7: detected capacity change from 0 to 256 [ 1599.253894][T15179] exfat: Deprecated parameter 'namecase' [ 1599.272070][T15179] exfat: Deprecated parameter 'namecase' [ 1599.334343][T15179] exFAT-fs (loop7): failed to load upcase table (idx : 0x0001fe89, chksum : 0xbf24f927, utbl_chksum : 0xe619d30d) [ 1599.501656][ T2160] usb 9-1: new high-speed USB device number 17 using dummy_hcd [ 1599.731112][ T2160] usb 9-1: Using ep0 maxpacket: 8 [ 1599.787684][ T2160] usb 9-1: config 1 interface 0 has no altsetting 0 [ 1599.839798][ T2160] usb 9-1: string descriptor 0 read error: -22 [ 1599.891138][ T2160] usb 9-1: New USB device found, idVendor=1d34, idProduct=0004, bcdDevice= 0.40 [ 1599.912228][T13879] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1599.937653][ T2160] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1600.085331][T13879] EXT4-fs error (device loop0): __ext4_get_inode_loc:4885: comm syz-executor: Invalid inode table block 1 in block_group 0 [ 1600.116654][T13879] loop0: lost filesystem error report for type 5 error -117 [ 1600.124947][T13879] EXT4-fs error (device loop0) in ext4_reserve_inode_write:6383: Corrupt filesystem [ 1600.295514][T13879] loop0: lost filesystem error report for type 5 error -117 [ 1600.302430][T13879] EXT4-fs error (device loop0): ext4_quota_off:7318: inode #3: comm syz-executor: mark_inode_dirty error [ 1600.467860][T13879] loop0: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117 [ 1600.488665][ T2160] usbhid 9-1:1.0: can't add hid device: -71 [ 1600.597213][ T2160] usbhid 9-1:1.0: probe with driver usbhid failed with error -71 [ 1600.658767][ T2160] usb 9-1: USB disconnect, device number 17 [ 1601.557215][T10827] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1602.232542][T15197] loop8: detected capacity change from 0 to 128 [ 1602.431490][T15197] FAT-fs (loop8): Directory bread(block 32) failed [ 1602.467089][T15197] FAT-fs (loop8): Directory bread(block 33) failed [ 1602.492936][T15197] FAT-fs (loop8): Directory bread(block 34) failed [ 1602.522564][T15197] FAT-fs (loop8): Directory bread(block 35) failed [ 1602.559225][T15197] FAT-fs (loop8): Directory bread(block 36) failed [ 1602.569166][T15197] FAT-fs (loop8): Directory bread(block 37) failed [ 1602.624300][T15197] FAT-fs (loop8): Directory bread(block 38) failed [ 1602.659593][T15197] FAT-fs (loop8): Directory bread(block 39) failed [ 1602.695757][T15197] FAT-fs (loop8): Directory bread(block 40) failed [ 1602.741591][T15197] FAT-fs (loop8): Directory bread(block 41) failed [ 1603.080127][T15202] loop0: detected capacity change from 0 to 512 [ 1603.345566][T15202] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 1603.411286][T15202] ext4 filesystem being mounted at /35/file2 supports timestamps until 2038-01-19 (0x7fffffff) [ 1603.413631][T15197] syz.8.1817: attempt to access beyond end of device [ 1603.413631][T15197] loop8: rw=524288, sector=4108, nr_sectors = 4 limit=128 [ 1603.453120][T15208] FAT-fs (loop8): Filesystem has been set read-only [ 1603.606517][T15197] syz.8.1817: attempt to access beyond end of device [ 1603.606517][T15197] loop8: rw=0, sector=4108, nr_sectors = 4 limit=128 [ 1603.623766][T15197] FAT-fs (loop8): error, fat_free_clusters: deleting FAT entry beyond EOF [ 1603.635277][ T29] audit: type=1800 audit(1780825780.466:38): pid=15197 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.8.1817" name="file1" dev="loop8" ino=1048819 res=0 errno=0 [ 1604.069906][T15212] loop6: detected capacity change from 0 to 256 [ 1604.335225][T13879] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 1605.103077][T15217] loop6: detected capacity change from 0 to 256 [ 1605.340895][T15218] loop8: detected capacity change from 0 to 2048 [ 1605.474384][T15217] FAT-fs (loop6): Directory bread(block 64) failed [ 1605.483200][T15218] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1605.559038][T15217] FAT-fs (loop6): Directory bread(block 65) failed [ 1605.583429][T15217] FAT-fs (loop6): Directory bread(block 66) failed [ 1605.629146][T15217] FAT-fs (loop6): Directory bread(block 67) failed [ 1605.655900][T15217] FAT-fs (loop6): Directory bread(block 68) failed [ 1605.698172][T15217] FAT-fs (loop6): Directory bread(block 69) failed [ 1605.714957][T15218] EXT4-fs (loop8): shut down requested (2) [ 1605.739600][T15217] FAT-fs (loop6): Directory bread(block 70) failed [ 1605.783529][T15217] FAT-fs (loop6): Directory bread(block 71) failed [ 1605.816254][T15217] FAT-fs (loop6): Directory bread(block 72) failed [ 1605.856587][T15217] FAT-fs (loop6): Directory bread(block 73) failed [ 1606.135689][T10827] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1606.526179][T15236] loop7: detected capacity change from 0 to 128 [ 1606.725477][T15236] EXT4-fs (loop7): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 1606.852701][T15236] ext4 filesystem being mounted at /50/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 1607.255822][T15240] loop8: detected capacity change from 0 to 1024 [ 1607.278440][T15237] loop1: detected capacity change from 0 to 8192 [ 1607.369730][T15240] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1607.449633][T13893] EXT4-fs (loop7): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 1607.614393][ T2160] usb 7-1: new high-speed USB device number 15 using dummy_hcd [ 1607.817617][ T6975] usb 9-1: new high-speed USB device number 18 using dummy_hcd [ 1607.868180][ T2160] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1607.915603][ T2160] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1607.957333][ T2160] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 1608.049176][ T2160] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 1608.065393][ T6975] usb 9-1: Using ep0 maxpacket: 8 [ 1608.101863][ T6975] usb 9-1: config 1 interface 0 has no altsetting 0 [ 1608.116314][ T2160] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1608.181969][ T6975] usb 9-1: string descriptor 0 read error: -22 [ 1608.205729][ T2160] usb 7-1: config 0 descriptor?? [ 1608.225426][ T6975] usb 9-1: New USB device found, idVendor=1d34, idProduct=0004, bcdDevice= 0.40 [ 1608.290073][ T6975] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1608.761049][ T2160] plantronics 0003:047F:FFFF.0016: unknown main item tag 0x4 [ 1608.937747][ T2160] plantronics 0003:047F:FFFF.0016: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.6-1/input0 [ 1609.030668][ T6975] usbhid 9-1:1.0: can't add hid device: -71 [ 1609.084670][ T6975] usbhid 9-1:1.0: probe with driver usbhid failed with error -71 [ 1609.134444][ T2160] usb 7-1: USB disconnect, device number 15 [ 1609.193486][ T6975] usb 9-1: USB disconnect, device number 18 [ 1609.604553][T15269] loop7: detected capacity change from 0 to 256 [ 1609.604720][T15268] loop0: detected capacity change from 0 to 512 [ 1609.745204][T15268] EXT4-fs (loop0): Test dummy encryption mode enabled [ 1609.828382][T15268] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 1609.912639][T15268] EXT4-fs error (device loop0): ext4_orphan_get:1423: comm syz.0.1832: bad orphan inode 131083 [ 1609.969181][T15268] loop0: lost filesystem error report for type 5 error -117 [ 1609.975608][ C1] EXT4-fs (loop0): error count since last fsck: 1 [ 1609.989911][ C1] EXT4-fs (loop0): initial error at time 1780825786: ext4_orphan_get:1423 [ 1609.998727][ C1] EXT4-fs (loop0): last error at time 1780825786: ext4_orphan_get:1423 [ 1610.076260][T15268] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1610.094271][T15264] fido_id[15264]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.6/usb7/report_descriptor': No such file or directory [ 1610.224143][ T2160] usb 8-1: new high-speed USB device number 13 using dummy_hcd [ 1610.254791][T15277] loop6: detected capacity change from 0 to 512 [ 1610.322961][T15277] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode [ 1610.412342][T15277] EXT4-fs (loop6): 1 truncate cleaned up [ 1610.438961][T10827] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1610.522066][ T2160] usb 8-1: too many endpoints for config 1 interface 2 altsetting 248: 255, using maximum allowed: 30 [ 1610.538234][T15277] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1610.595711][ T2160] usb 8-1: config 1 interface 2 altsetting 248 has 0 endpoint descriptors, different from the interface descriptor's value: 255 [ 1610.631371][ T2160] usb 8-1: config 1 interface 2 has no altsetting 0 [ 1610.699885][T13879] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1610.742530][ T2160] usb 8-1: New USB device found, idVendor=13e5, idProduct=0001, bcdDevice= 0.40 [ 1610.766155][ T2160] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1610.793819][ T2160] usb 8-1: Product: syz [ 1610.836772][ T2160] usb 8-1: Manufacturer: syz [ 1610.855263][ T2160] usb 8-1: SerialNumber: syz [ 1611.366548][T13925] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1611.594921][T15282] loop1: detected capacity change from 0 to 2048 [ 1611.798340][T15282] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1612.073313][T15282] EXT4-fs (loop1): shut down requested (2) [ 1612.210274][ T2160] usb 8-1: 1:1 : no cluster descriptor [ 1612.318669][ T2160] usb 8-1: 2:1 : UAC_AS_GENERAL descriptor not found [ 1612.363969][ T2160] usb 8-1: selecting invalid altsetting 0 [ 1612.573423][T14773] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1613.012990][ T2160] usb 8-1: USB disconnect, device number 13 [ 1613.553005][T11451] udevd[11451]: error opening ATTR{/sys/devices/platform/dummy_hcd.7/usb8/8-1/8-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1613.765224][ T2160] usb 8-1: new high-speed USB device number 14 using dummy_hcd [ 1613.989113][ T2160] usb 8-1: Using ep0 maxpacket: 32 [ 1614.065686][ T2160] usb 8-1: unable to get BOS descriptor or descriptor too short [ 1614.128254][ T2160] usb 8-1: New USB device found, idVendor=0dba, idProduct=1000, bcdDevice= 0.40 [ 1614.149463][ T2160] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1614.182673][ T2160] usb 8-1: Product: syz [ 1614.205005][ T2160] usb 8-1: Manufacturer: syz [ 1614.211586][T15314] loop6: detected capacity change from 0 to 1024 [ 1614.222433][ T2160] usb 8-1: SerialNumber: syz [ 1614.375673][T15314] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1614.485678][ T8167] usb 1-1: new high-speed USB device number 36 using dummy_hcd [ 1614.575937][ T2160] usb 8-1: unit 4 not found! [ 1614.591390][ T2160] usb 8-1: unit 0 not found! [ 1614.712398][ T8167] usb 1-1: Using ep0 maxpacket: 8 [ 1614.781238][ T8167] usb 1-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 1614.819600][ T40] usb 7-1: new high-speed USB device number 16 using dummy_hcd [ 1614.853489][ T8167] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 1614.885663][ T8167] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 1614.926830][ T8167] usb 1-1: SerialNumber: syz [ 1615.016614][ T2160] snd-usb-audio 8-1:1.0: probe with driver snd-usb-audio failed with error -22 [ 1615.043986][ T40] usb 7-1: Using ep0 maxpacket: 8 [ 1615.093857][ T40] usb 7-1: config 1 interface 0 has no altsetting 0 [ 1615.138714][ T2160] usb 8-1: unit 4 not found! [ 1615.152805][ T40] usb 7-1: string descriptor 0 read error: -22 [ 1615.156365][ T2160] usb 8-1: unit 0 not found! [ 1615.186611][ T40] usb 7-1: New USB device found, idVendor=1d34, idProduct=0004, bcdDevice= 0.40 [ 1615.224022][ T2160] snd-usb-audio 8-1:1.1: probe with driver snd-usb-audio failed with error -22 [ 1615.233984][ T40] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1615.288844][ T2160] usb 8-1: unit 4 not found! [ 1615.302844][ T2160] usb 8-1: unit 0 not found! [ 1615.746820][ T8167] cdc_ether 1-1:1.0: probe with driver cdc_ether failed with error -22 [ 1615.853569][ T40] usbhid 7-1:1.0: can't add hid device: -71 [ 1615.879594][ T40] usbhid 7-1:1.0: probe with driver usbhid failed with error -71 [ 1615.971643][ T40] usb 7-1: USB disconnect, device number 16 [ 1615.981901][ T6975] usb 1-1: USB disconnect, device number 36 [ 1616.133462][ T1307] ieee802154 phy0 wpan0: encryption failed: -22 [ 1616.144297][ T1307] ieee802154 phy1 wpan1: encryption failed: -22 [ 1616.253375][ T2160] snd-usb-audio 8-1:1.2: probe with driver snd-usb-audio failed with error -22 [ 1616.363114][ T2160] usb 8-1: USB disconnect, device number 14 [ 1616.668835][T11466] udevd[11466]: error opening ATTR{/sys/devices/platform/dummy_hcd.7/usb8/8-1/8-1:1.2/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1617.119958][T13925] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1617.870048][T15338] evm: overlay not supported [ 1618.480254][T15340] loop1: detected capacity change from 0 to 2048 [ 1618.637025][T15340] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1618.867650][T15340] EXT4-fs (loop1): shut down requested (2) [ 1619.240181][T14773] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1622.023236][T15379] loop7: detected capacity change from 0 to 512 [ 1622.070220][T15379] EXT4-fs: Ignoring removed bh option [ 1622.131092][T15379] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 1622.240178][T15379] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1622.272897][T15383] loop1: detected capacity change from 0 to 1024 [ 1622.356494][T15379] ext4 filesystem being mounted at /55/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 1622.491087][T15383] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1622.799399][ T40] usb 2-1: new high-speed USB device number 11 using dummy_hcd [ 1623.004093][ T40] usb 2-1: Using ep0 maxpacket: 8 [ 1623.061122][ T40] usb 2-1: config 1 interface 0 has no altsetting 0 [ 1623.134923][ T40] usb 2-1: string descriptor 0 read error: -22 [ 1623.157114][ T40] usb 2-1: New USB device found, idVendor=1d34, idProduct=0004, bcdDevice= 0.40 [ 1623.208348][ T40] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1623.370831][T13893] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1623.428341][T15395] loop8: detected capacity change from 0 to 2048 [ 1623.617085][T15395] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1623.835808][T15395] EXT4-fs (loop8): shut down requested (2) [ 1623.970569][ T40] usbhid 2-1:1.0: can't add hid device: -71 [ 1624.021251][ T40] usbhid 2-1:1.0: probe with driver usbhid failed with error -71 [ 1624.115638][ T40] usb 2-1: USB disconnect, device number 11 [ 1624.334272][T10827] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1624.870208][T15412] loop6: detected capacity change from 0 to 256 [ 1624.902814][T15412] exfat: Invalid uid '0x00000000ffffffff' [ 1625.154272][T14773] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1625.281208][ T5232] 8021q: adding VLAN 0 to HW filter on device eth16 [ 1626.131274][ T40] usb 9-1: new high-speed USB device number 19 using dummy_hcd [ 1626.348166][ T40] usb 9-1: Using ep0 maxpacket: 8 [ 1626.359874][T15431] loop0: detected capacity change from 0 to 512 [ 1626.374276][ T40] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1626.423177][ T40] usb 9-1: New USB device found, idVendor=045e, idProduct=009d, bcdDevice= 0.00 [ 1626.474511][ T40] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1626.547987][T15431] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1626.632419][ T40] usb 9-1: config 0 descriptor?? [ 1626.687008][T15431] ext4 filesystem being mounted at /42/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 1627.268352][T13879] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1627.303480][ T40] microsoft 0003:045E:009D.0017: unknown main item tag 0x0 [ 1627.362059][ T40] microsoft 0003:045E:009D.0017: unknown main item tag 0x0 [ 1627.394443][ T40] microsoft 0003:045E:009D.0017: unknown main item tag 0x0 [ 1627.418107][ T40] microsoft 0003:045E:009D.0017: unknown main item tag 0x0 [ 1627.460515][ T40] microsoft 0003:045E:009D.0017: unknown main item tag 0x0 [ 1627.502704][ T40] microsoft 0003:045E:009D.0017: unknown main item tag 0x0 [ 1627.547352][ T40] microsoft 0003:045E:009D.0017: unknown main item tag 0x0 [ 1627.582309][ T40] microsoft 0003:045E:009D.0017: unknown main item tag 0x0 [ 1627.686505][ T40] microsoft 0003:045E:009D.0017: hidraw0: USB HID v0.00 Device [HID 045e:009d] on usb-dummy_hcd.8-1/input0 [ 1627.724601][ T40] microsoft 0003:045E:009D.0017: no inputs found [ 1627.746048][ T40] microsoft 0003:045E:009D.0017: could not initialize ff, continuing anyway [ 1627.751488][T15443] syzkaller0: entered promiscuous mode [ 1627.833187][T15443] syzkaller0: entered allmulticast mode [ 1627.843981][ T40] usb 9-1: USB disconnect, device number 19 [ 1628.584232][T15447] fido_id[15447]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.8/usb9/report_descriptor': No such file or directory [ 1628.985789][T15454] loop0: detected capacity change from 0 to 2048 [ 1629.072049][T15454] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1629.139340][T15454] EXT4-fs (loop0): shut down requested (2) [ 1629.425108][T15469] loop6: detected capacity change from 0 to 1024 [ 1629.509267][T13879] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1629.581249][T15469] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1629.916075][ T40] usb 8-1: new high-speed USB device number 15 using dummy_hcd [ 1630.119131][ T40] usb 8-1: Using ep0 maxpacket: 16 [ 1630.198469][ T40] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1630.265974][ T40] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1630.378513][ T40] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 1630.463404][ T40] usb 8-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 1630.528504][ T40] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1630.659423][ T40] usb 8-1: config 0 descriptor?? [ 1630.770830][T13925] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1631.384768][ T40] microsoft 0003:045E:07DA.0018: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.7-1/input0 [ 1631.439270][ T40] microsoft 0003:045E:07DA.0018: no inputs found [ 1631.469403][ T40] microsoft 0003:045E:07DA.0018: could not initialize ff, continuing anyway [ 1631.597494][ T40] usb 8-1: USB disconnect, device number 15 [ 1632.497940][T15502] fido_id[15502]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.7/usb8/report_descriptor': No such file or directory [ 1632.807418][ T5232] 8021q: adding VLAN 0 to HW filter on device eth1 [ 1632.950390][T15510] loop7: detected capacity change from 0 to 256 [ 1633.137217][T15510] exFAT-fs (loop7): failed to load upcase table (idx : 0x00010000, chksum : 0x789ac95b, utbl_chksum : 0xe619d30d) [ 1633.253612][T15514] loop8: detected capacity change from 0 to 2048 [ 1633.302771][T15510] exFAT-fs (loop7): start_clu is invalid cluster(0x0) [ 1633.344625][ T29] audit: type=1800 audit(1780825808.278:39): pid=15510 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.1892" name="file1" dev="loop7" ino=1048824 res=0 errno=0 [ 1633.434585][T15514] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1633.597178][T15514] EXT4-fs (loop8): shut down requested (2) [ 1633.769653][T15508] loop6: detected capacity change from 0 to 8192 [ 1634.039335][T10827] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1634.646348][T15525] loop7: detected capacity change from 0 to 256 [ 1634.752933][T15525] exFAT-fs (loop7): failed to load upcase table (idx : 0x000104d0, chksum : 0xda20322b, utbl_chksum : 0xe619d30d) [ 1634.833367][T15525] exFAT-fs (loop7): failed to load alloc-bitmap [ 1634.894149][T15525] exFAT-fs (loop7): failed to recognize exfat type [ 1635.027187][T15531] loop8: detected capacity change from 0 to 1024 [ 1635.161543][T15531] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1636.036260][T10827] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1637.241125][T15559] loop8: detected capacity change from 0 to 256 [ 1637.323134][T15559] exfat: Deprecated parameter 'utf8' [ 1637.369328][T15559] exfat: Deprecated parameter 'utf8' [ 1637.490309][T15559] exFAT-fs (loop8): failed to load upcase table (idx : 0x00010000, chksum : 0x11bbdf60, utbl_chksum : 0xe619d30d) [ 1637.621945][ T5232] 8021q: adding VLAN 0 to HW filter on device eth2 [ 1638.473026][T15568] binder: 15567:15568 ioctl c0306201 80000080 returned -14 [ 1638.556439][T15568] binder: 15567:15568 ioctl c0306201 800003c0 returned -14 [ 1638.829290][T15566] loop7: detected capacity change from 0 to 4096 [ 1638.873254][T15566] EXT4-fs: inline encryption not supported [ 1638.979587][T15566] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 1639.055693][T15566] EXT4-fs (loop7): Test dummy encryption mode enabled [ 1639.124741][T15566] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c198, mo2=0003] [ 1639.236918][T15566] System zones: 0-5 [ 1639.331263][T15566] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1640.279383][T13893] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1641.483266][T15604] loop7: detected capacity change from 0 to 1024 [ 1641.652489][T15604] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1641.788980][T15611] loop0: detected capacity change from 0 to 512 [ 1641.905511][T15611] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1641.978748][T15611] ext4 filesystem being mounted at /53/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1642.379556][ T2160] usb 9-1: new high-speed USB device number 20 using dummy_hcd [ 1642.585906][ T5232] 8021q: adding VLAN 0 to HW filter on device eth3 [ 1642.628848][T13893] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1642.652660][ T2160] usb 9-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 64, changing to 7 [ 1642.689095][ T2160] usb 9-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 250, changing to 7 [ 1642.769160][ T2160] usb 9-1: New USB device found, idVendor=0763, idProduct=2081, bcdDevice= 0.40 [ 1642.840007][ T2160] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1642.878451][T13879] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1642.901087][ T2160] usb 9-1: Product: syz [ 1642.902977][T15626] loop1: detected capacity change from 0 to 1024 [ 1642.926726][ T2160] usb 9-1: Manufacturer: syz [ 1642.963967][ T2160] usb 9-1: SerialNumber: syz [ 1642.996784][T15626] EXT4-fs: Ignoring removed nomblk_io_submit option [ 1643.037908][T15626] EXT4-fs: inline encryption not supported [ 1643.071145][T15626] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 1643.178984][T15626] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1643.641269][ T2160] usb 9-1: 1:1 : UAC_AS_GENERAL descriptor not found [ 1643.906145][T15633] loop0: detected capacity change from 0 to 128 [ 1644.012976][T15634] loop7: detected capacity change from 0 to 256 [ 1644.046759][T15633] EXT4-fs: inline encryption not supported [ 1644.131611][T15633] EXT4-fs (loop0): Test dummy encryption mode enabled [ 1644.262390][T15633] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 1644.437173][T15633] ext4 filesystem being mounted at /54/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 1645.114826][ T2160] usb 9-1: USB disconnect, device number 20 [ 1645.191555][T13879] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 1645.407163][T11451] udevd[11451]: error opening ATTR{/sys/devices/platform/dummy_hcd.8/usb9/9-1/9-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1647.292846][ T40] usb 7-1: new high-speed USB device number 17 using dummy_hcd [ 1647.552525][ T40] usb 7-1: unable to get BOS descriptor or descriptor too short [ 1647.623107][ T40] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1647.640353][T15667] loop0: detected capacity change from 0 to 256 [ 1647.659905][ T40] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 1647.699331][ T40] usb 7-1: New USB device found, idVendor=1235, idProduct=0010, bcdDevice= 0.40 [ 1647.700056][T15667] exfat: Deprecated parameter 'utf8' [ 1647.730054][ T40] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1647.766091][ T2160] usb 9-1: new high-speed USB device number 21 using dummy_hcd [ 1647.772695][ T40] usb 7-1: Product: syz [ 1647.796819][ T40] usb 7-1: Manufacturer: syz [ 1647.814119][ T40] usb 7-1: SerialNumber: syz [ 1647.907259][ T40] usb 7-1: selecting invalid altsetting 1 [ 1647.925668][T15667] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xe3908169, utbl_chksum : 0xe619d30d) [ 1647.937009][ T40] usb 7-1: unit 6 not found! [ 1647.997465][ T2160] usb 9-1: Using ep0 maxpacket: 8 [ 1648.029125][ T2160] usb 9-1: config 1 interface 0 has no altsetting 0 [ 1648.095451][ T2160] usb 9-1: string descriptor 0 read error: -22 [ 1648.134147][ T2160] usb 9-1: New USB device found, idVendor=1d34, idProduct=0004, bcdDevice= 0.40 [ 1648.182689][ T2160] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1648.622878][T15665] loop8: detected capacity change from 0 to 512 [ 1648.739792][T15665] EXT4-fs (loop8): can't mount with journal_checksum, fs mounted w/o journal [ 1648.781750][ T40] usb 7-1: 2:0: failed to get current value for ch 0 (-71) [ 1648.905576][ T5232] 8021q: adding VLAN 0 to HW filter on device eth4 [ 1649.143271][ T2160] usbhid 9-1:1.0: can't add hid device: -71 [ 1649.173661][ T2160] usbhid 9-1:1.0: probe with driver usbhid failed with error -71 [ 1649.297253][ T2160] usb 9-1: USB disconnect, device number 21 [ 1649.351357][T15675] loop0: detected capacity change from 0 to 256 [ 1649.588200][ T40] snd-usb-audio 7-1:1.0: probe with driver snd-usb-audio failed with error -22 [ 1649.639517][ T40] usb 7-1: USB disconnect, device number 17 [ 1650.005082][T11435] udevd[11435]: error opening ATTR{/sys/devices/platform/dummy_hcd.6/usb7/7-1/7-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1650.361627][T15680] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1935'. [ 1651.316254][T15690] loop6: detected capacity change from 0 to 128 [ 1651.382929][T15690] EXT4-fs (loop6): Test dummy encryption mode enabled [ 1651.466554][T15690] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 1651.497457][T15690] ext4 filesystem being mounted at /67/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 1651.651465][ T29] audit: type=1804 audit(1780825825.403:40): pid=15690 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.6.1938" name="/newroot/67/mnt/file0" dev="loop6" ino=12 res=1 errno=0 [ 1652.005517][T13925] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 1654.224466][T14773] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1654.838692][T15708] syzkaller0: entered promiscuous mode [ 1654.871617][T15708] syzkaller0: entered allmulticast mode [ 1655.867371][T15713] loop1: detected capacity change from 0 to 8192 [ 1656.200594][T15727] loop0: detected capacity change from 0 to 128 [ 1656.273575][T15727] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 1656.342436][T15727] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 1656.621763][ T40] usb 2-1: new high-speed USB device number 12 using dummy_hcd [ 1656.835396][ T40] usb 2-1: Using ep0 maxpacket: 16 [ 1656.912420][ T40] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1656.938563][T10218] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 1656.958360][ T40] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1657.005240][ T40] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 1657.055264][ T40] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 1657.116319][ T2160] usb 9-1: new high-speed USB device number 22 using dummy_hcd [ 1657.118498][ T40] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1657.234574][ T40] usb 2-1: config 0 descriptor?? [ 1657.336514][ T2160] usb 9-1: Using ep0 maxpacket: 8 [ 1657.386299][ T2160] usb 9-1: config 1 interface 0 has no altsetting 0 [ 1657.495191][ T2160] usb 9-1: string descriptor 0 read error: -22 [ 1657.533025][ T2160] usb 9-1: New USB device found, idVendor=1d34, idProduct=0004, bcdDevice= 0.40 [ 1657.576182][ T2160] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1657.654430][T15740] loop0: detected capacity change from 0 to 256 [ 1657.778994][ T40] microsoft 0003:045E:07DA.0019: ignoring exceeding usage max [ 1657.976031][ T40] microsoft 0003:045E:07DA.0019: unknown main item tag 0x0 [ 1658.035502][ T40] microsoft 0003:045E:07DA.0019: unknown main item tag 0x0 [ 1658.080046][T15729] loop8: detected capacity change from 0 to 512 [ 1658.098075][ T40] microsoft 0003:045E:07DA.0019: unknown main item tag 0x0 [ 1658.133913][T15740] FAT-fs (loop0): Directory bread(block 64) failed [ 1658.162972][ T40] microsoft 0003:045E:07DA.0019: unknown main item tag 0x0 [ 1658.195829][T15729] EXT4-fs (loop8): can't mount with journal_checksum, fs mounted w/o journal [ 1658.229733][T15740] FAT-fs (loop0): Directory bread(block 65) failed [ 1658.240215][ T40] microsoft 0003:045E:07DA.0019: unknown main item tag 0x0 [ 1658.271974][ T40] microsoft 0003:045E:07DA.0019: unknown main item tag 0x0 [ 1658.292858][T15740] FAT-fs (loop0): Directory bread(block 66) failed [ 1658.325208][T15740] FAT-fs (loop0): Directory bread(block 67) failed [ 1658.340696][ T40] microsoft 0003:045E:07DA.0019: unknown main item tag 0x0 [ 1658.367054][T15740] FAT-fs (loop0): Directory bread(block 68) failed [ 1658.383912][ T40] microsoft 0003:045E:07DA.0019: unknown main item tag 0x0 [ 1658.418507][ T40] microsoft 0003:045E:07DA.0019: unknown main item tag 0x0 [ 1658.430789][T15740] FAT-fs (loop0): Directory bread(block 69) failed [ 1658.456206][T15740] FAT-fs (loop0): Directory bread(block 70) failed [ 1658.464211][ T40] microsoft 0003:045E:07DA.0019: unknown main item tag 0x0 [ 1658.476104][ T2160] usbhid 9-1:1.0: can't add hid device: -71 [ 1658.519322][ T2160] usbhid 9-1:1.0: probe with driver usbhid failed with error -71 [ 1658.532531][T15740] FAT-fs (loop0): Directory bread(block 71) failed [ 1658.577835][ T2160] usb 9-1: USB disconnect, device number 22 [ 1658.608544][T15740] FAT-fs (loop0): Directory bread(block 72) failed [ 1658.652594][T15740] FAT-fs (loop0): Directory bread(block 73) failed [ 1658.794755][ T40] microsoft 0003:045E:07DA.0019: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.1-1/input0 [ 1658.845132][ T40] microsoft 0003:045E:07DA.0019: no inputs found [ 1658.873184][ T40] microsoft 0003:045E:07DA.0019: could not initialize ff, continuing anyway [ 1658.936910][T15745] loop7: detected capacity change from 0 to 512 [ 1658.971489][T15746] loop6: detected capacity change from 0 to 512 [ 1658.981541][ T40] usb 2-1: USB disconnect, device number 12 [ 1659.019436][T15745] EXT4-fs: Ignoring removed bh option [ 1659.074546][T15746] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode [ 1659.148212][T15745] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 1659.179057][T15746] EXT4-fs (loop6): 1 truncate cleaned up [ 1659.192264][T15746] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1659.377992][T15745] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1659.505933][T15745] ext4 filesystem being mounted at /71/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 1659.809667][T15745] EXT4-fs error (device loop7): ext4_empty_dir:3082: inode #12: comm syz.7.1950: invalid size [ 1659.963916][T13925] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1660.260076][T15750] fido_id[15750]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/report_descriptor': No such file or directory [ 1660.480615][T13893] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1661.122148][T15773] input: syz1 as /devices/virtual/input/input17 [ 1661.681364][T15780] loop0: detected capacity change from 0 to 256 [ 1661.863681][T15780] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x196362d4, utbl_chksum : 0xe619d30d) [ 1662.061213][T15780] exFAT-fs (loop0): valid_size(150994954) is greater than size(10) [ 1662.143555][ T29] audit: type=1800 audit(1780825835.229:41): pid=15780 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1959" name="file1" dev="loop0" ino=1048851 res=0 errno=0 [ 1663.059203][T15789] loop0: detected capacity change from 0 to 512 [ 1663.115875][T15789] FAT-fs (loop0): bogus number of FAT sectors [ 1663.154011][T15789] FAT-fs (loop0): Can't find a valid FAT filesystem [ 1668.142500][ T2160] usb 2-1: new high-speed USB device number 13 using dummy_hcd [ 1668.380586][ T2160] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1668.443407][ T2160] usb 2-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 1668.505777][ T2160] usb 2-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 1668.558770][ T2160] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1668.646897][ T2160] usb 2-1: config 0 descriptor?? [ 1668.768750][ T2160] usbhid 2-1:0.0: couldn't find an input interrupt endpoint [ 1668.803296][T15843] loop0: detected capacity change from 0 to 16 [ 1668.871623][T15843] erofs (device loop0): mounted with root inode @ nid 36. [ 1668.993606][T15843] syz.0.1974: attempt to access beyond end of device [ 1668.993606][T15843] loop0: rw=524288, sector=1342177272, nr_sectors = 32 limit=16 [ 1669.074004][ T2160] usb 2-1: USB disconnect, device number 13 [ 1669.116441][T15843] syz.0.1974: attempt to access beyond end of device [ 1669.116441][T15843] loop0: rw=0, sector=1342177272, nr_sectors = 8 limit=16 [ 1669.207251][ T29] audit: type=1800 audit(1780825841.836:42): pid=15843 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1974" name="file1" dev="loop0" ino=86 res=0 errno=0 [ 1669.435154][ T8471] usb 1-1: new low-speed USB device number 37 using dummy_hcd [ 1669.640121][ T8471] usb 1-1: Invalid ep0 maxpacket: 16 [ 1669.807203][ T8471] usb 1-1: new low-speed USB device number 38 using dummy_hcd [ 1670.023632][ T8471] usb 1-1: Invalid ep0 maxpacket: 16 [ 1670.048473][ T8471] usb usb1-port1: attempt power cycle [ 1670.459943][ T8471] usb 1-1: new low-speed USB device number 39 using dummy_hcd [ 1670.522577][ T8471] usb 1-1: Invalid ep0 maxpacket: 16 [ 1670.697718][ T8471] usb 1-1: new low-speed USB device number 40 using dummy_hcd [ 1670.788059][ T8471] usb 1-1: Invalid ep0 maxpacket: 16 [ 1670.821078][ T8471] usb usb1-port1: unable to enumerate USB device [ 1671.282557][ T8471] usb 7-1: new full-speed USB device number 18 using dummy_hcd [ 1671.520441][ T8471] usb 7-1: unable to get BOS descriptor or descriptor too short [ 1671.589511][ T8471] usb 7-1: not running at top speed; connect to a high speed hub [ 1671.609326][ T8471] usb 7-1: config 1 has an invalid descriptor of length 206, skipping remainder of the config [ 1671.624088][ T5232] 8021q: adding VLAN 0 to HW filter on device eth11 [ 1671.638954][ T2160] usb 2-1: new high-speed USB device number 14 using dummy_hcd [ 1671.646783][ T8471] usb 7-1: config 1 interface 0 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 1671.646945][ T8471] usb 7-1: config 1 interface 0 has no altsetting 0 [ 1671.757701][ T8471] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 1671.769269][ T8471] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1671.791924][ T8471] usb 7-1: Product: syz [ 1671.806401][ T8471] usb 7-1: Manufacturer: syz [ 1671.822936][ T8471] usb 7-1: SerialNumber: syz [ 1671.871753][ T2160] usb 2-1: Using ep0 maxpacket: 8 [ 1671.913016][ T2160] usb 2-1: config 0 interface 0 altsetting 8 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1671.962782][ T2160] usb 2-1: config 0 interface 0 altsetting 8 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 1672.021188][ T2160] usb 2-1: config 0 interface 0 has no altsetting 0 [ 1672.045497][ T2160] usb 2-1: New USB device found, idVendor=0458, idProduct=5019, bcdDevice= 0.00 [ 1672.117400][ T2160] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1672.133813][ T8471] cdc_ether 7-1:1.0: skipping garbage [ 1672.172726][ T8471] cdc_ether 7-1:1.0: skipping garbage [ 1672.208287][ T8471] cdc_ether 7-1:1.0: skipping garbage [ 1672.213995][ T2160] usb 2-1: config 0 descriptor?? [ 1672.257000][ T8471] cdc_ether 7-1:1.0: probe with driver cdc_ether failed with error -22 [ 1672.386159][ T8471] usb 7-1: USB disconnect, device number 18 [ 1672.738780][ T2160] hid (null): unknown global tag 0xa3 [ 1672.845822][ T2160] kye 0003:0458:5019.001A: tablet report size too small, or kye_tablet_rdesc unexpectedly large [ 1672.926654][ T2160] hid_parser_main: 3 callbacks suppressed [ 1672.926746][ T2160] kye 0003:0458:5019.001A: unknown main item tag 0x3 [ 1673.013805][ T2160] kye 0003:0458:5019.001A: unexpected long global item [ 1673.085388][ T2160] kye 0003:0458:5019.001A: parse failed [ 1673.120107][ T2160] kye 0003:0458:5019.001A: probe with driver kye failed with error -22 [ 1673.215360][ T2160] usb 2-1: USB disconnect, device number 14 [ 1673.696117][T15876] loop6: detected capacity change from 0 to 128 [ 1673.894757][T15876] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 1673.942007][T15876] ext4 filesystem being mounted at /76/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 1674.788173][T13925] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 1675.437887][T15894] loop6: detected capacity change from 0 to 1024 [ 1675.447272][T15894] ext4: Unknown parameter 'seclabel' [ 1679.331198][ T5232] 8021q: adding VLAN 0 to HW filter on device eth12 [ 1680.004285][T15921] loop6: detected capacity change from 0 to 16 [ 1680.030864][T15920] loop1: detected capacity change from 0 to 512 [ 1680.059308][T15921] erofs (device loop6): invalid ishare xattr prefix id 0 [ 1680.073847][T15920] EXT4-fs: Ignoring removed oldalloc option [ 1680.100169][T15920] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 1680.245010][T15920] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1680.245523][T15920] ext4 filesystem being mounted at /31/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1680.883755][T15920] EXT4-fs error (device loop1): ext4_xattr_block_get:597: inode #15: comm syz.1.1991: corrupted xattr block 33: invalid checksum [ 1680.985192][T15932] EXT4-fs error (device loop1): ext4_validate_inode_bitmap:105: comm syz.1.1991: Corrupt inode bitmap - block_group = 0, inode_bitmap = 20 [ 1681.782174][ T1307] ieee802154 phy0 wpan0: encryption failed: -22 [ 1681.789738][ T1307] ieee802154 phy1 wpan1: encryption failed: -22 [ 1682.718735][T14773] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1683.205956][T15959] loop8: detected capacity change from 0 to 256 [ 1683.402194][T15964] loop1: detected capacity change from 0 to 256 [ 1683.762199][T15964] FAT-fs (loop1): Directory bread(block 64) failed [ 1683.802113][T15964] FAT-fs (loop1): Directory bread(block 65) failed [ 1683.839155][T15964] FAT-fs (loop1): Directory bread(block 66) failed [ 1683.910492][T15964] FAT-fs (loop1): Directory bread(block 67) failed [ 1683.987897][T14774] Bluetooth: hci2: command 0x0406 tx timeout [ 1684.024885][T15964] FAT-fs (loop1): Directory bread(block 68) failed [ 1684.054167][T15964] FAT-fs (loop1): Directory bread(block 69) failed [ 1684.095574][T15964] FAT-fs (loop1): Directory bread(block 70) failed [ 1684.128254][T15964] FAT-fs (loop1): Directory bread(block 71) failed [ 1684.182240][T15964] FAT-fs (loop1): Directory bread(block 72) failed [ 1684.212433][T15964] FAT-fs (loop1): Directory bread(block 73) failed [ 1685.881307][ T5232] 8021q: adding VLAN 0 to HW filter on device eth19 [ 1686.752202][ T8471] hid-generic 0000:0000:0000.001B: unknown main item tag 0x0 [ 1686.813920][ T8471] hid-generic 0000:0000:0000.001B: hidraw0: HID v0.00 Device [syz1] on syz0 [ 1686.841055][T15992] loop0: detected capacity change from 0 to 2048 [ 1687.019817][T15992] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1687.685032][T15983] loop7: detected capacity change from 0 to 8192 [ 1687.818764][T15983] loop7: p2 p4 [ 1687.847670][T15983] loop7: partition table partially beyond EOD, truncated [ 1687.935945][T15983] loop7: p2 start 269365764 is beyond EOD, truncated [ 1687.986911][T15983] loop7: p4 size 262144 extends beyond EOD, truncated [ 1688.180459][T15999] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1317: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters [ 1689.998505][T16021] loop8: detected capacity change from 0 to 512 [ 1690.094512][T16021] EXT4-fs (loop8): can't mount with journal_checksum, fs mounted w/o journal [ 1690.341205][T11451] udevd[11451]: inotify_add_watch(7, /dev/loop7p4, 10) failed: No such file or directory [ 1691.156401][T13879] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1693.816300][T16051] loop0: detected capacity change from 0 to 256 [ 1693.903281][T16051] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 1694.327504][T16058] loop1: detected capacity change from 0 to 1024 [ 1694.407737][T16058] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (7780!=20869) [ 1694.466116][T16058] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 1694.534918][T16058] EXT4-fs (loop1): invalid journal inode [ 1694.594267][T16058] EXT4-fs (loop1): can't get journal size [ 1694.636639][T16058] EXT4-fs error (device loop1): ext4_map_blocks:791: inode #3: block 17104912: comm syz.1.2027: lblock 2 mapped to illegal pblock 17104912 (length 1) [ 1694.704657][T16058] loop1: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117 [ 1694.705403][ C1] EXT4-fs (loop1): error count since last fsck: 1 [ 1694.721313][ C1] EXT4-fs (loop1): initial error at time 1780825865: ext4_map_blocks:791: inode 3: block 17104912 [ 1694.732435][ C1] EXT4-fs (loop1): last error at time 1780825865: ext4_map_blocks:791: inode 3: block 17104912 [ 1694.750703][T16058] EXT4-fs (loop1): failed to initialize system zone (-117) [ 1694.801927][T16058] EXT4-fs (loop1): mount failed [ 1695.238863][T16067] loop8: detected capacity change from 0 to 128 [ 1695.558859][T16071] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2030'. [ 1695.560557][ T40] usb 1-1: new full-speed USB device number 41 using dummy_hcd [ 1695.744456][T16071] loop6: detected capacity change from 0 to 512 [ 1695.872142][T16071] EXT4-fs (loop6): Test dummy encryption mode enabled [ 1695.917070][ T40] usb 1-1: unable to read config index 0 descriptor/start: -71 [ 1695.965644][T16071] EXT4-fs error (device loop6): ext4_orphan_get:1397: inode #15: comm syz.6.2030: inode has both inline data and extents flags [ 1695.975132][ T40] usb 1-1: can't read configurations, error -71 [ 1696.006525][T16071] loop6: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 1696.009039][ C1] EXT4-fs (loop6): error count since last fsck: 1 [ 1696.025045][ C1] EXT4-fs (loop6): initial error at time 1780825866: ext4_orphan_get:1397: inode 15 [ 1696.034795][ C1] EXT4-fs (loop6): last error at time 1780825866: ext4_orphan_get:1397: inode 15 [ 1696.061158][T16071] EXT4-fs error (device loop6): ext4_orphan_get:1402: comm syz.6.2030: couldn't read orphan inode 15 (err -117) [ 1696.093141][T16073] loop1: detected capacity change from 0 to 1024 [ 1696.180721][T16071] loop6: lost filesystem error report for type 5 error -117 [ 1696.186014][T16071] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1696.276749][T16073] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869) [ 1696.323430][T16073] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 1696.406232][T16073] EXT4-fs error (device loop1): ext4_get_journal_inode:5896: comm syz.1.2031: inode #1: comm syz.1.2031: iget: illegal inode # [ 1696.509464][T16073] loop1: lost filesystem error report for type 5 error -117 [ 1696.511266][ C0] EXT4-fs (loop1): error count since last fsck: 1 [ 1696.525649][ C0] EXT4-fs (loop1): initial error at time 1780825867: ext4_get_journal_inode:5896 [ 1696.535048][ C0] EXT4-fs (loop1): last error at time 1780825867: ext4_get_journal_inode:5896 [ 1696.561219][T16073] EXT4-fs (loop1): Remounting filesystem read-only [ 1696.606358][T16073] EXT4-fs (loop1): no journal found [ 1696.652949][T16073] EXT4-fs (loop1): can't get journal size [ 1696.774183][T16073] EXT4-fs (loop1): failed to initialize system zone (-22) [ 1696.823413][T16073] EXT4-fs (loop1): mount failed [ 1696.910388][T16073] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2031'. [ 1696.996183][T13925] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1698.716906][T16106] loop6: detected capacity change from 0 to 256 [ 1699.789894][T16120] loop6: detected capacity change from 0 to 16 [ 1699.851621][T16120] erofs (device loop6): mounted with root inode @ nid 36. [ 1700.868269][T16129] loop6: detected capacity change from 0 to 256 [ 1701.044594][T16129] exFAT-fs (loop6): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 1701.563476][T16129] exFAT-fs (loop6): valid_size(150994954) is greater than size(10) [ 1704.636670][T16155] loop0: detected capacity change from 0 to 128 [ 1704.760220][T16155] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 1704.859402][T16155] ext4 filesystem being mounted at /94/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 1705.461032][T13879] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 1705.520406][ T6975] usb 2-1: new high-speed USB device number 15 using dummy_hcd [ 1705.714523][ T6975] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 5 [ 1705.754914][ T6975] usb 2-1: New USB device found, idVendor=0403, idProduct=f850, bcdDevice=6a.00 [ 1705.794964][ T6975] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1705.850375][ T6975] usb 2-1: config 0 descriptor?? [ 1705.912810][ T6975] ftdi_sio 2-1:0.0: FTDI USB Serial Device converter detected [ 1705.956746][ T6975] ftdi_sio ttyUSB0: unknown device type: 0x6a00 [ 1706.152256][ T6975] usb 2-1: USB disconnect, device number 15 [ 1706.188128][ T6975] ftdi_sio 2-1:0.0: device disconnected [ 1709.076793][ T40] usb 8-1: new full-speed USB device number 16 using dummy_hcd [ 1709.906467][ T40] usb 8-1: unable to read config index 0 descriptor/start: -71 [ 1709.966267][ T40] usb 8-1: can't read configurations, error -71 [ 1710.329215][T16208] loop6: detected capacity change from 0 to 2048 [ 1710.493006][T16208] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1710.619392][T16208] ext4 filesystem being mounted at /99/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1711.059369][T13925] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1711.890403][ T6975] usb 7-1: new high-speed USB device number 19 using dummy_hcd [ 1712.023557][T16229] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2070'. [ 1712.074730][ T6975] usb 7-1: Using ep0 maxpacket: 16 [ 1712.141458][ T6975] usb 7-1: config 0 has an invalid interface number: 34 but max is 0 [ 1712.175827][ T6975] usb 7-1: config 0 has no interface number 0 [ 1712.197958][ T6975] usb 7-1: config 0 interface 34 altsetting 0 bulk endpoint 0xA has invalid maxpacket 1023 [ 1712.274125][ T6975] usb 7-1: config 0 interface 34 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 80 [ 1712.327575][ T6975] usb 7-1: New USB device found, idVendor=0b95, idProduct=772a, bcdDevice=82.73 [ 1712.403040][ T6975] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1712.448094][ T6975] usb 7-1: Product: syz [ 1712.476016][ T6975] usb 7-1: Manufacturer: syz [ 1712.497334][ T6975] usb 7-1: SerialNumber: syz [ 1712.556378][ T6975] usb 7-1: config 0 descriptor?? [ 1712.591729][T16225] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22 [ 1712.627253][T16225] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22 [ 1712.973670][T16242] netlink: 'syz.1.2073': attribute type 3 has an invalid length. [ 1713.008702][T16225] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22 [ 1713.073454][T16225] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22 [ 1713.370865][ T6975] asix 7-1:0.34 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -61 [ 1713.432123][ T6975] asix 7-1:0.34: probe with driver asix failed with error -61 [ 1713.614531][ T40] usb 7-1: USB disconnect, device number 19 [ 1714.071743][ T8471] usb 8-1: new high-speed USB device number 18 using dummy_hcd [ 1714.077659][T14774] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 1714.096422][T14774] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 1714.116351][T14774] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 1714.131863][T14774] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 1714.144453][T14774] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 1714.342222][ T8471] usb 8-1: config 220 has an invalid interface number: 76 but max is 2 [ 1714.389076][ T8471] usb 8-1: config 220 contains an unexpected descriptor of type 0x2, skipping [ 1714.439275][ T8471] usb 8-1: config 220 descriptor has 1 excess byte, ignoring [ 1714.474932][ T8471] usb 8-1: config 220 has no interface number 2 [ 1714.494805][ T8471] usb 8-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12 [ 1714.575492][ T8471] usb 8-1: config 220 interface 0 has no altsetting 0 [ 1714.620152][ T8471] usb 8-1: config 220 interface 76 has no altsetting 0 [ 1714.661659][ T8471] usb 8-1: config 220 interface 1 has no altsetting 0 [ 1714.720654][ T8471] usb 8-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9 [ 1714.768407][ T8471] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1714.793959][ T8471] usb 8-1: Product: syz [ 1714.809896][ T8471] usb 8-1: Manufacturer: syz [ 1714.843785][ T8471] usb 8-1: SerialNumber: syz [ 1715.221676][ T8471] uvcvideo 8-1:220.0: Found UVC 7.01 device syz (8086:0b07) [ 1715.248661][ T8471] uvcvideo 8-1:220.0: No valid video chain found. [ 1715.272725][ T8471] usb 8-1: selecting invalid altsetting 0 [ 1715.422979][ T8471] usb 8-1: selecting invalid altsetting 0 [ 1715.472109][ T8471] usbtest 8-1:220.1: probe with driver usbtest failed with error -22 [ 1715.558048][ T8471] usb 8-1: USB disconnect, device number 18 [ 1716.316261][T14774] Bluetooth: hci3: command tx timeout [ 1717.725838][T16282] binder_alloc: 16280: binder_alloc_buf, no vma [ 1718.525028][T14774] Bluetooth: hci3: command tx timeout [ 1720.044840][T16304] loop7: detected capacity change from 0 to 256 [ 1720.387614][T16304] FAT-fs (loop7): Directory bread(block 64) failed [ 1720.422723][T16304] FAT-fs (loop7): Directory bread(block 65) failed [ 1720.461667][T16304] FAT-fs (loop7): Directory bread(block 66) failed [ 1720.482087][T16304] FAT-fs (loop7): Directory bread(block 67) failed [ 1720.506213][T16304] FAT-fs (loop7): Directory bread(block 68) failed [ 1720.528687][T16304] FAT-fs (loop7): Directory bread(block 69) failed [ 1720.580455][T16304] FAT-fs (loop7): Directory bread(block 70) failed [ 1720.624198][T16304] FAT-fs (loop7): Directory bread(block 71) failed [ 1720.686800][T16304] FAT-fs (loop7): Directory bread(block 72) failed [ 1720.737858][T16304] FAT-fs (loop7): Directory bread(block 73) failed [ 1720.761661][T14774] Bluetooth: hci3: command tx timeout [ 1720.784653][T16308] binder: 16307:16308 ioctl c0306201 80000480 returned -14 [ 1722.037850][T16254] bridge0: port 1(bridge_slave_0) entered blocking state [ 1722.076156][T16254] bridge0: port 1(bridge_slave_0) entered disabled state [ 1722.165281][T16254] bridge_slave_0: entered allmulticast mode [ 1722.230281][T16254] bridge_slave_0: entered promiscuous mode [ 1722.338385][T16254] bridge0: port 2(bridge_slave_1) entered blocking state [ 1722.362373][T16254] bridge0: port 2(bridge_slave_1) entered disabled state [ 1722.393932][T16254] bridge_slave_1: entered allmulticast mode [ 1722.438517][T16254] bridge_slave_1: entered promiscuous mode [ 1722.603964][T16328] binder_alloc: 16327: binder_alloc_buf, no vma [ 1722.971500][T14774] Bluetooth: hci3: command tx timeout [ 1723.026082][T16254] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1723.110034][T16254] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1723.214649][T16334] netlink: 'syz.7.2092': attribute type 3 has an invalid length. [ 1723.252368][T16334] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2092'. [ 1723.475843][T16254] team0: Port device team_slave_0 added [ 1723.554320][T16254] team0: Port device team_slave_1 added [ 1724.032513][T16254] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1724.093272][T16254] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1724.199351][T16254] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1724.311157][T16254] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1724.320649][ T6975] usb 7-1: new full-speed USB device number 20 using dummy_hcd [ 1724.362579][T16254] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1724.455633][ T7190] usb 1-1: new high-speed USB device number 43 using dummy_hcd [ 1724.475842][T16254] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1724.500214][T16350] loop1: detected capacity change from 0 to 128 [ 1724.540419][T16350] EXT4-fs (loop1): Test dummy encryption mode enabled [ 1724.584514][ T6975] usb 7-1: config 0 interface 0 altsetting 15 endpoint 0x81 has invalid maxpacket 1056, setting to 64 [ 1724.640132][ T6975] usb 7-1: config 0 interface 0 altsetting 15 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 1724.668554][T16350] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 1724.735667][ T7190] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1724.777161][ T6975] usb 7-1: config 0 interface 0 has no altsetting 0 [ 1724.796579][ T7190] usb 1-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 1724.831484][T16350] ext4 filesystem being mounted at /52/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 1724.833623][ T6975] usb 7-1: New USB device found, idVendor=06cb, idProduct=73f4, bcdDevice= 0.00 [ 1724.878164][ T7190] usb 1-1: config 1 interface 1 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 1724.907499][ T6975] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1724.930026][ T7190] usb 1-1: config 1 interface 1 has no altsetting 0 [ 1724.951033][ T6975] usb 7-1: config 0 descriptor?? [ 1724.969142][ T7190] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 1724.977949][T16254] hsr_slave_0: entered promiscuous mode [ 1724.991423][T16345] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22 [ 1725.001654][T16354] binder: 16353:16354 unknown command 0 [ 1725.011814][ T7190] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1725.028152][T16354] binder: 16353:16354 ioctl c0306201 800001c0 returned -22 [ 1725.045434][ T7190] usb 1-1: Product: syz [ 1725.052916][T16254] hsr_slave_1: entered promiscuous mode [ 1725.065127][ T7190] usb 1-1: Manufacturer: syz [ 1725.078642][T16254] debugfs: 'hsr0' already exists in 'hsr' [ 1725.086314][ T7190] usb 1-1: SerialNumber: syz [ 1725.097287][T16254] Cannot create hsr debugfs directory [ 1725.196036][ T7190] cdc_ncm 1-1:1.0: skipping garbage [ 1725.217100][ T7190] cdc_ncm 1-1:1.0: NCM or ECM functional descriptors missing [ 1725.243230][ T7190] cdc_ncm 1-1:1.0: bind() failure [ 1725.283195][T14773] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 1725.556515][ T6975] itetech 0003:06CB:73F4.001C: ignoring exceeding usage max [ 1725.682129][ T6975] itetech 0003:06CB:73F4.001C: unknown main item tag 0x7 [ 1725.717441][ T7190] usb 1-1: USB disconnect, device number 43 [ 1725.862058][ T6975] itetech 0003:06CB:73F4.001C: hidraw0: USB HID v0.0c Device [HID 06cb:73f4] on usb-dummy_hcd.6-1/input0 [ 1726.168654][ T8471] usb 7-1: USB disconnect, device number 20 [ 1726.887217][T16365] binder_alloc: 16362: binder_alloc_buf, no vma [ 1726.923115][T16360] fido_id[16360]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.6/usb7/report_descriptor': No such file or directory [ 1728.563894][T16254] netdevsim netdevsim9 netdevsim0: renamed from eth0 [ 1728.651834][T16254] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 1728.732336][T16254] netdevsim netdevsim9 netdevsim1: renamed from eth1 [ 1728.818654][T16254] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 1728.894950][T16254] netdevsim netdevsim9 netdevsim2: renamed from eth2 [ 1729.024490][T16254] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 1729.167114][T16254] netdevsim netdevsim9 netdevsim3: renamed from eth3 [ 1729.259721][T16254] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 1729.283397][T16386] syzkaller0: entered promiscuous mode [ 1729.310109][T16386] syzkaller0: entered allmulticast mode [ 1730.882270][T16254] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1731.207495][T16254] 8021q: adding VLAN 0 to HW filter on device team0 [ 1731.355232][ T3294] bridge0: port 1(bridge_slave_0) entered blocking state [ 1731.362766][ T3294] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1731.478622][ T5232] 8021q: adding VLAN 0 to HW filter on device eth5 [ 1731.506370][T16410] binder_alloc: 16409: binder_alloc_buf, no vma [ 1731.562420][ T3294] bridge0: port 2(bridge_slave_1) entered blocking state [ 1731.570110][ T3294] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1732.524324][ T40] usb 7-1: new high-speed USB device number 21 using dummy_hcd [ 1732.732297][ T40] usb 7-1: Using ep0 maxpacket: 32 [ 1732.764021][ T40] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1732.831890][ T40] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1732.885702][ T40] usb 7-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 1732.941996][ T40] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1733.021445][ T40] usb 7-1: config 0 descriptor?? [ 1733.109225][ T40] hub 7-1:0.0: USB hub found [ 1733.368754][ T40] hub 7-1:0.0: 1 port detected [ 1733.887979][ T40] hub 7-1:0.0: hub_hub_status failed (err = -71) [ 1733.943959][ T40] hub 7-1:0.0: config failed, can't get hub status (err -71) [ 1734.057631][ T40] usbhid 7-1:0.0: can't add hid device: -71 [ 1734.085256][ T40] usbhid 7-1:0.0: probe with driver usbhid failed with error -71 [ 1734.181176][ T40] usb 7-1: USB disconnect, device number 21 [ 1738.618210][T16254] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1738.851040][ T6975] usb 7-1: new high-speed USB device number 22 using dummy_hcd [ 1738.870391][ T34] Bluetooth: hci6: Frame reassembly failed (-84) [ 1739.089910][ T6975] usb 7-1: New USB device found, idVendor=0bda, idProduct=8150, bcdDevice= 0.00 [ 1739.122683][ T6975] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1739.155907][ T6975] usb 7-1: Product: syz [ 1739.170618][ T6975] usb 7-1: Manufacturer: syz [ 1739.187405][ T6975] usb 7-1: SerialNumber: syz [ 1739.602565][ T5232] 8021q: adding VLAN 0 to HW filter on device eth6 [ 1739.836115][ T6975] rtl8150 7-1:1.0: couldn't reset the device [ 1739.855580][ T6975] rtl8150 7-1:1.0: probe with driver rtl8150 failed with error -5 [ 1739.950259][ T6975] usb 7-1: USB disconnect, device number 22 [ 1739.964168][T16468] binder_alloc: 16463: binder_alloc_buf, no vma [ 1740.650264][T16473] loop1: detected capacity change from 0 to 128 [ 1740.711352][T16473] FAT-fs (loop1): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1) [ 1740.852298][T16473] FAT-fs (loop1): error, corrupted file size (i_pos 548, 512) [ 1740.898139][T16473] FAT-fs (loop1): Filesystem has been set read-only [ 1741.008881][T14774] Bluetooth: hci6: Opcode 0x1003 failed: -110 [ 1741.506698][T16254] veth0_vlan: entered promiscuous mode [ 1741.522105][T16481] netlink: 72 bytes leftover after parsing attributes in process `syz.0.2131'. [ 1741.688223][T16254] veth1_vlan: entered promiscuous mode [ 1741.962177][T16484] loop6: detected capacity change from 0 to 1024 [ 1741.971624][T16484] ext4: Unknown parameter 'seclabel' [ 1742.512057][ T6975] usb 2-1: new high-speed USB device number 16 using dummy_hcd [ 1743.719454][T16254] veth0_macvtap: entered promiscuous mode [ 1744.763733][ T6975] usb 2-1: Using ep0 maxpacket: 32 [ 1744.791068][ T6975] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1744.855547][T16500] loop7: detected capacity change from 0 to 16 [ 1745.017079][T16500] erofs (device loop7): mounted with root inode @ nid 36. [ 1745.125086][T16254] veth1_macvtap: entered promiscuous mode [ 1745.133981][ T6975] usb 2-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 1745.152983][ T6975] usb 2-1: too many endpoints for config 1 interface 1 altsetting 239: 255, using maximum allowed: 30 [ 1745.186675][ T6975] usb 2-1: config 1 interface 1 altsetting 239 has 0 endpoint descriptors, different from the interface descriptor's value: 255 [ 1745.220524][ T6975] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0 [ 1745.301279][ T6975] usb 2-1: config 1 interface 1 has no altsetting 0 [ 1745.474819][T16254] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1745.689352][ T6975] usb 2-1: string descriptor 0 read error: -71 [ 1745.726342][ T6975] usb 2-1: New USB device found, idVendor=0582, idProduct=0025, bcdDevice= 0.40 [ 1745.743364][T16254] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1745.814350][ T6975] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1745.901204][ T6975] usb 2-1: can't set config #1, error -71 [ 1745.949900][ T34] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1745.976761][ T6975] usb 2-1: USB disconnect, device number 16 [ 1746.001582][ T34] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1746.077727][ T6094] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1746.133219][ T6094] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1746.435099][T16514] binder_alloc: 16508: binder_alloc_buf, no vma [ 1746.621993][T16512] ===================================================== [ 1746.629918][T16512] BUG: KMSAN: uninit-value in bpf_prog_run_generic_xdp+0x1a97/0x20d0 [ 1746.638269][T16512] bpf_prog_run_generic_xdp+0x1a97/0x20d0 [ 1746.644393][T16512] do_xdp_generic+0xe07/0x17b0 [ 1746.649352][T16512] tun_get_user+0x52df/0x6fe0 [ 1746.654768][T16512] tun_chr_write_iter+0x3e9/0x5c0 [ 1746.659960][T16512] vfs_write+0xbe1/0x15c0 [ 1746.664673][T16512] ksys_write+0x1d9/0x470 [ 1746.669165][T16512] __ia32_sys_write+0x9a/0xf0 [ 1746.674152][T16512] ia32_sys_call+0x37a7/0x4360 [ 1746.679297][T16512] do_int80_emulation+0x177/0x380 [ 1746.684759][T16512] asm_int80_emulation+0x1f/0x30 [ 1746.689871][T16512] [ 1746.692257][T16512] Uninit was stored to memory at: [ 1746.697774][T16512] pskb_expand_head+0x497/0x1a40 [ 1746.702985][T16512] do_xdp_generic+0xb30/0x17b0 [ 1746.708104][T16512] tun_get_user+0x52df/0x6fe0 [ 1746.712944][T16512] tun_chr_write_iter+0x3e9/0x5c0 [ 1746.718280][T16512] vfs_write+0xbe1/0x15c0 [ 1746.722773][T16512] ksys_write+0x1d9/0x470 [ 1746.727425][T16512] __ia32_sys_write+0x9a/0xf0 [ 1746.732276][T16512] ia32_sys_call+0x37a7/0x4360 [ 1746.737321][T16512] do_int80_emulation+0x177/0x380 [ 1746.742489][T16512] asm_int80_emulation+0x1f/0x30 [ 1746.747752][T16512] [ 1746.750198][T16512] Uninit was created at: [ 1746.754708][T16512] __kmalloc_node_track_caller_noprof+0x4f6/0x1750 [ 1746.761505][T16512] __alloc_skb+0x90d/0x1190 [ 1746.766172][T16512] alloc_skb_with_frags+0xc5/0x990 [ 1746.771671][T16512] sock_alloc_send_pskb+0xacb/0xc60 [ 1746.777124][T16512] tun_get_user+0xefa/0x6fe0 [ 1746.782041][T16512] tun_chr_write_iter+0x3e9/0x5c0 [ 1746.787227][T16512] vfs_write+0xbe1/0x15c0 [ 1746.791829][T16512] ksys_write+0x1d9/0x470 [ 1746.796324][T16512] __ia32_sys_write+0x9a/0xf0 [ 1746.801325][T16512] ia32_sys_call+0x37a7/0x4360 [ 1746.806282][T16512] do_int80_emulation+0x177/0x380 [ 1746.811613][T16512] asm_int80_emulation+0x1f/0x30 [ 1746.816708][T16512] [ 1746.819134][T16512] CPU: 1 UID: 0 PID: 16512 Comm: syz.7.2139 Tainted: G W syzkaller #0 PREEMPT(lazy) [ 1746.830404][T16512] Tainted: [W]=WARN [ 1746.834418][T16512] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 1746.844718][T16512] ===================================================== [ 1746.851740][T16512] Disabling lock debugging due to kernel taint [ 1746.858181][T16512] Kernel panic - not syncing: kmsan.panic set ... [ 1746.864717][T16512] CPU: 1 UID: 0 PID: 16512 Comm: syz.7.2139 Tainted: G B W syzkaller #0 PREEMPT(lazy) [ 1746.875870][T16512] Tainted: [B]=BAD_PAGE, [W]=WARN [ 1746.880977][T16512] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 1746.891197][T16512] Call Trace: [ 1746.894562][T16512] [ 1746.897581][T16512] __dump_stack+0x26/0x30 [ 1746.902074][T16512] dump_stack_lvl+0x50/0x1c0 [ 1746.906825][T16512] ? dump_stack+0x12/0x25 [ 1746.911313][T16512] dump_stack+0x1e/0x25 [ 1746.915625][T16512] vpanic+0x7b4/0x1430 [ 1746.919882][T16512] panic+0x15d/0x160 [ 1746.923993][T16512] kmsan_report+0x31a/0x320 [ 1746.928687][T16512] ? __msan_warning+0x1b/0x30 [ 1746.933527][T16512] ? bpf_prog_run_generic_xdp+0x1a97/0x20d0 [ 1746.939622][T16512] ? do_xdp_generic+0xe07/0x17b0 [ 1746.944751][T16512] ? tun_get_user+0x52df/0x6fe0 [ 1746.949766][T16512] ? tun_chr_write_iter+0x3e9/0x5c0 [ 1746.955132][T16512] ? vfs_write+0xbe1/0x15c0 [ 1746.959803][T16512] ? ksys_write+0x1d9/0x470 [ 1746.964474][T16512] ? __ia32_sys_write+0x9a/0xf0 [ 1746.969494][T16512] ? ia32_sys_call+0x37a7/0x4360 [ 1746.974620][T16512] ? do_int80_emulation+0x177/0x380 [ 1746.979968][T16512] ? asm_int80_emulation+0x1f/0x30 [ 1746.985247][T16512] ? ___bpf_prog_run+0xe975/0xeab0 [ 1746.990814][T16512] ? __bpf_prog_run32+0xc2/0xf0 [ 1746.995859][T16512] ? kmsan_get_metadata+0xf1/0x160 [ 1747.001177][T16512] __msan_warning+0x1b/0x30 [ 1747.005856][T16512] bpf_prog_run_generic_xdp+0x1a97/0x20d0 [ 1747.011851][T16512] do_xdp_generic+0xe07/0x17b0 [ 1747.016813][T16512] ? filter_irq_stacks+0x49/0x190 [ 1747.022167][T16512] ? tun_get_user+0x525e/0x6fe0 [ 1747.027200][T16512] tun_get_user+0x52df/0x6fe0 [ 1747.032059][T16512] ? stack_depot_save_flags+0x35/0x790 [ 1747.037864][T16512] ? kmsan_get_metadata+0xf1/0x160 [ 1747.043176][T16512] ? kmsan_get_metadata+0xf1/0x160 [ 1747.048488][T16512] ? kmsan_internal_unpoison_memory+0x14/0x20 [ 1747.054779][T16512] ? kmsan_get_metadata+0xf1/0x160 [ 1747.060104][T16512] tun_chr_write_iter+0x3e9/0x5c0 [ 1747.065326][T16512] vfs_write+0xbe1/0x15c0 [ 1747.069856][T16512] ? __pfx_tun_chr_write_iter+0x10/0x10 [ 1747.075591][T16512] ksys_write+0x1d9/0x470 [ 1747.080120][T16512] __ia32_sys_write+0x9a/0xf0 [ 1747.084986][T16512] ia32_sys_call+0x37a7/0x4360 [ 1747.089950][T16512] do_int80_emulation+0x177/0x380 [ 1747.095127][T16512] ? clear_bhb_loop+0x50/0xa0 [ 1747.099954][T16512] ? clear_bhb_loop+0x50/0xa0 [ 1747.104801][T16512] asm_int80_emulation+0x1f/0x30 [ 1747.109886][T16512] RIP: 0023:0xf71861ab [ 1747.114061][T16512] Code: 57 56 53 8b 44 24 14 f6 00 08 75 23 8b 44 24 18 8b 5c 24 1c 8b 4c 24 20 8b 54 24 24 8b 74 24 28 8b 7c 24 2c 8b 6c 24 30 cd 80 <5b> 5e 5f 5d c3 5b 5e 5f 5d e9 f7 a1 ff ff 66 90 66 90 66 90 90 53 [ 1747.133831][T16512] RSP: 002b:00000000f543d44c EFLAGS: 00000246 ORIG_RAX: 0000000000000004 [ 1747.142407][T16512] RAX: ffffffffffffffda RBX: 00000000000000c8 RCX: 0000000080000300 [ 1747.150513][T16512] RDX: 000000000000fdef RSI: 0000000000000000 RDI: 0000000000000000 [ 1747.158604][T16512] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1747.166692][T16512] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 1747.174785][T16512] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1747.182916][T16512] [ 1747.186202][T16512] Kernel Offset: disabled [ 1747.190636][T16512] Rebooting in 86400 seconds..