last executing test programs:

35m4.90810849s ago: executing program 32 (id=1484):
capset(&(0x7f0000000080)={0x20080522}, &(0x7f0000000040))
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDGETMODE(r0, 0x4b4b, 0x0)

31m24.920914493s ago: executing program 33 (id=2839):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$L2TP_CMD_TUNNEL_CREATE(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)={0x14, r1, 0x917, 0x70bd2d}, 0x14}}, 0x0)

26m31.609608113s ago: executing program 34 (id=4408):
syz_mount_image$nilfs2(&(0x7f0000000ec0), &(0x7f0000000080)='./file0\x00', 0x0, &(0x7f0000000400)=ANY=[], 0x1, 0xf04, &(0x7f0000000f40)="$eJzs3U9sHNX9APA367+JTbwGfmDgR0ihFYGCHZJITW9BoB4Rl95BIaERhqKGHoiAmB4QlRBFQpwqDlRcKJVSpCKBKlWop7anVr31hHqhUpVKQT20SImr2G/Wuy/72PXYnrV3Px/p67dv3ux8v2M7zszs7NsAjKzG2tfjxxeKEN759O1HX36q+Pjasrtaaxxa+1rEXjOEMNHWL5LtfR4XXLn80qlubRGOrn0t++GxS63nzoQQVsKh8Flohg+Xlr/84N1HDn/02vQtb55/5pUd2v2WdD8AAGAYXfzT8t/u+8cfH5j/6uLBk2Gqtbw8Pm/G/kw87j8SD5TL4+VG6OwXbdFuMllvLEYjWW8sWW88yTOeyTeRbGcis95kj3xjbcu67ScAAADsReV5bTMUjcWOfqOxuLh+3n/N53OTxeJzZ5fPnBtQoQAAAEBl/76wdtOtEEIIIYQQQgghhjhW5wZ9BQIAAAAYNel8YddZ2d6Zulpba/aX/9LDje7Ph21Q9+//1+efHnD+LkY8//uv+osDAEB1w3o0We5XeRxdzmOQziM4ljxvs8f/jWQ745usMzev4F6ZbzBXZ/p93a1y9W/25zgoufrT+TB3q1z96Tydu1Wu/qma66gqV3+XKz+7Uq7+fTXXUVWu/v0111FVrv6ZmuuoKlf/bM11VJWr/4aa66gqV/+BmuuoKlf/XrmtNld/s+Y6qsrVP19zHVXl6r+x5jqqytV/U811VJWr/+aa6xiUO2Nbfh8OZtab6XJOt1fO8QAAAGDU/df8f0IIIUR7rN8CMfg6hBBCCCG2NS4M+gIEAAAAMHDl+wLKd72vRuX4WI/x8fbx6Y0VyvGJHs+f7DE+1WMcAAAACOG3r5+57a1iY767rc6HV84btS98fDVUmMconY9ws/m3Ou/ZVvPvlXnLAAAAGC3F9z67ev+j770w/9XFgyfbzn6vxvPdch7Q8Xht4JPYL+8LmE36RXkOfbIzTyOzXnp94Ibc9h7f4o4CAADACCvP35uhaCy2nXc3Q6OxuLhxPr4QJoozZ5dPH4n98vNZ/jA3MXVt+UM11w0AAAD0b+N8v/v5f/k5vgthslh87uzymXPr/dnW8olG+3WBuY3lRft1gWay/Ghm+bHYLz+/8wdz+9aWL5764fJT273zAAAAMCLOvXj+mSeXl0//yAMPPPCg9WDQf5kAAIDt9sUXb0/8+Njs79bf/78x/93V+OBQ7Dfj3H5/jsvL+wTK9wFc9379JzrzzOXWe75zvWay3liMqaTu6bbthLX5BjufN5/L1+zczmQm30ySbzbJl85TMJ6sX3SZSzB0mZ+wXG8uWZ7Owzie5CiS/Hd3yQUAAAClpReefX7p3IvnHzz77JNPn3769HPHjp747okTRx76zkNLa/f1L7Xf3Q8AAADsRRs3/Q66EgAAAAAAAAAAAAAAAAAAABhddXyc2KD3EQAAAEbdvy6EEFaEyET5AYODrkPs5lidGnwNwx3Bv0MhhBBCbDGc94mVEFZX00+aBwAAANhZVy6/dKq9vc5Ksa35WltrrjdXY96ynX3wr/PXolzt0sOd10v2b2s1jLq6f//l3635p7qOv//q9uafDht/+0Jff/8anRs42dHb12/ee5d+udDKH0K4fbzP/On+P95vxk6Hk/z3hv7yr76X5H+io9foN/99Sf79fea/bv+f7zdjp/tj/oXYP3xPv/k7d7H8LS33o99fgG8n+/9U6Dd/sv/NPhMmHoj5AWAUtf43X70w2EK2WXmUUB5Pz8R+ub/xcDOkdz9s9vi/kWxnfMuVd263PA66NfanW3V05i1ttv7y+zIb2xsq1pnaK3eV5Orfrp/jTsvVP1FzHVXl6p+suY6qcvV3P3vffXL1T9dcR1W5+vu+EDFgufr3ynXlXP0zNddRVa7+2ZrrqCpX/2b/Hx+UXP0Haq6jqlz9czXXUVWu/oqX1WqXq3++5jqqytV/Y811VJWr/6aa66gqV//NNdcxKHfENnc+XJ5/zsWxst9M+lNdvpd9vxgCAAAA7Kh/7sp5INquHAy8FiGEEEIIIYY//rO6btB1CCF2LlZXB3n1gUHb2XczA7Bb+fs/2vz8R5uf/2jz8+frlK/EF0m/NNZjfLzH+ESP8clkPP19neoxflOy3dXyumZ0c4/x/4t7kBs/0OP5t/YYX+gxfluP8dt7jN/RYxwAAIDRcEtsnR8CAADA8Hr5V5+88Zt7n7g8/9XFgyfD5HXzzh+J/an42vrrsZ/Oe1+aiK/5/yT2fxHb38f278n67j8BAACAnVd+TozX/wEAAGB4lZ9T6vwfAAAAhtd8bJ3/AwAAwPC6MbbO/wEAAGCIFdPdF8e2vC5wd2z7ndcPANj9/j+2d8b2YGzviu03YlseB9wT22/WVB8AsH1+/v2fnnir2Jjv/1gyfiUuL9vrrKxfKSganTP574vt/th+q8960s8D6Dd/6UCfeXYq/9wW8wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAw6Ox9vX48YUihHc+ffvRn02+8Zdry+5qrXFo7WsRe80QwkTreeXoRv/XccUrl1861d5ejW0RjoYiFK3l4bFLrUwzIYSVcCh8Fprhw6XlLz9495HDH702fcub5595ZQe/BR37BwAAAMPofwEAAP//fccg7g==")
r0 = open(&(0x7f0000000040)='./bus\x00', 0x4e142, 0x0)
pwritev2(r0, &(0x7f00000003c0)=[{&(0x7f0000000200)="05", 0x1}], 0x1, 0x6000000, 0x7ff, 0x0)
write$FUSE_INTERRUPT(r0, &(0x7f0000000180)={0x10}, 0x10)

20m48.586669712s ago: executing program 35 (id=6497):
r0 = syz_open_dev$dri(&(0x7f0000000000), 0x1, 0x0)
mmap(&(0x7f0000002000/0x4000)=nil, 0x4000, 0x1000004, 0x11, r0, 0x100000000)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x6, 0xc, &(0x7f00000006c0)=ANY=[@ANYBLOB="18020000000000000000000000000000850000003600000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000008850000000700000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x0, 0xfffffffffffffccb, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50)

19m13.822940764s ago: executing program 36 (id=6901):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080000000000000010000009400000007ad4160850000000f00000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='netlink_extack\x00', r0}, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=ANY=[@ANYBLOB="280000001800090000000000000000001c140000fe000001"], 0x28}}, 0x0)

18m36.005280597s ago: executing program 37 (id=7153):
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000440)='./file1\x00', 0x50, &(0x7f00000001c0)={[{@delalloc}, {@stripe={'stripe', 0x3d, 0xc4}}, {@usrjquota}, {@mblk_io_submit}, {@nogrpid}, {@orlov}]}, 0x1, 0x3ed, &(0x7f0000001240)="$eJzs3E9PHGUYAPBnhn9CC4uJB1M9kGgUo0IXRa0xsXr1z6X6AQjQ2khLUzCxlQMaT548GG8e+gU8+AGaxjQx8Sv4BUyTxlAOesPM7MyywLCC7LIt/f2Syb7vzOw+77MzTN532HkDeGxNRMT5iOiLiJmIqBXr02KJ9caS7fdgY21+c2NtPomtrQt/JZEU68rPSorXU0VlMo1Iv414Zn1v3JUbNz+fW1pavF7Up1evXJteuXHz1ctX5i4tXlq8Wn/zXL0+O/NW/fWO5frj8y+d63v//Jmf/qjdmR0cHM7ae7rY1ppHp0zERPM72W2208F6bLDXDQAA4EDSou/fn/f/a9GXlxpqMb3W08YBAAAAHbH1bvEKAAAAnGCJsT8AAACccOXvAB5srM2XSw9/jnDs7r8XEePbzzZvNvPvjyeKfQa6+HzrRERceyGpZUt06TlkAIBWd7L+z9mq/l8aT7fsNxSR94eGOxx/Yld9b/8nvdfhkDtk/b93ImJzT/8vLXcZ7ytqo3lXcSC5eHlp8WxEjEXEZAwMZfV6mxgf/P3zx/tty/K/m4yOlUsW/26Sf3Qhvdc/tPM9C3Orc0fJudX9ryPO9FflnzT7v0lEjBwhRt9Xt97eb1t1/qNjRwh3KFu3Il6sPP7bM/ck7ecnms7Ph+nyrNjrn29++Wi/+L3OPzv+I+3zH09a52taOXyM25/9/mxeqMiqdfxTnX/1+T+YfJKXy3HZl3Orq9frEYPJh3vXz2y/t6yX+2f5Tz5X/fdfXv+SYk6r08U14LC++/7XV9rv0cg/W7L45VjwOGT5Lxzq+LcrXBiu2vTG7d8+3S9+8/gnEeuV+WfHvzEH2GSx5iDXv/9q6f8/mwEAAODRk+b3NZJ0qllO06mpxv2Op2IkXVpeWX354vIXVxca9z/GYyAt73TVWu6H1hv/Rm/WZ3bVX4uIJyPih9pwXp+aX15a6HXyAAAA8Jg4tc/4P/Pnsf0KAQAAAOi68V43AAAAAOg6438AAAA40Q42r5/CzkL2zT0EzVBQ6Fqh11cmAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAR9u/AQAA//8mJ7Np")
chdir(&(0x7f00000001c0)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x82400, 0x0)
ioctl$FS_IOC_ENABLE_VERITY(r0, 0x40806685, &(0x7f0000000a80)={0x1, 0x2, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0})

18m19.22466236s ago: executing program 38 (id=7163):
syz_mount_image$udf(&(0x7f00000000c0), &(0x7f0000000180)='./file1\x00', 0x4000, &(0x7f00000011c0)=ANY=[@ANYBLOB='mode=00000000000000000000177,mode=00000000000000000000005,shortad,utf8,shortad,shortad,session=00000000000016777223,umask=00000000000000000000250,uid=ignore,shortad,dmode=00000000000000000170430,gid=ignore,adinicb,gid=forget,mode=00000000000000000002000,lastblock=00000000000000001024,shortad,euid>', @ANYRESDEC=0x0, @ANYRES64=0x0, @ANYRES8, @ANYBLOB="2c736d61636b6673747261736d7574653d001c0b235ffdce27803854a81c498e5bc58fdfc2e25738bee597df2c00"/55], 0x2, 0xc2d, &(0x7f00000001c0)="$eJzs3U9sHNd9B/DfGy3FldxWTOwoThoXm7ZIZcVy9S+mYhXuqqbZBpBlIhRzC8AVSakLUyRBUo1spAXTSw89BCiKHnIi0BoFUjQwmiLokWldILn4UOTUE9HCRlD0wBYBcgoYzOxbcUmRNi2KEmV9Pjb13Z19b+a9eesZWdCbFwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAxB+8cun0mfSwWwEAPEhXRr96+qz7PwA8Vq76/38AAAAAAAAAAAAAADjoUhTxZKSYu7KWxqv3HfXL7b5bt8eGhrevdiRVNQ9V5cuf+pmz585/6YXBC9283J75gPr322fjtdGrlxovz96cm59aWJiabIzNtCdmJ6d2vYe91t/qZHUCGjdfvzV5/fpC4+zz5zZ9fHvg/f4njg9cHHz21DPdsmNDw8OjG0XqveVr99yQjp1meByOIk5Fiue+99PUiogi9n4u6g927Lc6UnXiZNWJsaHhqiPT7dbMYvnhSPdEFBGNnkrN7jnafiyi1vdA+7CzZsRS2fyywSfL7o3OteZb16anGiOt+cX2Ynt2ZiR1Wlv2pxFFXEgRyxGx2n/37vqiiFqk+M6xtXQtIg51z8MXq4nBO7ej2Mc+7kLZzkZfxHLxCIzZAdYfRbwaKX72zomYyNeZ6lrzhYhXy/xBxFtlvhSRyi/G+Yj3tvke8WiqRRF/WY7/xbU0WV0PuteVy19rfGXm+mxP2e515SPeH+66Ujyk+8ORLflgHPBrUz2KaFVX/LV077/ZAQAAAAAAAAAAAAAAAOB+OxJFfCZSvPIff1LNK45qXvqxi4N/OPCrvXPGn/6Q/ZRln4+IpWJ3c3IP54mBI2kkpYc8l/hxVo8i/jTP//vWw24MAAAAAAAAAAAAAAAAAADAY62In0SKF989kZajd03x9syNxtXWtenOqrDdtX+7a6avr6+vN1InmznHcy7lXM65knM1ZxS5fs5mzvGcSzmXc67kXM0Zh3L9nM2c4zmXci7nXMm5mjNquX7OZs7xnEs5l3Ou5FzNGQdk7V4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgI+TIor4RaT49jfWUqSIaEaMRydX+h926wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAUn8q4vuRovFHzTvbahGRqn87TpS/nI/m4TI/Gc3BMl+K5qWcrSprzW89hPazN32piB9Hiv7623cGPI9/X+fdna9BvPXNjXefrXXyUPfDgff7nzh+7OLg8G88vdPrtF0DTl5uz9y63RgbGh4e7dlcy0f/ZM+2gXzc4v50nYhYeOPN11vT01Pz9/6i/Arsofoj9CLVHpeeelG9iNqBaMbD6TuPgfL+/16k+N13/7N7w+/c/+vxK513d+7w8fM/27j/v7h1R7u8/9e21sv3//Kevt39/8mebS/m34301SLqizfn+o5H1BfeePNU+2brxtSNqZnzp09/eXDwy+dO9x2OqF9vT0/1vLovpwsAAAAAAAAAAAAAAADgwUlF/H6kaP14LTUi4nY1X2vg4uCzp545FIeq+Vab5m2/Nnr1UuPl2Ztz81MLC1OTjbGZ9sTs5NRuD1evpnuNDQ3vS2c+1JF9bv+R+suzc2/Mt2/88eK2nx+tX7q2sDjfmtj+4zgSRUSzd8vJqsFjQ8NVo6fbrZmq6si2k+k/ur5UxH9FionzjfT5vC3P/986w3/T/P+lrTvap/n/n+jZVh4zpSJ+Hil+56+ejs9X7Twad52zXO7vIsXJC5/L5eJwWa7bhs5zBTozA8uy/xcp/ukXm8t250M+uVH2zK5P7COiHP9jkeL7f/Hd+M28bfPzH7Yf/6Nbd7RP4/9Uz7ajm55XsOeuk8f/VKR46cm347fytg96/kf32RsncuE7z+fYp/H/VM+2gXzc374/XQcAAAAAAAAAAHik9aUi/j5S/HC4ll7I23bz9/8mt+5on/7+16d7tk3en/WKPvTFnk8qAAAAABwQfamIn0SKG4tv35lDvXn+d8/8z9/bmP85lLZ8Wv05369Vzw24n3/+12sgH3d8790GAAAAAAAAAAAAAAAAAACAAyWlIl7I66mPV/P5J3dcT30lUrzyP8/lcul4Wa67DvxA9Wv9yuzMqUvT07MTrcXWtempxuhca2KqrPtUpFj728/lukW1vnp3vfnOGu8ba7HPR4rhf+iW7azF3l2b/KmNsmfKsp+IFP/9j5vLdtex/tRG2bNl2b+JFF//l+3LHt8oe64s+91I8aOvN7plj5Zlu89H/fRG2ecnZot9GBUAAAAAAAAAAAAAAAAAAAAeN32piD+PFP97c/nOXP68/n9fz9vKW9/sWe9/i9vVOv8D1fr/O72+l/X/q+cKLO10VAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+HhKUcSbkWLuylpa6S/fd9Qvt2du3R4bGt6+2pFU1TxUlS9/6mfOnjv/pRcGL3Tzg+vfb5+J10avXmq8PHtzbn5qYWFqsjE2056YnZza9R72Wn+rk9UJaNx8/dbk9esLjbPPn9v08e2B9/ufOD5wcfDZU890y44NDQ+P9pSp9d3z0e+Sdth+OIr460jx3Pd+mn7YH1HE3s/Fh3x39tuRqhMnq06MDQ1XHZlut2YWyw9HuieiiGj0VGp2z9EDGIs9aUYslc0vG3yy7N7oXGu+dW16qjHSml9sL7ZnZ0ZSp7VlfxpRxIUUsRwRq/13764ving9Unzn2Fr61/6IQ93z8MUro189fXbndhT72MddKNvZ6ItYLh6BMTvA+qOIf44UP3vnRPxbf0QtOj/xhYhXy/xBxFvRGe9UfjHOR7y3zfeIR1Mtivj/cvwvrqV3+svrQfe6cvlrja/MXJ/tKdu9rjzy94cH6YBfm+pRxI+qK/5a+nf/XQMAAAAAAAAAAAAAAAAcIEX8eqR48d0TqZoffGdOcXvmRuNq69p0Z1pfd+5fd870+vr6eiN1splzPOdSzuWcKzlXc0aR6+dslllfXx/P75dyLudcybmaMw7l+jmbOcdzLuVczrmSczVn1HL9nM2c4zmXci7nXMm5mjMOyNw9AAAAAAAAAAAAAAAAAADg46Wo/knx7W+spfX+zvrS49HJFeuBfuz9MgAA//8hX/ir")
mount(0x0, 0x0, 0x0, 0x0, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f00000042c0)='mounts\x00')
pread64(r0, &(0x7f0000002240)=""/237, 0xed, 0x4eb)

16m54.959351957s ago: executing program 39 (id=7679):
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x40082, 0x0)
ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000140))
ioctl$PPPIOCSFLAGS1(r0, 0x40047459, &(0x7f00000000c0)=0x41)
pwritev(r0, &(0x7f0000000040)=[{&(0x7f0000000180)="80fd02000040", 0x42}], 0x1, 0x0, 0x0)

14m30.870170785s ago: executing program 3 (id=8442):
syz_mount_image$hfs(&(0x7f0000002c80), &(0x7f0000000080)='./file1\x00', 0x4490, &(0x7f0000002cc0)=ANY=[], 0x1, 0x27f, &(0x7f0000000480)="$eJzs3T9v00AYx/HfOWkbaFXcPwgJMRUqMaG2LIilCGVgZ2FCQBOkiqhIUMSfKTAj2Nl5C7wARibEjMTGxAvIFnTnC3HSOA5W00vS70dKlNT32M/F5949rqoIwKl1u/rr8/Xf9mGkkkqSbkqRpIpUlnReFyovDg73Dxv12rAdlVyEfRglkeZIm72D+qBQG+civNi+K2sp/TOMR+Wnmh9v3XkZOg+E5a7+ASJpwV+dbnvlxDMbj2boBAIzLbX0Ssuh8wAAhOXn/8jP80t+/R5F0qaf9nvn/ymfQFuhExizrznbU/O/q7Laxp7fc25Tt95zJZzdHnWqxCK5zCsZWT0LTJNXVbpcojOP9xv1a3tPG7VI77TrzXWbrbvnWjJ0O9LZvj26640BtekQxfu+6PowZ/uwk84/1WTteI+Yz3wz3819E+uTav/Wf+W2safJnam470wl+W9l79H1cl6uVUYvV9xBLvojeEN7WVJGRaLOiFpR7w2COC9PF7XaF5X0bjsnam1g1E5O1Hp/VHc0Z0eOm/lg7pkN/dEXVVPr/8h+2psa5cq0bVxLPzKG9qfsWsZuPvFXXfPSwJZR0R6hgPd6pBtafv76zZOHjUb92cy+sFfiBKQxUS86g2BS8pnZF/ZDDnL0zrxTfD/BfjPhBHVP+n8G8reZWWHXXSap/1L1ypZbrNmnuHedvpCObeftPLXH7YzaYNU9n82u4HoYd+thMbuCG7XmunxVujLKEROxz3Py7BYJMlX90APu/wMAAAAAAAAAAAAAAAAAAEyb4/uXg4qyNoXuIwAAAAAAAAAAAAAAAAAAAAAA027ivv/3rpJ3fP8vMHZ/AwAA////DnhI")
ioprio_set$uid(0x3, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file2\x00', 0x143041, 0x0)
pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000080)='i', 0x1}], 0x1, 0x5405, 0x10, 0x4)

14m30.120068517s ago: executing program 3 (id=8446):
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f00000007c0), 0x880, 0x0)
readv(0xffffffffffffffff, &(0x7f00000000c0)=[{&(0x7f0000000040)=""/85, 0x20}], 0x1)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xc)
ioctl$IOMMU_VFIO_IOAS$SET(r0, 0x3b88, &(0x7f00000000c0)={0xc})

14m29.56361178s ago: executing program 3 (id=8450):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000002c0)='./bus\x00', 0x1800840, &(0x7f0000000300)={[{@uni_xlateno}, {@uni_xlateno}, {@uni_xlate}, {@iocharset={'iocharset', 0x3d, 'koi8-ru'}}, {@shortname_win95}, {@numtail}, {@iocharset={'iocharset', 0x3d, 'cp950'}}, {@uni_xlateno}, {@iocharset={'iocharset', 0x3d, 'iso8859-14'}}, {@fat=@sys_immutable}, {@iocharset={'iocharset', 0x3d, 'cp950'}}, {@fat=@errors_continue}, {@shortname_lower}]}, 0x1, 0x368, &(0x7f0000001180)="$eJzs3U9om2UYAPAn+9qkHWztQRgKwqc3Qcv+4EFPHaODYS4qYepBDK5TSeqgwWB3WFYv4lHwqCcv4kEPHnYWQRFvHrw6QabiQXcbOHwlyZcmaZNZBtks/n6H8PR53+d93y98bb5+bd68shqNC/Nx8ebNG7GwUIq51TOrcasUy5HFwNXYqzwhBwAcDLdSij9T3z5LSjNeEgAwY73X/9eOjGTe+fpO/ZNXfwA48Irf/xfv1GdhWsOlmSwJAJixPff/Hx1rLo//qX9u5L8CAICD6vkXX3rmdDXiuTxfiNh4t11r1+LpYfvpi/FGNGM9jsdS3I7oXyh0H0q9x7PnqmvH8zzvxC/LUetWtGsRG512rX+lcDrr1VfiRCzFclFfXG2klLKzX1TXTuQ9EXG105s/Nkrt2nwcLub/8XCsx8nI44GIxRirjzhXXTuZFwPUNgb1nYjt4X2L7vpXYim+fzUuRTMuLJ6PlAaXNdW1Kyfy/EyqjtW3a5W4sPMsTL0DAgAAAAAAAAAAAAAAAAAAAAAAd2Ul37G8s/9NGu7fs7Iyob23P06/vtgfaLu/P1CqpEjpj7efqL2Xxdj+QLv352nX5uLQ/T10AAAAAAAAAAAAAAAAAAAA+M9obZWj3myub7a2LjdGg85ma+tQRHQzb3772VeLMd7naEyqGgvmijlGmvIidblRT9mgc8rG+hRB1p18kPn02s6KR/tUdo5i4jIq05uazSOP/PzhMPNwNhj572GfLCYfYLZrGaPBxtH+kqY/LROCU0Vw8l86X08pTRvnystblxuHxpuiFDE3dal3GaRu8M2N1x881Tr2ZC/zZep77PGl89c/+Pi3Rr3Znbmr+Ul5s3U7NerF15NPtulBNnL+lKIf9Icq72PA7fFMPfvh9xceev+7/c2eRjNvTeiT9Wf/fLO1VSq+U3pN5X7Qze2qWmyeyyJ2jTM/4eSfQXDso9X6tSs//brfqpEfEjbqAAAAAAAAAAAAAAAAAACAe2LkveKF4s2+83eqeurZ2a8MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAO6d4ef/jwTbezL7Cf7qxN6myvpmK6J8vw8TAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID/uX8CAAD//wE+Zmg=")
bpf$MAP_CREATE(0x0, 0x0, 0x50)
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x60)
getdents(r0, &(0x7f0000000a00)=""/190, 0xbe)

14m28.549596836s ago: executing program 3 (id=8456):
syz_mount_image$ext4(&(0x7f0000002080)='ext4\x00', &(0x7f0000000400)='./file0\x00', 0x400, &(0x7f00000020c0), 0x0, 0x548, &(0x7f0000000cc0)="$eJzs3c9vI1cdAPDvTH42TZst9AAVsAsUFrRae+OlUdVLuxcQqiohKg6IwzYkThRixyF2ShMikf4NIIHECf4EDkgckHriwI0jN4RUDkgLRKANEhVGHk+yadbeeDeOTePPR5qdHy953/fsnXnPb+J5AYysaxGxHxGTEfFWRMzlx5N8idfaS+vn7h/sLR0e7C3Ff5vNN/+eZOmtY0d5NfP103me0xHxza9FfDd5OG59Z3d9sVIpb+X7xUZ1s1jf2b25Vl1cLa+WN0qlhfmFWy/ffqnUt7perf7q3lfXXv/Wb3/z6ff/sP/lH7aKNZunnaxHP7WrPnEcp2U8Il6/iGBDMJavJ4dcDp5MGhEfi4jPZef/XIxl/zsBgMus2ZyL5tzJfQDgskuzMbAkLeRjAbORpoVCewzv+ZhJK7V648ZKbXtjuT1WdiUm0qm8r/D97N+JZGWtUp7P0rL0bL90av92RDwXET+ZeirbLyzVKsvD6fIAwMh7+lT7/6+pdvvfgw539QCAj4zpYRcAABg47T8AjB7tPwCMnh7a//xm//6FlwUAGAyf/wFg9Gj/AWD0aP8BYKR84403WkvzMH/+9fLbO9vrtbdvLpfr64Xq9lJhqba1WVit1VazZ/ZUz8qvUqttjkfEO8VGud4o1nd271Zr2xuNu9lzve+WJwZSKwDgUZ67+t4fk4jYf+WpbAlzOcDISIddAGBoxoZdAGBozPYFo6v38fjfX2g5gOHp+DDv6Y6bHx40+NljBPF3RvB/5fonu4//n+4buC8Al4vxfxhdTzb+/2rfywEMXqfxf/18GA3NZnI05/9kPv3/5HESAHApneP7eM0f9asTAgzVWZN5d711/zj3/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOCSmY2I70WSFvK5wGcjTQuFiGci4kpMJCtrlfKtiHg2rkbExNTK2rBLDACcX/rXJJ//6/rci7OnUyeTf09FPif4D37+5k/fWWw0tuZbx/9xfHzqaPqw0oPfO8e8ggBAn2Xtdylfzz84fv9gb+loGWR57t2JD/KpiJcOD/aypZ0yHuPZejrrS8z8M8n323ORvhARY32Iv/9uRHziuP7JB81mHj/Jxkau5DOfnowfeexn+h1/5uTrfzp++qH4aZbWXrc6Xx8/lW/ah7LBZffenYh4rdP1L41r2brz+T+dXaHO796ddmZH177DE/GPrn9jHeK3zvlrvcb4yu++/tDB5lw77d2IF8Y7xU+O4ydd4r/YY/w/feozP361S1rzFxHXo3P8k7GKjepmsb6ze3OturhaXi1vlEoL8wu3Xr79UqmYjVEXj0aqH/a3V248261srfrPdIk/3bH+k8e/+4Ue6//L/7z1nc8+Iv6XPt/5/X++Y/y2Vpv4xR7jL878uuv03a34y13qf9b7f6PH+O//ZXe5xx8FAAagvrO7vliplLfOtdH6tNmPfLKNyRNHWkXsSwl73PhzDC7WmRsT/XxVB7oxftxX7G/O327lOODqpH2vxbk27g8q1nCvS8DFe3DSD7skAAAAAAAAAAAAAABAN4P46tKw6wgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDl9b8AAAD//zGbxOs=")
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount$bind(0x0, &(0x7f00000000c0)='./file0/../file0\x00', 0x0, 0x24000, 0x0)

14m27.519970049s ago: executing program 3 (id=8464):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000100)={'wlan0\x00', <r1=>0x0})
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000001500)={0x38, r2, 0x1, 0x70bd2a, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_TX_RATES={0x1c, 0x5a, 0x0, 0x1, [@NL80211_BAND_5GHZ={0x18, 0x1, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x40, 0x9, 0x1, 0x8, 0xd3, 0xd71, 0x5d2, 0x5]}}]}]}]}, 0x38}, 0x1, 0x0, 0x0, 0x4000}, 0x0)

14m26.563130953s ago: executing program 3 (id=8468):
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0xb, 0x59032, 0xffffffffffffffff, 0x0)
r0 = getpid()
madvise(&(0x7f0000a5e000/0x1000)=nil, 0x1000, 0x17)
process_vm_readv(r0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)

14m25.170482347s ago: executing program 40 (id=8468):
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0xb, 0x59032, 0xffffffffffffffff, 0x0)
r0 = getpid()
madvise(&(0x7f0000a5e000/0x1000)=nil, 0x1000, 0x17)
process_vm_readv(r0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)

12m41.839822405s ago: executing program 6 (id=8955):
r0 = mq_open(&(0x7f00000000c0)='${$\x00', 0x840, 0x0, 0x0)
r1 = syz_io_uring_setup(0x9e, &(0x7f0000000640)={0x0, 0xec25, 0x0, 0x0, 0x40000333}, &(0x7f00000006c0)=<r2=>0x0, &(0x7f00000001c0)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x6, &(0x7f0000000380)=[{&(0x7f0000000280)=""/194, 0xc2}], 0x1})
io_uring_enter(r1, 0x847ba, 0x0, 0xe, 0x0, 0x0)

12m40.658334156s ago: executing program 6 (id=8959):
fsmount(0xffffffffffffffff, 0x0, 0x2)
syz_mount_image$vfat(&(0x7f0000000100), &(0x7f0000000000)='./file0\x00', 0x32180c8, &(0x7f00000001c0)=ANY=[@ANYBLOB="7379735f696d6d757461626c652c757466383d312c696f636861727365743d61736369692c73686f72746e616d653d77696e39352c73686f77657865632c6e66732c636865636b3d7374726963742c756e695f786c6174653d302c757466383d312c73686f72746e616d653d6c6f7765722c73686f72746e616d653d6c6f7765722c726f6469722c726f6469722c64656275672c757466383d302c726f6469722c71756965742c6572726f72733d72656d6f756e742d726f2c009c8a8fc4f74784ad79ec08fb556262ebc972ef94821f3565ef5f75f11e30ef1f72a065c510b17cae352940538b7b2c5d72f4627c25306b2479725add28f511a68f5f6f47f90500d0cc574286d00ab52d6b9374b6a58eac694336ebe971f41860d01084c1a0fa6b51d80fa9f9d2c5a2e7a5284f93296217ef8f28e0a36e573296a0bfb38b94191f4b82873563f3759b5e193ecfab6ed7892542364757e47d656ad6a0fbb6e8bf138bddae620a3602991821d4844f628e6bdd8b62cca73744332f0185a54b"], 0x6, 0x2c2, &(0x7f00000008c0)="$eJzs3T+LI2UcB/DfZLOTUYuksBLhBrzC6nCvE5sscgfiVh4p1EIX7w5kE4Q7WPAPxqtsbSwsfAWC4Au5xncg2Ap2nnAwMpOZndk1xkQ2K7f7+TT72+d5vjPPMxmys0WefPjy7OhuHvcfffFLZFkSvXGM40kSo+hF46s4ZfxNAADPsidFEb8XC5vkkojItjctAGCL1vv732/Lny5kWgDAFt1597239w8Obr2TRRa3Z18fT8r/7Mufi/79+/FxTONevBbDeBpRPSjsRvW0UJa3i6KY9/PSKK7P5seTMjn74HF9/P3fIqr8XgxjVDWdPG1U+bcObu3lC538vJzH8/X5x2X+ZgzjxZPwqfzNJfmYpPHqK53534hh/PxRfBLTuFtNos1/uZfnbxbf/vH5++X0ynwyP54MqnGtYueCXxoAAAAAAAAAAAAAAAAAAAAAAC6xG/XeOYPIr8X1WdlU77+z8zTS8te8MWpTZf+iSpqm7v5ARVHMi/i+s6VgXtQD2/19+vFSv7uxIAAAAAAAAAAAAAAAAAAAAFxdDz/97OhwOr334FyKZjeAfkT8eSfivx5n3Gm5FqsHD+pzHk6nvbo8NeZx2m2JnWZMErFyGuUizumy/Fvx3Nk5N8UPP5YL3OSAWafl9eUL3N3+upq76+gwWX6uQTQtWX2TfJdGtGPSWPNc6T91FbHJ7Zcu7RpuvPb0haqYrxgTyaqJvfHr4srVLcnZVaTVVV0a362LTvzMvbHW6x7ZIv7394qk2q1jsL03IwAAAAAAAAAAAAAAAAAAuOLaT/8u6Xy0MtorfBQYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgEui/f7/DYp5HV5jcBoPHv7PSwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOAK+CsAAP//hipWFQ==")
r0 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
fallocate(r0, 0x0, 0x0, 0x1000f4)
write$UHID_INPUT(r0, &(0x7f0000000800)={0x8, {"4842c295639ee05ad5a0e9b42d9f21aea9bb1d2895db165e391f35de24b8807c204f1dc361327f440bf10d6fcdf2eb218275eb2b54250c20d641552d0c1a33e17b3acbb0f76aa251e76a53f9df395d675f090a0d59bf694b294438a3431e4cf81c5a52be482475cc5275929ffbad2d461d636465b53828a95642d3d97e0a5ae9e0849fa7afc23f2f35840aff7376919099951d90fd315de93e6ec0f9d89e597da531d33879459f53395be1c1e78d07f9a034ae7f7f6d91b5af107e52f0c5580a42f76c1f3a4fa1cc0a67702088aac951ebffca3c7fd189a4cf5391299e554a4f849c40a84c10ee927d16d87c7f31e9048d611687223bce53744d1ae2e5b1293d2fe971d4fbf232ec8e9a7df831babebbdfe30867c5225035af50bd424fa6b5f6c8ff2e3b0858948c6583e009ac44f3895dc8301a7940e62c9b0174e3d4fa1ba65d33c8ea187f3040e8242a5b2d59e11cfa5c0dab4886ff07720533a6825d679e93f5b2cda35ea1268446d1e643f41a0216c7780dcdffd270d27c5556a892e1f64932de2c93c78945815f7a9e18946541adc4670a2877ce123a8ca84644a36124365e912391e173b804866076d82fed56ee2f9753ba2fa4950650ab816e36d24f48053b71143082bc3ef65d90e9841a16885f65b7c509c1eceb3ca080c865495edd5f93d943a94e88c1d3e041a35d908afab2369ae73831909cd2e967c3b1518104d6f9aa3a13123e5fd0b3224eda2349bd43742619bddcf733b6e21dce410c691b17ffe1172e76bb4bf85de9b56abbcb6ef7d5e06713a56510eb6244bb2945c2bad62a31e3fc6f9224e4c4a5897a16a0dfe51ac9168d2db290ed3d777cf1162a5ebcf2704a28e1d4a75cba6145a30c105ab01d47a9babddb45ba25f59ec4713b51338bda404c43dd61dfeb224993b4636c345d3252a0e76086d78c87b94c75e17c79755e74cbc9b67c8d858880a10ac12e416cebe2fa2d9dfd3c29a49524270ab141eee07830fcf60a99efa72f9b7cefb3ad6bf0aa3ddad9ff11d0db9b436dfb9b270714790538f671f53c13f65af5e2f4fbf0910aa0928df781cdb9dffdda36bbceeab0df868c6bec7d94d1f5caabf1b6b3557917cbc8c14edd23a4e8a7e465402962ae75bb8ae75fa3d66ac79892f869e5537fb3a0d2450edd21fb3e00ba3f67af9f21f056a6227be967e276a42dd224d05e4c6cb150e3e03fc7aa57b3b8458951ba15bc4879bc4d0de66e313aadf50d6723b7929a5d9025649f0907fb9ad51088ec26a03e46225f26c3d139914dcf03824e051a2779deded6c3c01d653a1197351f76b282e0d084b133b9e09a68703e8a24bde573d23bbbb03308e6e7409eb7e00f0f4a8420b1e3ce226d98b0273dd12a4fbbdf4aa0ce735ff0973a1192c52291daffb833825b387ab0e86f00851abf0231308c481772821a3b81b6587e2b41861e81727d58971458f8a5e8cd53c9665221a5df841b93bb98ff0207c71af3f6f1246aa9998806b8ab6e0c2802bd6cc5a5e028b737a8752400239fcf11f77057fdbe962902299319ee1ec559cf8ab5f19e49865a22e742f565502a93c72632a81e7a985f7eefafb4936215847afc7588fd77d3d29840ad722f2bb4b03ea4c80d0d483ae60955a989834d5574c3c609cce568533a46a4570ec16a7ffb7e5407a52eb431018ab99dc3a27b4c3a33051af7b1ff3503df3471bdc128afabf6c4c72c30fa6fe5c6487a98761179acf2f89b4fd528b9c9075f666b08c3c1310aeb79715d048f08222702ae5e82392bee75fffa80c42c9fa0930933c4016935e5e202933461a6fc55fe94ff08a2bb23c119ac6dad71017b9f1a55d43efc8dca10d7040b54329ad5db7b252cab402f9d84b7cda162e2cfa8837287188887094f96fd5894ccba5a2ef02d196a60141af9c4f4eb6c488ec837bc8f2015e7a7fec233064583dc4e290ce68dd3c0893645f53eb8dce5fe97926427403d8dd7384abd69e03c9febacec8f5c80a0514999f34d42360dae608dfcdbb84f6486aa7e8c552e022db86c0658aae068204076a3e123295178d7037a20e2516d9adc8a4dd200f3798e6bb1c7bb7e7d9c827ea43059ea58ecd22e50e88d0943576edf387f197446c808233bfbc8f7102abe8c2fdafd527ed9effbbf621eb6810106d8711fa09e65000c341af676ae807018ba667ee2049e55208cb8f2461ace91ba44331088a36360d08d7cbcbc859c51fe24f6ab953df24ea92e5a0f11e476aaee851c437a40304ada5e7b619b022bdfab02c971f60ad5b0bd5bc6fc46a24562b033a5e1cb7378f035728bc900469053a3790d8d90cb16fd6c98a5812eae2879496cc08b3e0d0f32afce0a69402cec2ef9e9fbe3604d7bd6a6e27f14642337d1a4a175e9680444b38d0a6cf7b6fe054c6852a570d85cdfe3f4cc02f3607a91235e8591a137a84a5bfa96529cda9fd200222d3ea0d14dfc68018ce2859a54bf2b0fb1aa59e0978e21f9e0778bce965fede0f12c8df3dc3b4f94ed8b8f350e9b673880f7aed67ca7867f1daff163a8701ec4a954be59d4a47ff8be3450fa56e3f12edae31629d9c96582508627d70c6349293056acbc7b9bffb0a5b53586c3e502bd06e8b8dc9f296bbf0732e918340c78594d07566e69b52f445b22a8013b963512700433a6dcecd744f2bc6cf89ba1d962b8d661048c8c255de2e38c45a061e627e1759b57a0a31b08c0ca3f570a294da6f5acef29c2c5dcd411b1d911c39f744781700433f64bd46a729cda425451503c04b58fe22df8301fd599352f728e266250faa3330c622566d01a2b00470865e4e7bcd79676602640f92ee40001e00f8ef965895e3b2e3908ed38cf14f6d4607c584b9da623ce9ccf5a6e736787e5c3738b70b9e221de690801f4e43a1677bca7ae23d8d2ffce205e8298d0d4b5160afb4ff627be4d4d32eaa986f0cf78f26670d30a3c0082c69c93d23913301b63d12861af6f210343a422eba17d2d96eda48fede1e60b5b7919667f6951a099351251cb6ca8f5d36ac2645f51985781acaef078eee63744320c63fde40387c72c5b1e95c95e0468ed5db2da9fa012e2f25f0a1e8d0ad849ee4d4962d0dc23cdb418d2c238272f590ca03b50734cdb3da24a7610f3670e08a7092f306fe37d87b70184e2e680025b1d2ea2aa9f9a7cbfc6329f6fdd8a6f4909cfbd0c5248da28c152d1a473fbe5a6a90ff54b626e10ed30d9f98addc6d6d911d41b88019cf34bc87801f141b3a2ebd65ba73c5224726cd34e1518fb4815c205d3350af4545fcb3ad642394f5b801c5ac8b7b01f7270a6b638383af0c875bbb64fbecd2f20458fa301171a2cebd48fa3c07c0b5d07aa900844c355efa34b5c52d892ae7bd78cc9fd2624879cb762b2e1f8371670cdfa10b8f9bba589c67c9953628198af4bee3a72db88d38f17c000aab45de924bc10ea11568c744285daa0679d0367102663f7e5af66f2d669aa02b4ae547c4ce9102f460d66da19a690e58951fb5ef874887272b4ba7a439943fbdfecfbec9d687e1e6119ba5a43ea0d8f807b108637e53adda5ed13140b352b12641290884ba952037567477e949dbdab837d20a7247431af61775a698e11bd22ad7b47b86243f0449c047db68124e19b1cf631407182970093359e10bc2e5478e86ca34f36f49c68311ebefe11e6d1e1439bc1e5941f7450b544329ec34e03a3f4be3cf79c431719ef1f5a62b8d20ea22b721bea7ec48e8f537ccf330ed2c52ac65bd98692b5ed0485a5d5485f6fb631d33f7bcfe74482101bb449b1cd4813cacb3e0b07897ec3e1a1e3ae93108f99869c3e8696fd55d874bc39b83be464881e448a89a4e53ebc519c749d47d8e1c4231b1b2dbeceec83454297d8d3820e7afaa7eeb04cf74ff53520622da8617bde750743e9e0f02430ab7980af83b94853faed3256af2649c72d3cb00ca11fe37e1a5fae7561646f76071c482a7fa5c4f6c94bbecd94f300b1d4f9d7884dd09d19652bddacb79bdfcba84620e66337847fffc9bea0d0daee415d3232a57c9b2b775e47a578f598101c5dba03c332f9f68c7af038e62453a40ca52aafce0f649a27147810463d938f8fdf92f1119c165abee5fed2ae6d0ff13061de6995cb7b2495cafdfb65cddbf28128dbc7df24a3e08b11fa8aef9b4257ea384953ee397a4204ca198a0b3b27ce0e67e2b8feda7fe41e3d461949e49da7e5e0b87f8fa7df2fc1dbf7d738057c7208ba77c1fb39ff3b94a51c53329e8bc8fd3c3ffd3d6299fea7cd5c28866098e58a6811a935bdc0217c882a652c0e9d000f410106f5f20993e8bb98f09967d58a41acdda2a2e20ac9e633c8b32ac14a759fbc158322432636a9801b461cc5087c722389b451cbe71399f95127c94a201afe2cc1007a2a4e4414007bd945d7b515cbe74b4647b0b1c63ddc70d72ec49eeb1492c4028158cfb7a10ff811e00a9885546e1d85185d2022bcd490c0c9a98184d42be410a893c1f8f6dadc2f1320efa7f1c4977d7951f9d09c7d36a14b9cc2775ab24699c6f00b75c1cfacbc7084bbb6a8a07d7bf1b2877de6f8885681a87e3fe8fd873d1bb6ad8e8749af6204c8a82c37385c88b29d79a45a8736d05dcbbb69778d604c095ba8b56c67e5982219e20ed918f089af0aabadc8730c682f10de5cc72b4cc03d454c5aa819c7b1fb2a637574cc7bb941d95691b22d4521957fa592dbdd207aea7bc4cfed024ff672f9aecdbae154ee56a451a031506ecb931315feb29386b65db247c689a03c3a07b96e50c678ad71833372a23f0132d1896c217d43089758e7679430e09d8ae539923415f331daee82271cc581edcec5a5d30b4a594d45a5d2e8fb3a87e8b13d7864884c2c1a4ccb73df1740f7bf997c00ee0e310524f63df9147c712ee423af96e4added515b60acbc0e798f0b20892e0c328c75cd24f4c8b564dae925e09cf9415370e1e7aee98da32116b74851c5ecf13b9d98e15a2f2532ec20e6e57839c9e39bd3c9252554071ad3c34c767f2d5336571cd47236cdfc2294caf78e2fd18a357deecc4aae44a9bbc2a6b97ee32109599d249552d4b0a612109186da9047d2611f1ad4d539e1cb4e9b758750a558194fdc1ac09fadf9151f0a3f86e8e79f52b2cf99f67c33cbb731ed4c34fb4066948a5ba7e92c87ea2648cc75a5dd7f2cc395ff6622920ab393af2307b64a951b5a68307d4d209b4fc31a85dc5469c33ea8bae507d6ee2029771bafc9434d80f7b87987f8779ee1ac7f5c2242c407298de54b604da18506b3eeeaadbba4d9ebc517435cfc170991737629a7789a7e8c3e89d79497c36795768a9ac780983231ed27815990b3a038a972c9b2a074650b5307fbfbaab9d25931b434cfe5f8ca5f8ce3960b118efd8ec1c317d23fd0374236259ee1c1a6ec49f5d914aa732a800387fc02296c6ea4be7ff01484ab1b5475037d93dc50982b2b5fea8dbc5639fa47a6249e17b693baea0a8785d9f24c05aa3789b770c9bc5fa838f9bfd9d6c6b7bf7a8050a89c0cbb3837901c0787cdc16650194ac1a2e4a0d81c07cbb1e7988a2f9874bdff1d2404a9b95b5ffc11e7db39fc3ae5551c2b626f70aa183498f16b468c7fea0ac0210f4995f49b881863570121735f6e945ff26609dfa6764642d7344224a763447e2afa852a583dbbb57d883f5e4a84bc3f24b88995e7f60f97676ad69bca8c3a2ca7b1e2a50a5e6fff2356097370161c62586cefe7643dc22c7dfccb61e8ef1bfcf94638c30c0be2d43af558fb2e63f862da5e3b8dc181513af0c070325", 0x1000}}, 0x1006)

12m39.769311859s ago: executing program 6 (id=8963):
syz_mount_image$ext4(&(0x7f0000000d80)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x21881e, &(0x7f00000000c0)={[{@mb_optimize_scan}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@stripe={'stripe', 0x3d, 0x4}}]}, 0x1, 0x50f, &(0x7f0000000140)="$eJzs3c9vI1cdAPCvnThxsmmTlh4AQbu0hQWt1km8bVT1AOUCQqgSokeQtiHxRlHsOIqd0oQ9pGeuSFTiBEf+AG5IPSFx5ILgxqUckPgRgRokDoNmPMk6WbuJNokdxZ+PNJr35s36+32bnffWL4lfACPrdkTsR8RERLwbEbP59UJ+xFudI73vk4NHK4cHj1YKkSTv/LOQtafXouvPpG7lr1mOiO9/O+JHhSfjtnb3Npbr9dp2Xp9vN7bmW7t799Yby2u1tdpmtbq0uLTwxv3Xq5fW15caE3npix//Yf9rP0nTmsmvdPfjMnW6XjqOkxqPiO9eRbAhGMv7MzHsRHgqxYh4PiJezp7/2RjLvpoAwE2WJLORzHbXAYCbrpitgRWKlXwtYCaKxUqls4b3QkwX681W++7D5s7mametbC5KxYfr9dpCvlY4F6VCWl/Myo/r1VP1+xHxXET8bHIqq1dWmvXVYf7HBwBG2K1T8/9/JjvzPwBww5WHnQAAMHDmfwAYPeZ/ABg95n8AGD2d+X9q2GkAAAPk/T8AjB7zPwCMlO+9/XZ6JIf551+vvre7s9F8795qrbVRaeysVFaa21uVtWZzLfvMnsZZr1dvNrcWX4ud9+e+vtVqz7d29x40mjub7QfZ53o/qJWyu/YH0DMAoJ/nXvroz4V0Rn5zKjuiay+H0lAzA65acdgJAEMzNuwEgKGx2xeMrgu8x7c8ADdEjy16j/3+W0lS7vULQkmSJFebFnCF7nzO+j+Mqq71fz8FDCPG+j+MLuv/MLqSpHDePf/jvDcCANebNX6gz/f/n8/Pv86/OfDD1dN3fHiVWQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMD1drT/byXfC3wmisVKJeKZiJiLUuHher22EBHPRsSfJkuTaX1xyDkDABdV/Fsh3//rzuyrMyeaXrx1XJyIiB//4p2fv7/cbm//MWKi8K/Jo+vtD/Pr1cFnDwCc7Wiezs5db+Q/OXi0cnQMMp+/fzMiyp34hwcTcXgcfzzGs3M5ShEx/e9CXu8odK1dXMT+BxHx2V79L8RMtgbS2fn0dPw09jMDjV88Eb+YtXXO6d/FZy4hFxg1H6Xjz1u9nr9i3M7OvZ//cjZCXVw+/qUvtXKYjYGP4x+Nf2N9xr/b543x2u++0ylNPdn2QcTnxyOOYh92jT9H8Qt94r96+sX6DIh/+cKLL/fLLfllxJ3oHb871ny7sTXf2t27t95YXqut1Tar1aXFpYU37r9enc/WqOf7zwb/ePPus/3a0v5P94lfPqP/X+4b8aRf/e/dH3zpU+J/9ZVe8YvxwqfET+fEr5wz/vL0b8r92tL4q336f9bX/+4543/8170ntg0HAIantbu3sVyv17b7Fn47ffY9CgoDKaT/ZK9BGj0L3xhUrIno3fTTVzrP9KmmJHmqWCfHicfvHC9j1Q24Do4f+oj477CTAQAAAAAAAAAAAAAAehrEbywNu48AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADcXP8PAAD//9140jY=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x141042, 0x17c)
pwritev2(r0, &(0x7f00000001c0)=[{&(0x7f0000000080)="ff", 0xfdef}], 0x1, 0xe7b, 0x0, 0x0)
preadv2(0xffffffffffffffff, 0x0, 0x0, 0x4, 0x8, 0xe)
syz_usb_connect(0x4, 0x2d, 0x0, 0x0)

12m37.903356113s ago: executing program 6 (id=8974):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0xe, &(0x7f0000000080)={[{@noload}, {@resuid={'resuid', 0x3d, 0xee01}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x2e}}, {@nodioread_nolock}, {@quota}, {@quota}]}, 0x3, 0x443, &(0x7f0000000dc0)="$eJzs3MtvG0UYAPBv10mgLxJKefQBBMqj4pE0aYEeuIBA4gASEhzKMSRpVeo2qAkSrSoICJUjqsQdcUTiL+BELwg4IXGFAzdUqUK9tHAyWnu3cYztNsbuQv37SevM7I4182V37JmdbAIYWpPZSxKxNSJ+iYjxRnZ9gcnGj6uXz87/efnsfBK12ht/JPVyVy6fnS+KFu/bkmf2pRHpJ0nsblPv8ukzx+eq1cVTeX565cS708unzzx97MTc0cWjiydnDx06eGDmuWdnn+lLnFlcV3Z9sLRn5ytvnX9t/vD5t3/4Oinib4mjTya7HXy0VutzdeXa1pRORkpsCBtSiYjsdI3W+/94VGLt5I3Hyx+X2jhgoGq5DodXa8AtLImyWwCUo/iiz+a/xXbzRh/lu/RCYwKUxX013xpHRiLNy4y2zG/7aTIiDq/+9UW2xWDuQwAArPNtNv55qt34L417msrdka+hTETEnRGxPSLuiogdEXF3RL3svRFx3wbrb10k+ef4J73YU2A3KBv/PZ+vba0f/xWjv5io5Llt9fhHkyPHqov7G8dWs5csP9Oljgsv/fxZp2PN479sy+ovxoJ5Oy6O3Lb+PQtzK3O9xtvq0kcRu0baxZ9cWwlIImJnROzqsY5jT3y1p9Ox68ffRR/WmWpfRjzeOP+r0RJ/Iem+Pjl9e1QX9083XRUtfvzp3Oud6v9X8fdBdv43t73+r8U/kTSv1y5vvI5zv37acU7T6/U/lrxZT4/l+96fW1k5NRMxlrzaaHTz/tm19xb5onwW/7697fv/9lj7TeyOiOwivj8iHoiIB/O2PxQRD0fE3i7xf//iI+/0Hv9gZfEvbOj8ryXGonVP+0Tl+HffrKt0YiPxZ+f/YD21L99T//xLusd1I+3q7WoGAACA/580IrZGkk5dS6fp1FTjb/h3xOa0urS88uSRpfdOLjSeEZiI0bS40zXedD90Jp/WF/nZlvyB/L7x55VN9fzU/FJ1oezgYcht6dD/M79Xym4dMHCe14Lhpf/D8NL/YXjp/zC82vT/TWW0A7j52n3/fxgRFx4roTHATdXS/y37wRAx/4fhpf/D8LqB/v/brfXvqoGIWN4U139IfrCJSpRZu0SPiUj/E82QGFCi7E8mAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/vg7AAD//9aZ7PU=")
mount$bind(&(0x7f0000000c40)='.\x00', &(0x7f0000000640)='./file0\x00', 0x0, 0x2901090, 0x0)
chroot(&(0x7f0000000300)='./file0/../file0/../file0/../file0\x00')
mount(0x0, &(0x7f0000000d40)='./file0/../file0/../file0\x00', &(0x7f00000002c0)='sysfs\x00', 0x0, 0x0)
pivot_root(&(0x7f0000000340)='.\x00', &(0x7f0000000180)='./file0/../file0/../file0\x00')

12m35.118683871s ago: executing program 6 (id=8982):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
mkdirat(0xffffffffffffffff, &(0x7f0000000040)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000180)='map_files\x00')
fchdir(r1)
sendmmsg$unix(r0, &(0x7f0000000d40)=[{{&(0x7f0000000080)=@abs={0x1, 0x30, 0x5c}, 0x6e, 0x0}}], 0x1, 0x0)

12m33.260204833s ago: executing program 6 (id=8987):
r0 = syz_init_net_socket$bt_bnep(0x1f, 0x3, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000100)=ANY=[], 0x32600)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r1, 0x0)
ioctl$sock_bt_bnep_BNEPGETCONNLIST(r0, 0x800442d2, &(0x7f00000000c0)={0x0, 0x0})

12m30.776263632s ago: executing program 41 (id=8987):
r0 = syz_init_net_socket$bt_bnep(0x1f, 0x3, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000100)=ANY=[], 0x32600)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r1, 0x0)
ioctl$sock_bt_bnep_BNEPGETCONNLIST(r0, 0x800442d2, &(0x7f00000000c0)={0x0, 0x0})

6m42.582506392s ago: executing program 7 (id=10391):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000000)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000200), &(0x7f0000000100)='%pi6   \x00'}, 0x20)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000000c0)={r1, <r2=>0xffffffffffffffff}, 0x4)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x16, 0x10, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000ffff0b867b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70500000800000085000000a500000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000640)={r3, 0x8, 0xe, 0x0, &(0x7f0000000300)="40f0538ef047b21fb60068305500", 0x0, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

6m41.624544146s ago: executing program 7 (id=10396):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
setsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f00000002c0)={{{@in6=@mcast1, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xee01}, {0x10000, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0xfffffffffffffffd}, {0x0, 0x8, 0x0, 0x8}, 0x0, 0x0, 0x1, 0x0, 0x1}, {{@in=@remote, 0x2, 0x6c}, 0x0, @in=@empty, 0x0, 0x5, 0x0, 0xb7}}, 0xe8)
sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0xb00)

6m37.706670277s ago: executing program 7 (id=10412):
openat$dir(0xffffffffffffff9c, &(0x7f0000001a00)='./file1\x00', 0xc0, 0x61)
syz_genetlink_get_family_id$netlbl_cipso(0x0, 0xffffffffffffffff)
r0 = syz_open_dev$ndb(&(0x7f0000000000), 0x0, 0x0)
mount(&(0x7f0000000500)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000004a00)='./file1\x00', &(0x7f0000000040)='udf\x00', 0x8007, 0x0)
ioctl$NBD_CLEAR_SOCK(r0, 0x1261)

6m34.642878635s ago: executing program 7 (id=10424):
syz_mount_image$nilfs2(&(0x7f00000005c0), &(0x7f0000000080)='./file0\x00', 0x8, &(0x7f0000000140)=ANY=[@ANYRES64=0x0], 0x1, 0xad4, &(0x7f0000001540)="$eJzs3U2MW0cBAOCxd73JtilxSkKXNLQJhbb8dNPsLuEngqRKhETUVIhLpQgOUZqWiBAkigRUlUhy4karKkic+BGnXqqCkOgFRT1xqUQjVUg9FQ4ciIKIxAECidHuznjtid1n74+fvf4+aTx+b97zzDw/P7/fmQCMrerS68LCTCWEy2+8cuzvD/9tenHM4eYU9aXXyZahWgihEocns897b2I5vnXjxdOd4kqYW3pNw+Gp68157w4hXAh7w5VQD7svX335rbknT1w8fmnf268eurYxtQcAgPHy1SuHFnb95U/377j52gNHwpY0evHN0v55PY7YFvf7j8Qd/7T/Xw3tw5WW0Goqm24yhup0+3QTHaZrzaeWTTfZJf+pLP9al+m2hPfPf6JlXKd6wyhL63E9VKqzbcPV6uzs8jF5WDqun6rMnj977tnnSyoosO7+9WAIYW9LOHqpfXi14Rtxy7Een9UaDm/AZ64x1HqsZ2MIyjqS4cjg8rrZWFZ6nQcUGttL3gABRPn1wjtcyM8srE3z0yZ7y//6E9XO88M6GPT631f+UyXnH+T/64u2OKyfzbo2pXql39G2OJxfR8jvX+r++8uvdLSPza9H1HosZ7frCKNyfaFbOScGXI7V6lb+fL3YrL4Y47QcvpSlt/5+8u90VL5joLN/5+f/BUEY7hDahmtr+axGydsfYHjl98010vXRKL+vL0/fUpC+tSB9uiD9roL0uwvSYZz99ns/CS9VVo7z82P6fs+Hp/Ns98T4A32WJz8f2W/++X2//Vpr/vn9xDDMfn/q6TOfe+bk1eX7/yvN9f92XN/T4UY9/rauxAnS+cL8vHrz3v96ez7VLtPdm5Xnng7TL73f2T5dZefK54SW7cwd5Zhpn297t+n2tE9Xz6abjmFrVt58/+SubL60/5G2q2l5TWb1rWX1mMrKkbYrO2KclwNWI62P3e7/T+vnTKhVnj177szjcTitp3+cqG1ZHH9gwOUG1q7X539mQvvzP9ua42vV1u3C9pXxleXtwuvx89rHzzXzaR8/H4fT/9w3J6aXxs+e/s65Z9a/+jDWnv/hC986de7cme+W/mZ+OoQhKMYq3nx5OIrRz5t02DIs5Vn1m8WKDEExNuGbkjdMwIbb/6PlnYDHzn771HNnnjtzfv7gwfm5uYOfn1/Yv7Rfv791777VhRJKC6ynlT/9sksCAAAAAAAAAAAA9Or7x49dfefNz767/Pz/yvN/6fn/dOdvev7/x9nz//lz8uk5+PQc4I4O6UvTZA2sTmXT1WL4YFbenVk+u7L5PhTjZj9+8fn/lF3ermsqz33Z+FqXwaw5gTvaS5nK2iDJ+wv8aIwvxfhXAUpUme48OsZF7VundT21T9HSLkVD+8CjI31vaW1I7Zik5787tuvU8mXvGEAZWX+DeJyw7DoCnf1jrNr//udKxUsvi9A9TA42v5+N7zrR6LqX3msPNgDro+z+P9N5zxSf/8NXti6GNNn1J9q3l3n7pdCPP7/TPjzs/U9udP55v32Dzr/s+g+6/89m/3c9b/+yHvPqq8v3Pz+/9m5LtmF3r/nn9U/tQO/sL/+bMf9Um0dCb/k3fpnln18Q6tF/s/zv6jH/O+q/Z3X5/y/mnxbbow/1mn91+ZpZtb0c+XnjdP0vP2+c3Mrqn9r2fJ/8v/ZCp/qvsqPG2zF/GGej0s9sv7L9iOZO++r7/40urG//v83CZpu1/D6Mz8QxaUOc7nPI+zvpt/zp/or0P7Ar+/xKwf+b/n9H2xdiXPR7SP3/3r6xfDmvHv/y0/pZj8syDdc6LNvNuq2BUfXeWF3/W4dwcsPz2Fp6HYc+HBmCMjRDY2IV8zX7iSu5/I1GY2NPaBUoNXNKX/5lHyeUnX/Zy79I3v9vvg+f9/+bp+f9/+bpef+/efp0/Ia6pef9/+bLM+//N0+/L/vcvH/gmYL0Dxek7+6c3jxsv79g/j0F6R8pSN/XTD/cNkVKf6Bg/gcL0u9tT9+Spz9UMP/HCtI/XpD+cEH6oy3prX1Ap/RPFMy/2aXnUca1/jDO8ufz/P5hfKTrP91+/zsL0oHR9dPXDhw9+Zuv15ef/59qng9J1/GOxOFaPH76QRzOr3uHluHFtDfj8F+z9GE/3wHjJG8/I/9/f6QgHRhd6T4vv28YQ5WtnUfHuKjdqm77+YyWT8b4UzH+dIwfi/FsjPfH+ECM5wZUPjbG0dd/d+ilysrx/vYsvdf7yfPngdraiQohzPdYnvz8QL/3s+ft+PVrrfmv8nEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA0lSXXhcWZiohXH7jlWNPnzi7f3HM4eYU9aXXyZahWnO+EB6P8USMfxHf3Lrx4unW+HaMK2EuVEKlOT48db2Z090hhAthb7gS6mH35asvvzX35ImLxy/te/vVQ9c2bgkAAADA5vf/AAAA//9LWAnF")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000002c0)=0x20)
syz_mount_image$exfat(0x0, &(0x7f0000000100)='./bus\x00', 0x400, 0x0, 0x0, 0x0, &(0x7f0000000000))
mount$overlay(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000200), 0x0, &(0x7f0000001100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@workdir={'workdir', 0x3d, './bus'}}], [], 0x2c})

6m33.790305333s ago: executing program 7 (id=10428):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000dd0000000000003b810000850000006d000000a50000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
mknod(&(0x7f0000000700)='./file1\x00', 0x0, 0x0)
syz_mount_image$erofs(&(0x7f0000000100), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="6e6f61636c2c757365725f786174747200000000000000000000000000003c3e46dd000000000000"], 0x1, 0x18a, &(0x7f0000000440)="$eJzsmD9Lw0AYxp+71JSquDjp4tCCVTBNUhUXh+ImDoL/cLPYtLSmVtuAtpOOjn4Ev4BfwEUQ/Abu6qIOHV1cIrlc7Vlq1UFBfH+Q9567e3O5e0OeISAI4t9yf/d8+/Byc60BGEQCUTn+qLVzuJJ/MLmfWywtnZ+cXiw8xa9GOtdjAHz/68+PALjMaPBk3/ff352Q7Sr4m14Dx4TUG2AwpN4Cx7rUDhg2pS4puhLkG0a+6DrGdsXN5XU5YQVDdhDSnftrHjPklP0xZb5Wb+xkXdep/qD4rH7NDMe8sj/1fbVqYyr1s8BhSZ0Gw4rUc4i2amMGwVLOPxppr6/98vlJkPgDIkafgyra/uSfMYwr/hRR/CPllfdStXpjqljOFpyCs2vb6Vlz2jRn7JQwojACGP7A/2LCn/qV9fu6JR4NAUzHYdbzqlYY9VbfDmM3x+XC/ziS8bAfeL/ew4+ZvLhoA5XUeqQTBEEQBEEQBEEQBEEQBEF8gzEwDIj/oD2xl0X2awAAAP//lLdyGg==")
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000180)='smb3\x00', 0x0, &(0x7f0000000400))

6m32.27367669s ago: executing program 7 (id=10435):
syz_open_procfs(0x0, &(0x7f00000002c0)='mounts\x00')
r0 = syz_open_dev$cec(&(0x7f0000000200), 0x0, 0x82)
r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
mount$9p_fd(0x0, &(0x7f0000000140)='.\x00', &(0x7f0000000100), 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r0])
mount$binderfs(0x0, &(0x7f0000000000)='./binderfs\x00', 0x0, 0x1068, 0x0)

6m30.75138291s ago: executing program 42 (id=10435):
syz_open_procfs(0x0, &(0x7f00000002c0)='mounts\x00')
r0 = syz_open_dev$cec(&(0x7f0000000200), 0x0, 0x82)
r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
mount$9p_fd(0x0, &(0x7f0000000140)='.\x00', &(0x7f0000000100), 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r0])
mount$binderfs(0x0, &(0x7f0000000000)='./binderfs\x00', 0x0, 0x1068, 0x0)

4m41.234479876s ago: executing program 8 (id=10861):
r0 = syz_open_procfs(0x0, &(0x7f0000000100)='net/psched\x00')
r1 = fanotify_init(0x4, 0x1)
fanotify_mark(r1, 0x1, 0x40000011, r0, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net\x00')
getdents64(r2, 0x0, 0x0)

4m40.645519189s ago: executing program 8 (id=10866):
syz_mount_image$ext4(&(0x7f0000000bc0)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x0, &(0x7f00000000c0), 0x2, 0xbd1, &(0x7f0000002380)="$eJzs3M1rHOcZAPBnRquVbKtduZRS91KVUmwoXUsuMrUp1C4uvfRQaK8Fq/LKCK0/kFRcyTqskn8gX+dALoEkJiGH+OxLQnLNJbGvCTkETFCsBEJIFGY/pI2lleR4V6PIvx+8mvedd7TP8+ywO/PC7gbwxBrJ/qQRxyLiYhJRau5PI6JY7w1G1BrHra4sTX65sjSZxNravz5LIomIBytLk63HSprbI83BYES8/9ckfvb05rhzC4szE9VqZbY5Pjl/5frJuYXFP0xfmbhcuVy5Onb6T+Onxk+PnhnvWq1ffXTu9he/+fsnta9f/ebW58+/nMS5GGrOtdfRLSMxsv6ctCtExES3g+Wkr1lPe51JYYd/SnucFAAAHaVt93C/iFL0xcbNWyne/iDX5AAAAICuWOuLWAMAAAAOuMT6HwAAAA641ucAHqwsTbZavp9I2Fv3z0fEcKP+1WZrzBSiVt8ORn9EHH6QRPvXWpPGvz22kYj4+N6ZN7IWPfoe8nZqyxHxy63Of1Kvf7j+Le7N9acRMdqF+CMPjX9M9Z/rQvy86wfgyXTnfONCtvn6l67f/8QW17/CFteuHyLv61/r/m910/3fRv19He7//rnLGDdfefFGp7ms/j/f/tvrrZbFz7aPVdQjuL8c8avCVvUn6/UnHeq/uMsYpW9vVDrN5V3/2ksRx2Pr+luS7X+f6OTUdLUy2vi7ZYzl98Zf6xQ/7/qz83+4Q/2t33/qdP6v7zLGfy5ceHPTznsb3e3rTz8tJv+u94rNPf+fmJ+fHYsoJv/YvP/U9rm0jmk9Rlb/id9u//rfqv7sPaHWfB6ytcByc5uNn3oo5l9u3XyrUz6t9V+e5/9Sh/PfXv+7hc3n/5ldxvjdO8+d6DTXvv7NWha/tRYGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgJY0IoYiScvr/TQtlyOORMTP43BavTY3//upa/+7eimbixiO/nRquloZjYhSY5xk47F6f2N86qHxHyPiaES8UDpUH5cnr1Uv5V08AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA645ExFAkaTki0ohYLaVpuZx3VgAAAEDXDeedAAAAANBz1v8AAABw8Fn/AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0GNHf33nbhIRtbOH6i1TbM7155oZ0Gtp3gkAuenLOwEgN4W8EwBy84hrfLcLcAAlO8wPdpwZ6HouAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOxfx4/duZtERO3soXrLFJtz/blmBvRa2tZPcswD2Ht9200W9i4PYO95icOTyxof2GntP7hxTO37MwM9ywkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/Weo3pK0HBHF5r5yOeInETEc/cnUdLUyGhE/jYgPS/0D2Xgs55wBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADovrmFxZmJarUym3XSaHbW9/Sg09eM3MMQvekkjbxr+yWfg90ZeHanY/4bjxmiGPui0n3ayfNdCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAvMwtLM5MVKuV2bm8MwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADyNrewODNRrVZme9jJu0YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPLzXQAAAP//jAsGRw==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x4)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x103000, 0x0)
ioctl$FS_IOC_ENABLE_VERITY(r1, 0x8004587d, &(0x7f0000000180)={0x2, 0x2, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$EXT4_IOC_SWAP_BOOT(r0, 0x6611)

4m39.184159083s ago: executing program 8 (id=10874):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x0, 0x3, &(0x7f0000001300)=ANY=[@ANYBLOB="1800000001000000000000000000000095"], 0x0, 0x800000, 0x0, 0x0, 0x41100, 0x2, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001c40)={0x8, 0x3, &(0x7f0000001300)=ANY=[], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r0, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000280)={r1, r0, 0x1, 0x0, @val=@netfilter={0x2, 0x0, 0x9}}, 0x20)
syz_emit_ethernet(0x4a, &(0x7f0000000000)={@local, @broadcast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0a8435", 0x14, 0x6, 0x1, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}}, 0x0)

4m38.196150881s ago: executing program 8 (id=10882):
syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000280)={[{@noload}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x1}}, {@bh}, {@noload}, {@data_err_ignore}, {@usrjquota}]}, 0xfe, 0x44d, &(0x7f0000000900)="$eJzs3MtvG8UfAPDvrp30/Ut+UB4tLQQKouKRNOnzwKUIJA4gIcGhiFNI0qrUbaAJEq0qKBzKEVXijjgi8RdwggsCTkhc4Y4qVaiXFiQko13vpsa107hx6rb+fKRNZrzjzHx3d+zZGTsBDKyx7EcSsTkifouIkUb2vwXGGr+uXTk389eVczNJ1Otv/Jnk5a5eOTdTFi2ft6mRqdeL/Lo29V54O2K6Vps7XeQnFk++N7Fw5uzzx09OH5s7Nndq6tChfXt3Dh+Y2t+TOLO4rm7/aH7HtlfeuvjazJGL7/z0TdbezcX+5jh6ZaxxdNt6qteV9dmWpnRS7WND6EolIrLTNZT3/5GoxIalfSPx8qd9bRywpur1er3d+3PhfB24hyXR7xYA/VG+0Wf3v+V2m4Yed4TLhyPeP9iI/1qxNfZUIy3KDLXc3/bSWEQcOf/3l9kWazQPAQDQ7LvDEfFcu/FfGg82lftfsYYyGhH/j4j7IuL+iNgaEQ9E5GUfioiHu6y/dYXkxvFPeumWAluhbPz3QrG2tTT++6eex18YrRS5LXn8Q8nR47W5PcUx2R1D67L85DJ1fP/Sr5932tc8/su2rP5yLNiQXqq2TNDNTi9OrzLsJZc/idhebYk/l0S5jJNExLaI2N7VX75+h3H8ma93dCp18/iX0YN1pvpXEU83zv/5aIm/lHRcn5w8eGBq/8T6qM3tmSivihv9/MuF1zvVv6r4eyA7/xtbr//cUvyjyfqIhTNnT+TrtQvd13Hh98863tPc6vU/nLyZp4eLxz6cXlw8PRkxnLx64+NT159b5svyWfy7d7WLP81f48oj8UhEZBfxzoh4NCIeK9r+eEQ8ERG7lon/xxeffLf7+JeZle+hLP7Zm53/aD7/3ScqJ374tvv4S9n535endhePrOT1b6UNXM2xAwAAgLtFmn8GPknHl9JpOj7e+Az/1tiY1uYXFp89Ov/BqdnGZ+VHYygtZ7pGmuZDJ4u54TI/1ZLfW8wbf1HZkOfHZ+Zrs/0OHgbcpg79P/NHpd+tA9ac72vB4NL/YXDp/zC49H8YXPo/DK52/f/jPrQDuP28/8Pg0v9hcOn/MLj0fxhIHb8bn67qK/8S93wi0u6fVY07pPF3U6K64n9mcYuJdW139fuVCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoDf+DQAA//9X4u4v")
mkdirat(0xffffffffffffff9c, &(0x7f0000000440)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000), 0x10000, &(0x7f00000000c0)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './bus'}}], [], 0x2c})
chdir(&(0x7f0000000240)='./file0\x00')
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file2\x00', 0x187842, 0x1d5)

4m37.080025927s ago: executing program 8 (id=10889):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r0, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(r0, 0x84, 0x17, &(0x7f0000000080)={0x0, 0x5, 0x1, "fd"}, 0x9)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(r0, 0x84, 0x17, &(0x7f00000004c0)={0x0, 0xff, 0x1, "f5"}, 0x9)
setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r0, 0x84, 0x23, &(0x7f0000000340)={0x0, 0x5}, 0x8)

4m33.715746475s ago: executing program 8 (id=10897):
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x8, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], 0x0, 0xfffffc01, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000300)='fib_table_lookup\x00', r0}, 0x10)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000140)="5500000018007f5f00fe01b2a4a2809302060000ff41fd01020400000a00120002002800000019002d007fffffff0022de1330d54400009b84136ef75afb83de066a5900e1baac968300000000f2ff000001000000", 0x55}], 0x1, 0x0, 0x0, 0x7a000000}, 0x0)

4m32.261916496s ago: executing program 43 (id=10897):
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x8, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], 0x0, 0xfffffc01, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000300)='fib_table_lookup\x00', r0}, 0x10)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000140)="5500000018007f5f00fe01b2a4a2809302060000ff41fd01020400000a00120002002800000019002d007fffffff0022de1330d54400009b84136ef75afb83de066a5900e1baac968300000000f2ff000001000000", 0x55}], 0x1, 0x0, 0x0, 0x7a000000}, 0x0)

3m43.127864508s ago: executing program 4 (id=11060):
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x801, 0x0)
ioctl$UI_ABS_SETUP(r0, 0x401c5504, &(0x7f0000000800)={0x3e, {0x1, 0x0, 0xe, 0x3, 0x3, 0x7ff}})
ioctl$UI_DEV_SETUP(r0, 0x405c5503, &(0x7f00000001c0)={{}, 'syz1\x00'})
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x3)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)

3m41.38398487s ago: executing program 4 (id=11066):
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)={0x14, 0x40, 0xb, 0x0, 0x3, {0x3}}, 0x14}}, 0x48840)
r0 = socket(0x2, 0x3, 0xff)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x800, @local}, 0x10)
connect$inet(r0, &(0x7f00000000c0)={0x2, 0x0, @multicast1}, 0x10)
sendmsg$key(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)=ANY=[], 0x18}}, 0x4808)

3m40.19243927s ago: executing program 4 (id=11073):
r0 = socket$qrtr(0x2a, 0x2, 0x0)
r1 = syz_io_uring_setup(0x497, &(0x7f0000000200)={0x0, 0x4661, 0x400, 0x3, 0x288}, &(0x7f0000000340)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0})
io_uring_enter(r1, 0x40f9, 0x217, 0xa5, 0x0, 0x0)

3m38.503056579s ago: executing program 4 (id=11079):
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f00000000c0)='./file1\x00', 0x200000, &(0x7f0000000200), 0x3, 0x570, &(0x7f0000000680)="$eJzs3V1rHFUYAOB3Nkm/tSmUoiIS6IWV2k2T+FFBsF6KFgt6X5dkGmo23ZLdlCYW2l7YG2+kCCIWxB/gvZfFP+CvKGihSAl64U1kNrPtNtnN52q2zvPAtOfMzObM2TPv2Xd2dtkACmsk+6cU8WLcjK+TiMNt2wYj3ziyst/So+uT2ZLE8vInfySR5Ota+yf5/wfzygsR8cuXESdLa9utLyzOVKrVdC6vjzZmr4zWFxZPXZqtTKfT6eXxiYkzb06Mv/P2Wz3r62vn//ru43sfnPnq+NK3Pz04cieJs3Eo39bejx242V4ZiZH8ORmKs6t2HOtBY/0k2e0DYFsG8jgfimwOOBwDedQD/383ImIZKKhE/ENBtfKA1rV9j66DnxkP31+5AFrb/8GV90ZiX/Pa6MBS8tSVUXa9O9yD9rM2fv797p1siQ3eh7jRg/YAWm7eiojTg4Nr578kn/+273TzzeP1rW6jaK8/sJvuZfnP653yn9Lj/Cc65D8HO8Tudmwc/6UHPWimqyz/e7dj/vt46hoeyGvPNXO+oeTipWp6OiKej4gTMbQ3q693P+fM0v3lbtva879sydpv5YL5cTwY3Pv0Y6YqjcpO+tzu4a2Il57kv0msmf/3NXPd1eOfPR/nN9nGsfTuK922bdz/dr3PgJd/jHi14/g/uaOVrH9/crR5Poy2zoq1/rx97Ndu7W+t/72Xjf+B9fs/nLTfr61vvY0f9v2ddtu23fN/T/Jps7wnX3et0mjMjUXsST5au378yWNb9db+Wf9PHF9//ut0/u+PiM822f/bR2933bUfxn9qS+O/9cL9D7/4vlv7mxv/N5qlE/mazcx/mz3AnTx3AAAAAAAA0G9KEXEoklL5cblUKpdXPt9xNA6UqrV64+TF2vzlqWh+V3Y4hkqtO92H2z4PMZZ/HrZVH19Vn4iIIxHxzcD+Zr08WatO7XbnAQAAAAAAAAAAAAAAAAAAoE8c7PL9/8xvA7t9dMC/zk9+Q3FtGP+9+KUnoC95/Yfi6hL/pgUoAIEOxSX+objEPxSX+IfiEv9QXOIfAAAAAAAAAAAAAAAAAAAAAAAAAAAAeur8uXPZsrz06PpkVp+6ujA/U7t6aiqtz5Rn5yfLk7W5K+XpWm26mpYna7Mb/b1qrXZlbDzmr4020npjtL6weGG2Nn+5ceHSbGU6vZAO/Se9AgAAAAAAAAAAAAAAAAAAgGdLfWFxplKtpnMKXQvvxW4fxucv7+ThSedRTto6uGJbTQz2yzAp9LSwyxMTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALT5JwAA//821zOC")
r0 = open(&(0x7f00000001c0)='./file1\x00', 0x14927e, 0x20)
fallocate(r0, 0x0, 0x0, 0x1001f0)
fallocate(r0, 0x3, 0x9, 0x10000)
read$FUSE(r0, &(0x7f0000000c40)={0x2020}, 0x2020)

3m37.712720117s ago: executing program 4 (id=11084):
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
open_tree(0xffffffffffffff9c, &(0x7f0000000140)='./file0/../file0\x00', 0x1)
mount$bind(&(0x7f0000000440)='./file0/file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)

3m37.059737676s ago: executing program 4 (id=11088):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000005c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_OCB(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)={0x2c, r1, 0x1, 0x70bd2d, 0x25dfdc00, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x7}, @NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x16c1}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40000}, 0x8010)

3m20.702929252s ago: executing program 44 (id=11088):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000005c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_OCB(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)={0x2c, r1, 0x1, 0x70bd2d, 0x25dfdc00, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x7}, @NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x16c1}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40000}, 0x8010)

9.577166773s ago: executing program 9 (id=11879):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000240)={0x26, 'hash\x00', 0x0, 0x0, 'michael_mic-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000140)="4dc07f947163300c", 0x8)
r1 = accept4(r0, 0x0, 0x0, 0x80800)
sendmmsg$inet(r1, &(0x7f0000005300)=[{{0x0, 0x0, &(0x7f0000001740)=[{&(0x7f0000001600)="1f0800000000000000004cd7f588cde930a8fddbe073b296de56ee2f529e02", 0x15}, {&(0x7f0000000b40), 0x2}], 0x2}}], 0x1, 0x40810)

8.94574228s ago: executing program 9 (id=11885):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x103080, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000000020"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
ioctl$KVM_SET_CLOCK(r1, 0x4188aec6, &(0x7f0000000040)={0x1, 0x0, 0x0, 0x20000000000000, 0x4})

8.403080688s ago: executing program 9 (id=11887):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000002140)={'wlan0\x00', <r2=>0x0})
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r1)
sendmsg$NL80211_CMD_DEL_STATION(r1, &(0x7f0000002240)={0x0, 0x0, &(0x7f0000002200)={&(0x7f0000000400)={0x24, r3, 0xa29, 0x70bd27, 0x1, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MGMT_SUBTYPE={0x5}]}, 0x24}}, 0x4009000)

7.36954873s ago: executing program 1 (id=11891):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000000)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000180), &(0x7f0000000300)='%pK    \x00'}, 0x20)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000280)={r1}, 0x4)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x11, &(0x7f00000003c0)=ANY=[@ANYBLOB="180000000000000000000000000400008500000061000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000a500000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000480)={r2, 0x18000000000002a0, 0xe, 0x0, &(0x7f00000002c0)="b9ff03076003008cb89e08f086dd", 0x0, 0xfe6, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)

6.983118243s ago: executing program 9 (id=11892):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0026}]})
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0x3, &(0x7f0000000440)=@framed, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
syz_usb_connect$printer(0x6, 0x36, &(0x7f0000000300)={{0x12, 0x1, 0x201, 0x0, 0x0, 0x0, 0x8, 0x525, 0xa4a8, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x1, 0x9, 0xa0, 0x81, [{{0x9, 0x4, 0x0, 0x6, 0x1, 0x7, 0x1, 0x2, 0x80, "", {{{0x9, 0x5, 0x1, 0x2, 0x3ff, 0x7, 0x6, 0x5}}, [{{0x9, 0x5, 0x82, 0x2, 0x400, 0x80, 0x0, 0x37}}]}}}]}}]}}, &(0x7f0000000d40)={0x0, 0x0, 0x10, &(0x7f00000004c0)={0x5, 0xf, 0x10, 0x1, [@wireless={0xb, 0x10, 0x1, 0x2, 0xa8, 0x2, 0x2, 0x4}]}})
close_range(r0, 0xffffffffffffffff, 0x0)

6.556166314s ago: executing program 0 (id=11894):
syz_mount_image$exfat(&(0x7f0000000100), &(0x7f0000000240)='./file2\x00', 0x800004, &(0x7f0000000600)=ANY=[], 0xfe, 0x14fe, &(0x7f0000002180)="$eJzs3Au0ztXWMPA511p/NklPkvuaa/55kssiSXJJSCRJkiS5JSRJkoTEJrckJCH3JPeQ3GIn9/st9yQ5kiQJCUnWN3Q6n/e8nfftnO+c7/V9Z8/fGGvsNff/mfNZa889nv9ljL2/7Ti4av1qlesyM/xT8M9fUgEgBQD6AcA1ABABQKlspbIBDoNMGlP/uTcR/1oPTbvSKxBXkvQ/fZP+p2/S//RN+p++Sf/TN+l/+ib9T9+k/0KkZ1un575WRvod/3PP/0Ge//8/R87//0YOFxvz5fpi13f6B1Kk/+mb9D99k/6nb9L/9E36n75J///NRQCV/pvD0v/0TfovRHp2pZ8/y7iy40r//gkhhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGESB/OhcsMAPxlfqXXJYQQQgghhBBCiH+dkPFKr0AIIYQQQgghhBD/9yEo0GAgggyQEVIgE2SGqyALXA1Z4RpIwLWQDa6D7HA95ICckAtyQx7IC/nAAoEDhhjyQwFIwg1QEG6EQlAYikBR8FAMisNNUAJuhpJwC5SCW6E03AZloCyUg/JwO1SAO6AiVILKcCdUgbugKlSDu6E63AM14F6oCfdBLbgfasMDUAcehLrwENSDh6E+PAIN4FFoCI2gMTSBpv9H+S9CV3gJukF3SIUe0BNehl7QG/pAX+gHr0B/eBUGwGswEAbBYHgdhsAbMBTehGEwHEbAWzASRsFoGANjYRyMh7dhArwDE+FdmASTYQpMhWkwHWbAezATZsFseB/mwAcwF+bBfFgAC+FDWASLIQ0+giXwMSyFZbAcVsBKWAWrYQ2shXWwHjbARtgEm2ELbIVPYBtshx2wE3bBbtgDn8Je+Az2weewH774B/PP/qf8TggIqFChQYMZMAOmYApmxsyYBbNgVsyKCUxgNsyG2TE75sAcmAtzYR7Mg/kwHxISMjLmx/yYxCQWxIJYCAthESyCHj0Wx+JYAm/GklgSS2EpLI2lsQyWxbJYHstjBayAFbEiVsbKWAWrYFWsinfj3XgP1sAaWBNrYi2shbWxNtbBOlgX62I9rIf1sT42wAbYEBtiY2yMTbEpNsNm2BybY0tsia2wFbbG1tgG22BbbIvtsB22x/bYATtgR+yInbAzdsYX8UV8CV/C7lhF9cCe2BN7YS/sg32xL76C/fFVfBVfw4E4CAfj6/g6voFD8QwOw+E4AkdgBTUKR+MYZDUOx+N4nIATcCJOxEk4GSfjVJyG03EGzsCZOAtn4fs4Bz/AD3AezsMFuBAX4iJcjGmYhkvwLC7FZbgcV+BKXIUrcQ2uxTW4HjfgetyEm3ALbsFP8BPcjttxJ+7E3bgbP8VP8TP8DAfiftyPB/AAHsSDeAgP4WE8jEfwCB7Fo3gMj+FxPI4n8CSewpN4Gk/jGTyL5/AcnsfzeAGfz/N1vd2F1w0EdYlRRmVQGVSKSlGZVWaVRWVRWVVWlVAJlU1lU9lVdpVD5VC5VC6VR+VR+VQ+RYoUq1jlV/lVUiVVQVVQFVKFVBFVRHnlVXFVXJVQJVRJVVKVUreq0uo2VUaVVS18eVVeVVAtfUVVSVVWlVUVdZeqqqqpaqq6qq5qqBqqpqqpaqlaqrZ6QNVRPbAPPqQudaa+GoQN1GBsqBqpxqqJegMfU83UUGyuWqiW6gk1HIdha9XMt1FPq7ZqNLZTz6ox+JzqoMZhR/WC6qQ6qy7qRdVVNffdMvz2EaimYi/VW/VRfdVMvEtd6lhV9ZoaqAapwep1tQDfUEPVm2qYGq5GqLfUSDVKjVZj1Fg1To1Xb6sJ6h01Ub2rJqnJaoqaqqap6WqGek/NVLPUbPW+mqM+UHPVPDVfLVAL1YdqkVqs0tRHaon6WC1Vy9RytUKtVKvUarVGrVXr1Hq1QW1Um9RmtUVtVZ+obWq72qF2ql1qt9qjPlV71Wdqn/pc7VdfqAPqT+qg+lIdUl+pw+prdUR9o46qb9Ux9Z06rr5XJ9RJdUr9oE6rH9UZdVadUz+p8+pndUH9oi6qoECjVlproyOdQWfUKTqTzqyv0ln01TqrvkYn9LU6m75OZ9fX6xw6p86lc+s8Oq/Op60m7TTrWOfXBXRS36AL6ht1IV1YF9FFtdfFdHF9ky6hb9Yl9S26lL5Vl9a36TK6rC6ny+vbdQV9h66oK+nK+k5dRd+lq+pq+m5dXd+ja+h7dU19n66l79e19QO6jn5Q19UP6Xr6YV1fP6Ib6Ed1Q91IN9ZNdFP9mG6mH9fNdQvdUj+hW+kndWv9lG6jn9Zt9TO6nX5Wt9fP6Q76ed1Rv6A76c66i/5FX9RBd9PddaruoXvql3Uv3Vv30X11P/2K7q9f1QP0a3qgHqQH69f1EP2GHqrf1MP0cD1Cv6VH6lF6tB6jx+pxerx+W0/Q7+iJ+l09SU/WU/RUPU1P131+qzT778h/52/kD/j13bforfoTvU1v1zv0Tr1L79Z79B69V+/V+/Q+vV/v1wf0AX1QH9SH9CF9WB/WR/QRfVQf1cf0MX1cH9cn9En9k/5Bn9Y/6jP6rD6rf9Ln9Xl94befARg0ymhjTGQymIwmxWQymc1VJou52mQ115iEudZkM9eZ7OZ6k8PkNLlMbpPH5DX5jDVknGETm/ymgEmaG0xBc6MpZAqbIqao8aaYKW5u+qfz/2h9TU1T08w0M81Nc9PStDStTCvT2rQ2bUwb09a0Ne1MO9PetDcdTAfT0XQ0nUwn08V0MV1NV9PNdDOpJtX0NC+bXqa36WP6mn7mFdPf9DcDzAAz0Aw0g81gM8QMMUPNUDPMDDMjzAgz0ow0o81oM9aMNePNeDPBTDATzUQzyUwyU8wUM81MMzPMDDPTzDSzzWwzx8wxc81cM9/MNwvNQrPILDJpJs0sMUvMUrPMLDMrzAqzyqwya8was86sMxvMBrPJbDJLzVaz1Wwz28wOs8PsMrvMHrPH7DV7zT6zz+w3+80Bc8AcNAfNIXPIHDaHzRFzxBw1R80xc8wcN8fNCXPCnDKnzGlz2pwxZ8w5c86cN+fNBXPBXDQXL132RSpSkYlMlCHKEKVEKVHmKHOUJcoSZY2yRokoEWWLskXZo+ujHFHOKFeUO8oT5Y1SwUYUuYijOMofFYiS0Q1RwejGqFBUOCoSFY18VCwqHt0UlYhujkpGt0Sloluj0tFtUZmobFQuKh/dHlWI7ogqRpWiytGdUZXorqhqVC26O6oe3RPViO6Nakb3RbWi+6Pa0QNRnejBqG70UFQvejiqHz0SNYgejRpGjaLGUZOo6b+0fghncj7uu9nuNtX2sD3ty7aX7W372L62n33F9rev2gH2NTvQDrKD7et2iH3DDrVv2mF2uB1h37Ij7Sg72o6xY+04O96+bSfYd+xE+66dZCfbKXaqnWan2xn2PTvTzrKz7ft2jv3AzrXz7Hy7wC60H9pFdrFNsx/ZJfZju9Qus8vtCrvSrrKr7Rq71q6z6+0Gu9FuspvtFrvVfmK32e12h91pd9nddo/91O61n9l99nO7335hD9g/2YP2S3vIfmUP26/tEfuNPWq/tcfsd/a4/d6esCftKfuDPW1/tGfsWXvO/mTP25/tBfuLvWjDpYv7S6d3MmQoA2WgFEqhzJSZslAWykpZKUEJykbZKDtlpxyUg3JRLspDeSgf5aNLmJjyU35KUpIKUkEqRIWoCBUhT56KU3EqQSWoJJWkUlSKSlNpKkNlqByVo9vpdrqD7qBKVInupDvpLrqLqlE1qk7VqQbVoJpUk2pRLapNtakO1aG6VJfqUT2qT/WpATWghtSQGlNjakpNqRk1o+bUnFpSS2pFrag1taY21IbaUltqR+2oPbWnDtSBOlJH6kSdqAt1oa7UlbpRN0qlVOpJPakX9aI+1If6UT/qT/1pAA2ggTSQBtNgGkJDaCgNpWE0nEbQWzSSRtFoGkNjaRyNp/E0gSbQRJpIk2gSTaEpNI2m0QyaQTNpJs2m2TSH5tBcmkvzaT4tpIW0iBZRGqXRElpCS2kpLafltJJW0mpaTWtpLa2n9bSRNtJm2kxbaStto220g3bQLtpFe2gP7aW9tI/20X7aTwfoAB2kg3SIDtFhOkxH6AgdpaN0jI7RcTpOJ+gEnaJTdJpO0xk6Q+foHJ2nn+kC/UIXKVCKU5DZXeWyuKtdVneNS3GZ3KU4AoBLcS6X2+VxeV0+Z10Ol/OvYnLOFXKFXRFX1HlXzBV3N/0uLuPKunKuvLvdVXB3uIq/i6u7e1wNd6+r6e5z1dzdfxXXcve72u4RV8c96uq6Rq6ea+Lqu0dcA/eoa+gaucauiWvlnnSt3VOujXvatXXP/C5e5Ba7tW6dW+82uL3uM3fO/eSOum/defez6+a6u37uFdffveoGuNfcQDfod/EI95Yb6Ua50W6MG+vG/S6e4qa6aW66m+HeczPdrN/FC92Hbo5Lc3PdPDffLfg1vrSmNPeRW+I+dkvdMrfcrXAr3Sq32q3532td4Ta5zW6L2+M+ddvcdrfD7XS73O5f40v72Oc+d/vdF+6I+8YddF+6Q+6YO+y+/jW+tL9j7jt33H3vTriT7pT7wZ12P7oz7uyv+7+09x/cL+6iCw4YWbFmwxFn4Iycwpk4M1/FWfhqzsrXcIKv5Wx8HWfn6zkH5+RcnJvzcF7Ox5aJHTPHnJ8LcJJv4IJ8IxfiwlyEi7LnYlycb+ISfDOX5Fu4FN/Kpfk2LsNluRyX59u5At/BFbkSV+Y7uUoIXJWr8d1cne/hGnwv1+T7uBbfz7X5Aa7DD3Jdfojr8cNcnx/hBvwoN+RG3JibcFN+jJvx49ycW3BLfoJb8ZPcmp/iNvw0t+VnuB0/y+35Oe7Az3NHfoE7cWfuwi9yV36Ju3F3TuUe3JNf5l7cm/twX+7Hr3B/fpUH8Gs8kAfxYH6dh/AbPJTf5GE8nEfwWzySR/FoHsNjeRyP57d5Ar/DE/ldnsSTeQpP5Wk8nWfwezyTZ/Fsfp/n8Ac8l+fxfF7AC/lDXsSLOY0/4iX8MS/lZbycV/BKXsWreQ2v5XW8njfwRt7Em3kLb+VPeBtv5x28k3fxbt7Dn/Je/oz38ee8n7/gA/wnPshf8iH+ig/z13yEv+Gj/C0f4+/4OH/PJ/gkn+If+DT/yGf4LJ/jn/g8/8wX+Be+yIEhxljFOjZxFGeIM8YpcaY4c3xVnCW+Os4aXxMn4mvjbPF1cfb4+jhHnDPOFeeO88R543yxjSl2McdxnD8uECfjG+KC8Y1xobhwXCQuGvu4WFw8vikuEd8cl4xviUvFt8al49viMnHZ+JH7yse3xxXiO+KKcaW4cnxnXCW+K64aV4vvjqvH98Q14nvjmvF9ccn4/rh2/EBcJ34wrhs/FNeLH47rx4/EDeJH44Zxo7hx3CRuGj8WN4sfj5vHLeKW8RNxq/jJuHX8VNwmfjpuGz/zh8dT4x5xz/jl+OU4hHv1/OSC5MLkh8lFycXJtORHySXJj5NLk8uSy5MrkiuTq5Krk2uSa5PrkuuTG5Ibk5uSm5NbkiFUywgevfLaGx/5DD6jT/GZfGZ/lc/ir/ZZ/TU+4a/12fx1Pru/3ufwOX0un9vn8Xl9Pm89eefZxz6/L+CT/gZf0N/oC/nCvogv6r0v5ov7Jr6pb+qb+cd9c9/Ct/RP+Cf8k/5J/5R/yj/t2/pnfDv/rG/vn/Md/PP+ef+C7+Q7+y7+Rd/Vv+S7+e4+1af6nr6n7+V7+T6+j+/n+/n+vr8f4Af4gX6gH+wH+yF+iB/qh/phfpgf4Uf4kX6kH+1H+7F+rB/vx/sJfoKf6Cf6SX6Sn+Kn+Gl+mp/hZ/iZfqaf7Wf7OYXm+Ll+rp/v5/uFfqFf5Bf5NJ/ml/glfqlf6pf75X6lX+lX+9V+rV/r1/v1fqPf6Df7zX6r3+q3+W1+h9/hd/ldfo/f4/f6vX6f3+f3+/3+gD/gD/qD/pD/yh/2X/sj/ht/1H/rj/nv/HH/vT/hT/pT/gd/2v/oz/iz/pz/yZ/3P/sL/hd/0Qc/PvF2YkLincTExLuJSYnJiSmJqYlpiemJGYn3EjMTsxKzE+8n5iQ+SMxNzEvMTyxILEx8mFiUWJxIS3yUWJL4OLE0sSyxPLEisTKxKhFC3m1xyB8KhGS4IRQMN4ZCoXAoEooGH4qF4uGmUCLcHEqGW0KpcGsoHW4LZULZUC48GhqGRqFxaBKahsdCs/B4aB5ahJbhidAqPBlah6dCm/B0aBueCe3Cs6F9eC50CM+HjuGF0Cl0Dl3Ci6FreCl0C91DaugReoaXQ6/QO/QJfUO/8EroH14NA8JrYWAYFAaH18OQ8EYYGt4Mw8LwMCK8FUaGUWF0GBPGhnFhfHg7TAjvhInh3TApTA5TwtQwLUwPM8J7YWaYFWaH98Oc8EGYG+aF+WFBWBg+DIvC4pAWPgpLwsdhaVgWlocVYWVYFVaHNWFtWBfWhw1hY9gUNoctYWv4JGwL28OOsDPsCrvDnvBp2Bs+C/vC52F/+CIcCH8KB8OX4VD4KhwOX4cj4ZtwNHwbjoXvwvHwfTgRToZT4YdwOvwYzoSz4Vz4KZwPP4cL4ZdwUf5mTQghhBDi76L/4HiPv/G9DACgfpv3BICrt+c+/J9rbszx53lvladVAgCe7t7xob+MKlVSU1N/e+1SDVGBeQCQ+Ov6f4mXQUt4EtpACyjxN9fXW3U+z39QP3krQOb/kJMCl+PL9W/+L+o/9sSIRaXjc9n+m/rzAAoVuJyTCS7Hl+uX/C/q52z2B+vP9OV4gOb/IScLXI4v1y8Oj8Mz0OavXimEEEIIIYQQQvxZb1Wu/R/dP1+6P89jLudkhMvxH92fCyGEEEIIIYQQ4sp7rnOXpx5r06ZF+79vgr89F/jHsmQiE5n8fza50p9MQgghhBBCiH+1yxf9V3olQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCFE+vU/8e/ErvQehRBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCiCvtfwUAAP//luw5aQ==")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
preadv(r0, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x1, 0x0, 0x0)

5.863542957s ago: executing program 1 (id=11897):
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1400000007"], 0x50)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0xd0, &(0x7f0000000000)=0x46, 0x4)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r0, &(0x7f0000000000), 0xd)

5.549686555s ago: executing program 9 (id=11898):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
syz_mount_image$bcachefs(&(0x7f0000000140), &(0x7f0000000440)='./file1\x00', 0x208410, &(0x7f0000000540)=ANY=[], 0xf5, 0x5a76, &(0x7f0000006680)="$eJzs3X+QHNV9IPDXM7Pa1a5+rAQ2MpjVIqOE4Nha8av8IxUrucROgeOSyykHcbJhQSsiWxIq/QggkyBy4LMK7MIpUglO/iAuzB1GcVEFF6NQJvw4ibOxVVx81BXmzs5h/+ErwqEKoKNcnPdqZ/rNzvRMb8/OzgpJfD4lbU+/efPt16/f9PT3zexOAAAA4G3h8G27jn3izN/93p9NvH7z7/3DtlvCULlaPhArDKfLG96qFnI89VdWVJfZcfGrX/jmz0av+e3vPjj4jTcObTpn849+57RrHv3cpQfv/usnXlv88C9fLIobx9P50+vJy0kIA985+hdfPPTMGVNlyZKpn6V9ISxLlj+xLAnh1sYQY78IIWxKV1Zk4j/0+oWbp5a33N7fVL40U894f3ubOs5JCGHvsevfG378Wxtu/cHKb/1d34GX9k1XSQYaxlMIS65qfHxfCGFh+n9KHG1xPCbpcn0IYbDhcR8oaNd7Omz/mpz1s9LlgnQ5VBAn3r8qs17K1MuuR32Z5WDB9uYqrx3d1iuyKLOe9ChulNfOWL4sXX47XZ4/y/jldB/KSSgloVJv/tZkeoyEhuOWhKR6LAfq66X6sQ3p/mfWk8x6KbNe7svsV3W76UArJ0lzeayXKY+n40pafk7jubqNTzXcbqz3rliWPlHfyNbJBB1quVHfr6rYrqMztOV4KDWcg9qV1w98ejCG0rKhZHnLYybbiPcd2nDH6vLGJw8P57QjeTBJ4yddxd/7/WWLPvvA/j3Z1/V6/KtKafxSV/F/ctmRV67Y//Wv5ca/M8YvdxX/gscGX77sqdtW5fbP0dg/la7ij7/49JdXnn71gdz23xPjD3QVf93BI/2Ljz32eG77x2L/LOwq/gsf/uhP73/ukZdy44cYf7Cr+BsP7vhK/8ix83LjPx77Z6i78fPqgUueHxn5+Whe/Gdj/MVdxb9vX/+H7l16+6W5x3d97J/hruJ//NxHb1107JGz886dyT29euUEeHs6Lb3G+lK63m2eOVcN+cJfjVZq13yL0v+Le7mhzMVnNk8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgF54x3v/y8f+16eHX66k6/3pjRdKtWUsXxBCsjCEsGv3+M7dW7ZfO/q56/bs3D6+dXR89+jE9t07bxy96NdHd07s2Dp+49S9Y++7sPa45SGpLZOzW7bdPzk5WRpuLovb+zfnHvjx6g/8738JYewdPxyp5LZ/zd3b7j29zc+MZN3kR7bt+cQPL/7bdL+G03YNt2nX5OTkZMhp1/+5/M17//zoz84LYeydM7Xr6Rd+8x+bGlQtmI6TKvWHWoP6k8G27ai3Om1P7K/K5i1bJ8Zm7t+px5dz9uPffuGlX2y+4atv1vp3IHc/Ouzfhesmt5b+csPH/99f3lQrKGrXW3Xci/o77kVsX+y/gbS/l6T7tSRnvyo5+3XbDx5/7jtn7n9tXxirvLqyddtF+9WXDoC+5F0dbTduYTBZ1lQ+kNaPRzw+bs3ubTvW7Lpx7/u2bBu/duLaie0fXHvR2kvGLr7k4jXVPV/T4/2P2/+VDvf/+IynpX+879vxZ2fjqbldC6aqzKo/ptpV3B+NLcp7/g1+6ot3ffDupz5RKyga57F2/XxSXSZvDk4d57WhYby19lW7/So6PiGE0Xb98Mprl4Yz/vuWW4vOQ41HpvFnRrJu8plV//q3H/ibFb9RKzgu5/nGBnV5nq+3ero91f4aSI/H5Anav/2hnO7XUNt2rX3mqb47Dv/Ln9Tbt2BBuGF89+6da2s/F6UtXZScdXO7dp2VWY/7tbL6s1x/utWHaZvxOqUv1NqXPX/G6tleHUrvG0qWt92vrHjfoQ13rC5vfPJwXk8nD9a2uDAsri2Td+fU3Jp5YLne4HbbP1Gff0XjY+Rjf/Pwpx/++4taxscFtZ9F+5Xk7Ne3nrvvrm989d//fe/262O/eWT4X//nH62uFZzw55VyrSH1VqftSRrPKxeE0PD8a9uOlaH9fuQ+/0rt96fo+ZfdznT99vFGM+tDodzV8/WCxwZfvuyp21blPl+PzvR8bdzZm5oeVy54vp4o4yf7/Eoqze2Yv+dX00BJ1k1+90un7Xvi5vVn1gqKXi/rtduN6ws7yD9y9usfr3h+5LrRf/ffenfe+OavP3Tlj8bX/WmtoPvjHtvSm+M+kPbvQE7/1lsd887G/n3/Nddt3VQrL+rnt+76N10W5D/xVLLrxr2fH9+6dWLnrs72q9PX07idbC93+3oaz27LC/ar1LJf83ejk/7q9PkW27+p6/5qfr4NhaSr14W931+26LMP7N8z3PKodENXldL4pa7i/+SyI69csf/rX8uNf2eMX+kq/viLT3955elXH8iNf0+Sxh8ojr8ktMRfd/BI/+Jjjz2eG38stn9hV+1/4cMf/en9zz3yUm78EOMPddf/rx645PmRkZ/nxn82SbczdY0UwkOvX7i5tp6EvvT5FtvR19SukF1PMuulzHq5cb2UziLEDZSTpLk81kvLz2loSzt/mFMer8IGVtSWb8T1kL0xc/mJptRw7m9XXnSdCgBwqovv/8dr0Pj+/0R6oZQ/0wDT5pqHrciJG/Ow6fmcBU33r0jjx8fHecCR94exqeUto7UL/dm+jxCfD9l5zrid897THKPt/MTBxo1Ut98yz1k0/74qsx7bVZsvrzTkoanWvKYSOph/b93OzPPvmd0vfj9r9EstzRptmLfKHr++dMas3ecdMu2tTEXIGx/ZebH4eY6RJWF9dXsdjo/s52jicch+jiZu58zMibPbz9HkjY/h1n5oalccH7HeDOOj2uTi9yNbj1+YoX+nj1/7aNnjN4vjPTBVf77fn+3BvGHbU9rxmzec3/fDToh5yTbxj/O85KKW+OkT7ESfN4zlsZ8qHc4nfjqnvFfzifF0Edt1dIa2HA/mE4FTVcz/42vEVP4/dQH+fzP1ivKU7FVjjJf7OaFy+/YU5R2tn9Mb7Op1fOPBHV/pHzl2Xu51zuOdfk5vR9PaYMHnfor6cXVmvbAfcyZoivK97HaK+j37uYyhsLirfr9v390funfp7Zfm9vv62gtpcb/f1bS2uKDfT4J8oX18+cKplC+0xu/R5xiK5s/y85FyvR3zko+kH3yar3zkD3LKZ5uPDLbcqO9X1Ymbj0y/kDblI33Ht10AwMkj5v/198/S/P+f44VFeh1RlLeen1mP8XLz1pzrk7y89ffT5Q2Z+kPpb1TM9rr54+c+euuiY4+cnZu33NNpHvofm9aGC/PQueXNuXnE+t58Xjw3j6jnWXPLE3PbX88T55an57xN25Cnzy2Pzu2feh7dPA9w15HpTGOm+HEeIDd+fR6gh3nuL6crHb88t2C+LrOxuNrpfN3xzqOnSvqWNO9nc1482Js8Ov312fnKoz+VUz7bPHqo5UZ9v6pO3Dy6uVweDQCcqmL+Hy/jqvl/fwhPxQoL4425vc+emxf06Lo9+/dA6vGfnZe8cjp+j97/Lc775jtvne+8fr7nJU7293/ne15ouPoHPOdrnuwt+7zrvOTF/1y/1XFenG5UXgwAwIks5v8xzY/v/z+VqTfX/KQlf+urXUJO5ycnX37eWO8kzs8vD8crP+8/mfPzk33+a34/J3Nq5f/Tunxf/I3JUzj/r7ZZ/g8AcFKK+X/8tcf49//+c7qe/bv1Hebp92Q/zut9dO+jB3l6B3l6j+fZYvzGzwGcxPMA5ZNrHqB2Y+F0/VNpHqCqL5gMAAA4CfRVM6XW37P/TLrM/p593u/lX5Euk5D71bszqqSXx1fv3jkxceWeHZvGd09cuf26TRO7rrx+55bduyfq185zyxtz85Y0b+wLlbQ/2tfL5m1L07+HsDTn7yFk68ewZ1VvtP49hOxmFxb8HYHp49dZe/OOX2mG+u3GRzzenY6PP8ypH9WP/zV/dMGVm3dduWX7lt1bxrdu2TvRXG+4+pvUnX9vZhyPs/q+1MyPFqXZf39nPDxza0eppR19aX/kfT97kmnHsrQly/K+/yCn3d/7r3/+x+dOvnl/CGPvKL97Tv2XrJv8T5dP/P7uwz/cMdX+0oztr9dM21X0faXZ+nF/Kluv27X7vZuv27M9+42S3YnzGaX6+jx9riF9+pc7nJ/YmFM+29/fL7fcODF1PD8BAECT+P5/vJ6N7x9+Nb2AiuWFefr2Wr25vn+cm6ePdZanZ7+XrChPz9aP+9tpnj4wxzw9u/2iPL1d/XZ5el7enRf/D3Lqz1bn46SLz3lU0n54YP+e3HFyVWfjJPt9BkXjJFt/tuMkmeM4yW6/aJy0q99unOQd97z4n8ypn6doPFTq42Fun8vJHQ93djYefi2zXjQesvVnOx5KcxwP2e0XjYd29duNh7zj2xq/eYKg2/NG8/iYGhjVcTFx5fXX7fx8Q735/v6L0PqRjE7at2D6sfP7/R/d6rx/5/dzX3NvfwjrqiV57Y/vDyyYVfs7/VzZ3Ntf1P+z+FzZktDyubLc9j87t5mwzts/v9/vkpFXvfXxx2u+Nh12RZ8/K5rH3ZBTPtt53AUtN05M5nHhrRPz/3g1F/P/29Nlr98GOvm/J62L17l4DvY9Zvn93+F1zNvu9Tz7lrvXcwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBTQn9lRXV5+LZdxz5x5u9+788mXr/59/5h2y2/+oVv/mz0mt/+7oOD33jj0KZzNv/od0675tHPXXrw7r9+4rXFD//yxcLAw9WflfPT1YEQkpeTEAa+c/QvvnjomTOmypIQQjkZ3hfCsmT5E8uSTISxX4QQNtXb2XznQ69fuHlqecvt/U3lSzNBsvsVhsqxPY3tDOGGwj3iJDSQjrO9x65/b/jxb2249Qcrv/V3fQde2jddJRloGE8hLLmq8fF9IYSF6f8pcbStiA9Ol+tDCIMNj/tAQbve02H71+Ssn5UuF6TLoYI48f5VmfVSpl52PerLLBv2dWHBpruS145u6xVZlFnPnozmKq+dsXxZuvx2ujx/lvHL8X8SSkmo1Ju/NamOkXf+j3Q9HrckJNVjOVBfL9WPbUj3P7OeZNZLmfVyX2a/qmMzHWjlJGkuj/Uy5fF0XEnLz2k8V7fxqZzyd6XLgfSJ+kZcD9kbNUMtN+r7VRXbdXSGtqT+Q/viSvEjO1BqOAe1K68f+PRgDKVlQ8nylsdMthHvO7ThjtXljU8eHs5pR/JgksZP2sWvFMXf+/1liz77wP49K/LiX1VK45e6av9PLjvyyhX7v/613Ph3xvjlruJf8Njgy5c9dduq3P45Gvun0lX88Ref/vLK068+kNv+e2L8ga7irzt4pH/xsccez23/WOyfhV3Ff+HDH/3p/c898lJu/BDjD3YVf+PBHV/pHzl2Xm78x2P/DHU3fl49cMnzIyM/H82L/2yMv7ir+Pftu/tD9y69/dLc47s+9s9wV/E/fu6jty469sjZeefO5J5evXICvD2dll5jfSldnzHP7MvPM+eqIV/4q9FK7ZpvUfp/cS83lDG1nSXzGB8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgFPTP9100Wcu/8gnN1SSEJKcOpNtxPvKC9atG+1iu+MvPv3lladffaCxbEUXcQAAAIBiMQ8v1UsGwopwfbIwnNW2fpwjOCuuJc3l2TmEGCc7R9BtnFKbOKUu4pR71J5Kj+L09SjOgh7F6e9RnIGCOAOhszgLZ4hTmRoBHbZncMb2dB5nqEdxFvUozuJMiG7jLOlRe5b2KM7wjHE6H4fLehRneY/inNajOKf3KM47ehTnnT2Kc0aP4mTnlGc7DhenNc/Mi1O9US6MU0nK9TvazaefkW7n7DluZ6hgO4uLXo873M7CDrfznszjSrPczkCH2/mVOW4n6XA7vzbH7ZQKthPH7Q3Z9sXtxLUOx/+NPYqzt0dxvtCjODf1KM6f9CjOn/Yozs2h+eJ0tnEAOhXz/+l8bzj0V34jDKZnnOwsQMx3V1Z/tr7e5Z2QYrx3Z8oXFMXLJuqZeCtn277sBEIm3qpMeV9TvEo9H5kh3kBjvNWZO2fa3w+va9+2xnjnZ8r7Z4jXtAMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcBz8000Xfebyj3xyQ0jC1L+qcqbOZBvxvvKCdetGu9juoQ13rC5vfPJwY1l/patdAAAAAArEPLyvXjIQ+itrQ3+yoKneQDoPMJCul4dry5ElYf3UMhktVdcHk2UzPq6SPm7N7m071uy6ce/7tmwbv3bi2ontH1x70dpLxi6+5OI1m7dsnRir/QyhvyBeCKE6/bDrxr2fH9+6dWLnrlphtv0r0setSNeT9HEj7w9jU8tb0vYvL9heqWV783ej+OgBAAAAAAAAAAAAAAAAAAAA/59duw2VrKwDAP4/M3NnxqubN3wbF3cd1lWsrHS7hpZ4DwQJvixehJhr3WTJlaSru+iumE26kJpSBMrCsuGHNkzSpC++pES+sGCYJXQ3CZXyQ30otAwVP4QycefOmbc7s3ObxF3t9/swz5n/83+e/3kOy8L/zAUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3l+L9en52szs3GQSkQzJaQyQzeWLaVodo+5XHt/+g9L6t0/vjpUKY2wEAAAAjJT14RPtSDlKhXzk48Tmtw3RNRGdvh8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPj/s1ifnq/NzM4dmUQkQ3IaA2Rz+WKaVseo+8qbD372xfXr/9Ydq4yxDwAAADBa1ofn2pFyVOKUmEhOXOr829Hs3cDavvXLeR3ZPutWmdf/7mBY3imrzDttlXkfG5G3uTXeGAAAAPDBl/X/hXZkKkqFNSv64az/H9XXZ3kn9+XlW2O1O+mgiqtJAgAAAA6uFF39f6kdrkSpUGn366vt9zd0Qs2fzrP1o363z9af2peXrR/1e/4lrdHv9AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwwbFYn56vzczO5ZOIZEhOY4BsLl9M0+oYdTc9MfmPi/bftqE7ViqMsREAAAAwUtaHd1rvcpQKkzERRzb7/vUX3PPwlx5+dDoiltv8YjFu3LJjx3Wblj5jU5Z31nP7J77/zGvfXpF31vLnITsgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwnlmsT8/XZmbnjkgikiE5jQGyuXwxTatj1H3581/8y/0vPPZqd6wyxj4AAADAaFkf3un9y1GJYhTj+Oa37l5/Sa5v/bB3BgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCHx/XfvOkbWxYWtl7n4tBcNPIRh8Ft/I8X2T+nw+V+PvgX5UN9G4f2/yUAAOC9d3Ik0fgvnXDpob5rAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgcLBYn56vzczOlZOIZEhOY4BsLl9M0+oYddPHny+tefuJp7pjlTH2AQAAAEbL+vBO71+OSkzERBzX/DbonUCz/596H28SAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOKws1qfnazOzc2uSiGRITmOAbC5fTNPqGHXv27X3c/ce/b0Lu2OlwhgbAQAAACNlfXixHSlHqfDxKMVJre8LvQuSfGsc/F6gs257z7LJVa+r96zLH2xdUohor7uj72SF1mmW15Wz/aaWx3a9amddrrWu2rWuEu3y1fa65sPa3VNtzYjzrXzyAAAA8P7J+v9SOzIVpUKpq///aWs8ojXqcwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAwRbr0/O1mdm5JIlIhuQ0Bsjm8sU0rY5R96bffvSor/7szp3dscoY+wAAAACjZX14p/cvRyXWxUdiXbPvj6ne/Czvn7V37r37X389PeLM4w+sL/Rv+6Ps4tcvn/9k/0dErjc7F3F0q14ypN5vfn/3DRsb79wfceZx+ZNW1IuD1+vdMm08Utt6yY5nDmwf8XAAAADgQyLr/yfakakoFa4d2v9nnfeI/r+t2YAffcOuXxzb+mx15H0rclOterkh9b6w8cE/n3rO319b6v9X1vtk++rTe6+599iegsuRPknamLlm5+YDZ+/LZaderp/vq589ly9/69V/X3XjXe8s1y9HuRVf23cry9VWfvaVj7SxkNszd/G7e+q99QtDzn/b75564Vdr73xrqf6bJ0+2658Wg+ovn7wwtH4ckTYmL7t997l792/urR8R1UH1X3/rwjjhj1ff2n/+yb6Nu59892f/A0gbz214Y98591TO662f9NXPnv/PX7hv90/u+u6jWf3sb0VOP2W19XN99Z+945hdT99y6dre+rkh53/y8hfXb6t+5w/957+yZ9fC0LtoKXbqP3DGQ1e8tCW9uf/RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfLgs1qfnazOzc7kkIhmS0xggm8sX07Q6Rt1XLnr+9cvv/PEPu2OVMfYBAAAARsv68E7vX45KFKMYk82+/5Ha1kt2PHNge0wtzyatsbCw7fodn7hq285rrzxEdw4AAACs1isXJc3+v9COTEWpsDEmWv3/zDU7Nx84e18u6/9zS2MSEVddvbD1zGjnPXvHMbuevuXSte33BBHNPwsoL+V9ppN3wfnPT73xp6+fOjBvUyfvuQ1v7Dvnnsp5WV50550V7fcTD5zx0BUvbUlvbt9fd96nvrZtofV6Itt38rLbd5+7d//mXPYeozVOtvbN8hZye+YufndPPTcVpaX5fCuv3Do3AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALDSYn16vjYzOxf5iGRITqNbK5DN5YtpWh2j7sUbf3nrUW8/tq47ViqMsREAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwH/YgQMBAAAAACD/10aoqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwn79hMZRxXEAf283MZts0iatYFRM06oo9dCiIKIXFRVpRQqeKkWqrT2IgiCi1IOptGKpihfB6qWICmqUQgUbi6VVUvFf8eJBBYXqQSjFgGYpHlSyebPZTHfcdlMF7ecDy8t7M/Od38y8fZsBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgP6Wna7jeHtnxSO3Oi2797Kn7p5+8/YOHtl3xxFs/jW66+dO9fa+fnNy8fMu3tyzddOCBNRO7Xzn828B7fxxrG/z4bLMydSshxBMxhMqHUy8+Pfn5BTNjMYRQjoNjIQzFJYeHYi5h9e8hhM2NOudv3Dd9zZaZdtuunnnji3Mh+esK1XJWz6zB+fXy/1JJ82xr7bGrwvc3rd/+5bJ33+kePz42t0uc2aec5lMIizY2H98dQuhNnxnZbBvODk7tuhBCX9Nx17Wp69LTrH9VCLVcv+7i1J6X2mqbnGz7ily/lNsv389059q+NudbqKI6Ot2vnf5cP78YLVSjzlWtx4dS+35qV55hfjn7xFCKoatR/oNxbo6EpucWQ6w/y0qjX2o825CuP9ePuX4p1y93566rft400coxzh/P9suNZ8txVxpf3rxWt3BXwfiFqa2kL+rJrB/yf8yqnvJH47rqsrqm/qaWf0OpaQ1qNd548OlhVNNYNS455Zg/W8i2Ta5/9vLyho+ODBbUEffGlB87yt/6xVD/PW/vfHS4KH9jKeWXOsr/Ye3RX+7e+erLhfkvZPnljvKvPth3Yu3HO1YU3p+puRXkdPJj6mfb7j32yXPLzr9vvNWzrmfuye5/paP6b5w42jNQO3iosP7V2f3p7Sj/uxtu+/HNr/cfL8wPWX5fR/kbJh5+vmekdmVh/qHZr0K1PkM7mD+/jl/7zcjIz6NF+V9l93+gRX5sm//G2O7rX1u8a03h/FyX3Z/BlN97RvXfcdmB7f21/ZcUrZ1xz9n65QQ4Ny1N/2M9k/rt3jP3TZdavmcuVNP7wkujXbO/QP3pM3A2T5Qzc55F/2A+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD8xQ4ckAAAAAAI+v+6HYECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAATwUAAP//D0cc+A==")
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x0)
unlink(&(0x7f0000000180)='./file1\x00')

5.446301272s ago: executing program 0 (id=11899):
r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0xffe, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x8, 0x1, 0x1})
ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f00000000c0)=@mmap={0x1, 0x1, 0x4, 0x0, 0x0, {0x77359400}, {0x0, 0x0, 0x0, 0x5, 0x0, 0x1, "bf631e4b"}})
ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000140)=@multiplanar_mmap={0x0, 0x1, 0x4, 0x0, 0xd, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x3d, 0x0, 0x0, "a730ba01"}, 0x0, 0x1, {0x0}})
ioctl$vim2m_VIDIOC_STREAMOFF(r0, 0x40045612, &(0x7f0000000000)=0x1)

5.296952524s ago: executing program 1 (id=11900):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
ioctl$TUNSETLINK(r0, 0x400454cc, 0x1)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})

3.296299167s ago: executing program 9 (id=11904):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r1 = dup(r0)
r2 = syz_open_dev$loop(&(0x7f0000000080), 0x47ffffa, 0x62800)
mmap(&(0x7f0000001000/0x4000)=nil, 0x4000, 0x5, 0x12, r2, 0x0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)

3.162108479s ago: executing program 5 (id=11905):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000240)='mmap_lock_acquire_returned\x00', r0}, 0x18)
sendto$inet6(0xffffffffffffffff, &(0x7f00000001c0)="a6e2976b5c4383036d32dadd2e144d8645", 0x11, 0x840, 0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f00000001c0)='maps\x00')
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0xc0686611, &(0x7f0000000180)={0x68, 0x0, 0x17, 0x2000, &(0x7f0000ffd000/0x2000)=nil})

3.16026338s ago: executing program 1 (id=11906):
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000000)=0x6, 0xa)
bind$inet6(r0, &(0x7f0000f67fe4)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
r1 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r1, &(0x7f0000f67fe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)

2.994834479s ago: executing program 2 (id=11907):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x4, &(0x7f0000006680))
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c0)
r0 = landlock_create_ruleset(&(0x7f00000002c0)={0x2001}, 0x18, 0x0)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000300)='./file1\x00', 0x200000, 0x0)
landlock_add_rule$LANDLOCK_RULE_PATH_BENEATH(r0, 0x1, &(0x7f0000000340)={0x2000, r1}, 0x0)

2.809204994s ago: executing program 2 (id=11908):
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
r1 = syz_io_uring_setup(0x186, &(0x7f0000000080)={0x0, 0x0, 0x13100, 0x2, 0x2de}, &(0x7f0000000100)=<r2=>0x0, &(0x7f0000000000)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0x0, {0xa0}})
io_uring_enter(r1, 0x2def, 0x0, 0xe, 0x0, 0x0)
sendto$inet(r0, 0x0, 0x0, 0x20008000, &(0x7f0000007780)={0x2, 0x4e22, @remote}, 0x10)

2.495884373s ago: executing program 0 (id=11909):
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
sendmmsg$inet_sctp(r0, &(0x7f00000032c0)=[{&(0x7f0000000000)=@in={0x2, 0x0, @private=0xa010102}, 0x10, 0x0, 0x0, 0x0, 0x68}], 0x1, 0x100800c1)
r1 = socket$inet(0x2, 0x80001, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r2=>0x0}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp_SCTP_RTOINFO(r0, 0x84, 0x0, &(0x7f0000000080)={r2, 0xd9, 0x6, 0x401}, 0x10)

2.472916699s ago: executing program 1 (id=11910):
r0 = socket$netlink(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = dup(r1)
getsockname$packet(r2, &(0x7f00000000c0)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x96)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)=ANY=[@ANYBLOB="ec0000001000010800"/20, @ANYRES32=r3, @ANYBLOB="0000000000000000cc001a8018000a8014000700fe8000800000000000000000000000aab00002802c000180280016"], 0xec}}, 0x0)

2.322542902s ago: executing program 5 (id=11911):
ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4400ae8f, &(0x7f0000000140)=@x86={0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0xfffffff8, 0x0, 0xff, 0xff})
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
setsockopt$sock_linger(r0, 0x1, 0xd, &(0x7f0000000140)={0x1, 0xf}, 0x8)
shutdown(r0, 0x1)

2.167992671s ago: executing program 2 (id=11912):
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x40, 0x1ff)
execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r0, 0x9)

1.929215236s ago: executing program 0 (id=11913):
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000240)={0x0, <r1=>0x0}, &(0x7f0000000280)=0x5)
setuid(r1)
r2 = socket(0x10, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f00000000c0)={'ip6gre0\x00', 0x0})

1.75216121s ago: executing program 1 (id=11914):
r0 = syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f0000000240)=ANY=[@ANYBLOB="12010000020000402505a1a440000102030109025c0002010000000904000001020d0000052406000105240000400d240f0100000000000000000006241a0000080905810300020000000904010000020d00000904010102020d00000905820f000200fd00090503020002"], 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000740)={0x44, 0x0, 0x0, 0x0, &(0x7f0000000600)={0x20, 0x80, 0x1c, {0xe, 0x1, 0x1, 0xf007, 0x9, 0x2, 0x8, 0x0, 0x2, 0x1, 0xa, 0x6}}, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)

1.707370971s ago: executing program 5 (id=11915):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
getsockopt$sock_cred(r1, 0xffff, 0x1022, &(0x7f00000001c0)={<r2=>0x0}, &(0x7f0000000200)=0xc)
fcntl$lock(r0, 0x7, &(0x7f00000000c0)={0x3, 0x0, 0xffffffffffffbffe, 0xff, r2})
r3 = socket(0x18, 0x1, 0x0)
connect$unix(r3, &(0x7f00000000c0)=@abs={0x682eb13985c518e6, 0x7}, 0x1c)

1.643067927s ago: executing program 2 (id=11916):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x141e42, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
setsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(0xffffffffffffffff, 0x84, 0xa, &(0x7f0000000080)={0x7f, 0x221, 0x203, 0xa5, 0x45ae, 0x4, 0xfffffffd, 0xa2f}, 0x20)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000080)=ANY=[])

1.513807422s ago: executing program 0 (id=11917):
r0 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x8042, 0x0)
fallocate(r0, 0x0, 0x5, 0x3)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27ffff7, 0x4012011, r0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
mbind(&(0x7f0000051000/0x4000)=nil, 0x4000, 0x3, &(0x7f0000000080)=0x2, 0x95, 0x2)

1.262549272s ago: executing program 5 (id=11918):
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x3)
write$uinput_user_dev(r0, &(0x7f0000000ec0)={'syz0\x00', {0x0, 0x0, 0xfffe, 0x9}, 0xd, [0x0, 0x0, 0x0, 0x0, 0x0, 0x7ff, 0x0, 0x0, 0x0, 0x1, 0x7, 0x0, 0x0, 0x0, 0x5, 0x20001, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x2, 0x7b8ec57e, 0x2000006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2000000, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x1000000], [0x0, 0x0, 0x4, 0x9, 0x2, 0x200000, 0x0, 0x0, 0x0, 0x0, 0x7ff, 0x0, 0xfffffffe, 0x0, 0x2, 0x0, 0x9, 0x20, 0x0, 0x200400, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x1010, 0x0, 0xf, 0x0, 0x7fff, 0x0, 0x1, 0x40, 0xfffffffe, 0x4, 0x1, 0x0, 0x0, 0x0, 0xfffffffd, 0xfffffffd, 0x0, 0xfffffffa, 0xa10000, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0xe], [0x7, 0x0, 0x4, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x3, 0x5, 0x0, 0x0, 0xfffffffc, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0xe, 0x1, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x4c44, 0x2, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0xffffffff, 0xfffffffc, 0x80000000, 0x7, 0x4], [0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0xc045, 0x0, 0x0, 0x7, 0x1000, 0x0, 0x80, 0x0, 0x3, 0x2, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x4, 0x4, 0x0, 0x0, 0xfffffffd, 0x0, 0x4, 0x0, 0x0, 0xfffffffe, 0x5]}, 0x45c)
ioctl$UI_DEV_CREATE(r0, 0x5501)
write$uinput_user_dev(r0, &(0x7f0000000a40)={'syz1\x00', {0xfffd, 0xd}, 0x4d, [0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000, 0x0, 0x5, 0x0, 0x0, 0x0, 0x2, 0x0, 0x80, 0x1, 0x0, 0x0, 0x3, 0x1000000, 0x1, 0x0, 0x4, 0x0, 0x7ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0x4, 0x0, 0x0, 0x3, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0xfffffffe, 0xffff, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x40, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [0xffffffff, 0x3, 0x7, 0xfffffffd, 0x0, 0x6, 0x0, 0xfffffffb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x400000, 0x1, 0x0, 0x0, 0xfffffffe, 0x0, 0x4, 0x0, 0x20001, 0x2, 0x0, 0x0, 0x0, 0x20000000, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0xfd5], [0x0, 0x80000000, 0x6, 0x2, 0x0, 0x0, 0x7ff, 0x0, 0x0, 0x0, 0x0, 0x4, 0xfffffffc, 0x0, 0x200000, 0x0, 0x0, 0x0, 0x4, 0x10000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x3, 0x7fffffc, 0x0, 0x0, 0x7fff, 0x0, 0xfffffff8, 0x0, 0x80, 0x0, 0x0, 0x0, 0xfffffffb, 0x0, 0x0, 0xfffffffd, 0x0, 0x10000000, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x6, 0x2, 0x0, 0x2], [0x81, 0x0, 0x5d30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4004, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfc2, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x2, 0x2, 0x0, 0x0, 0x0, 0x0, 0xe58b, 0xe, 0x0, 0x3, 0x0, 0x1, 0x1ff]}, 0x45c)

816.228719ms ago: executing program 0 (id=11919):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f00000000c0)={{0x12, 0x1, 0x0, 0xcf, 0x8b, 0xed, 0x20, 0xfd9, 0x25, 0x2940, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xca, 0xfb, 0x1a}}]}}]}}, 0x0)
syz_usb_control_io$uac1(r0, 0x0, &(0x7f0000000580)={0x44, &(0x7f0000000700)={0x20, 0x11, 0x1, "ce"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r1 = syz_open_dev$I2C(&(0x7f0000000000), 0x1, 0x402)
ioctl$I2C_PEC(r1, 0x708, 0x7)
ioctl$I2C_SMBUS(r1, 0x720, &(0x7f00000001c0)={0x0, 0x6, 0x4, &(0x7f0000000040)={0x9, "05424a2ef7d4b4f043c07e3efe66dd00aeffac04a3461dc7fd0000000000000001"}})

815.85022ms ago: executing program 2 (id=11920):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)=ANY=[@ANYBLOB="7800000010000304000000000000000000007400", @ANYRES32=0x0, @ANYBLOB="00000000600000005800128008000100677470004c00028008000100", @ANYRES32, @ANYBLOB="08000100", @ANYRES32, @ANYBLOB="0800030002000000080007006401010108000700ac1414bb0800020003"], 0x78}}, 0x0)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
syz_emit_ethernet(0x2a, &(0x7f00000015c0)={@broadcast, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @broadcast}, {0x0, 0x4e20, 0x8}}}}}, 0x0)

531.247733ms ago: executing program 5 (id=11921):
syz_mount_image$bfs(&(0x7f0000000040), &(0x7f0000000000)='./bus\x00', 0x10, &(0x7f00000004c0)=ANY=[@ANYBLOB="004a5ee0571b8b8ed0f6a48d325fba60ad6f06000000000000007c070002000000000021b507dcf20b43396d320c73fa0435a17ef90d9e367a72143ad49101519c27821d8fb92ae6ac27790cf4b0e5ba4f28f0717d21815a8c028cd891adb9ed510bc262d300000000000046d3817e28effc50f2bcd60c4d947d5e38e19ad1850bfeef8025459fcbf2f16438c2624c0c3a1323988be1f74e65c5098522bae8e8ba957ad8774e4e665c9a4ad49144e3f9ebfe06eff9b8edc7440e932e133e228e344bd22a3ac2e2d3a9f006a3aef51a7aec57bbf2c360e284b902ade529a9140c889a18f357d7a424f96ca02d9b917784e84246cfcd5ff450a276bd4c8b77aae199342dc8ade5b0d1f9f54dd440ae3736fb92ba0e088ab18dd6a79e96e5cf2f97f41a90c175ee9590a2033a6a1a64c3"], 0x1, 0x9e, &(0x7f00000006c0)="$eJzszr2JAkEABeB3Gxx7yTZwwXVwNWgRVmBoaKQI2pCtWIKpkYGpyYjsCrKggYE/8H0wDG8eA29zXP+mScoyKaWs0ipn09l88p3b7nV8hqq76yR/TZv3w2SQ5Kvrt4fF+HJ630f1CzYDAACPqfLfz1cPu5/nLwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4L6cAAAD//6LYGgE=")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
pwritev(r0, &(0x7f0000001fc0)=[{&(0x7f0000000140)="b196242d", 0x4}], 0x1, 0x3ff, 0x9d)
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1, 0x10012, r0, 0x0)
renameat2(0xffffffffffffff9c, 0x0, r0, &(0x7f0000000080)='./file1/file0\x00', 0x0)

172.011238ms ago: executing program 2 (id=11922):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x3}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000001740)={0x140, r1, 0x205, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_PROBE_RESP={0x4}, @NL80211_ATTR_BEACON_HEAD={0x6b, 0xe, {{{0x0, 0x0, 0x8, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1}, {0x81}, @device_b, @device_b, @initial, {0x6}}, 0x9, @default, 0x1971, @val, @void, @val={0x3, 0x1, 0xb5}, @void, @val={0x6, 0x2, 0xe}, @void, @void, @val={0x2a, 0x1, {0x1, 0x1, 0x1}}, @val={0x3c, 0x4, {0x1, 0x9, 0x30, 0xb6}}, @void, @val={0x72, 0x6}, @val={0x71, 0x7, {0xffffffffffffffff, 0x0, 0x1, 0xffffffffffffffff, 0x2, 0xb}}, @val={0x76, 0x6, {0x4, 0x2, 0x7, 0x5}}, [{0xdd, 0x16, "0918774de152cc75746953f32716b6a724a522828a6d"}]}}, @NL80211_ATTR_FTM_RESPONDER={0x9c, 0x10e, 0x0, 0x1, [@NL80211_FTM_RESP_ATTR_LCI={0x93, 0x2, "10060656695dfc013a56fcc3881157a7e14bda6600167461a7db47273f195dc2296250c29464c519677d92e30f7e6fe4520df93dba9bb1df7e7e4bdedd8d3f5f4c331208d4909d32431aac120f33fa9ee577a4971f4eaf89bbb92e5bbdd837f45c7825a45e46c303f69ee5e96ceb872a38875240b0a57a2a972087730907752c3b2b6784f71b457caab2f5f59cfd7e"}, @NL80211_FTM_RESP_ATTR_ENABLED={0x4}]}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}]}, 0x140}}, 0x24000080)

0s ago: executing program 5 (id=11923):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000400)='blkio.bfq.dequeue\x00', 0x275a, 0x0)
write$UHID_CREATE2(r0, &(0x7f00000002c0)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1000009, 0x12, r0, 0x0)
r1 = socket$inet_smc(0x2b, 0x1, 0x0)
getsockopt$inet_tcp_int(r1, 0x11e, 0x1, 0xffffffffffffffff, &(0x7f0000000540))

kernel console output (not intermixed with test programs):

tadata+0xfb/0x160
[ 2397.226806][ T4168]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[ 2397.226986][ T4168]  ? kmsan_get_metadata+0xfb/0x160
[ 2397.227162][ T4168]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[ 2397.227338][ T4168]  ? kmsan_get_metadata+0xfb/0x160
[ 2397.227514][ T4168]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[ 2397.227701][ T4168]  ? kmsan_get_metadata+0xfb/0x160
[ 2397.227877][ T4168]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[ 2397.228056][ T4168]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[ 2397.228259][ T4168]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[ 2397.228455][ T4168]  do_writepages+0x3f2/0x860
[ 2397.228594][ T4168]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[ 2397.228782][ T4168]  ? writeback_sb_inodes+0x21/0x1c90
[ 2397.228934][ T4168]  ? kmsan_get_metadata+0xfb/0x160
[ 2397.229120][ T4168]  __writeback_single_inode+0x101/0x1190
[ 2397.229320][ T4168]  ? kmsan_get_metadata+0xfb/0x160
[ 2397.229543][ T4168]  writeback_sb_inodes+0xaa9/0x1c90
[ 2397.229825][ T4168]  ? kmsan_get_metadata+0xfb/0x160
[ 2397.230074][ T4168]  wb_writeback+0x4ce/0xc00
[ 2397.230270][ T4168]  ? queue_io+0x4c1/0x790
[ 2397.230475][ T4168]  wb_workfn+0x397/0x1910
[ 2397.230651][ T4168]  ? kmsan_get_metadata+0xfb/0x160
[ 2397.230877][ T4168]  ? __pfx_wb_workfn+0x10/0x10
[ 2397.231025][ T4168]  process_scheduled_works+0xb91/0x1d80
[ 2397.231298][ T4168]  worker_thread+0xedf/0x1590
[ 2397.231549][ T4168]  kthread+0xd5c/0xf00
[ 2397.231679][ T4168]  ? __pfx_worker_thread+0x10/0x10
[ 2397.231869][ T4168]  ? __pfx_kthread+0x10/0x10
[ 2397.232000][ T4168]  ret_from_fork+0x1e3/0x310
[ 2397.232133][ T4168]  ? __pfx_kthread+0x10/0x10
[ 2397.232265][ T4168]  ret_from_fork_asm+0x1a/0x30
[ 2397.232461][ T4168]  </TASK>
[ 2397.558105][ T4168] F2FS-fs (loop9): Stopped filesystem due to reason: 3
[ 2397.919880][T18451] plantronics 0003:047F:FFFF.0051: reserved main item tag 0xe
[ 2397.928064][T18451] plantronics 0003:047F:FFFF.0051: unknown main item tag 0x0
[ 2397.944233][T18451] plantronics 0003:047F:FFFF.0051: No inputs registered, leaving
[ 2397.997011][T18451] plantronics 0003:047F:FFFF.0051: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.5-1/input0
[ 2398.396613][T28326] usb 6-1: USB disconnect, device number 33
[ 2398.800101][  T483] loop2: detected capacity change from 0 to 1024
[ 2398.813631][  T483] EXT4-fs: Ignoring removed bh option
[ 2399.776767][  T486] loop0: detected capacity change from 0 to 40427
[ 2399.801121][  T486] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[ 2399.814413][  T486] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[ 2399.846652][  T486] F2FS-fs (loop0): invalid crc value
[ 2399.861237][  T483] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-001000000000 r/w without journal. Quota mode: writeback.
[ 2400.152668][  T483] EXT4-fs error (device loop2): ext4_iget_extra_inode:5035: inode #15: comm syz.2.11043: corrupted in-inode xattr: e_value out of bounds
[ 2400.208264][  T486] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[ 2400.216733][  T486] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[ 2400.775430][  T499] overlayfs: invalid origin (000000790000000000000000000000000000000000000000000000000000000000000000000000000000000000000000)
[ 2401.585591][  T501] loop9: detected capacity change from 0 to 32768
[ 2401.602796][T32568] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-001000000000.
[ 2404.135407][  T531] loop2: detected capacity change from 0 to 256
[ 2404.161935][  T531] exfat: Deprecated parameter 'namecase'
[ 2404.194568][  T533] loop0: detected capacity change from 0 to 1024
[ 2404.206714][  T533] EXT4-fs: Ignoring removed bh option
[ 2404.270219][  T533] EXT4-fs (loop0): stripe (5) is not aligned with cluster size (16), stripe is disabled
[ 2404.298243][  T531] exFAT-fs (loop2): failed to load upcase table (idx : 0x00017f3e, chksum : 0x0b83170a, utbl_chksum : 0xe619d30d)
[ 2404.332648][  T524] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 2404.340086][  T524] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 2404.346979][  T524] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 2404.353651][  T524] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 2404.360212][  T524] Bluetooth: hci4: Opcode 0x0406 failed: -4
[ 2404.403336][  T533] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 2404.490953][  T524] Bluetooth: hci4: Opcode 0x0406 failed: -4
[ 2404.607031][  T533] EXT4-fs error (device loop0): ext4_check_all_de:659: inode #12: block 7: comm syz.0.11062: bad entry in directory: rec_len is too small for name_len - offset=16, inode=14, rec_len=40, size=124 fake=0
[ 2404.705178][  T533] EXT4-fs (loop0): Remounting filesystem read-only
[ 2405.336594][T31335] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 2405.775777][ T5794] Bluetooth: hci1: command 0x0406 tx timeout
[ 2406.415839][ T5794] Bluetooth: hci4: command 0x0c1a tx timeout
[ 2406.422426][T21315] Bluetooth: hci3: command 0x0405 tx timeout
[ 2406.429811][T21315] Bluetooth: hci2: command 0x0405 tx timeout
[ 2408.099416][  T565] loop9: detected capacity change from 0 to 32768
[ 2408.119804][  T565] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop9 (7:9) scanned by syz.9.11075 (565)
[ 2408.241178][  T565] BTRFS info (device loop9): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[ 2408.251861][  T565] BTRFS info (device loop9): using crc32c (crc32c-x86_64) checksum algorithm
[ 2408.261732][  T565] BTRFS info (device loop9): disk space caching is enabled
[ 2408.271658][  T565] BTRFS warning (device loop9): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[ 2408.495211][T21315] Bluetooth: hci4: command 0x0c1a tx timeout
[ 2408.597143][  T565] BTRFS info (device loop9): rebuilding free space tree
[ 2408.642787][  T565] BTRFS info (device loop9): disabling free space tree
[ 2408.650410][  T565] BTRFS info (device loop9): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[ 2408.664623][  T565] BTRFS info (device loop9): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[ 2408.831983][  T565] BTRFS info (device loop9 state M): max_inline set to 4096
[ 2408.913081][T22504] BTRFS info (device loop9): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[ 2408.966873][  T591] netlink: 8 bytes leftover after parsing attributes in process `syz.2.11080'.
[ 2410.552989][  T606] loop2: detected capacity change from 0 to 2048
[ 2410.577645][T21315] Bluetooth: hci4: command 0x0c1a tx timeout
[ 2411.165370][T18451] usb 10-1: new high-speed USB device number 19 using dummy_hcd
[ 2411.273691][  T608] loop0: detected capacity change from 0 to 32768
[ 2411.350673][T18451] usb 10-1: Using ep0 maxpacket: 16
[ 2411.406802][  T608] XFS (loop0): Mounting V5 Filesystem 9f1cad42-11bd-4e12-8f0b-f07876b81d9a
[ 2411.419245][  T606] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 2411.453617][T18451] usb 10-1: config 0 has an invalid descriptor of length 208, skipping remainder of the config
[ 2411.464740][T18451] usb 10-1: config 0 interface 0 altsetting 1 has an endpoint descriptor with address 0xA5, changing to 0x85
[ 2411.479124][T18451] usb 10-1: config 0 interface 0 altsetting 1 endpoint 0x85 has an invalid bInterval 161, changing to 11
[ 2411.495130][T18451] usb 10-1: config 0 interface 0 altsetting 1 endpoint 0x85 has invalid maxpacket 26366, setting to 1024
[ 2411.510556][T18451] usb 10-1: config 0 interface 0 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 2411.523861][T18451] usb 10-1: config 0 interface 0 has no altsetting 0
[ 2411.639190][T18451] usb 10-1: New USB device found, idVendor=06cb, idProduct=0006, bcdDevice=9a.eb
[ 2411.649037][T18451] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2411.660091][T18451] usb 10-1: Product: syz
[ 2411.664763][T18451] usb 10-1: Manufacturer: syz
[ 2411.669730][T18451] usb 10-1: SerialNumber: syz
[ 2411.808100][T18451] usb 10-1: config 0 descriptor??
[ 2411.815719][  T613] raw-gadget.0 gadget.9: fail, usb_ep_enable returned -22
[ 2412.083495][  T613] raw-gadget.0 gadget.9: fail, usb_ep_enable returned -22
[ 2412.178974][T18451] input: syz syz as /devices/platform/dummy_hcd.9/usb10/10-1/10-1:0.0/input/input75
[ 2412.179408][  T608] XFS (loop0): Ending clean mount
[ 2412.283079][  T608] XFS (loop0): syz.0.11090 should use fallocate; XFS_IOC_{ALLOC,FREE}SP ioctl unsupported
[ 2412.382945][T31335] XFS (loop0): Unmounting Filesystem 9f1cad42-11bd-4e12-8f0b-f07876b81d9a
[ 2412.476536][T28326] usb 10-1: USB disconnect, device number 19
[ 2415.256846][  T690] loop9: detected capacity change from 0 to 512
[ 2415.897971][  T690] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 2415.911352][  T690] ext4 filesystem being mounted at /812/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 2415.927861][  T706] loop2: detected capacity change from 0 to 256
[ 2416.709672][T22504] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 2418.323413][  T722] netlink: 12 bytes leftover after parsing attributes in process `syz.5.11102'.
[ 2418.333129][  T722] tipc: Started in network mode
[ 2418.342998][  T722] tipc: Node identity @emory.en, cluster identity 8
[ 2419.285527][  T724] loop2: detected capacity change from 0 to 32768
[ 2419.885931][  T732] bridge_slave_0: left allmulticast mode
[ 2419.893134][  T732] bridge_slave_0: left promiscuous mode
[ 2419.900092][  T732] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2420.578244][  T734] loop9: detected capacity change from 0 to 32768
[ 2420.593862][  T734] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop9 (7:9) scanned by syz.9.11107 (734)
[ 2420.618099][  T732] bridge_slave_1: left allmulticast mode
[ 2420.624083][  T732] bridge_slave_1: left promiscuous mode
[ 2420.631002][  T732] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2420.688822][  T734] BTRFS info (device loop9): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[ 2420.709364][  T734] BTRFS info (device loop9): using sha256 (sha256-x86_64) checksum algorithm
[ 2420.720962][  T734] BTRFS info (device loop9): using free-space-tree
[ 2420.758524][  T732] bond0: (slave bond_slave_0): Releasing backup interface
[ 2420.821570][  T732] bond0: (slave bond_slave_1): Releasing backup interface
[ 2420.930421][  T732] team0: Port device team_slave_0 removed
[ 2421.036447][  T732] team0: Port device team_slave_1 removed
[ 2421.049939][  T732] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 2421.059622][  T732] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 2421.118101][  T732] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 2421.126323][  T732] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 2421.193418][  T734] BTRFS info (device loop9): rebuilding free space tree
[ 2421.476710][  T732] bond0: (slave netdevsim3): Releasing backup interface
[ 2421.653595][T22504] BTRFS info (device loop9): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[ 2422.515541][  T764] vlan2: entered promiscuous mode
[ 2422.520855][  T764] bond0: entered promiscuous mode
[ 2422.526283][  T764] bond_slave_0: entered promiscuous mode
[ 2422.533088][  T764] bond_slave_1: entered promiscuous mode
[ 2423.106516][  T766] loop0: detected capacity change from 0 to 4096
[ 2423.171205][  T766] NILFS (loop0): invalid segment: Checksum error in segment payload
[ 2423.182247][  T766] NILFS (loop0): trying rollback from an earlier position
[ 2423.271752][  T766] NILFS (loop0): recovery complete
[ 2423.318938][  T769] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 2423.378715][   T30] audit: type=1800 audit(2000000874.247:1170): pid=766 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.11114" name="bus" dev="loop0" ino=12 res=0 errno=0
[ 2424.305621][  T779] netlink: 16 bytes leftover after parsing attributes in process `syz.0.11118'.
[ 2424.690628][  T783] loop9: detected capacity change from 0 to 64
[ 2425.222947][T22504] hfs: node 4:3 still has 1 user(s)!
[ 2426.441414][  T797] loop2: detected capacity change from 0 to 8
[ 2426.470561][  T796] loop0: detected capacity change from 0 to 256
[ 2427.405704][ T5794] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 2427.415772][ T5794] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 2427.448965][ T5794] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 2427.468146][ T5794] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 2427.489492][ T5794] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 2428.342854][  T813] loop2: detected capacity change from 0 to 32768
[ 2428.466235][  T813] ocfs2: Slot 0 on device (7,2) was already allocated to this node!
[ 2429.050512][  T813] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[ 2429.311305][  T819] loop0: detected capacity change from 0 to 40427
[ 2429.344097][  T819] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[ 2429.355437][  T819] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[ 2429.383999][  T819] F2FS-fs (loop0): invalid crc value
[ 2429.398819][T32568] ocfs2: Unmounting device (7,2) on (node local)
[ 2429.631761][ T5794] Bluetooth: hci3: command tx timeout
[ 2429.739347][  T819] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[ 2429.749475][  T819] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[ 2430.372042][  T808] chnl_net:caif_netlink_parms(): no params data found
[ 2431.695521][ T5794] Bluetooth: hci3: command tx timeout
[ 2431.729167][  T846] overlayfs: only single ':' or double '::' sequences of unescaped colons in lowerdir mount option allowed.
[ 2432.579939][  T808] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2432.597862][  T808] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2432.611092][  T808] bridge_slave_0: entered allmulticast mode
[ 2432.622784][  T808] bridge_slave_0: entered promiscuous mode
[ 2432.719602][  T808] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2432.733263][  T808] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2432.741363][  T808] bridge_slave_1: entered allmulticast mode
[ 2432.751240][  T808] bridge_slave_1: entered promiscuous mode
[ 2433.234228][  T808] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2433.326604][  T808] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2433.485726][  T851] loop9: detected capacity change from 0 to 32768
[ 2433.500265][  T851] btrfs: Deprecated parameter 'usebackuproot'
[ 2433.509040][  T851] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[ 2433.543310][  T851] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop9 (7:9) scanned by syz.9.11146 (851)
[ 2433.618149][  T851] BTRFS info (device loop9): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[ 2433.628924][  T851] BTRFS info (device loop9): using sha256 (sha256-x86_64) checksum algorithm
[ 2433.640789][  T851] BTRFS info (device loop9): using free-space-tree
[ 2433.774789][ T5794] Bluetooth: hci3: command tx timeout
[ 2433.835503][  T865] netlink: 8 bytes leftover after parsing attributes in process `syz.2.11147'.
[ 2433.844920][  T865] netlink: 4 bytes leftover after parsing attributes in process `syz.2.11147'.
[ 2433.862502][  T808] team0: Port device team_slave_0 added
[ 2433.921075][  T808] team0: Port device team_slave_1 added
[ 2434.023958][  T865] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[ 2434.033189][  T865] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[ 2434.044622][  T865] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[ 2434.053653][  T865] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[ 2434.087534][  T851] BTRFS info (device loop9): rebuilding free space tree
[ 2434.384202][  T808] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 2434.391590][  T808] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2434.419605][  T808] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 2434.605710][  T808] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 2434.608531][T22504] BTRFS info (device loop9): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[ 2434.612800][  T808] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2434.657270][  T808] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 2435.198772][  T808] hsr_slave_0: entered promiscuous mode
[ 2435.212076][  T808] hsr_slave_1: entered promiscuous mode
[ 2435.221947][  T808] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 2435.229946][  T808] Cannot create hsr debugfs directory
[ 2435.882016][ T5794] Bluetooth: hci3: command tx timeout
[ 2436.504084][  T808] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2436.601035][   T30] audit: type=1326 audit(2000000887.477:1171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=893 comm="syz.2.11156" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0732f8e929 code=0x0
[ 2436.807344][  T896] loop2: detected capacity change from 0 to 512
[ 2437.678003][  T891] loop0: detected capacity change from 0 to 32768
[ 2437.705653][  T808] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2437.752662][  T891] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[ 2437.765263][  T891] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[ 2437.795475][  T891] gfs2: fsid=syz:syz.0: journal 0 mapped with 5 extents in 0ms
[ 2437.844145][T28326] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[ 2437.853671][T28326] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[ 2437.979117][  T808] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2438.103391][  T808] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2438.206858][T28326] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 353ms
[ 2438.217811][T28326] gfs2: fsid=syz:syz.0: jid=0: Done
[ 2438.223341][  T891] gfs2: fsid=syz:syz.0: first mount done, others may mount
[ 2438.595927][  T808] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 2438.696397][  T808] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 2438.795226][  T808] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 2438.859951][  T808] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 2440.343007][  T808] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2440.576450][  T808] 8021q: adding VLAN 0 to HW filter on device team0
[ 2440.631387][  T694] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2440.639087][  T694] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2440.766616][  T694] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2440.774292][  T694] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2441.132502][  T808] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 2443.406297][  T967] loop0: detected capacity change from 0 to 32768
[ 2443.436058][  T967] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[ 2443.448754][  T967] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[ 2443.481320][  T967] gfs2: fsid=syz:syz.0: fatal: filesystem consistency error - inode = 1 19, function = gfs2_dinode_in, file = fs/gfs2/glops.c, line = 399
[ 2443.495995][  T967] gfs2: fsid=syz:syz.0: G:  s:SH n:2/13 f:aqobnN t:SH d:EX/0 a:0 v:0 r:2 m:20 p:1
[ 2443.507968][  T967] gfs2: fsid=syz:syz.0:  H: s:SH f:eEcH e:0 p:0 [(none)] init_inodes+0x124/0x510
[ 2443.517669][  T967] gfs2: fsid=syz:syz.0:  I: n:1/19 t:8 f:0x00 d:0x00000000 s:0 p:0
[ 2443.526103][  T967] gfs2: fsid=syz:syz.0: about to withdraw this file system
[ 2443.537407][  T967] gfs2: fsid=syz:syz.0: Journal recovery skipped for jid 0 until next mount.
[ 2443.552377][  T967] gfs2: fsid=syz:syz.0: Glock dequeues delayed: 0
[ 2443.559486][  T967] gfs2: fsid=syz:syz.0: File system withdrawn
[ 2443.565988][  T967] CPU: 1 UID: 0 PID: 967 Comm: syz.0.11180 Not tainted 6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(undef) 
[ 2443.566158][  T967] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2443.566255][  T967] Call Trace:
[ 2443.566311][  T967]  <TASK>
[ 2443.566367][  T967]  __dump_stack+0x26/0x30
[ 2443.566564][  T967]  dump_stack_lvl+0x1df/0x270
[ 2443.566780][  T967]  dump_stack+0x1e/0x25
[ 2443.566930][  T967]  gfs2_withdraw+0x1d26/0x22e0
[ 2443.567225][  T967]  gfs2_consist_inode_i+0x1b2/0x250
[ 2443.567374][  T967]  inode_go_instantiate+0x12a7/0x1cf0
[ 2443.567659][  T967]  ? __pfx_inode_go_instantiate+0x10/0x10
[ 2443.567853][  T967]  gfs2_instantiate+0x24c/0x4b0
[ 2443.568009][  T967]  gfs2_glock_wait+0x26a/0x3b0
[ 2443.568163][  T967]  gfs2_glock_nq+0x28cf/0x34a0
[ 2443.568357][  T967]  init_journal+0x13e8/0x3a30
[ 2443.568527][  T967]  ? init_inodes+0x124/0x510
[ 2443.568661][  T967]  ? init_inodes+0x124/0x510
[ 2443.568781][  T967]  ? kmsan_get_metadata+0xfb/0x160
[ 2443.568966][  T967]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[ 2443.569163][  T967]  init_inodes+0x124/0x510
[ 2443.569336][  T967]  gfs2_fill_super+0x384a/0x3f50
[ 2443.569493][  T967]  ? init_locking+0xed/0x500
[ 2443.569700][  T967]  get_tree_bdev_flags+0x6e3/0x920
[ 2443.569927][  T967]  ? __pfx_gfs2_fill_super+0x10/0x10
[ 2443.570087][  T967]  ? __pfx_gfs2_fill_super+0x10/0x10
[ 2443.570240][  T967]  ? __pfx_gfs2_get_tree+0x10/0x10
[ 2443.570394][  T967]  get_tree_bdev+0x38/0x50
[ 2443.570587][  T967]  gfs2_get_tree+0x57/0x350
[ 2443.570714][  T967]  ? __pfx_gfs2_get_tree+0x10/0x10
[ 2443.570845][  T967]  vfs_get_tree+0xb0/0x5c0
[ 2443.571024][  T967]  ? mount_capable+0x99/0x100
[ 2443.571185][  T967]  do_new_mount+0x738/0x1610
[ 2443.571407][  T967]  ? kmsan_get_metadata+0xfb/0x160
[ 2443.571592][  T967]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[ 2443.571796][  T967]  path_mount+0x6db/0x1e90
[ 2443.571978][  T967]  ? user_path_at+0x32d/0x3d0
[ 2443.572175][  T967]  __se_sys_mount+0x6eb/0x7d0
[ 2443.572364][  T967]  ? kmsan_internal_unpoison_memory+0x14/0x20
[ 2443.572573][  T967]  __x64_sys_mount+0xe4/0x150
[ 2443.572765][  T967]  x64_sys_call+0xfa7/0x3db0
[ 2443.572942][  T967]  do_syscall_64+0xd9/0x210
[ 2443.573083][  T967]  ? irqentry_exit+0x16/0x60
[ 2443.573201][  T967]  ? clear_bhb_loop+0x40/0x90
[ 2443.573345][  T967]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2443.573489][  T967] RIP: 0033:0x7fcb3fb900ca
[ 2443.573595][  T967] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2443.573715][  T967] RSP: 002b:00007fcb40abbe68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 2443.573842][  T967] RAX: ffffffffffffffda RBX: 00007fcb40abbef0 RCX: 00007fcb3fb900ca
[ 2443.573939][  T967] RDX: 0000200000000400 RSI: 0000200000012500 RDI: 00007fcb40abbeb0
[ 2443.574029][  T967] RBP: 0000200000000400 R08: 00007fcb40abbef0 R09: 0000000000200001
[ 2443.574120][  T967] R10: 0000000000200001 R11: 0000000000000246 R12: 0000200000012500
[ 2443.574197][  T967] R13: 00007fcb40abbeb0 R14: 00000000000125bb R15: 00002000000004c0
[ 2443.574322][  T967]  </TASK>
[ 2443.886425][  T967] gfs2: fsid=syz:syz.0: can't acquire journal inode glock: -5
[ 2444.020738][  T808] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 2444.664423][  T808] veth0_vlan: entered promiscuous mode
[ 2444.853676][  T808] veth1_vlan: entered promiscuous mode
[ 2445.016436][  T983] batadv_slave_1: entered promiscuous mode
[ 2445.035577][  T981] batadv_slave_1: left promiscuous mode
[ 2445.042887][  T984] netlink: 12 bytes leftover after parsing attributes in process `syz.2.11186'.
[ 2445.237325][  T808] veth0_macvtap: entered promiscuous mode
[ 2445.291109][  T808] veth1_macvtap: entered promiscuous mode
[ 2445.458057][  T808] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 2445.605619][  T808] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 2445.726065][  T808] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 2445.735545][  T808] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 2445.747169][  T808] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 2445.756464][  T808] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 2446.150871][  T997] loop2: detected capacity change from 0 to 256
[ 2447.046693][ T1001] loop0: detected capacity change from 0 to 32768
[ 2447.060685][ T1001] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.11193 (1001)
[ 2447.092497][ T1001] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[ 2447.103552][ T1001] BTRFS info (device loop0): using crc32c (crc32c-x86_64) checksum algorithm
[ 2447.112786][ T1001] BTRFS info (device loop0): using free-space-tree
[ 2447.325431][T28326] usb 6-1: new full-speed USB device number 34 using dummy_hcd
[ 2447.457827][T31335] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[ 2447.522536][T28326] usb 6-1: config 0 has an invalid interface number: 67 but max is 0
[ 2447.533695][T28326] usb 6-1: config 0 has no interface number 0
[ 2447.636000][T28326] usb 6-1: New USB device found, idVendor=0456, idProduct=f000, bcdDevice=ab.07
[ 2447.646567][T28326] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2447.655161][T28326] usb 6-1: Product: syz
[ 2447.659631][T28326] usb 6-1: Manufacturer: syz
[ 2447.664557][T28326] usb 6-1: SerialNumber: syz
[ 2447.789007][T28326] usb 6-1: config 0 descriptor??
[ 2447.825336][T28326] ftdi_sio 6-1:0.67: FTDI USB Serial Device converter detected
[ 2447.839082][T28326] ftdi_sio ttyUSB0: unknown device type: 0xab07
[ 2448.278603][T28624] usb 6-1: USB disconnect, device number 34
[ 2448.286937][T28624] ftdi_sio 6-1:0.67: device disconnected
[ 2448.631731][ T1044] loop2: detected capacity change from 0 to 256
[ 2448.782763][   T30] audit: type=1804 audit(2000000899.657:1172): pid=1044 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.11200" name="/newroot/51/file1/file0" dev="loop2" ino=1049098 res=1 errno=0
[ 2449.591516][ T1063] rtc_cmos 00:00: Alarms can be up to one day in the future
[ 2449.600072][T28326] psmouse serio10: Failed to reset mouse on : -5
[ 2450.384075][ T1062] loop2: detected capacity change from 0 to 32768
[ 2450.406235][ T1062] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.11204 (1062)
[ 2450.465638][ T1062] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[ 2450.478245][ T1062] BTRFS info (device loop2): using crc32c (crc32c-x86_64) checksum algorithm
[ 2450.490279][ T1062] BTRFS info (device loop2): disk space caching is enabled
[ 2450.502710][ T1062] BTRFS warning (device loop2): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[ 2450.729564][ T1062] BTRFS info (device loop2): rebuilding free space tree
[ 2450.769307][ T1062] BTRFS info (device loop2): disabling free space tree
[ 2450.776864][ T1062] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[ 2450.790120][ T1062] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[ 2451.121614][T32568] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[ 2453.396090][T28326] misc userio: Buffer overflowed, userio client isn't keeping up
[ 2454.467019][T28326] input: PS/2 Generic Mouse as /devices/serio10/input/input76
[ 2454.813189][T28326] psmouse serio10: Failed to enable mouse on 
[ 2455.033443][ T1111] loop2: detected capacity change from 0 to 32768
[ 2455.146491][ T1111] bcachefs (loop2): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[ 2455.146649][ T1111]   allowing incompatible features above 0.0: (unknown version)
[ 2455.146735][ T1111]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[ 2455.196783][ T1111] bcachefs (loop2): Using encoding defined by superblock: utf8-12.1.0
[ 2455.205370][ T1111] bcachefs (loop2): initializing new filesystem
[ 2455.234931][ T1111] bcachefs (loop2): going read-write
[ 2455.360303][ T1111] bcachefs (loop2): marking superblocks
[ 2455.424599][ T1111] bcachefs (loop2): initializing freespace
[ 2455.461100][ T1111] bcachefs (loop2): done initializing freespace
[ 2455.483177][ T1111] bcachefs (loop2): reading snapshots table
[ 2455.490564][ T1111] bcachefs (loop2): reading snapshots done
[ 2455.574249][ T1111] bcachefs (loop2): done starting filesystem
[ 2455.897434][T32568] bcachefs (loop2): shutting down
[ 2455.902901][T32568] bcachefs (loop2): going read-only
[ 2455.909457][T32568] bcachefs (loop2): finished waiting for writes to stop
[ 2456.059845][ T1128] loop9: detected capacity change from 0 to 4096
[ 2456.086408][T32568] bcachefs (loop2): flushing journal and stopping allocators, journal seq 3
[ 2456.280759][ T1128] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 2456.305146][T32568] bcachefs (loop2): flushing journal and stopping allocators complete, journal seq 3
[ 2456.370502][T32568] bcachefs (loop2): clean shutdown complete, journal seq 4
[ 2456.455383][T32568] bcachefs (loop2): marking filesystem clean
[ 2456.643203][T32568] bcachefs (loop2): shutdown complete
[ 2456.777907][  T682] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2456.787041][  T682] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2457.032917][T22504] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 2457.150590][  T658] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2457.161405][  T658] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2460.503502][ T1168] loop9: detected capacity change from 0 to 32768
[ 2460.515244][ T1168] BTRFS: device fsid 3d39d0ba-bdae-447e-827b-b091e1a68885 devid 1 transid 8 /dev/loop9 (7:9) scanned by syz.9.11233 (1168)
[ 2460.547019][ T1168] BTRFS info (device loop9): first mount of filesystem 3d39d0ba-bdae-447e-827b-b091e1a68885
[ 2460.557678][ T1168] BTRFS info (device loop9): using crc32c (crc32c-x86_64) checksum algorithm
[ 2460.566990][ T1168] BTRFS info (device loop9): using free-space-tree
[ 2461.028155][T22504] BTRFS info (device loop9): last unmount of filesystem 3d39d0ba-bdae-447e-827b-b091e1a68885
[ 2463.344232][ T1219] loop2: detected capacity change from 0 to 65
[ 2463.425354][ T1219] BFS-fs: bfs_fill_super(): NOTE: filesystem loop2 was created with 512 inodes, the real maximum is 511, mounting anyway
[ 2463.538410][ T1215] loop1: detected capacity change from 0 to 2048
[ 2463.694871][ T1215] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 2463.743254][ T1225] netlink: 4 bytes leftover after parsing attributes in process `syz.9.11236'.
[ 2464.552009][ T1231] loop2: detected capacity change from 0 to 512
[ 2464.774164][ T1231] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[ 2464.790098][ T1231] ext4 filesystem being mounted at /57/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 2465.499495][T32568] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[ 2466.117341][ T1254] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2466.179331][ T1254] iommufd_mock iommufd_mock1: Adding to iommu group 1
[ 2466.817314][ T1267] x_tables: ip_tables: recent.0 match: invalid size 216 (kernel) != (user) 4096
[ 2467.409683][ T1279] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[ 2467.427497][T28624] IPVS: starting estimator thread 0...
[ 2467.521775][ T1281] loop0: detected capacity change from 0 to 512
[ 2467.555390][ T1283] IPVS: using max 240 ests per chain, 12000 per kthread
[ 2467.576429][ T1281] EXT4-fs: Ignoring removed bh option
[ 2467.626443][ T1281] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem
[ 2467.740504][ T1281] EXT4-fs (loop0): 1 truncate cleaned up
[ 2467.753283][ T1281] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 2468.192749][T31335] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 2470.151569][ T1316] loop1: detected capacity change from 0 to 40427
[ 2470.167875][ T1318] loop9: detected capacity change from 0 to 4096
[ 2470.211275][ T1318] ntfs3(loop9): Different NTFS sector size (4096) and media sector size (512).
[ 2470.229532][ T1316] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[ 2470.238863][ T1316] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[ 2470.688988][ T1316] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[ 2470.696636][ T1316] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[ 2471.178944][ T1318] ntfs3(loop9): Mark volume as dirty due to NTFS errors
[ 2471.217902][ T1318] ntfs3(loop9): Failed to load $Extend (-22).
[ 2471.226771][ T1318] ntfs3(loop9): Failed to initialize $Extend.
[ 2472.193169][ T1333] loop2: detected capacity change from 0 to 32768
[ 2472.297895][ T1333] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[ 2472.672096][T32568] ocfs2: Unmounting device (7,2) on (node local)
[ 2472.727803][ T1340] loop0: detected capacity change from 0 to 256
[ 2475.208492][ T1358] vivid-003: disconnect
[ 2475.226012][ T1357] vivid-003: reconnect
[ 2475.477744][   T30] audit: type=1800 audit(2000000926.347:1173): pid=1350 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.11298" name="file1" dev="tmpfs" ino=3865 res=0 errno=0
[ 2476.868617][ T1378] loop2: detected capacity change from 0 to 4096
[ 2476.956643][ T1385] netlink: 68 bytes leftover after parsing attributes in process `syz.9.11310'.
[ 2477.028363][ T1378] NILFS (loop2): invalid segment: Checksum error in segment payload
[ 2477.037090][ T1378] NILFS (loop2): trying rollback from an earlier position
[ 2477.113600][ T1378] NILFS (loop2): recovery complete
[ 2477.379416][T31948] usb 10-1: new high-speed USB device number 20 using dummy_hcd
[ 2477.571731][T31948] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0
[ 2477.586071][T31948] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0xB has an invalid bInterval 0, changing to 7
[ 2477.733526][T31948] usb 10-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[ 2477.741186][ T1381] loop0: detected capacity change from 0 to 32768
[ 2477.746992][T31948] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2477.761127][T31948] usb 10-1: Product: syz
[ 2477.765886][T31948] usb 10-1: Manufacturer: syz
[ 2477.770852][T31948] usb 10-1: SerialNumber: syz
[ 2477.791335][ T1391] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 2477.854271][ T1381] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 2478.016426][T31948] usb 10-1: config 0 descriptor??
[ 2478.328527][ T1381] XFS (loop0): Ending clean mount
[ 2478.348228][ T1381] XFS (loop0): Quotacheck needed: Please wait.
[ 2478.469171][ T1381] XFS (loop0): Quotacheck: Done.
[ 2478.622153][T31335] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 2478.632076][T31948] usb 10-1: USB disconnect, device number 20
[ 2479.268512][ T1410] loop2: detected capacity change from 0 to 1024
[ 2479.363805][ T1412] input: syz0 as /devices/virtual/input/input77
[ 2479.407745][ T1410] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 2479.607565][ T1418] EXT4-fs error (device loop2): __ext4_remount:6736: comm syz.2.11318: Abort forced by user
[ 2479.651787][ T1418] EXT4-fs (loop2): Remounting filesystem read-only
[ 2479.659017][ T1418] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000.
[ 2480.061986][T32568] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 2480.117216][ T1422] loop1: detected capacity change from 0 to 1024
[ 2480.318917][   T30] audit: type=1800 audit(2000000931.187:1174): pid=1422 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.11322" name="file2" dev="loop1" ino=21 res=0 errno=0
[ 2480.712918][ T1432] IPVS: wrr: UDP 224.0.0.2:0 - no destination available
[ 2481.214266][ T1438] syzkaller1: entered promiscuous mode
[ 2481.226101][ T1438] syzkaller1: entered allmulticast mode
[ 2481.783147][ T1447] loop2: detected capacity change from 0 to 1024
[ 2481.826650][ T1447] EXT4-fs: Ignoring removed bh option
[ 2481.903008][ T1447] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 2481.916077][ T1447] ext4 filesystem being mounted at /72/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 2482.061866][ T1447] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[ 2482.151569][ T1447] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 21 with max blocks 43 with error 28
[ 2482.167224][ T1447] EXT4-fs (loop2): This should not happen!! Data will be lost
[ 2482.167224][ T1447] 
[ 2482.177756][ T1447] EXT4-fs (loop2): Total free blocks count 0
[ 2482.184117][ T1447] EXT4-fs (loop2): Free/Dirty block details
[ 2482.190600][ T1447] EXT4-fs (loop2): free_blocks=4293918720
[ 2482.198906][ T1447] EXT4-fs (loop2): dirty_blocks=48
[ 2482.204240][ T1447] EXT4-fs (loop2): Block reservation details
[ 2482.210666][ T1447] EXT4-fs (loop2): i_reserved_data_blocks=3
[ 2482.595130][T32568] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 2489.525662][T28326] usb 3-1: new high-speed USB device number 23 using dummy_hcd
[ 2489.744809][T28326] usb 3-1: Using ep0 maxpacket: 16
[ 2489.761701][T28326] usb 3-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[ 2489.775895][T28326] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 2489.788451][T28326] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 2489.857482][T28326] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 2489.871958][T28326] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2489.882528][T28326] usb 3-1: Product: syz
[ 2489.887103][T28326] usb 3-1: Manufacturer: syz
[ 2489.891937][T28326] usb 3-1: SerialNumber: syz
[ 2490.387370][T28326] usb 3-1: 0:2 : does not exist
[ 2490.514133][ T1585] loop9: detected capacity change from 0 to 128
[ 2490.650959][ T1585] EXT4-fs (loop9): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 2490.703199][ T1585] ext4 filesystem being mounted at /874/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[ 2490.826242][ T1585] EXT4-fs warning (device loop9): ext4_dirblock_csum_verify:375: inode #2: comm syz.9.11366: No space for directory leaf checksum. Please run e2fsck -D.
[ 2490.847770][ T1585] EXT4-fs error (device loop9): htree_dirblock_to_tree:1051: inode #2: comm syz.9.11366: Directory block failed checksum
[ 2490.995150][ T1589] loop1: detected capacity change from 0 to 1024
[ 2491.013407][T22504] EXT4-fs (loop9): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 2491.092989][T28326] usb 3-1: USB disconnect, device number 23
[ 2491.322415][ T1528] hfsplus: b-tree write err: -5, ino 4
[ 2491.762583][ T1600] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 2492.126423][ T1604] loop2: detected capacity change from 0 to 1024
[ 2492.262228][ T1604] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 2492.439998][   T30] audit: type=1800 audit(2000000943.317:1175): pid=1604 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.11374" name="bus" dev="loop2" ino=18 res=0 errno=0
[ 2492.783853][T32568] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 2493.184915][T28326] usb 1-1: new high-speed USB device number 36 using dummy_hcd
[ 2493.316237][ T1629] loop2: detected capacity change from 0 to 256
[ 2493.375861][T28326] usb 1-1: Using ep0 maxpacket: 8
[ 2493.416681][T28326] usb 1-1: New USB device found, idVendor=2040, idProduct=d300, bcdDevice=16.b3
[ 2493.426198][T28326] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2493.434625][T28326] usb 1-1: Product: syz
[ 2493.439014][T28326] usb 1-1: Manufacturer: syz
[ 2493.443831][T28326] usb 1-1: SerialNumber: syz
[ 2493.537962][T28326] usb 1-1: config 0 descriptor??
[ 2493.652622][ T1629] FAT-fs (loop2): Directory bread(block 64) failed
[ 2493.661484][ T1629] FAT-fs (loop2): Directory bread(block 65) failed
[ 2493.672745][ T1629] FAT-fs (loop2): Directory bread(block 66) failed
[ 2493.681144][ T1629] FAT-fs (loop2): Directory bread(block 67) failed
[ 2493.689468][ T1629] FAT-fs (loop2): Directory bread(block 68) failed
[ 2493.699719][ T1629] FAT-fs (loop2): Directory bread(block 69) failed
[ 2493.707484][ T1629] FAT-fs (loop2): Directory bread(block 70) failed
[ 2493.718634][ T1629] FAT-fs (loop2): Directory bread(block 71) failed
[ 2493.730649][ T1629] FAT-fs (loop2): Directory bread(block 72) failed
[ 2493.737850][ T1629] FAT-fs (loop2): Directory bread(block 73) failed
[ 2493.979179][T28326] msi2500 1-1:0.0: Registered as swradio24
[ 2493.985729][T28326] msi2500 1-1:0.0: SDR API is still slightly experimental and functionality changes may follow
[ 2494.097706][T28326] usb 1-1: USB disconnect, device number 36
[ 2494.910241][ T1645] loop2: detected capacity change from 0 to 128
[ 2494.987436][ T1648] loop1: detected capacity change from 0 to 64
[ 2495.006420][ T1645] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 2495.035241][ T1645] ext4 filesystem being mounted at /79/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 2495.085522][ T1648] BFS-fs: bfs_fill_super(): loop1 is unclean, continuing
[ 2495.395278][T26467] usb 10-1: new high-speed USB device number 21 using dummy_hcd
[ 2495.444240][T32568] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 2495.617356][T26467] usb 10-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 2495.629022][T26467] usb 10-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[ 2495.639638][T26467] usb 10-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 2495.651845][T26467] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2495.836618][ T1652] raw-gadget.0 gadget.9: fail, usb_ep_enable returned -22
[ 2495.883763][T26467] usb 10-1: Quirk or no altset; falling back to MIDI 1.0
[ 2496.161922][T26467] usb 10-1: USB disconnect, device number 21
[ 2496.234798][T28624] usb 3-1: new high-speed USB device number 24 using dummy_hcd
[ 2496.375883][ T1663] input: syz0 as /devices/virtual/input/input78
[ 2496.414948][T28624] usb 3-1: Using ep0 maxpacket: 8
[ 2496.429546][T28624] usb 3-1: config 0 has an invalid interface number: 52 but max is 0
[ 2496.438530][T28624] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 2496.449693][T28624] usb 3-1: config 0 has no interface number 0
[ 2496.458460][T28624] usb 3-1: config 0 interface 52 altsetting 1 endpoint 0x8A has an invalid bInterval 0, changing to 7
[ 2496.469940][T28624] usb 3-1: config 0 interface 52 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 2496.487219][T28624] usb 3-1: config 0 interface 52 has no altsetting 0
[ 2496.732483][T28624] usb 3-1: New USB device found, idVendor=06cb, idProduct=0003, bcdDevice=e8.00
[ 2496.744598][T28624] usb 3-1: New USB device strings: Mfr=22, Product=0, SerialNumber=0
[ 2496.752952][T28624] usb 3-1: Manufacturer: syz
[ 2496.776888][T28624] usb 3-1: config 0 descriptor??
[ 2496.941806][ T1668] netlink: 'syz.1.11400': attribute type 29 has an invalid length.
[ 2496.967870][ T1668] netlink: 'syz.1.11400': attribute type 29 has an invalid length.
[ 2497.023921][T28624] input: syz as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.52/input/input79
[ 2497.042421][ T1668] netlink: 500 bytes leftover after parsing attributes in process `syz.1.11400'.
[ 2497.052693][ T1668] unsupported nla_type 58
[ 2497.227773][ T5794] Bluetooth: hci4: ISO packet for unknown connection handle 0
[ 2497.266800][T28624] usb 3-1: USB disconnect, device number 24
[ 2497.267016][    C1] synaptics_usb 3-1:0.52: synusb_irq - usb_submit_urb failed with result: -19
[ 2498.487433][ T1680] loop9: detected capacity change from 0 to 32768
[ 2498.721786][ T1680] ocfs2: Mounting device (7,9) on (node local, slot 0) with ordered data mode.
[ 2498.779704][ T1680] OCFS2: ERROR (device loop9): int __ocfs2_find_path(struct ocfs2_caching_info *, struct ocfs2_extent_list *, u32, path_insert_t *, void *): Owner 65 has invalid tree depth 312 in extent list
[ 2498.801632][ T1680] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted.
[ 2498.811889][ T1680] OCFS2: File system is now read-only.
[ 2498.817688][ T1680] (syz.9.11404,1680,1):ocfs2_find_leaf:1948 ERROR: status = -30
[ 2498.827945][ T1680] (syz.9.11404,1680,1):ocfs2_get_clusters_nocache:421 ERROR: status = -30
[ 2498.842876][ T1680] (syz.9.11404,1680,1):ocfs2_get_clusters:634 ERROR: status = -30
[ 2498.851068][ T1680] (syz.9.11404,1680,1):ocfs2_extent_map_get_blocks:681 ERROR: status = -30
[ 2498.862440][ T1680] (syz.9.11404,1680,1):ocfs2_read_virt_blocks:997 ERROR: status = -30
[ 2498.871020][ T1680] (syz.9.11404,1680,1):ocfs2_read_dir_block:511 ERROR: status = -30
[ 2498.973264][ T1689] loop2: detected capacity change from 0 to 512
[ 2499.030733][ T1689] EXT4-fs: Invalid want_extra_isize 1932
[ 2499.064196][T22504] ocfs2: Unmounting device (7,9) on (node local)
[ 2499.440092][ T1693] netlink: 12 bytes leftover after parsing attributes in process `syz.0.11409'.
[ 2499.465185][T28326] usb 3-1: new high-speed USB device number 25 using dummy_hcd
[ 2499.665177][T28326] usb 3-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[ 2499.674813][T28326] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2499.738290][T28326] usb 3-1: config 0 descriptor??
[ 2499.755550][T28326] cp210x 3-1:0.0: cp210x converter detected
[ 2500.177622][T28326] cp210x 3-1:0.0: failed to get vendor val 0x000e size 3: -32
[ 2500.238790][T28326] usb 3-1: cp210x converter now attached to ttyUSB0
[ 2500.406913][T28326] usb 3-1: USB disconnect, device number 25
[ 2500.451454][T28326] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[ 2500.499460][T28326] cp210x 3-1:0.0: device disconnected
[ 2500.719067][ T1701] netlink: 128 bytes leftover after parsing attributes in process `syz.0.11413'.
[ 2501.270896][ T1703] loop0: detected capacity change from 0 to 256
[ 2501.338572][ T1703] vfat: Deprecated parameter 'posix'
[ 2501.346630][ T1703] FAT-fs: "posix" option is obsolete, not supported now
[ 2501.349135][ T1699] loop9: detected capacity change from 0 to 32768
[ 2501.378888][ T1699] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop9 (7:9) scanned by syz.9.11408 (1699)
[ 2501.398353][ T5794] Bluetooth: hci5: Opcode 0x1003 failed: -110
[ 2501.419603][ T1699] BTRFS info (device loop9): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[ 2501.430356][ T1699] BTRFS info (device loop9): using blake2b (blake2b-256-generic) checksum algorithm
[ 2501.445837][ T1699] BTRFS info (device loop9): using free-space-tree
[ 2501.829336][T22504] BTRFS info (device loop9): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[ 2502.172937][ T1724] loop0: detected capacity change from 0 to 4096
[ 2502.270557][ T1724] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 2502.353914][ T1724] fs-verity: sha256 using implementation "sha256-x86_64"
[ 2502.384772][ T1724] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.11417: bg 0: block 66: padding at end of block bitmap is not set
[ 2502.412209][ T1724] fs-verity (loop0, inode 15): ext4_end_enable_verity() failed with err -117
[ 2502.610801][T31335] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 2503.249917][ T1740] No such timeout policy "syz0"
[ 2503.889182][ T1748] option changes via remount are deprecated (pid=1743 comm=syz.5.11426)
[ 2504.500307][ T1750] loop9: detected capacity change from 0 to 2048
[ 2504.846900][ T1750] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 2505.176023][ T1750] EXT4-fs error (device loop9): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4128793 free clusters
[ 2505.515139][ T1765] netlink: 32 bytes leftover after parsing attributes in process `syz.2.11435'.
[ 2505.525124][ T1765] netlink: 32 bytes leftover after parsing attributes in process `syz.2.11435'.
[ 2505.818384][T22504] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 2506.046839][ T1770] netlink: 'syz.1.11436': attribute type 11 has an invalid length.
[ 2506.055204][ T1770] netlink: 8 bytes leftover after parsing attributes in process `syz.1.11436'.
[ 2507.105114][T28624] usb 1-1: new high-speed USB device number 37 using dummy_hcd
[ 2507.332614][T28624] usb 1-1: Using ep0 maxpacket: 16
[ 2507.400374][T28624] usb 1-1: New USB device found, idVendor=06be, idProduct=a232, bcdDevice=33.f3
[ 2507.410362][T28624] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2507.421248][T28624] usb 1-1: Product: syz
[ 2507.425786][T28624] usb 1-1: Manufacturer: syz
[ 2507.433877][T28624] usb 1-1: SerialNumber: syz
[ 2507.561338][T28624] usb 1-1: config 0 descriptor??
[ 2508.118084][T28624] dvb-usb: found a 'AME DTV-5100 USB2.0 DVB-T' in warm state.
[ 2508.168150][T28624] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[ 2508.210693][T28624] dvbdev: DVB: registering new adapter (AME DTV-5100 USB2.0 DVB-T)
[ 2508.219616][T28624] usb 1-1: media controller created
[ 2508.338009][T28624] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[ 2508.378951][ T1776] dtv5100: wlen = 0, aborting.
[ 2508.540530][T28624] zl10353_read_register: readreg error (reg=127, ret==0)
[ 2508.548957][T28624] dvb-usb: no frontend was attached by 'AME DTV-5100 USB2.0 DVB-T'
[ 2508.562297][T28624] dvb-usb: AME DTV-5100 USB2.0 DVB-T successfully initialized and connected.
[ 2508.604741][T28624] usb 1-1: USB disconnect, device number 37
[ 2508.669950][ T1797] loop9: detected capacity change from 0 to 512
[ 2508.722417][ T1797] UDF-fs: error (device loop9): udf_read_tagged: read failed, block=256, location=256
[ 2508.840205][   T30] audit: type=1800 audit(2000000959.707:1176): pid=1797 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.9.11447" name="file1" dev="loop9" ino=26 res=0 errno=0
[ 2508.959471][T28624] dvb-usb: AME DTV-5100 USB2.0 DVB-T successfully deinitialized and disconnected.
[ 2509.564566][ T1806] input: syz1 as /devices/virtual/input/input80
[ 2509.620541][ T1807] program syz.9.11450 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 2510.806775][ T1826] loop2: detected capacity change from 0 to 1024
[ 2510.853269][ T1826] hfsplus: Unexpected value for 'barrier'
[ 2513.053737][T28624] usb 6-1: new high-speed USB device number 35 using dummy_hcd
[ 2513.296348][T28624] usb 6-1: Using ep0 maxpacket: 16
[ 2513.356346][T28624] usb 6-1: config 0 interface 0 altsetting 16 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2513.368196][T28624] usb 6-1: config 0 interface 0 altsetting 16 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2513.385346][T28624] usb 6-1: config 0 interface 0 altsetting 16 has 1 endpoint descriptor, different from the interface descriptor's value: 28
[ 2513.400589][T28624] usb 6-1: config 0 interface 0 has no altsetting 0
[ 2513.409932][T28624] usb 6-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[ 2513.419549][T28624] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2513.799970][T28624] usb 6-1: config 0 descriptor??
[ 2513.872000][ T1860] loop0: detected capacity change from 0 to 32768
[ 2514.027427][ T1860] bcachefs (loop0): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=lz4,journal_flush_disabled,fsck,recovery_pass_last=set_may_go_rw,reconstruct_alloc,no_data_io
[ 2514.027590][ T1860]   allowing incompatible features above 0.0: (unknown version)
[ 2514.027685][ T1860]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[ 2514.048328][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2514.082311][ T1860] bcachefs (loop0): Using encoding defined by superblock: utf8-12.1.0
[ 2514.096000][ T1860] bcachefs (loop0): recovering from clean shutdown, journal seq 10
[ 2514.105936][ T1860] bcachefs (loop0): Version upgrade required:
[ 2514.105936][ T1860] Version upgrade from 0.24: unwritten_extents to 1.7: mi_btree_bitmap incomplete
[ 2514.105936][ T1860] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.28: inode_has_case_insensitive
[ 2514.105936][ T1860]   running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,check_rebalance_work,set_fs_needs_rebalance
[ 2514.179255][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2514.214051][ T1860] bcachefs (loop0): dropping and reconstructing all alloc info
[ 2514.285679][ T1860] bcachefs (loop0): btree node read error at btree extents level 0/0
[ 2514.285787][ T1860]   u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq c6c25c03258c59c5 written 16 min_key POS_MIN durability: 1 ptr: 0:27:0 gen 0
[ 2514.285920][ T1860]   loop0 node offset 0/16 bset u64s 0: invalid bkey format: field 3 too large: 0 + 4294967296 > 4294967295
[ 2514.286028][ T1860]   u64s 3 fields 64:0, 64:0, 32:0, 0:4294967296, 0:0, 0:0
[ 2514.286110][ T1860]   flagging btree extents lost data
[ 2514.286194][ T1860]   running recovery pass scan_for_btree_nodes (1), currently at recovery_pass_empty (0)
[ 2514.286287][ T1860]   ret btree_node_read_validate_error
[ 2514.359931][ T1860] bcachefs (loop0): error reading btree root btree=extents level=0: btree_node_read_error, fixing
[ 2514.531371][ T1856] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2514.541475][ T1856] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2514.624057][ T1860] bcachefs (loop0): check_topology...
[ 2514.624668][ T1860] bcachefs (loop0): btree root extents unreadable, must recover from scan
[ 2514.639888][ T1860] bcachefs (loop0): no nodes found for btree extents, continuing
[ 2514.664502][ T1860]  done
[ 2514.667472][ T1860] bcachefs (loop0): accounting_read... done
[ 2514.681066][ T1860] bcachefs (loop0): alloc_read... done
[ 2514.716926][ T1860] bcachefs (loop0): snapshots_read... done
[ 2514.813276][ T1860] bcachefs (loop0): check_allocations...
[ 2514.826841][T28624] hid (null): unknown global tag 0xc
[ 2514.951786][ T1860]  done
[ 2514.981416][ T1860] bcachefs (loop0): going read-write
[ 2515.092685][ T1860] bcachefs (loop0): insufficient writeable journal devices available: have 0, need 1
[ 2515.092685][ T1860] rw journal devs:
[ 2515.224710][ T1860] bcachefs (loop0): Fixed errors, running fsck a second time to verify fs is clean
[ 2515.251393][ T1860] bcachefs (loop0): done starting filesystem
[ 2515.308537][ T1867] loop9: detected capacity change from 0 to 4096
[ 2515.327460][ T1867] ntfs3(loop9): Different NTFS sector size (1024) and media sector size (512).
[ 2515.340303][T28624] usb 6-1: USB disconnect, device number 35
[ 2515.395534][ T1879] netlink: 'syz.2.11479': attribute type 1 has an invalid length.
[ 2515.500650][ T1879] bond1: entered promiscuous mode
[ 2515.509846][ T1879] 8021q: adding VLAN 0 to HW filter on device bond1
[ 2515.592078][ T1882] loop1: detected capacity change from 0 to 128
[ 2515.663927][ T1883] 8021q: adding VLAN 0 to HW filter on device bond2
[ 2515.686495][ T1883] bond1: (slave bond2): making interface the new active one
[ 2515.694068][ T1883] bond2: entered promiscuous mode
[ 2515.704578][ T1883] bond1: (slave bond2): Enslaving as an active interface with an up link
[ 2515.910799][T31335] bcachefs (loop0): shutting down
[ 2515.916862][T31335] bcachefs (loop0): going read-only
[ 2515.922450][T31335] bcachefs (loop0): finished waiting for writes to stop
[ 2515.999520][T31335] bcachefs (loop0): flushing journal and stopping allocators, journal seq 10
[ 2516.022026][T31335] bcachefs (loop0): flushing journal and stopping allocators complete, journal seq 10
[ 2516.038231][T31335] bcachefs (loop0): unclean shutdown complete, journal seq 10
[ 2516.167189][T31335] bcachefs (loop0): done going read-only, filesystem not clean
[ 2516.292198][T31335] bcachefs (loop0): shutdown complete
[ 2516.539756][ T1891] loop2: detected capacity change from 0 to 256
[ 2516.705780][ T1894] netlink: 8 bytes leftover after parsing attributes in process `syz.5.11486'.
[ 2519.042684][ T1918] team0 (unregistering): Port device team_slave_0 removed
[ 2519.353205][ T1918] team0 (unregistering): Port device team_slave_1 removed
[ 2521.272859][ T1934] input: syz1 as /devices/virtual/input/input81
[ 2521.339140][ T1927] loop2: detected capacity change from 0 to 40427
[ 2521.390499][ T1927] F2FS-fs (loop2): heap/no_heap options were deprecated
[ 2521.423582][ T1927] F2FS-fs (loop2): invalid crc value
[ 2521.594723][ T4117] unregister_netdevice: waiting for lo to become free. Usage count = 2
[ 2521.604474][ T4117] ref_tracker: lo@ffff88804c7ab558 has 1/1 users at
[ 2521.604474][ T4117]      dst_init+0x101/0x370
[ 2521.604474][ T4117]      dst_alloc+0x1f2/0x250
[ 2521.604474][ T4117]      rt_dst_clone+0x69/0x880
[ 2521.604474][ T4117]      ip_mc_finish_output+0xbf/0x8e0
[ 2521.604474][ T4117]      ip_mc_output+0x4f2/0xdb0
[ 2521.604474][ T4117]      ip_send_skb+0x396/0x3e0
[ 2521.604474][ T4117]      udp_send_skb+0x1375/0x1cb0
[ 2521.604474][ T4117]      udp_sendmsg+0x2f2e/0x34b0
[ 2521.604474][ T4117]      inet_sendmsg+0x1ef/0x2a0
[ 2521.604474][ T4117]      __sock_sendmsg+0x278/0x3d0
[ 2521.604474][ T4117]      ____sys_sendmsg+0x893/0xd80
[ 2521.604474][ T4117]      ___sys_sendmsg+0x271/0x3b0
[ 2521.604474][ T4117]      __sys_sendmmsg+0x2d9/0x7c0
[ 2521.604474][ T4117]      __x64_sys_sendmmsg+0xc6/0x150
[ 2521.604474][ T4117]      x64_sys_call+0x3ce7/0x3db0
[ 2521.604474][ T4117]      do_syscall_64+0xd9/0x210
[ 2521.604474][ T4117] 
[ 2521.909928][ T1927] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[ 2522.152434][T32568] syz-executor: attempt to access beyond end of device
[ 2522.152434][T32568] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[ 2522.167267][T32568] CPU: 1 UID: 0 PID: 32568 Comm: syz-executor Not tainted 6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(undef) 
[ 2522.167423][T32568] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2522.167515][T32568] Call Trace:
[ 2522.167571][T32568]  <TASK>
[ 2522.167617][T32568]  __dump_stack+0x26/0x30
[ 2522.167810][T32568]  dump_stack_lvl+0x1df/0x270
[ 2522.167988][T32568]  dump_stack+0x1e/0x25
[ 2522.168142][T32568]  f2fs_handle_critical_error+0xa6f/0xc20
[ 2522.168384][T32568]  f2fs_stop_checkpoint+0x65/0x80
[ 2522.168575][T32568]  f2fs_write_end_io+0xb4b/0x1920
[ 2522.168720][T32568]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[ 2522.168921][T32568]  ? __pfx_f2fs_write_end_io+0x10/0x10
[ 2522.169049][T32568]  bio_endio+0xe27/0xf80
[ 2522.169219][T32568]  submit_bio_noacct+0x214/0x2710
[ 2522.169483][T32568]  submit_bio+0x5a9/0x5d0
[ 2522.169694][T32568]  f2fs_submit_write_bio+0x92/0x250
[ 2522.169906][T32568]  __submit_merged_bio+0x16f/0x6a0
[ 2522.170109][T32568]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[ 2522.170333][T32568]  __submit_merged_write_cond+0x458/0x9a0
[ 2522.170567][T32568]  f2fs_write_data_pages+0x4bb2/0x5480
[ 2522.170890][T32568]  ? kmsan_get_metadata+0xfb/0x160
[ 2522.171075][T32568]  ? kmsan_get_metadata+0xfb/0x160
[ 2522.171260][T32568]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[ 2522.171453][T32568]  ? lru_cache_disable+0x11/0x40
[ 2522.171605][T32568]  ? filter_irq_stacks+0x49/0x190
[ 2522.171748][T32568]  ? stack_depot_save_flags+0x35/0x7b0
[ 2522.171916][T32568]  ? kmsan_get_metadata+0xfb/0x160
[ 2522.172089][T32568]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[ 2522.172267][T32568]  ? kmsan_get_metadata+0xfb/0x160
[ 2522.172452][T32568]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[ 2522.172634][T32568]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[ 2522.172829][T32568]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[ 2522.173049][T32568]  do_writepages+0x3f2/0x860
[ 2522.173242][T32568]  ? _raw_spin_unlock+0x30/0x50
[ 2522.173428][T32568]  ? wbc_attach_and_unlock_inode+0x131/0x680
[ 2522.173625][T32568]  filemap_fdatawrite+0x207/0x260
[ 2522.173918][T32568]  f2fs_sync_dirty_inodes+0x2ab/0x9e0
[ 2522.174117][T32568]  f2fs_write_checkpoint+0xfe2/0x2b00
[ 2522.174416][T32568]  kill_f2fs_super+0x2ff/0x970
[ 2522.174585][T32568]  ? __pfx_kill_f2fs_super+0x10/0x10
[ 2522.174729][T32568]  deactivate_locked_super+0xcb/0x3c0
[ 2522.174907][T32568]  deactivate_super+0x12f/0x140
[ 2522.175069][T32568]  cleanup_mnt+0x6fb/0x780
[ 2522.175199][T32568]  ? kmsan_internal_set_shadow_origin+0x79/0x110
[ 2522.175384][T32568]  ? __pfx___cleanup_mnt+0x10/0x10
[ 2522.175525][T32568]  __cleanup_mnt+0x22/0x30
[ 2522.175663][T32568]  task_work_run+0x209/0x2b0
[ 2522.175826][T32568]  exit_to_user_mode_loop+0x2a6/0x330
[ 2522.175994][T32568]  do_syscall_64+0x1e3/0x210
[ 2522.176128][T32568]  ? irqentry_exit+0x16/0x60
[ 2522.176246][T32568]  ? clear_bhb_loop+0x40/0x90
[ 2522.176390][T32568]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2522.176560][T32568] RIP: 0033:0x7f0732f8fc57
[ 2522.176670][T32568] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[ 2522.176794][T32568] RSP: 002b:00007ffc14f62718 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[ 2522.176929][T32568] RAX: 0000000000000000 RBX: 00007f0733010925 RCX: 00007f0732f8fc57
[ 2522.177033][T32568] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffc14f627d0
[ 2522.177116][T32568] RBP: 00007ffc14f627d0 R08: 0000000000000000 R09: 0000000000000000
[ 2522.177222][T32568] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffc14f63860
[ 2522.177352][T32568] R13: 00007f0733010925 R14: 0000000000267b84 R15: 00007ffc14f638a0
[ 2522.177496][T32568]  </TASK>
[ 2522.551384][T32568] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[ 2522.949736][ T1943] loop1: detected capacity change from 0 to 1024
[ 2522.961737][ T1943] EXT4-fs: Ignoring removed nobh option
[ 2523.358712][ T1943] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 2523.468690][  T808] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 2523.488566][ T1957] dvmrp1: entered allmulticast mode
[ 2523.535626][ T1959] dvmrp1: left allmulticast mode
[ 2524.625861][ T1973] loop1: detected capacity change from 0 to 1024
[ 2525.007678][ T1969] loop9: detected capacity change from 0 to 32768
[ 2525.055269][ T1921] usb 6-1: new high-speed USB device number 36 using dummy_hcd
[ 2525.164109][ T1969] bcachefs (loop9): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,nojournal_transaction_names
[ 2525.164237][ T1969]   allowing incompatible features above 0.0: (unknown version)
[ 2525.167157][ T1969]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[ 2525.209896][ T1969] bcachefs (loop9): Using encoding defined by superblock: utf8-12.1.0
[ 2525.219045][ T1969] bcachefs (loop9): initializing new filesystem
[ 2525.227728][ T1973] hfsplus: xattr search failed
[ 2525.244899][ T1969] bcachefs (loop9): going read-write
[ 2525.246934][ T1921] usb 6-1: Using ep0 maxpacket: 16
[ 2525.313483][ T1969] bcachefs (loop9): marking superblocks
[ 2525.337153][ T1921] usb 6-1: config index 0 descriptor too short (expected 16456, got 72)
[ 2525.346200][ T1921] usb 6-1: config 0 has an invalid interface number: 125 but max is 1
[ 2525.359587][ T1921] usb 6-1: config 0 has an invalid interface number: 125 but max is 1
[ 2525.368775][ T1921] usb 6-1: config 0 has an invalid interface number: 125 but max is 1
[ 2525.379167][ T1969] bcachefs (loop9): initializing freespace
[ 2525.386667][ T1921] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 2
[ 2525.397066][ T1921] usb 6-1: config 0 has no interface number 0
[ 2525.405982][ T1969] bcachefs (loop9): done initializing freespace
[ 2525.413309][ T1921] usb 6-1: config 0 interface 125 altsetting 4 endpoint 0x4 has invalid maxpacket 21760, setting to 64
[ 2525.423208][ T1969] bcachefs (loop9): reading snapshots table
[ 2525.426394][ T1921] usb 6-1: config 0 interface 125 altsetting 4 endpoint 0xB has invalid wMaxPacketSize 0
[ 2525.430831][ T1969] bcachefs (loop9): reading snapshots done
[ 2525.440671][ T1921] usb 6-1: config 0 interface 125 altsetting 4 endpoint 0x2 has invalid wMaxPacketSize 0
[ 2525.459753][ T1921] usb 6-1: config 0 interface 125 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 2525.474532][ T1921] usb 6-1: config 0 interface 125 has no altsetting 0
[ 2525.481586][ T1921] usb 6-1: config 0 interface 125 has no altsetting 2
[ 2525.702123][ T1969] bcachefs (loop9): done starting filesystem
[ 2525.736979][ T1921] usb 6-1: New USB device found, idVendor=050d, idProduct=0002, bcdDevice=23.27
[ 2525.746894][ T1921] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2525.755480][ T1921] usb 6-1: Product: syz
[ 2525.763031][ T1921] usb 6-1: Manufacturer: syz
[ 2525.769610][ T1921] usb 6-1: SerialNumber: syz
[ 2525.875394][ T1921] usb 6-1: config 0 descriptor??
[ 2525.943201][ T1921] usb 6-1: selecting invalid altsetting 2
[ 2525.980747][T22504] bcachefs (loop9): shutting down
[ 2525.988424][T22504] bcachefs (loop9): going read-only
[ 2525.993867][T22504] bcachefs (loop9): finished waiting for writes to stop
[ 2526.018259][T22504] bcachefs (loop9): flushing journal and stopping allocators, journal seq 2
[ 2526.146885][ T1993] program syz.1.11515 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 2526.202876][T22504] bcachefs (loop9): flushing journal and stopping allocators complete, journal seq 3
[ 2526.265773][T22504] bcachefs (loop9): clean shutdown complete, journal seq 4
[ 2526.296766][T22504] bcachefs (loop9): marking filesystem clean
[ 2526.463582][T22504] bcachefs (loop9): shutdown complete
[ 2526.979435][T28624] usb 6-1: USB disconnect, device number 36
[ 2528.055021][ T1921] usb 1-1: new full-speed USB device number 38 using dummy_hcd
[ 2528.076403][ T2016] loop1: detected capacity change from 0 to 512
[ 2528.182832][ T2016] EXT4-fs error (device loop1): ext4_orphan_get:1393: inode #15: comm syz.1.11524: iget: bad i_size value: 38620345925642
[ 2528.244790][ T2016] EXT4-fs error (device loop1): ext4_orphan_get:1398: comm syz.1.11524: couldn't read orphan inode 15 (err -117)
[ 2528.278463][ T2016] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 2528.323263][ T1921] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 2528.336317][ T1921] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2528.446081][ T1921] usb 1-1: New USB device found, idVendor=060b, idProduct=700a, bcdDevice= 0.00
[ 2528.455809][ T1921] usb 1-1: New USB device strings: Mfr=2, Product=0, SerialNumber=0
[ 2528.456007][ T2016] EXT4-fs error (device loop1): ext4_validate_block_bitmap:432: comm syz.1.11524: bg 0: block 5: invalid block bitmap
[ 2528.463965][ T1921] usb 1-1: Manufacturer: syz
[ 2528.547368][ T1921] usb 1-1: config 0 descriptor??
[ 2528.581602][ T2016] EXT4-fs (loop1): Delayed block allocation failed for inode 16 at logical offset 21 with max blocks 44 with error 28
[ 2528.596764][ T2016] EXT4-fs (loop1): This should not happen!! Data will be lost
[ 2528.596764][ T2016] 
[ 2528.607173][ T2016] EXT4-fs (loop1): Total free blocks count 0
[ 2528.613392][ T2016] EXT4-fs (loop1): Free/Dirty block details
[ 2528.619710][ T2016] EXT4-fs (loop1): free_blocks=0
[ 2528.627274][ T2016] EXT4-fs (loop1): dirty_blocks=44
[ 2528.632616][ T2016] EXT4-fs (loop1): Block reservation details
[ 2528.643201][ T2016] EXT4-fs (loop1): i_reserved_data_blocks=44
[ 2529.010478][ T1921] cougar 0003:060B:700A.0053: hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.0-1/input0
[ 2529.061732][  T808] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 2529.143151][ T2027] program syz.2.11529 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 2529.200527][ T1921] usb 1-1: USB disconnect, device number 38
[ 2529.627472][ T2033] loop2: detected capacity change from 0 to 64
[ 2529.814787][T28624] usb 6-1: new high-speed USB device number 37 using dummy_hcd
[ 2530.037480][T28624] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2530.049321][T28624] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2530.059711][T28624] usb 6-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00
[ 2530.075229][T28624] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2530.179768][T28624] usb 6-1: config 0 descriptor??
[ 2530.309694][ T2037] netlink: 8 bytes leftover after parsing attributes in process `syz.2.11534'.
[ 2530.322786][ T2037] netlink: 4 bytes leftover after parsing attributes in process `syz.2.11534'.
[ 2530.698276][T28624] cm6533_jd 0003:0D8C:0022.0054: unknown main item tag 0x0
[ 2530.706170][T28624] cm6533_jd 0003:0D8C:0022.0054: unknown main item tag 0x0
[ 2530.768498][T28624] input: HID 0d8c:0022 as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/0003:0D8C:0022.0054/input/input82
[ 2530.960699][T28624] cm6533_jd 0003:0D8C:0022.0054: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 0d8c:0022] on usb-dummy_hcd.5-1/input0
[ 2531.020159][T28624] usb 6-1: USB disconnect, device number 37
[ 2531.035506][ T1921] usb 1-1: new high-speed USB device number 39 using dummy_hcd
[ 2531.172636][ T2048] loop2: detected capacity change from 0 to 8
[ 2531.231452][ T1921] usb 1-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[ 2531.244790][ T1921] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2531.306481][ T1921] usb 1-1: config 0 descriptor??
[ 2531.322840][ T1921] cp210x 1-1:0.0: cp210x converter detected
[ 2531.811466][ T1921] cp210x 1-1:0.0: failed to get vendor val 0x0010 size 3: -32
[ 2531.973157][ T1921] usb 1-1: cp210x converter now attached to ttyUSB0
[ 2532.070870][ T1921] usb 1-1: USB disconnect, device number 39
[ 2532.184920][ T1921] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[ 2532.310402][ T1921] cp210x 1-1:0.0: device disconnected
[ 2532.728129][ T2056] loop2: detected capacity change from 0 to 32768
[ 2532.863299][ T2056] bcachefs (loop2): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[ 2532.863450][ T2056]   allowing incompatible features above 0.0: (unknown version)
[ 2532.863538][ T2056]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[ 2532.913170][ T2056] bcachefs (loop2): Using encoding defined by superblock: utf8-12.1.0
[ 2532.928102][ T2056] bcachefs (loop2): initializing new filesystem
[ 2532.956025][ T2056] bcachefs (loop2): going read-write
[ 2533.061271][ T2056] bcachefs (loop2): marking superblocks
[ 2533.117493][ T2056] bcachefs (loop2): initializing freespace
[ 2533.152897][ T2056] bcachefs (loop2): done initializing freespace
[ 2533.175840][ T2056] bcachefs (loop2): reading snapshots table
[ 2533.182610][ T2056] bcachefs (loop2): reading snapshots done
[ 2533.357784][ T2056] bcachefs (loop2): done starting filesystem
[ 2533.750501][T32568] bcachefs (loop2): shutting down
[ 2533.759244][T32568] bcachefs (loop2): going read-only
[ 2533.765517][T32568] bcachefs (loop2): finished waiting for writes to stop
[ 2534.722529][ T2075] loop0: detected capacity change from 0 to 32768
[ 2534.857328][T32568] bcachefs (loop2): flushing journal and stopping allocators, journal seq 4
[ 2535.031599][ T2075] bcachefs (loop0): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,nocow
[ 2535.031727][ T2075]   allowing incompatible features above 0.0: (unknown version)
[ 2535.031819][ T2075]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[ 2535.047443][ T2071] loop1: detected capacity change from 0 to 65536
[ 2535.084998][ T2075] bcachefs (loop0): Using encoding defined by superblock: utf8-12.1.0
[ 2535.094679][ T2075] bcachefs (loop0): initializing new filesystem
[ 2535.122117][ T2075] bcachefs (loop0): going read-write
[ 2535.168609][ T2071] XFS (loop1): Mounting V5 Filesystem d6f69dbd-8c5d-46be-b88e-92c0ae88ceb2
[ 2535.272637][ T2075] bcachefs (loop0): marking superblocks
[ 2535.335223][ T2075] bcachefs (loop0): initializing freespace
[ 2535.364049][ T2075] bcachefs (loop0): done initializing freespace
[ 2535.390731][ T2075] bcachefs (loop0): reading snapshots table
[ 2535.398261][ T2075] bcachefs (loop0): reading snapshots done
[ 2535.528230][ T2075] bcachefs (loop0):  loop0: Superblock write was silently dropped! (seq 0 expected 42)
[ 2535.551282][ T2075] bcachefs (loop0): done starting filesystem
[ 2535.574671][T32568] bcachefs (loop2): flushing journal and stopping allocators complete, journal seq 5
[ 2535.628244][T32568] bcachefs (loop2): clean shutdown complete, journal seq 6
[ 2535.733368][T32568] bcachefs (loop2): marking filesystem clean
[ 2535.813825][T31335] bcachefs (loop0): shutting down
[ 2535.819331][T31335] bcachefs (loop0): going read-only
[ 2535.825237][T31335] bcachefs (loop0): finished waiting for writes to stop
[ 2535.875506][T31335] bcachefs (loop0): flushing journal and stopping allocators, journal seq 3
[ 2535.970802][T32568] bcachefs (loop2): shutdown complete
[ 2536.082728][ T2071] XFS (loop1): Ending clean mount
[ 2536.099427][ T2071] XFS (loop1): Quotacheck needed: Please wait.
[ 2536.201784][T31335] bcachefs (loop0): flushing journal and stopping allocators complete, journal seq 3
[ 2536.220746][ T2071] XFS (loop1): Quotacheck: Done.
[ 2536.231863][T31335] bcachefs (loop0): clean shutdown complete, journal seq 4
[ 2536.252172][T31335] bcachefs (loop0): marking filesystem clean
[ 2536.432673][T31335] bcachefs (loop0): shutdown complete
[ 2536.795249][  T808] XFS (loop1): Unmounting Filesystem d6f69dbd-8c5d-46be-b88e-92c0ae88ceb2
[ 2536.864792][T28624] usb 10-1: new high-speed USB device number 22 using dummy_hcd
[ 2537.101206][T28624] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2537.112749][T28624] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2537.125526][T28624] usb 10-1: New USB device found, idVendor=054c, idProduct=0df2, bcdDevice=d6.af
[ 2537.139136][T28624] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2537.179537][T28624] usb 10-1: config 0 descriptor??
[ 2537.661794][T28624] playstation 0003:054C:0DF2.0055: unknown main item tag 0x0
[ 2537.672584][T28624] playstation 0003:054C:0DF2.0055: unknown main item tag 0x0
[ 2537.680610][T28624] playstation 0003:054C:0DF2.0055: unknown main item tag 0x0
[ 2537.691000][T28624] playstation 0003:054C:0DF2.0055: unknown main item tag 0x0
[ 2537.702258][T28624] playstation 0003:054C:0DF2.0055: unknown main item tag 0x0
[ 2537.837494][T28624] playstation 0003:054C:0DF2.0055: hidraw0: USB HID v1.01 Device [HID 054c:0df2] on usb-dummy_hcd.9-1/input0
[ 2538.135814][T28624] playstation 0003:054C:0DF2.0055: Invalid byte count transferred, expected 64 got 0
[ 2538.148109][T28624] playstation 0003:054C:0DF2.0055: Failed to retrieve DualSense firmware info: -22
[ 2538.162366][T28624] playstation 0003:054C:0DF2.0055: Failed to get firmware info from DualSense
[ 2538.174243][T28624] playstation 0003:054C:0DF2.0055: Failed to create dualsense.
[ 2538.335083][T28624] playstation 0003:054C:0DF2.0055: probe with driver playstation failed with error -22
[ 2538.371513][T28624] usb 10-1: USB disconnect, device number 22
[ 2539.497729][ T2115] netlink: 4 bytes leftover after parsing attributes in process `syz.5.11558'.
[ 2540.493671][ T2126] loop2: detected capacity change from 0 to 128
[ 2540.598217][ T2126] FAT-fs (loop2): bogus logical sector size 256
[ 2540.607511][ T2126] FAT-fs (loop2): Can't find a valid FAT filesystem
[ 2540.850275][ T2126] netlink: 12 bytes leftover after parsing attributes in process `syz.2.11561'.
[ 2540.973406][ T2124] io-wq is not configured for unbound workers
[ 2541.663199][ T2143] loop9: detected capacity change from 0 to 128
[ 2541.914913][T28624] usb 6-1: new high-speed USB device number 38 using dummy_hcd
[ 2541.945767][  T699] Bluetooth: hci5: Frame reassembly failed (-84)
[ 2541.995717][ T2148] Bluetooth: hci5: Frame reassembly failed (-84)
[ 2542.147117][T28624] usb 6-1: Using ep0 maxpacket: 8
[ 2542.177605][T28624] usb 6-1: New USB device found, idVendor=2770, idProduct=9120, bcdDevice=6c.77
[ 2542.187262][T28624] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2542.199355][T28624] usb 6-1: Product: syz
[ 2542.203794][T28624] usb 6-1: Manufacturer: syz
[ 2542.209645][T28624] usb 6-1: SerialNumber: syz
[ 2542.300929][T28624] usb 6-1: config 0 descriptor??
[ 2542.337299][T28624] gspca_main: sq905-2.14.0 probing 2770:9120
[ 2542.615805][ T1921] usb 10-1: new high-speed USB device number 23 using dummy_hcd
[ 2542.816687][ T1921] usb 10-1: Using ep0 maxpacket: 16
[ 2542.864519][ T1921] usb 10-1: New USB device found, idVendor=04b4, idProduct=bca1, bcdDevice= 0.00
[ 2542.874930][ T1921] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2542.930632][ T2158] netlink: 9286 bytes leftover after parsing attributes in process `syz.1.11575'.
[ 2542.947423][ T1921] usb 10-1: config 0 descriptor??
[ 2543.131468][ T2160] loop2: detected capacity change from 0 to 256
[ 2543.174897][ T2160] exFAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 2543.189713][ T2160] exFAT-fs (loop2): Medium has reported failures. Some data may be lost.
[ 2543.310360][ T2160] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[ 2543.427241][T28624] gspca_sq905: sq905_read_data: usb_control_msg failed (-71)
[ 2543.435520][T28624] sq905 6-1:0.0: probe with driver sq905 failed with error -71
[ 2543.493492][T28624] usb 6-1: USB disconnect, device number 38
[ 2543.512422][ T1921] cypress 0003:04B4:BCA1.0056: invalid report_count 45347
[ 2543.520258][ T1921] cypress 0003:04B4:BCA1.0056: item 0 2 1 9 parsing failed
[ 2543.613725][ T1921] cypress 0003:04B4:BCA1.0056: parse failed
[ 2543.622236][ T1921] cypress 0003:04B4:BCA1.0056: probe with driver cypress failed with error -22
[ 2543.773863][ T1921] usb 10-1: USB disconnect, device number 23
[ 2543.917487][ T2165] netlink: 12 bytes leftover after parsing attributes in process `syz.1.11578'.
[ 2544.014509][ T5794] Bluetooth: hci5: command 0xfc11 tx timeout
[ 2544.014844][T21315] Bluetooth: hci5: Entering manufacturer mode failed (-110)
[ 2544.624228][ T2170] loop0: detected capacity change from 0 to 2048
[ 2544.715590][ T2170] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 2546.374868][ T2196] tun0: tun_chr_ioctl cmd 1074025675
[ 2546.380626][ T2196] tun0: persist enabled
[ 2546.415149][ T2193] tun0: tun_chr_ioctl cmd 1074025675
[ 2546.420922][ T2193] tun0: persist enabled
[ 2547.993921][ T2208] loop1: detected capacity change from 0 to 2048
[ 2548.099031][ T2208] NILFS (loop1): invalid segment: Magic number mismatch
[ 2548.106769][ T2208] NILFS (loop1): trying rollback from an earlier position
[ 2548.172087][ T2208] NILFS (loop1): recovery complete
[ 2548.197305][ T2215] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 2548.315046][T18466] usb 1-1: new high-speed USB device number 40 using dummy_hcd
[ 2548.344732][ T1921] usb 10-1: new high-speed USB device number 24 using dummy_hcd
[ 2548.536703][ T1921] usb 10-1: Using ep0 maxpacket: 16
[ 2548.556287][T18466] usb 1-1: Using ep0 maxpacket: 32
[ 2548.593697][ T1921] usb 10-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[ 2548.606717][ T1921] usb 10-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 2548.619315][ T1921] usb 10-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 2548.664998][T18466] usb 1-1: config 0 interface 0 altsetting 16 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2548.675645][T18466] usb 1-1: config 0 interface 0 altsetting 16 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 2548.687738][T18466] usb 1-1: config 0 interface 0 altsetting 16 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 2548.701771][T18466] usb 1-1: config 0 interface 0 altsetting 16 endpoint 0x8F has invalid wMaxPacketSize 0
[ 2548.713308][T18466] usb 1-1: config 0 interface 0 altsetting 16 has 2 endpoint descriptors, different from the interface descriptor's value: 5
[ 2548.727139][T18466] usb 1-1: config 0 interface 0 has no altsetting 0
[ 2548.734076][T18466] usb 1-1: New USB device found, idVendor=044f, idProduct=b65d, bcdDevice= 0.00
[ 2548.743884][T18466] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2548.821275][ T1921] usb 10-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 2548.830954][ T1921] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2548.839433][ T1921] usb 10-1: Product: syz
[ 2548.843953][ T1921] usb 10-1: Manufacturer: syz
[ 2548.852402][ T1921] usb 10-1: SerialNumber: syz
[ 2548.865846][T18466] usb 1-1: config 0 descriptor??
[ 2549.356597][T18466] hid-thrustmaster 0003:044F:B65D.0057: unknown main item tag 0x0
[ 2549.371957][T18466] hid-thrustmaster 0003:044F:B65D.0057: unknown main item tag 0x0
[ 2549.382884][T18466] hid-thrustmaster 0003:044F:B65D.0057: unknown main item tag 0x0
[ 2549.391202][T18466] hid-thrustmaster 0003:044F:B65D.0057: unknown main item tag 0x0
[ 2549.399558][T18466] hid-thrustmaster 0003:044F:B65D.0057: unknown main item tag 0x0
[ 2549.408849][ T1921] usb 10-1: 0:2 : does not exist
[ 2549.756647][T18466] hid-thrustmaster 0003:044F:B65D.0057: hidraw0: USB HID v0.00 Device [HID 044f:b65d] on usb-dummy_hcd.0-1/input0
[ 2549.775302][T18466] hid-thrustmaster 0003:044F:B65D.0057: setup data couldn't be sent
[ 2549.786758][    C0] hid-thrustmaster 0003:044F:B65D.0057: URB to get model id failed with error -71
[ 2550.041288][ T1921] usb 10-1: 1:0: cannot get min/max values for control 4 (id 1)
[ 2550.108024][T18466] usb 1-1: USB disconnect, device number 40
[ 2550.398671][ T1921] usb 10-1: USB disconnect, device number 24
[ 2551.866246][T28624] usb 10-1: new high-speed USB device number 25 using dummy_hcd
[ 2552.015080][ T2239] netlink: 68 bytes leftover after parsing attributes in process `syz.0.11612'.
[ 2552.157292][T28624] usb 10-1: Using ep0 maxpacket: 8
[ 2552.242983][T28624] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2552.258201][T28624] usb 10-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 2552.272074][T28624] usb 10-1: New USB device found, idVendor=06cb, idProduct=81a7, bcdDevice= 0.00
[ 2552.284117][T28624] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2552.294840][ T2236] loop2: detected capacity change from 0 to 32768
[ 2552.365249][ T2236] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.11611 (2236)
[ 2552.401000][ T2236] BTRFS info (device loop2): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[ 2552.411741][ T2236] BTRFS info (device loop2): using sha256 (sha256-x86_64) checksum algorithm
[ 2552.422940][ T2236] BTRFS info (device loop2): disk space caching is enabled
[ 2552.430542][ T2236] BTRFS warning (device loop2): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[ 2552.438181][T28624] usb 10-1: config 0 descriptor??
[ 2552.836652][ T2236] BTRFS info (device loop2): rebuilding free space tree
[ 2552.878730][T28624] hid-rmi 0003:06CB:81A7.0058: unknown main item tag 0x0
[ 2552.888677][T28624] hid-rmi 0003:06CB:81A7.0058: unknown main item tag 0x0
[ 2552.900743][T28624] hid-rmi 0003:06CB:81A7.0058: unknown main item tag 0x0
[ 2552.910701][T28624] hid-rmi 0003:06CB:81A7.0058: unknown main item tag 0x0
[ 2552.921273][T28624] hid-rmi 0003:06CB:81A7.0058: unknown main item tag 0x0
[ 2552.925373][ T2236] BTRFS info (device loop2): disabling free space tree
[ 2552.928784][T28624] hid-rmi 0003:06CB:81A7.0058: unknown main item tag 0x0
[ 2552.936058][ T2236] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[ 2552.943089][T28624] hid-rmi 0003:06CB:81A7.0058: unknown main item tag 0x0
[ 2552.957004][ T2236] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[ 2552.975995][T28624] hid-rmi 0003:06CB:81A7.0058: unbalanced collection at end of report description
[ 2553.093020][T28624] hid-rmi 0003:06CB:81A7.0058: parse failed
[ 2553.100087][T28624] hid-rmi 0003:06CB:81A7.0058: probe with driver hid-rmi failed with error -22
[ 2553.123988][T28624] usb 10-1: USB disconnect, device number 25
[ 2553.231020][T32568] BTRFS info (device loop2): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[ 2554.412408][ T2264] loop1: detected capacity change from 0 to 40427
[ 2554.560024][ T2264] F2FS-fs (loop1): invalid crc value
[ 2554.977024][ T2264] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[ 2555.273906][  T808] syz-executor: attempt to access beyond end of device
[ 2555.273906][  T808] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[ 2555.288703][  T808] CPU: 0 UID: 0 PID: 808 Comm: syz-executor Not tainted 6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(undef) 
[ 2555.288858][  T808] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2555.288958][  T808] Call Trace:
[ 2555.289010][  T808]  <TASK>
[ 2555.289065][  T808]  __dump_stack+0x26/0x30
[ 2555.289245][  T808]  dump_stack_lvl+0x1df/0x270
[ 2555.289475][  T808]  dump_stack+0x1e/0x25
[ 2555.289649][  T808]  f2fs_handle_critical_error+0xa6f/0xc20
[ 2555.289921][  T808]  f2fs_stop_checkpoint+0x65/0x80
[ 2555.290143][  T808]  f2fs_write_end_io+0xb4b/0x1920
[ 2555.290312][  T808]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[ 2555.290565][  T808]  ? __pfx_f2fs_write_end_io+0x10/0x10
[ 2555.290695][  T808]  bio_endio+0xe27/0xf80
[ 2555.290873][  T808]  submit_bio_noacct+0x214/0x2710
[ 2555.291085][  T808]  submit_bio+0x5a9/0x5d0
[ 2555.291256][  T808]  f2fs_submit_write_bio+0x92/0x250
[ 2555.291434][  T808]  __submit_merged_bio+0x16f/0x6a0
[ 2555.291607][  T808]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[ 2555.291800][  T808]  __submit_merged_write_cond+0x458/0x9a0
[ 2555.292000][  T808]  f2fs_write_data_pages+0x4bb2/0x5480
[ 2555.292304][  T808]  ? kmsan_get_metadata+0xfb/0x160
[ 2555.292479][  T808]  ? kmsan_get_metadata+0xfb/0x160
[ 2555.292653][  T808]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[ 2555.292854][  T808]  ? lru_cache_disable+0x11/0x40
[ 2555.292987][  T808]  ? filter_irq_stacks+0x49/0x190
[ 2555.293129][  T808]  ? stack_depot_save_flags+0x35/0x7b0
[ 2555.293295][  T808]  ? kmsan_internal_set_shadow_origin+0x79/0x110
[ 2555.293466][  T808]  ? kmsan_get_metadata+0xfb/0x160
[ 2555.293643][  T808]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[ 2555.293821][  T808]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[ 2555.294074][  T808]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[ 2555.294286][  T808]  do_writepages+0x3f2/0x860
[ 2555.294472][  T808]  ? _raw_spin_unlock+0x30/0x50
[ 2555.294662][  T808]  ? wbc_attach_and_unlock_inode+0x131/0x680
[ 2555.294859][  T808]  filemap_fdatawrite+0x207/0x260
[ 2555.295151][  T808]  f2fs_sync_dirty_inodes+0x2ab/0x9e0
[ 2555.295322][  T808]  f2fs_write_checkpoint+0xfe2/0x2b00
[ 2555.295590][  T808]  kill_f2fs_super+0x2ff/0x970
[ 2555.295749][  T808]  ? __pfx_kill_f2fs_super+0x10/0x10
[ 2555.295897][  T808]  deactivate_locked_super+0xcb/0x3c0
[ 2555.296078][  T808]  deactivate_super+0x12f/0x140
[ 2555.296237][  T808]  cleanup_mnt+0x6fb/0x780
[ 2555.296366][  T808]  ? kmsan_internal_set_shadow_origin+0x79/0x110
[ 2555.296548][  T808]  ? __pfx___cleanup_mnt+0x10/0x10
[ 2555.296695][  T808]  __cleanup_mnt+0x22/0x30
[ 2555.296833][  T808]  task_work_run+0x209/0x2b0
[ 2555.296995][  T808]  exit_to_user_mode_loop+0x2a6/0x330
[ 2555.297165][  T808]  do_syscall_64+0x1e3/0x210
[ 2555.297299][  T808]  ? irqentry_exit+0x16/0x60
[ 2555.297414][  T808]  ? clear_bhb_loop+0x40/0x90
[ 2555.297557][  T808]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2555.297697][  T808] RIP: 0033:0x7ff3a018fc57
[ 2555.297796][  T808] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[ 2555.297918][  T808] RSP: 002b:00007ffdfd388db8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[ 2555.298042][  T808] RAX: 0000000000000000 RBX: 00007ff3a0210925 RCX: 00007ff3a018fc57
[ 2555.298131][  T808] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffdfd388e70
[ 2555.298216][  T808] RBP: 00007ffdfd388e70 R08: 0000000000000000 R09: 0000000000000000
[ 2555.298298][  T808] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffdfd389f00
[ 2555.298386][  T808] R13: 00007ff3a0210925 R14: 000000000026fd03 R15: 00007ffdfd389f40
[ 2555.298509][  T808]  </TASK>
[ 2555.661804][  T808] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[ 2556.932065][ T2283] netlink: 4 bytes leftover after parsing attributes in process `syz.2.11618'.
[ 2557.021649][ T2285] binder: 2284:2285 ioctl c0306201 200000000040 returned -14
[ 2557.461029][ T2291] loop9: detected capacity change from 0 to 64
[ 2557.537146][ T2291] Trying to free block not in datazone
[ 2557.592631][ T2292] netlink: 16 bytes leftover after parsing attributes in process `syz.2.11627'.
[ 2559.056101][T28624] usb 3-1: new high-speed USB device number 26 using dummy_hcd
[ 2559.225608][T28624] usb 3-1: Using ep0 maxpacket: 8
[ 2559.323033][T28624] usb 3-1: New USB device found, idVendor=0ccd, idProduct=10a3, bcdDevice=23.a2
[ 2559.332815][T28624] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2559.343743][T28624] usb 3-1: Product: syz
[ 2559.350816][T28624] usb 3-1: Manufacturer: syz
[ 2559.357243][T28624] usb 3-1: SerialNumber: syz
[ 2559.372091][T28624] usb 3-1: config 0 descriptor??
[ 2559.388529][ T5794] Bluetooth: hci3: command tx timeout
[ 2559.689014][T28624] usb 3-1: dvb_usb_v2: found a 'Terratec H7' in warm state
[ 2560.117209][T26467] usb 1-1: new high-speed USB device number 41 using dummy_hcd
[ 2560.308300][T26467] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2560.320938][T26467] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid maxpacket 512, setting to 64
[ 2560.358395][T26467] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 2560.370694][T26467] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2560.383137][T26467] usb 1-1: Product: syz
[ 2560.387938][T26467] usb 1-1: Manufacturer: syz
[ 2560.392791][T26467] usb 1-1: SerialNumber: syz
[ 2560.537489][T28624] usb write operation failed. (-71)
[ 2560.553067][T28624] usb 3-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[ 2560.566401][T28624] dvbdev: DVB: registering new adapter (Terratec H7)
[ 2560.573651][T28624] usb 3-1: media controller created
[ 2560.637592][T28624] usb read operation failed. (-71)
[ 2560.663546][T28624] usb write operation failed. (-71)
[ 2560.708335][T28624] dvb_usb_az6007 3-1:0.0: probe with driver dvb_usb_az6007 failed with error -5
[ 2560.819986][T28624] usb 3-1: USB disconnect, device number 26
[ 2561.374502][ T5794] Bluetooth: hci5: command 0x1003 tx timeout
[ 2561.376247][T21315] Bluetooth: hci5: Opcode 0x1003 failed: -110
[ 2561.631264][T26467] cdc_ncm 1-1:1.0: bind() failure
[ 2561.651071][T26467] cdc_ncm 1-1:1.1: probe with driver cdc_ncm failed with error -71
[ 2561.686938][T26467] cdc_mbim 1-1:1.1: probe with driver cdc_mbim failed with error -71
[ 2561.717458][T26467] usbtest 1-1:1.1: probe with driver usbtest failed with error -71
[ 2561.778657][T26467] usb 1-1: USB disconnect, device number 41
[ 2563.315396][ T2350] syzkaller1: entered promiscuous mode
[ 2563.321311][ T2350] syzkaller1: entered allmulticast mode
[ 2564.930611][ T1921] usb 1-1: new high-speed USB device number 42 using dummy_hcd
[ 2565.135479][ T1921] usb 1-1: Using ep0 maxpacket: 16
[ 2565.160844][ T1921] usb 1-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[ 2565.170716][ T1921] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 2565.181441][ T1921] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 2565.298338][ T1921] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 2565.309127][ T1921] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2565.318336][ T1921] usb 1-1: Product: syz
[ 2565.322729][ T1921] usb 1-1: Manufacturer: syz
[ 2565.328530][ T1921] usb 1-1: SerialNumber: syz
[ 2566.068564][ T1921] usb 1-1: 0:2 : does not exist
[ 2566.988738][ T1921] usb 1-1: USB disconnect, device number 42
[ 2567.321871][ T2376] loop9: detected capacity change from 0 to 40427
[ 2567.362188][ T2376] F2FS-fs (loop9): Invalid log_blocksize (268), supports only 12
[ 2567.374168][ T2376] F2FS-fs (loop9): Can't find valid F2FS filesystem in 1th superblock
[ 2567.391664][ T2376] F2FS-fs (loop9): invalid crc value
[ 2567.907231][ T2376] F2FS-fs (loop9): Try to recover 1th superblock, ret: 0
[ 2567.914847][ T2376] F2FS-fs (loop9): Mounted with checkpoint version = 48b305e5
[ 2568.524995][T18466] usb 1-1: new high-speed USB device number 43 using dummy_hcd
[ 2568.749233][T18466] usb 1-1: config 0 has an invalid interface number: 1 but max is 0
[ 2568.757896][T18466] usb 1-1: config 0 has no interface number 0
[ 2568.815341][T18466] usb 1-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[ 2568.830429][T18466] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2568.838881][T18466] usb 1-1: Product: syz
[ 2568.843288][T18466] usb 1-1: Manufacturer: syz
[ 2568.848454][T18466] usb 1-1: SerialNumber: syz
[ 2568.947966][T18466] usb 1-1: config 0 descriptor??
[ 2569.241653][T18466] usb 1-1: dvb_usb_v2: found a 'E3C EC168 reference design' in warm state
[ 2569.285457][T18466] usb 1-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[ 2569.298443][T18466] dvbdev: DVB: registering new adapter (E3C EC168 reference design)
[ 2569.307126][T18466] usb 1-1: media controller created
[ 2569.463603][T18466] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[ 2569.668188][ T2412] netlink: 'syz.2.11676': attribute type 3 has an invalid length.
[ 2569.905115][T18466] i2c i2c-1: ec100: i2c rd failed=-71 reg=33
[ 2570.505623][T18466] usb 1-1: USB disconnect, device number 43
[ 2573.331537][ T2449] loop1: detected capacity change from 0 to 32768
[ 2573.401448][ T2445] loop2: detected capacity change from 0 to 512
[ 2573.453651][ T2449] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 2573.637273][ T2445] EXT4-fs error (device loop2): ext4_orphan_get:1393: inode #15: comm syz.2.11688: iget: bad i_size value: 38620345925642
[ 2573.673839][ T2445] EXT4-fs error (device loop2): ext4_orphan_get:1398: comm syz.2.11688: couldn't read orphan inode 15 (err -117)
[ 2573.723061][ T2445] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 2573.778769][ T2468] netlink: 28 bytes leftover after parsing attributes in process `syz.9.11691'.
[ 2573.980640][ T2449] XFS (loop1): Ending clean mount
[ 2574.016863][ T2449] XFS (loop1): Quotacheck needed: Please wait.
[ 2574.119135][ T2449] XFS (loop1): Quotacheck: Done.
[ 2574.247490][T26467] usb 1-1: new high-speed USB device number 44 using dummy_hcd
[ 2574.281174][  T808] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 2574.390676][ T4621] EXT4-fs error (device loop2): ext4_validate_block_bitmap:432: comm kworker/u8:25: bg 0: block 5: invalid block bitmap
[ 2574.417833][T26467] usb 1-1: config 0 has an invalid interface number: 255 but max is 0
[ 2574.426558][T26467] usb 1-1: config 0 has no interface number 0
[ 2574.432938][T26467] usb 1-1: config 0 interface 255 has no altsetting 0
[ 2574.443218][T26467] usb 1-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[ 2574.446794][ T4621] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 33 with error 28
[ 2574.453913][T26467] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2574.478186][ T4621] EXT4-fs (loop2): This should not happen!! Data will be lost
[ 2574.478186][ T4621] 
[ 2574.488151][ T4621] EXT4-fs (loop2): Total free blocks count 0
[ 2574.497276][ T4621] EXT4-fs (loop2): Free/Dirty block details
[ 2574.507231][ T4621] EXT4-fs (loop2): free_blocks=0
[ 2574.509381][T26467] usb 1-1: config 0 descriptor??
[ 2574.513770][ T4621] EXT4-fs (loop2): dirty_blocks=33
[ 2574.524560][ T4621] EXT4-fs (loop2): Block reservation details
[ 2574.530755][ T4621] EXT4-fs (loop2): i_reserved_data_blocks=33
[ 2574.590433][T26467] cp210x 1-1:0.255: cp210x converter detected
[ 2574.749975][T32568] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 2575.046074][T26467] cp210x 1-1:0.255: failed to get vendor val 0x000e size 3: -32
[ 2575.079463][ T2475] loop9: detected capacity change from 0 to 8192
[ 2575.264130][T26467] cp210x 1-1:0.255: GPIO initialisation failed: -19
[ 2575.311666][T26467] usb 1-1: cp210x converter now attached to ttyUSB0
[ 2575.360572][ T2483] loop2: detected capacity change from 0 to 2048
[ 2575.384996][ T2483] EXT4-fs: Ignoring removed bh option
[ 2575.489976][T18466] usb 1-1: USB disconnect, device number 44
[ 2575.513928][ T2483] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 2575.516364][T18466] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[ 2575.540128][T18466] cp210x 1-1:0.255: device disconnected
[ 2575.890813][   T30] audit: type=1800 audit(2000001026.757:1177): pid=2483 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.11696" name="file1" dev="loop2" ino=15 res=0 errno=0
[ 2576.152118][T32568] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 2576.831537][ T2493] loop9: detected capacity change from 0 to 2048
[ 2576.948866][ T2493] UDF-fs: warning (device loop9): udf_load_vrs: No anchor found
[ 2576.957723][ T2493] UDF-fs: Scanning with blocksize 512 failed
[ 2577.049856][ T2504] tipc: Enabling of bearer <eth:s> rejected, failed to enable media
[ 2577.133335][ T2493] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 2577.183103][ T2507] loop0: detected capacity change from 0 to 47
[ 2577.400586][ T2509] loop2: detected capacity change from 0 to 1024
[ 2578.746217][ T2519] loop0: detected capacity change from 0 to 32768
[ 2579.046907][ T2519] bcachefs (loop0): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[ 2579.047056][ T2519]   allowing incompatible features above 0.0: (unknown version)
[ 2579.047143][ T2519]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[ 2579.095367][ T2519] bcachefs (loop0): Using encoding defined by superblock: utf8-12.1.0
[ 2579.103803][ T2519] bcachefs (loop0): initializing new filesystem
[ 2579.133316][ T2519] bcachefs (loop0): going read-write
[ 2579.251908][ T2519] bcachefs (loop0): marking superblocks
[ 2579.306244][ T2519] bcachefs (loop0): initializing freespace
[ 2579.338525][ T2519] bcachefs (loop0): done initializing freespace
[ 2579.357926][ T2519] bcachefs (loop0): reading snapshots table
[ 2579.366236][ T2519] bcachefs (loop0): reading snapshots done
[ 2579.483171][ T2519] bcachefs (loop0): done starting filesystem
[ 2579.626621][  T670] hfsplus: b-tree write err: -5, ino 4
[ 2579.712580][T31335] bcachefs (loop0): shutting down
[ 2579.718393][T31335] bcachefs (loop0): going read-only
[ 2579.723825][T31335] bcachefs (loop0): finished waiting for writes to stop
[ 2579.837567][T31335] bcachefs (loop0): flushing journal and stopping allocators, journal seq 3
[ 2580.097933][T31335] bcachefs (loop0): flushing journal and stopping allocators complete, journal seq 3
[ 2580.147920][T31335] bcachefs (loop0): clean shutdown complete, journal seq 4
[ 2580.165495][T31335] bcachefs (loop0): marking filesystem clean
[ 2580.361003][T31335] bcachefs (loop0): shutdown complete
[ 2581.705135][T26467] usb 3-1: new high-speed USB device number 27 using dummy_hcd
[ 2581.897373][T26467] usb 3-1: Using ep0 maxpacket: 32
[ 2581.918072][T26467] usb 3-1: config 0 has an invalid interface number: 51 but max is 0
[ 2581.929929][T26467] usb 3-1: config 0 has no interface number 0
[ 2582.075568][T26467] usb 3-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[ 2582.090172][T26467] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2582.100700][T26467] usb 3-1: Product: syz
[ 2582.105666][T26467] usb 3-1: Manufacturer: syz
[ 2582.110536][T26467] usb 3-1: SerialNumber: syz
[ 2582.212900][T26467] usb 3-1: config 0 descriptor??
[ 2582.312957][T26467] quatech2 3-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[ 2582.476882][   T30] audit: type=1326 audit(2000001033.317:1178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2570 comm="syz.9.11723" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa9f818e929 code=0x7ffc0000
[ 2582.503376][   T30] audit: type=1326 audit(2000001033.317:1179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2570 comm="syz.9.11723" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa9f818e929 code=0x7ffc0000
[ 2582.530139][   T30] audit: type=1326 audit(2000001033.337:1180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2570 comm="syz.9.11723" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fa9f818e929 code=0x7ffc0000
[ 2582.553938][   T30] audit: type=1326 audit(2000001033.337:1181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2570 comm="syz.9.11723" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa9f818e929 code=0x7ffc0000
[ 2582.579909][   T30] audit: type=1326 audit(2000001033.337:1182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2570 comm="syz.9.11723" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa9f818e929 code=0x7ffc0000
[ 2582.606395][   T30] audit: type=1326 audit(2000001033.357:1183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2570 comm="syz.9.11723" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fa9f818e929 code=0x7ffc0000
[ 2582.633154][   T30] audit: type=1326 audit(2000001033.377:1184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2570 comm="syz.9.11723" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa9f818e929 code=0x7ffc0000
[ 2582.659675][   T30] audit: type=1326 audit(2000001033.377:1185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2570 comm="syz.9.11723" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa9f818e929 code=0x7ffc0000
[ 2582.683183][   T30] audit: type=1326 audit(2000001033.377:1186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2570 comm="syz.9.11723" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fa9f818e929 code=0x7ffc0000
[ 2582.711676][   T30] audit: type=1326 audit(2000001033.377:1187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2570 comm="syz.9.11723" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa9f818e929 code=0x7ffc0000
[ 2582.740883][T26467] usb 3-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[ 2582.865428][T26467] usb 3-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[ 2583.044255][    C1] usb 3-1: qt2_read_bulk_callback - non-zero urb status: -71
[ 2583.047823][T18466] usb 3-1: USB disconnect, device number 27
[ 2583.119017][T18466] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[ 2583.218228][T18466] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[ 2583.231692][T18466] quatech2 3-1:0.51: device disconnected
[ 2585.169771][ T2614] loop1: detected capacity change from 0 to 47
[ 2586.611213][T26467] hid-generic 0000:0003:0000.0059: unknown main item tag 0x0
[ 2586.621127][T26467] hid-generic 0000:0003:0000.0059: unknown main item tag 0x0
[ 2586.727323][T26467] hid-generic 0000:0003:0000.0059: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[ 2587.819467][ T2642] loop9: detected capacity change from 0 to 32768
[ 2587.854176][ T2642] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop9 (7:9) scanned by syz.9.11745 (2642)
[ 2587.879115][ T2642] BTRFS info (device loop9): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[ 2587.889790][ T2642] BTRFS info (device loop9): using sha256 (sha256-x86_64) checksum algorithm
[ 2587.901333][ T2642] BTRFS info (device loop9): using free-space-tree
[ 2588.650143][T26467] IPVS: starting estimator thread 0...
[ 2588.756276][ T2683] IPVS: using max 240 ests per chain, 12000 per kthread
[ 2588.848042][ T2690] loop2: detected capacity change from 0 to 256
[ 2589.063977][ T2642] BTRFS warning (device loop9): failed to trim 1 device(s), last error -512
[ 2589.134530][T22504] BTRFS info (device loop9): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[ 2590.466948][ T2711] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[ 2591.899460][ T2727] loop9: detected capacity change from 0 to 32768
[ 2592.037427][ T2727] 
[ 2592.037427][ T2727]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 2592.037427][ T2727] 
[ 2592.153866][T22504] 
[ 2592.153866][T22504]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 2592.153866][T22504] 
[ 2592.246690][T22504] 
[ 2592.246690][T22504]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 2592.246690][T22504] 
[ 2592.446239][ T2739] netlink: 16 bytes leftover after parsing attributes in process `syz.2.11774'.
[ 2592.455924][ T2739] netlink: 16 bytes leftover after parsing attributes in process `syz.2.11774'.
[ 2593.730996][ T2743] loop1: detected capacity change from 0 to 40427
[ 2593.760882][ T2743] F2FS-fs (loop1): build fault injection rate: 771
[ 2593.811465][ T2743] F2FS-fs (loop1): invalid crc value
[ 2594.142880][ T2743] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[ 2594.597063][ T2749] loop0: detected capacity change from 0 to 4096
[ 2594.805432][ T2749] ntfs3(loop0): ino=1a, mi_enum_attr
[ 2594.811285][ T2749] ntfs3(loop0): Mark volume as dirty due to NTFS errors
[ 2595.037725][ T2749] ntfs3(loop0): ino=5, "/" mi_enum_attr
[ 2595.811587][ T2769] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[ 2595.821061][ T2323] IPVS: starting estimator thread 0...
[ 2595.827324][T26467] usb 3-1: new high-speed USB device number 28 using dummy_hcd
[ 2595.917778][ T2772] IPVS: using max 240 ests per chain, 12000 per kthread
[ 2596.021069][T26467] usb 3-1: Using ep0 maxpacket: 32
[ 2596.126374][T26467] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2596.140173][T26467] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2596.150570][T26467] usb 3-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[ 2596.160998][T26467] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2596.208691][T26467] usb 3-1: config 0 descriptor??
[ 2596.227955][T26467] hub 3-1:0.0: USB hub found
[ 2596.482019][T26467] hub 3-1:0.0: 1 port detected
[ 2596.502453][ T2782] loop9: detected capacity change from 0 to 512
[ 2596.644647][ T2782] EXT4-fs error (device loop9): ext4_orphan_get:1393: inode #15: comm syz.9.11792: casefold flag without casefold feature
[ 2596.685260][ T2782] EXT4-fs error (device loop9): ext4_orphan_get:1398: comm syz.9.11792: couldn't read orphan inode 15 (err -117)
[ 2596.758368][ T2782] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 2597.121896][T26467] hub 3-1:0.0: hub_ext_port_status failed (err = 0)
[ 2597.182328][T22504] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 2597.446707][T18466] usb 3-1: USB disconnect, device number 28
[ 2597.714049][ T2806] loop0: detected capacity change from 0 to 512
[ 2597.763343][ T2806] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[ 2597.831260][ T2806] EXT4-fs (loop0): 1 truncate cleaned up
[ 2597.839686][ T2806] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 2597.877807][ T2808] loop9: detected capacity change from 0 to 2048
[ 2597.911890][ T2806] EXT4-fs (loop0): shut down requested (1)
[ 2597.947445][ T2810] NILFS (loop9): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 2598.012240][ T2808] NILFS error (device loop9): nilfs_lookup: deleted inode referenced: 12
[ 2598.051985][ T2808] Remounting filesystem read-only
[ 2598.235103][T31335] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 2598.523141][T22504] NILFS (loop9): disposed unprocessed dirty file(s) when detaching log writer
[ 2598.648573][ T2817] netlink: 4 bytes leftover after parsing attributes in process `syz.0.11801'.
[ 2599.495378][T26467] usb 6-1: new high-speed USB device number 39 using dummy_hcd
[ 2599.599691][ T2848] syzkaller1: entered promiscuous mode
[ 2599.606505][ T2848] syzkaller1: entered allmulticast mode
[ 2599.708375][T26467] usb 6-1: Using ep0 maxpacket: 16
[ 2599.756187][T26467] usb 6-1: config 0 has an invalid interface number: 1 but max is 0
[ 2599.765085][T26467] usb 6-1: config 0 has no interface number 0
[ 2599.771467][T26467] usb 6-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2599.785762][T26467] usb 6-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2599.802589][T26467] usb 6-1: New USB device found, idVendor=28bd, idProduct=0071, bcdDevice= 0.00
[ 2599.813921][T26467] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2599.835731][T26467] usb 6-1: config 0 descriptor??
[ 2600.161079][ T2854] loop0: detected capacity change from 0 to 256
[ 2600.292223][T26467] hid (null): invalid report_count 1405183649
[ 2600.547278][T26467] input: HID 28bd:0071 as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.1/0003:28BD:0071.005A/input/input83
[ 2600.633753][T26467] input: HID 28bd:0071 as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.1/0003:28BD:0071.005A/input/input84
[ 2600.716145][T26467] uclogic 0003:28BD:0071.005A: input,hidraw0: USB HID v0.02 Keypad [HID 28bd:0071] on usb-dummy_hcd.5-1/input1
[ 2600.771174][T26467] usb 6-1: USB disconnect, device number 39
[ 2600.917732][ T2323] usb 10-1: new high-speed USB device number 26 using dummy_hcd
[ 2601.103170][ T2323] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2601.114927][ T2323] usb 10-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[ 2601.127110][ T2323] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2601.165461][ T1921] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[ 2601.176784][ T2323] usb 10-1: config 0 descriptor??
[ 2601.440472][ T1921] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2601.452705][ T1921] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2601.463309][ T1921] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 2601.476685][ T1921] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 2601.488157][ T1921] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2601.620152][ T2323] keytouch 0003:0926:3333.005B: fixing up Keytouch IEC report descriptor
[ 2601.637333][ T1921] usb 2-1: config 0 descriptor??
[ 2601.683957][ T2323] input: HID 0926:3333 as /devices/platform/dummy_hcd.9/usb10/10-1/10-1:0.0/0003:0926:3333.005B/input/input85
[ 2601.970548][ T2323] keytouch 0003:0926:3333.005B: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.9-1/input0
[ 2602.164007][ T1921] plantronics 0003:047F:FFFF.005C: No inputs registered, leaving
[ 2602.275361][ T1921] plantronics 0003:047F:FFFF.005C: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[ 2602.323685][T18466] usb 10-1: USB disconnect, device number 26
[ 2602.388411][ T2874] loop2: detected capacity change from 0 to 2048
[ 2602.412075][ T1921] usb 2-1: USB disconnect, device number 9
[ 2602.424061][ T2874] EXT4-fs: Ignoring removed bh option
[ 2602.501503][ T2874] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 2602.597044][ T2874] EXT4-fs (loop2): shut down requested (1)
[ 2602.753913][T32568] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 2603.975244][ T2323] usb 6-1: new high-speed USB device number 40 using dummy_hcd
[ 2604.209532][ T2323] usb 6-1: Using ep0 maxpacket: 32
[ 2604.435226][ T2323] usb 6-1: New USB device found, idVendor=174f, idProduct=6a31, bcdDevice=26.3f
[ 2604.447263][ T2323] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2604.456841][ T2323] usb 6-1: Product: syz
[ 2604.461234][ T2323] usb 6-1: Manufacturer: syz
[ 2604.466727][ T2323] usb 6-1: SerialNumber: syz
[ 2604.730599][ T2323] usb 6-1: config 0 descriptor??
[ 2604.786909][ T2884] loop2: detected capacity change from 0 to 65536
[ 2604.848119][ T2323] gspca_main: stk1135-2.14.0 probing 174f:6a31
[ 2604.912381][ T2884] XFS (loop2): Mounting V5 Filesystem d6f69dbd-8c5d-46be-b88e-92c0ae88ceb2
[ 2605.043954][ T2884] XFS (loop2): Ending clean mount
[ 2605.054428][ T2884] XFS (loop2): Quotacheck needed: Please wait.
[ 2605.218878][ T2884] XFS (loop2): Quotacheck: Done.
[ 2605.353294][T32568] XFS (loop2): Unmounting Filesystem d6f69dbd-8c5d-46be-b88e-92c0ae88ceb2
[ 2605.833185][ T2323] gspca_stk1135: reg_w 0x7 err -71
[ 2605.846312][ T2323] gspca_stk1135: serial bus timeout: status=0x00
[ 2605.855606][ T2323] gspca_stk1135: Sensor write failed
[ 2605.861188][ T2323] gspca_stk1135: serial bus timeout: status=0x00
[ 2605.871330][ T2323] gspca_stk1135: Sensor write failed
[ 2605.877053][ T2323] gspca_stk1135: serial bus timeout: status=0x00
[ 2605.883659][ T2323] gspca_stk1135: Sensor read failed
[ 2605.890752][ T2323] gspca_stk1135: serial bus timeout: status=0x00
[ 2605.900543][ T2323] gspca_stk1135: Sensor read failed
[ 2605.906130][ T2323] gspca_stk1135: Detected sensor type unknown (0x0)
[ 2605.913001][ T2323] gspca_stk1135: serial bus timeout: status=0x00
[ 2605.919744][ T2323] gspca_stk1135: Sensor read failed
[ 2605.927505][ T2323] gspca_stk1135: serial bus timeout: status=0x00
[ 2605.934177][ T2323] gspca_stk1135: Sensor read failed
[ 2605.944028][ T2323] gspca_stk1135: serial bus timeout: status=0x00
[ 2605.952913][ T2323] gspca_stk1135: Sensor write failed
[ 2605.961471][ T2323] gspca_stk1135: serial bus timeout: status=0x00
[ 2605.968193][ T2323] gspca_stk1135: Sensor write failed
[ 2605.973935][ T2323] stk1135 6-1:0.0: probe with driver stk1135 failed with error -71
[ 2606.209446][ T1921] usb 10-1: new high-speed USB device number 27 using dummy_hcd
[ 2606.358556][ T2323] usb 6-1: USB disconnect, device number 40
[ 2606.425111][ T1921] usb 10-1: Using ep0 maxpacket: 8
[ 2606.495920][ T1921] usb 10-1: config 0 interface 0 altsetting 1 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2606.508289][ T1921] usb 10-1: config 0 interface 0 has no altsetting 0
[ 2606.516293][ T1921] usb 10-1: New USB device found, idVendor=1038, idProduct=12b6, bcdDevice= 0.00
[ 2606.525974][ T1921] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2606.678745][ T1921] usb 10-1: config 0 descriptor??
[ 2607.220346][ T1921] steelseries 0003:1038:12B6.005D: item fetching failed at offset 1/5
[ 2607.287770][ T1921] steelseries 0003:1038:12B6.005D: probe with driver steelseries failed with error -22
[ 2607.428798][ T1921] usb 10-1: USB disconnect, device number 27
[ 2608.277319][ T2924] loop1: detected capacity change from 0 to 32768
[ 2608.287523][ T2924] XFS: ikeep mount option is deprecated.
[ 2608.408155][ T2924] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[ 2608.757018][ T2924] XFS (loop1): Ending clean mount
[ 2608.772971][ T2924] XFS (loop1): Quotacheck needed: Please wait.
[ 2608.848399][ T2924] XFS (loop1): Quotacheck: Done.
[ 2609.001740][  T808] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[ 2612.043052][ T2950] loop9: detected capacity change from 0 to 1024
[ 2612.133354][ T2950] EXT4-fs: Ignoring removed nobh option
[ 2612.141980][ T2950] EXT4-fs: Ignoring removed bh option
[ 2612.243288][ T2950] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 2612.362039][ T2962] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2612.373173][ T2950] EXT4-fs (loop9): shut down requested (0)
[ 2612.737545][T22504] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 2612.954021][ T2969] binder: 2968:2969 ioctl c0306201 0 returned -14
[ 2613.159635][ T2323] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[ 2613.355948][ T2323] usb 2-1: New USB device found, idVendor=09c0, idProduct=0203, bcdDevice=d3.43
[ 2613.368699][ T2323] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2613.425945][ T2977] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[ 2613.436106][ T2323] usb 2-1: config 0 descriptor??
[ 2613.465865][ T2323] dvb-usb: found a 'Genpix SkyWalker-1 DVB-S receiver' in warm state.
[ 2613.701561][ T2323] gp8psk: usb in 128 operation failed.
[ 2613.731116][ T2323] gp8psk: usb in 137 operation failed.
[ 2613.736983][ T2323] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[ 2613.783169][ T2323] dvbdev: DVB: registering new adapter (Genpix SkyWalker-1 DVB-S receiver)
[ 2613.794929][ T2323] usb 2-1: media controller created
[ 2613.875370][ T2323] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[ 2614.107448][ T2323] gp8psk_fe: Frontend attached
[ 2614.112512][ T2323] usb 2-1: DVB: registering adapter 1 frontend 0 (Genpix DVB-S)...
[ 2614.121327][ T2323] dvbdev: dvb_create_media_entity: media entity 'Genpix DVB-S' registered.
[ 2614.178576][ T2323] dvb-usb: Genpix SkyWalker-1 DVB-S receiver successfully initialized and connected.
[ 2614.190565][ T2323] gp8psk: found Genpix USB device pID = 203 (hex)
[ 2614.458810][ T2323] usb 2-1: USB disconnect, device number 10
[ 2615.152025][ T2323] dvb-usb: Genpix SkyWalker-1 DVB-S receiver successfully deinitialized and disconnected.
[ 2615.773793][ T3008] loop2: detected capacity change from 0 to 128
[ 2615.820431][ T3008] EXT4-fs (loop2): Test dummy encryption mode enabled
[ 2615.851359][ T3009] program syz.0.11867 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 2615.950845][ T3008] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 2616.007549][ T3008] ext4 filesystem being mounted at /177/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 2616.165146][ T3015] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2616.300363][T32568] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 2616.772742][ T3025] loop2: detected capacity change from 0 to 1024
[ 2616.783321][ T3025] EXT4-fs: Ignoring removed orlov option
[ 2616.789864][ T3025] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 2616.942001][ T3025] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 2617.029267][ T3032] netlink: 12 bytes leftover after parsing attributes in process `syz.5.11877'.
[ 2617.651691][T32568] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 2619.745717][ T3058] loop2: detected capacity change from 0 to 32768
[ 2619.783329][ T3058] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.11889 (3058)
[ 2619.895905][ T3058] BTRFS info (device loop2): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[ 2619.914857][ T3058] BTRFS info (device loop2): using sha256 (sha256-x86_64) checksum algorithm
[ 2619.930761][ T3058] BTRFS info (device loop2): using free-space-tree
[ 2620.280441][   T30] kauditd_printk_skb: 2 callbacks suppressed
[ 2620.280545][   T30] audit: type=1800 audit(2000001071.157:1190): pid=3058 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.11889" name="file1" dev="loop2" ino=260 res=0 errno=0
[ 2620.608433][ T3087] loop0: detected capacity change from 0 to 256
[ 2620.663320][T32568] BTRFS info (device loop2): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[ 2620.682285][ T3087] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 2620.696699][ T3087] exFAT-fs (loop0): Medium has reported failures. Some data may be lost.
[ 2620.920334][ T3087] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[ 2621.207652][ T3091] Bluetooth: hci0: expected 2 bytes, got 7 bytes
[ 2622.334185][ T3093] loop9: detected capacity change from 0 to 32768
[ 2622.466887][ T3093] bcachefs (loop9): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[ 2622.467070][ T3093]   allowing incompatible features above 0.0: (unknown version)
[ 2622.467173][ T3093]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[ 2622.516892][ T3093] bcachefs (loop9): Using encoding defined by superblock: utf8-12.1.0
[ 2622.527917][ T3093] bcachefs (loop9): initializing new filesystem
[ 2622.589902][ T3093] bcachefs (loop9): going read-write
[ 2622.726536][ T3093] bcachefs (loop9): marking superblocks
[ 2622.787195][ T3093] bcachefs (loop9): initializing freespace
[ 2622.817643][ T3093] bcachefs (loop9): done initializing freespace
[ 2622.848951][ T3093] bcachefs (loop9): reading snapshots table
[ 2622.857939][ T3093] bcachefs (loop9): reading snapshots done
[ 2623.013725][ T3115] vimc link validate: Sensor A:src:640x480 (0x33424752, 8, 0, 0, 0) Raw Capture 0:snk:640x480 (0x33424752, 8, 0, 0, 0)
[ 2623.076337][ T3102] bad cache= option: noneเศ
[ 2623.076337][ T3102] 
[ 2623.083400][ T3102] CIFS: VFS: bad cache= option: noneเศ
[ 2623.105138][ T3093] bcachefs (loop9): done starting filesystem
[ 2623.515845][T22504] bcachefs (loop9): shutting down
[ 2623.521115][T22504] bcachefs (loop9): going read-only
[ 2623.526946][T22504] bcachefs (loop9): finished waiting for writes to stop
[ 2623.632434][T22504] bcachefs (loop9): flushing journal and stopping allocators, journal seq 3
[ 2623.871879][T22504] bcachefs (loop9): flushing journal and stopping allocators complete, journal seq 3
[ 2623.975002][T22504] bcachefs (loop9): clean shutdown complete, journal seq 4
[ 2624.045366][T22504] bcachefs (loop9): marking filesystem clean
[ 2624.212923][T22504] bcachefs (loop9): shutdown complete
[ 2624.654907][ T3131] netlink: 128 bytes leftover after parsing attributes in process `syz.1.11910'.
[ 2624.665168][ T3131] netlink: 128 bytes leftover after parsing attributes in process `syz.1.11910'.
[ 2625.508127][ T2323] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[ 2625.726566][ T2323] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2625.738352][ T2323] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 2625.841678][ T2323] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 2625.851397][ T2323] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2625.860890][ T2323] usb 2-1: Product: syz
[ 2625.868226][ T2323] usb 2-1: Manufacturer: syz
[ 2625.873049][ T2323] usb 2-1: SerialNumber: syz
[ 2625.970563][ T3152] input: syz0 as /devices/virtual/input/input87
[ 2626.335869][ T3156] netlink: 24 bytes leftover after parsing attributes in process `syz.2.11920'.
[ 2626.455399][T26467] usb 1-1: new high-speed USB device number 45 using dummy_hcd
[ 2626.627415][T26467] usb 1-1: Using ep0 maxpacket: 32
[ 2626.669122][T26467] usb 1-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40
[ 2626.682223][T26467] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2626.725352][T26467] usb 1-1: config 0 descriptor??
[ 2627.010342][T26467] dvb-usb: found a 'Elgato EyeTV Sat' in warm state.
[ 2627.028416][T26467] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[ 2627.051739][T26467] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat)
[ 2627.061045][T26467] usb 1-1: media controller created
[ 2627.172053][T26467] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[ 2627.183087][ T2323] cdc_ncm 2-1:1.0: bind() failure
[ 2627.229567][ T2323] cdc_ncm 2-1:1.1: probe with driver cdc_ncm failed with error -71
[ 2627.258996][ T3154] =====================================================
[ 2627.266607][ T3154] BUG: KMSAN: uninit-value in __i2c_smbus_xfer+0x23e7/0x2f60
[ 2627.277120][ T3154]  __i2c_smbus_xfer+0x23e7/0x2f60
[ 2627.282879][ T3154]  i2c_smbus_xfer+0x31d/0x4d0
[ 2627.288957][ T3154]  i2cdev_ioctl_smbus+0x4a1/0x660
[ 2627.295150][ T3154]  i2cdev_ioctl+0xa14/0xf40
[ 2627.299882][ T3154]  __se_sys_ioctl+0x239/0x400
[ 2627.307478][ T3154]  __x64_sys_ioctl+0x97/0xe0
[ 2627.312429][ T3154]  x64_sys_call+0x1ebe/0x3db0
[ 2627.317562][ T3154]  do_syscall_64+0xd9/0x210
[ 2627.322306][ T3154]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2627.329017][ T3154] 
[ 2627.331460][ T3154] Local variable msgbuf1.i created at:
[ 2627.339849][ T3154]  __i2c_smbus_xfer+0x86a/0x2f60
[ 2627.347885][ T3154]  i2c_smbus_xfer+0x31d/0x4d0
[ 2627.354486][ T3154] 
[ 2627.356946][ T3154] CPU: 1 UID: 0 PID: 3154 Comm: syz.0.11919 Not tainted 6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(undef) 
[ 2627.372626][ T3154] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2627.383005][ T3154] =====================================================
[ 2627.391081][ T3154] Disabling lock debugging due to kernel taint
[ 2627.400357][ T3154] Kernel panic - not syncing: kmsan.panic set ...
[ 2627.406990][ T3154] CPU: 1 UID: 0 PID: 3154 Comm: syz.0.11919 Tainted: G    B               6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(undef) 
[ 2627.420969][ T3154] Tainted: [B]=BAD_PAGE
[ 2627.425243][ T3154] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2627.435469][ T3154] Call Trace:
[ 2627.438885][ T3154]  <TASK>
[ 2627.441941][ T3154]  __dump_stack+0x26/0x30
[ 2627.446533][ T3154]  dump_stack_lvl+0x53/0x270
[ 2627.451409][ T3154]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[ 2627.457490][ T3154]  dump_stack+0x1e/0x25
[ 2627.461858][ T3154]  panic+0x4bd/0xd50
[ 2627.466023][ T3154]  kmsan_report+0x31c/0x320
[ 2627.470777][ T3154]  ? __msan_warning+0x1b/0x30
[ 2627.475714][ T3154]  ? __i2c_smbus_xfer+0x23e7/0x2f60
[ 2627.481158][ T3154]  ? i2c_smbus_xfer+0x31d/0x4d0
[ 2627.486241][ T3154]  ? i2cdev_ioctl_smbus+0x4a1/0x660
[ 2627.491705][ T3154]  ? i2cdev_ioctl+0xa14/0xf40
[ 2627.496584][ T3154]  ? __se_sys_ioctl+0x239/0x400
[ 2627.501660][ T3154]  ? __x64_sys_ioctl+0x97/0xe0
[ 2627.506647][ T3154]  ? x64_sys_call+0x1ebe/0x3db0
[ 2627.511711][ T3154]  ? do_syscall_64+0xd9/0x210
[ 2627.516558][ T3154]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2627.522814][ T3154]  ? az6027_i2c_xfer+0x2bdf/0x2c40
[ 2627.528232][ T3154]  ? kmsan_get_metadata+0xfb/0x160
[ 2627.533563][ T3154]  ? kmsan_get_metadata+0xfb/0x160
[ 2627.538871][ T3154]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[ 2627.544916][ T3154]  ? i2c_smbus_msg_pec+0x678/0x6c0
[ 2627.550267][ T3154]  __msan_warning+0x1b/0x30
[ 2627.555016][ T3154]  __i2c_smbus_xfer+0x23e7/0x2f60
[ 2627.560303][ T3154]  ? kmsan_internal_unpoison_memory+0x14/0x20
[ 2627.566659][ T3154]  ? rt_mutex_lock+0x3e/0x70
[ 2627.571449][ T3154]  ? __pfx_i2c_adapter_lock_bus+0x10/0x10
[ 2627.577388][ T3154]  i2c_smbus_xfer+0x31d/0x4d0
[ 2627.582275][ T3154]  i2cdev_ioctl_smbus+0x4a1/0x660
[ 2627.587611][ T3154]  i2cdev_ioctl+0xa14/0xf40
[ 2627.592289][ T3154]  ? kmsan_report+0x2d6/0x320
[ 2627.597184][ T3154]  ? __pfx_i2cdev_ioctl+0x10/0x10
[ 2627.602383][ T3154]  __se_sys_ioctl+0x239/0x400
[ 2627.607266][ T3154]  __x64_sys_ioctl+0x97/0xe0
[ 2627.612103][ T3154]  x64_sys_call+0x1ebe/0x3db0
[ 2627.616998][ T3154]  do_syscall_64+0xd9/0x210
[ 2627.621668][ T3154]  ? clear_bhb_loop+0x40/0x90
[ 2627.626549][ T3154]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2627.632632][ T3154] RIP: 0033:0x7fcb3fb8e929
[ 2627.637171][ T3154] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2627.656976][ T3154] RSP: 002b:00007fcb40abc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 2627.665568][ T3154] RAX: ffffffffffffffda RBX: 00007fcb3fdb5fa0 RCX: 00007fcb3fb8e929
[ 2627.673684][ T3154] RDX: 00002000000001c0 RSI: 0000000000000720 RDI: 0000000000000004
[ 2627.681793][ T3154] RBP: 00007fcb3fc10b39 R08: 0000000000000000 R09: 0000000000000000
[ 2627.689910][ T3154] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 2627.698037][ T3154] R13: 0000000000000000 R14: 00007fcb3fdb5fa0 R15: 00007ffe914cbd58
[ 2627.706184][ T3154]  </TASK>
[ 2627.709650][ T3154] Kernel Offset: disabled
[ 2627.714063][ T3154] Rebooting in 86400 seconds..