last executing test programs:

1m45.291380397s ago: executing program 0 (id=230):
syz_mount_image$erofs(&(0x7f0000000140), &(0x7f0000000100)='./file3\x00', 0x8cc8, &(0x7f0000000000)={[{@noacl}, {@cache_strategy_disabled}, {@cache_strategy_readahead}, {@dax_always}, {}, {@nouser_xattr}]}, 0x1, 0x174, &(0x7f00000003c0)="$eJzsmD9PwkAYxp9rESJxcMZBE0lEI6UtalxMJPEDmOCfsEGkErSIQgdh85MYv4CLu/GjKJMLo3NN2wNOouKgJsbnN7z3vNe317u3ydOkIIT8W3pPL48XvcaKDmAGaSTk/LM+qtGU+tVssTl3vZ28K9+WdlL3/fH1BADf//rzYwAeCjo8mfv+27vTctyDNtT70LAs9SEEDKnL0HAgtQOBktQnim4G9YZxXHcd46jpVgNhBsEKgh2E/Pj++lcCVWV/Qrne7nRPK67rtH5QTOpfv6BhS9mf+r4GvTGV/lnQYEmdh0BR6k0kBr2JWqKcPxUbra//8vkpKCj+mhj5k38jsKT4U0zxj5zXOM+1O91svVGpOTXnzLbzG+aaaa7budCIoviJ/02H/pRU1p/6oDYu4riseF7LiuIwt6P4nuPGQ//TkFmMciHnVMLvwaxYCIaMLnNCCCGEEEIIIYQQQgj5duYhwr+gE7B3w+rXAAAA//9nP3XZ")

1m44.955420324s ago: executing program 0 (id=231):
syz_emit_vhci(&(0x7f00000000c0)=ANY=[@ANYBLOB="040e08050c08"], 0xb)

1m44.813900016s ago: executing program 0 (id=232):
syz_read_part_table(0x104c, &(0x7f0000000000)="$eJzsz8EJwjAYBeBXa2h7cwTX8NSbGziZW3hwQEEiobW4gIjwfZeXP7wQ/vBTY6YW+4+r6zO7JENKUkrr3E+Zk/RrYZ6S2iddG47l/e68xDZn6PPoluMhZftjXLPWXG7f3A0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/sUrAAD//zeOCM0=")

1m44.121679402s ago: executing program 0 (id=238):
syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000100)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x800002, &(0x7f0000000600)={[{@force}, {@nodecompose}, {@gid}, {@nls={'nls', 0x3d, 'macinuit'}}, {@gid}, {@type={'type', 0x3d, "1e4310ee"}}, {@nobarrier}, {@nobarrier}]}, 0x3, 0x6b3, &(0x7f0000000780)="$eJzs3U9sHFcdB/DvbDbrbJBSt03TgJBiNVIFjUjsrEqChNSAEMohQhFcerUSp7HipJXjorRCZAMUJE6cUA8cilA49IQQQionRDkjIXHhlHskbhxyAIzmz9pre+PYieN1289Hmp03+96895tf5s/ubKwJ8Jl1/vXs76fI+RMXbpXL9+72Fu7d7V0flJNMJGkl7XqWopsUHyfnUk/5fPlm013xsHFevf9R0X7/w1691G6mqn1rs/U2GNmynxxYWdiXZKou/mcLHbZG91dNVT+XVvt7TMVK3GXCjg8SB+O2vEF/tXLUobHW1o9bYM+6XV83N5hMDqa+upafA9KcHR59Zhi/Tc9N/d2LAwAAAJ6Wkd/lhz3zIA9yK4d2JxwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4dCjqZwYWzdQalKdSDJ7/3xl6pn5nzOE+ofeuVLPvPjPuQAAAAAAAAADgiRx7kAe5lUOD5eWi+s3/pWrhcPX6ubydm5nLYk7mVmazlKUsZibJ5FBHnVuzS0uLMxvX/GXKNZeXl283a54euebptXH11wc66n8abGgEAAAAAAAAAJ9ZP8r51d//AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgLyiSffWsmg4PypNptZMcSNIpplaad8Ya7A7487gDAAAAgKev28wPFf+rC8tF9Z3/SPW9/0Dezo0sZT5LWchcLlf3Aupv/a2/93sL9+72rpfTxo6/8a9txVH1mPrew+iRp6sWL6yscT7fzvdyIlO5mMXM5/uZzVLmMpVvVaXZFJls7l5M3rvbzSDWjfGeW7N0cX1sx4bKZXxHq0i6uZL5KraTudQZhN5q2h0dGu2PnWTdiHfK7BSvNbaYo8vNvNyiXzTzvWGy2vL9KxmZbnJfZuPZ4bxvzP0295P1I82ktXIP6vDqKOXi+pEeK+cHm3mZ658+3Zxv81ba2kz0f14uDfa+I5vnPPnyP/5y8WrrxrWrV26e2Du70WNav0/0hjLx4pYysVBmov8EmTjwJPHvnE6Tjfosur2z5UvVuocyn+/kzVzOXM5kOjM5m+l8LafTy+mhvL6weV6rY621vWPt+JeaQnlN+tnQtWnXTDysoszrs0N5HT7TTVZ1w++sZum5LWSp6GR0lv45MpT2F5pCOcaPh64447c+EzNDmXh+80z8+r/LSW4u3Li2eHX2rS2O93IzLw/b99aem3+zIxu0fc3mlvvLc+U/VurLxvDeUdY9P6hbl69O84tLu+lsTV0n1fFc1z3qSC17OnJnVE913YsjR+lVdUeH6tZ8ysmbWVj5FNLY9YMUgC04+MrBTvd+92/dD7o/6V7tXjjwzYmzE1/sZP9f23/a97vWb1tfL17JB/lhDo07UgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+DS4+c6712YXFuYW92AhrR3u8M7IqkEq6nc6I9ocyx7IxiejMLHZHvX71I9resjqnXHE3M1D49ndQtq7MNZERlRdWHmnm7RW4klybY884A54Gk4tXX/r1M133v3K/PXZN+bemLtx+uyZ1870vjpz+9SV+YW56fq1adwec7DAjlr9GDDuSAAAAAAAAAAAAICt2o0/bxgxbNEfw7YCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAn0znX8/+forMTJ+cLpfv3e0tlNOgvNqynaSVpPhBUnycnEs9ZXKou+Jh47x6/6Nfvfz+h73VvtqD9q116/3h38vL29yKfjNlKsm+Zv5oE1vq79JQf/1tBlYrVrawTNjxQeJg3P4fAAD//+/HBYc=")
mount$bind(&(0x7f0000000500)='./file0\x00', &(0x7f0000000180)='./file0\x00', 0x0, 0x1333404, 0x0)

1m43.733042743s ago: executing program 0 (id=239):
modify_ldt$write(0x1, &(0x7f0000000300)={0x9, 0x20000000, 0xffffffffffffffff, 0x0, 0x2, 0x0, 0x1}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000200)=@framed, &(0x7f0000000300)='GPL\x00', 0xa}, 0x94)
socket$netlink(0x10, 0x3, 0xc)
syz_open_dev$radio(0x0, 0x1, 0x2)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x62181)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0xa8}, 0x0)
sendmsg$ETHTOOL_MSG_CHANNELS_SET(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000280)={0x0}, 0x1, 0x0, 0x0, 0x8000}, 0xb0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = syz_open_dev$sndctrl(&(0x7f0000000e00), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r1, 0xc1105511, &(0x7f00000000c0)={{0xb}, 0x0, [0x4, 0x0, 0x0, 0x0, 0x7, 0x100000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x100000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffdfffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0xa8, 0x0, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffc, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x23, 0x0, 0x0, 0x0, 0x0, 0xc232]})
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f00000003c0)=ANY=[])
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000380)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]})
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0)
r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x14, 0x0, 0x106, 0x9}}, 0x20)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl802154(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$NL802154_CMD_GET_SEC_LEVEL(r4, &(0x7f00000003c0)={0x0, 0x3, &(0x7f0000000380)={&(0x7f0000000240)={0x14, r5, 0x301, 0x0, 0x0, {0x5}}, 0x14}}, 0x0)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r3, 0x0, 0x0)
write$RDMA_USER_CM_CMD_LISTEN(0xffffffffffffffff, 0x0, 0x0)
r6 = socket$inet6_mptcp(0xa, 0x1, 0x106)
listen(r6, 0x6)
setsockopt$sock_timeval(r6, 0x1, 0x0, 0x0, 0x0)

1m42.451375717s ago: executing program 0 (id=245):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x8010)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
io_uring_setup(0x67bb, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
ioctl$vim2m_VIDIOC_QUERYBUF(0xffffffffffffffff, 0xc0585609, 0x0)
ioprio_set$pid(0x3, 0x0, 0x0)
mq_open(0x0, 0x840, 0x0, 0x0)
syz_io_uring_setup(0x9e, 0x0, &(0x7f00000006c0), 0x0)
syz_mount_image$iso9660(&(0x7f0000000040), &(0x7f0000000000)='./file2\x00', 0x800008, &(0x7f0000000540)=ANY=[@ANYBLOB='de=0x00000000800000b1,norock,overriderockperm,gid=', @ANYRESHEX=0x0, @ANYBLOB=',mode=0x0000000000000401,norock,showassoc,hide,hide,norock,gid=', @ANYRESHEX=0x0, @ANYBLOB=',mode=0x0000000000001000,check=strict,iocharset=cp949,cruft,uid=', @ANYRESHEX=0x0, @ANYBLOB=',\x00'], 0xff, 0xa4a, &(0x7f00000007c0)="$eJzs3c1vHOd9B/DvLEmJoV1JcVTXFRxxJVcK47AUSdVSBR9SiVxJTPlSkBRgoYcojahCEFu3cQs4RoEoQNFTjBZo0UN7M3rqyUAuTQ+FL0V7a049FCj8LwQ9qScGM7skl+Qul2IoklY+H2J35+U3z/PMyzMPd3d2nvDFsnZ6y9jaWvXY5/i9fz6EEnOM3Zr+/JNPPy4fP3yaE+nLO8W/JINJ6kl/kjeSganpxYW5Hgk9SR4k+SwpkpxM83VPHqT467y6Of5Zin8s8+3qxF5Tppc1fqkd9fEHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADHUTE1PT4+UZzIzPy99+pNSX2HqenFhSJrazvnrC/T9JOq1+/iJz3zTYrykcHB9a6+3zi7Ofv1JPWLebM59mbVIXkG89Err5959yv9tfXlu5XmF3Jy78l+8P2PnnxndXXlex3nFsUBluqYaR4jdxrzM0sLM3M37zTqM0sL9RvXro1fuXt7qX57ZraxdH9puTFXn1ps3FxeWKyPTH29PnHjxtV6Y+z+wr35O9Njs431idd/c3J8/Fr9W2O/17i5uLQwf+VbY0tTd2dmZ2fm71Qx5ewy5np5IP7uzHJ9uXFzrl5/9Hh15eq2kvVl2/FbBk30Wp8yaLJX0OT45OTExOTkxA9bvWdvTLj2zo13ro+P9483vZrWQHZEvKCDluPlS91388GfxGGfas32P5nNTOZzL++l3vFvKtNZzELmusxvWW//L11p7Jpt2tr/Vivf3zb/XPl0Medbo4Nd2v8uZTm8vw/y/XyUJ/lOVrOalXzvyEt0uH930sh8ZrKUhcxkLjerKfXWlHpu5FquZTzfzt0MZyn9uZ2ZzKaRpdzPUpbTqI6oqSymkZtZzkIWU89IpvL11DORG7mRq6mnkbHcz0LuZT53Mp2bVSqP8rja7ld3KeNG0MRegiZ3CdrRmHdr/zdsX6Sx/Z8TXkK1XffyCziLw/6stdr/E71DR6YOo0AAAADAgfv1/8yps6/9x/8mRb5afS9/e2a2MX7UxQIAAAAOUHW53pvly0A59NUU3v8DAADAy6aofmNXJBnKcHNo/ZdQPgQAAACAl0T1/f/5FMObE7z/BwAAgJdM73vs94woRtdv/1t/2Hx92IpojhVDt2dmG2NTC7PvTuRydZeB6pcGO1LrS4qB6ucHb+dCM+rCUPN1aDPFMs/BMmpi7N2JvJ2LrRUZeat8eWukQ+RkM/JrzcivtUf2ZUvk1TISAF52F3dpj/fa/r+d0WbE6Lmqye8/t6UN7qta1nEtKwAcFxt97Px/q0uzDu3/+ea9Ac53a/9/a5f3/2XEa3k03LykYCzfzftZzcOMpnXFwXCnVNd7I2hehjDa49OAodYlCz+9Xsvojs8DBjfWtT12JZMZ7fiJQFu6xXoZrjbj+l7UXgCAw3Vx13Z4vf2vPiTv2v6P7v7+v63NdUkhABwHGz3YP+/A8N6Dj3odAYCttNIAAAAAAAAAAAAAAAAAAAAAAAAAAABw8PZ0A///upysrq4k++0soMPAT//9X3+la8yPXkkGn6eEuw/UcjBlPv4DfUmOKvdv5rmXKvfxcdl0L9NA8bSqsL9QOkd8YgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBQFElfp+m15GSS8SRXDr9UL87Toy7AQanvb7HiWZ7lw5w66OIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPyya93/v5bm6yvNSemvJZeSPEjy+0ddxucx2GP+s0Mqx/HzR9Vz2/3/a8lA1or0Z21tbS0pBqamFxfmykOhOFnO//yTTz8uH12T/MH6wM5eFcoEyhy2dC7RyqFtysDWpb5cLTU0vfLBkz97/0/q07eqA/PW8u3Z6bk7i7+zGfh68eNmFwjt3SCsl/cvLv3b37RNPtHK/Mfp77Yi2/O9XeU7vTPfX+u0dJd89+Dx6spkmdNy473lP//jWvus13IheWskGdma0x+Wjy45Xdi+Pbcqflb8VXEqf58H1f4vt0axVpS76HS1/l969Hh1Zey7768+3CjTDx5/2JbAmQwnebi1lvUo03B1PunolSrXgTLX8SqofDrbI71dtaU4sbldt6zDl6tDZui51qHefR0qPbZ7q0RXt5dorawkf/unX8nlXff0yQ4pXu6RY0fFz4r/Ke7mv/OXbf1/1Mr9fykda2eHJKrItiOlfd6W6lW7tLnmk+0zvr09za61khfgR/mD/PbG/q9V5//2ejPZpd5snI++2TaxS71Zr1pd6sXJrTV1R71o6VUvdtbUfzq9o0XZmmvObmuRWmefbsu0ynm2GdWlnL+abyT9557rjPKNHmeUXsvvt/7/QzGS/8tT/f8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADHX5H0dZpeSy4lOZPkdDleT9a2xzzdR361oWI/xTww+ynzF0/RdUWLZ3mWD3PqsEsEAAAAAAAAwItxa/rzTz79uHxU38f35TdqrTn1pD/JmeLvBqamFxfmeiQ0kDxY/0p/sHNIl8l5UD69ujn+WTn2Ro/8jvbyAQD4Qvt5AAAA//9B+m/L")
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0x1, 0x5, 0x29fd, 0x84, 0x105}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000300)={0xffffffffffffffff, 0x0, &(0x7f00000000c0), &(0x7f0000000240), 0x800, r3}, 0x38)
bpf$MAP_LOOKUP_BATCH(0x19, &(0x7f0000000100)={0x0, &(0x7f0000000040)=""/129, &(0x7f0000000680), &(0x7f0000000000), 0x6c, r3}, 0x38)

1m39.698755699s ago: executing program 32 (id=245):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x8010)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
io_uring_setup(0x67bb, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
ioctl$vim2m_VIDIOC_QUERYBUF(0xffffffffffffffff, 0xc0585609, 0x0)
ioprio_set$pid(0x3, 0x0, 0x0)
mq_open(0x0, 0x840, 0x0, 0x0)
syz_io_uring_setup(0x9e, 0x0, &(0x7f00000006c0), 0x0)
syz_mount_image$iso9660(&(0x7f0000000040), &(0x7f0000000000)='./file2\x00', 0x800008, &(0x7f0000000540)=ANY=[@ANYBLOB='de=0x00000000800000b1,norock,overriderockperm,gid=', @ANYRESHEX=0x0, @ANYBLOB=',mode=0x0000000000000401,norock,showassoc,hide,hide,norock,gid=', @ANYRESHEX=0x0, @ANYBLOB=',mode=0x0000000000001000,check=strict,iocharset=cp949,cruft,uid=', @ANYRESHEX=0x0, @ANYBLOB=',\x00'], 0xff, 0xa4a, &(0x7f00000007c0)="$eJzs3c1vHOd9B/DvLEmJoV1JcVTXFRxxJVcK47AUSdVSBR9SiVxJTPlSkBRgoYcojahCEFu3cQs4RoEoQNFTjBZo0UN7M3rqyUAuTQ+FL0V7a049FCj8LwQ9qScGM7skl+Qul2IoklY+H2J35+U3z/PMyzMPd3d2nvDFsnZ6y9jaWvXY5/i9fz6EEnOM3Zr+/JNPPy4fP3yaE+nLO8W/JINJ6kl/kjeSganpxYW5Hgk9SR4k+SwpkpxM83VPHqT467y6Of5Zin8s8+3qxF5Tppc1fqkd9fEHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADHUTE1PT4+UZzIzPy99+pNSX2HqenFhSJrazvnrC/T9JOq1+/iJz3zTYrykcHB9a6+3zi7Ofv1JPWLebM59mbVIXkG89Err5959yv9tfXlu5XmF3Jy78l+8P2PnnxndXXlex3nFsUBluqYaR4jdxrzM0sLM3M37zTqM0sL9RvXro1fuXt7qX57ZraxdH9puTFXn1ps3FxeWKyPTH29PnHjxtV6Y+z+wr35O9Njs431idd/c3J8/Fr9W2O/17i5uLQwf+VbY0tTd2dmZ2fm71Qx5ewy5np5IP7uzHJ9uXFzrl5/9Hh15eq2kvVl2/FbBk30Wp8yaLJX0OT45OTExOTkxA9bvWdvTLj2zo13ro+P9483vZrWQHZEvKCDluPlS91388GfxGGfas32P5nNTOZzL++l3vFvKtNZzELmusxvWW//L11p7Jpt2tr/Vivf3zb/XPl0Medbo4Nd2v8uZTm8vw/y/XyUJ/lOVrOalXzvyEt0uH930sh8ZrKUhcxkLjerKfXWlHpu5FquZTzfzt0MZyn9uZ2ZzKaRpdzPUpbTqI6oqSymkZtZzkIWU89IpvL11DORG7mRq6mnkbHcz0LuZT53Mp2bVSqP8rja7ld3KeNG0MRegiZ3CdrRmHdr/zdsX6Sx/Z8TXkK1XffyCziLw/6stdr/E71DR6YOo0AAAADAgfv1/8yps6/9x/8mRb5afS9/e2a2MX7UxQIAAAAOUHW53pvly0A59NUU3v8DAADAy6aofmNXJBnKcHNo/ZdQPgQAAACAl0T1/f/5FMObE7z/BwAAgJdM73vs94woRtdv/1t/2Hx92IpojhVDt2dmG2NTC7PvTuRydZeB6pcGO1LrS4qB6ucHb+dCM+rCUPN1aDPFMs/BMmpi7N2JvJ2LrRUZeat8eWukQ+RkM/JrzcivtUf2ZUvk1TISAF52F3dpj/fa/r+d0WbE6Lmqye8/t6UN7qta1nEtKwAcFxt97Px/q0uzDu3/+ea9Ac53a/9/a5f3/2XEa3k03LykYCzfzftZzcOMpnXFwXCnVNd7I2hehjDa49OAodYlCz+9Xsvojs8DBjfWtT12JZMZ7fiJQFu6xXoZrjbj+l7UXgCAw3Vx13Z4vf2vPiTv2v6P7v7+v63NdUkhABwHGz3YP+/A8N6Dj3odAYCttNIAAAAAAAAAAAAAAAAAAAAAAAAAAABw8PZ0A///upysrq4k++0soMPAT//9X3+la8yPXkkGn6eEuw/UcjBlPv4DfUmOKvdv5rmXKvfxcdl0L9NA8bSqsL9QOkd8YgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBQFElfp+m15GSS8SRXDr9UL87Toy7AQanvb7HiWZ7lw5w66OIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPyya93/v5bm6yvNSemvJZeSPEjy+0ddxucx2GP+s0Mqx/HzR9Vz2/3/a8lA1or0Z21tbS0pBqamFxfmykOhOFnO//yTTz8uH12T/MH6wM5eFcoEyhy2dC7RyqFtysDWpb5cLTU0vfLBkz97/0/q07eqA/PW8u3Z6bk7i7+zGfh68eNmFwjt3SCsl/cvLv3b37RNPtHK/Mfp77Yi2/O9XeU7vTPfX+u0dJd89+Dx6spkmdNy473lP//jWvus13IheWskGdma0x+Wjy45Xdi+Pbcqflb8VXEqf58H1f4vt0axVpS76HS1/l969Hh1Zey7768+3CjTDx5/2JbAmQwnebi1lvUo03B1PunolSrXgTLX8SqofDrbI71dtaU4sbldt6zDl6tDZui51qHefR0qPbZ7q0RXt5dorawkf/unX8nlXff0yQ4pXu6RY0fFz4r/Ke7mv/OXbf1/1Mr9fykda2eHJKrItiOlfd6W6lW7tLnmk+0zvr09za61khfgR/mD/PbG/q9V5//2ejPZpd5snI++2TaxS71Zr1pd6sXJrTV1R71o6VUvdtbUfzq9o0XZmmvObmuRWmefbsu0ynm2GdWlnL+abyT9557rjPKNHmeUXsvvt/7/QzGS/8tT/f8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADHX5H0dZpeSy4lOZPkdDleT9a2xzzdR361oWI/xTww+ynzF0/RdUWLZ3mWD3PqsEsEAAAAAAAAwItxa/rzTz79uHxU38f35TdqrTn1pD/JmeLvBqamFxfmeiQ0kDxY/0p/sHNIl8l5UD69ujn+WTn2Ro/8jvbyAQD4Qvt5AAAA//9B+m/L")
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0x1, 0x5, 0x29fd, 0x84, 0x105}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000300)={0xffffffffffffffff, 0x0, &(0x7f00000000c0), &(0x7f0000000240), 0x800, r3}, 0x38)
bpf$MAP_LOOKUP_BATCH(0x19, &(0x7f0000000100)={0x0, &(0x7f0000000040)=""/129, &(0x7f0000000680), &(0x7f0000000000), 0x6c, r3}, 0x38)

6.786568402s ago: executing program 4 (id=677):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000280)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(cipher_null)\x00'}, 0x58)
r1 = accept4(r0, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$int_in(r1, 0x5452, &(0x7f0000001b40)=0x9)
recvmmsg(r1, &(0x7f000000a400), 0x6fe, 0x10163, 0x0)

5.989874796s ago: executing program 2 (id=683):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
unshare(0x20020000)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0)
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r2=>0xffffffffffffffff})
recvmmsg(r2, &(0x7f0000000400)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0)
r3 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
unlinkat(r3, &(0x7f00000001c0)='./file0\x00', 0x200)
close_range(r0, 0xffffffffffffffff, 0x0)

5.975406997s ago: executing program 3 (id=684):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r3, 0xc01864c6, &(0x7f0000000040)={0x0, 0xfdd0})

5.610871377s ago: executing program 5 (id=686):
syz_open_dev$ttys(0xc, 0x2, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
openat$tun(0xffffffffffffff9c, 0x0, 0x2241, 0x0)
r0 = syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x0, &(0x7f00000002c0), 0x0, 0x236, &(0x7f0000000300)="$eJzs3TFoM2UcBvDnLomf/b4gVRdBUEFEtFDqJrjURaEgpYgIKlREXJRWqC1urZOLg84qnVyKuFkdpUtxUQSnqh3qImhxsDjoELlcK9VGFFNz8t3vB5fcJe97//e4e95kOS5Aa00nmU/SSTKTpJekON/grnqZPt3cntpfTgaDx38shu3q7dpZv2tJtpI8mGSvLPJiN9nYffro54NH731jvXfPe7tPTU30IE8dHx0+dvLu4usfLjyw8fmX3y8WmU//D8d1+YoRn3WL5Jb/otj/RNFtegT8E0uvfvBVlftbk9w9zH8vZeqT9+baDXu93P/OX/V964cvbp/kWIHLNxj0qt/ArQHQOmWSfopyNkm9Xpazs/V/+K87V8uXVtdemXlhdX3l+aZnKuCy9JPDRz6+8tG1P+X/u06df+D6VeX/iaWdb6r1k07TowEmqcr/zLOb90X+oXXkH9pL/qG95B/aS/6hveQf2kv+ob3kH9pL/qG95B/a63z+AYB2GVxp+g5koClNzz8AAAAAAAAAAAAAAAAAAMBF21P7y2fLpGp++nZy/HCS7qj6neHziJMbh69XfyqqZr8r6m5jeebOMXcwpvcbvvv6pm+brf/ZHc3W31xJtl5LMtftXrz+itPr79+7+W++7z03ZoExPfRks/V/3Wm2/sJB8kk1/8yNmn/K3DZ8Hz3/9KvzN2b9l38ZcwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABMzG8BAAD//8n0bSk=")
quotactl$Q_QUOTAON(0xffffffff80000201, &(0x7f0000000180)=@loop={'/dev/loop', 0x0}, 0xffffffffffffffff, 0x0)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x9)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000180)='hugetlb.1GB.usage_in_bytes\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xa, 0x28011, r1, 0x0)
syz_mount_image$ext4(&(0x7f0000000400)='ext4\x00', &(0x7f0000000440)='./file0\x00', 0x0, &(0x7f0000000480), 0x1, 0x3d0, &(0x7f00000004c0)="$eJzs3M1uG0UcAPD/br5I+mEjcUCFgyUQBAFxHQhQhEThyscFeAArSUuF21SNkWjJoSBOnDggbhz6Ahx4gKpCSEi8Ai+AKlUozQFuQWvvOm4cp7Fix2r6+0mjndkdZ/bv3axm1rsTwGOrEhHnI2IiIhYjopSvT/MUN9spq3d/c2N5a3NjOYnt7U/+SSLJ1xV/K8mXJ/LCfBqRfhfxzM3edtev3/ii3misXsvL1eblq9X16zdevXS5fnH14uqV2pvnarWlxbdqrw8t1p+ef+ncxPvnz/z8V+nO0vT0bLa/J/Nt3XEMSyUqne9kt6VhNzZm0+PeAQAADiTN+/6Trf5/KSZaubZSVDfGunMAAADAUGy/my8BAACAYywx9gcAAIBjrngO4P7mxnKRxvg4wpG7915ElHfebd7qxD8ZT+R1pkb4fmslIq6+kJSyFCN6DxkAoNudrP9zdq/+XxpPd9WbiWj1h2aH3H5lV7m3/5PeHXKTD8j6f+9ExFZP/y8tqpQn8tKpVldxKrlwqbF6NiJOR8R8TM1k5do+bXzw7y8f99uWxf97cup0kbL2s+VOjfTu5MyDn1mpN+uHibnbvW8izkzuFX/S6f8mETF3iDYmvr71dr9tD49/tLZvRby45/Hfmbkn2X9+omrrfKgWZ0Wv/7799aN+7Y87/uz4z+0ffznpnq9pffA2bn/+57P9tnWPfwY5/6eTT1v5Ylz2Vb3ZvFaLmE4+7F2/uPPZolzUz+Kff27v///i+pfkc1qdzK8Bg/r+h99eOUj8WcraL8aCRyGLf2Wg4z945o3bf3zWr/2Hx58d//YcYPP5moNc/w66g4f57gAAAOBRkbbuayTpQiefpgsL7fsdT8Vc2lhbb758Ye3LKyvt+x/lmEqLO12lrvuhtfbP6J3y4q7yaxHxZET8WJptlReW1xor4w4eAAAAHhMn+oz/M38f2VMIAAAAwMiVx70DAAAAwMgZ/wMAAMCxdph5/WRkZI5rZtxXJgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgEfb/wEAAP//Wt22ag==")
ioctl$EXT4_IOC_GROUP_ADD(r0, 0x40286608, &(0x7f0000000540)={0x7, 0xc, 0x0, 0x253, 0x1, 0x18b})

4.939450731s ago: executing program 3 (id=687):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000002000)=""/102400, 0x19000)
shmget$private(0x0, 0x1000, 0x78000a42, &(0x7f0000ff2000/0x1000)=nil)
r1 = socket(0x840000000002, 0x3, 0xff)
connect$inet(r1, &(0x7f0000000540)={0x2, 0x4e60, @loopback}, 0x10)
sendmmsg$inet(r1, &(0x7f0000005240)=[{{0x0, 0x0, 0x0}, 0xfffffdef}], 0x300, 0x401eb94)
mount(0x0, 0x0, 0x0, 0x0, 0x0)

4.879043436s ago: executing program 2 (id=688):
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000012000/0x18000)=nil, &(0x7f00000002c0)=[@textreal={0x8, &(0x7f0000000080)="0f0d640c6665f20f10ad00000fc7af0a000f201bd11fbaf80c66b840cd3c8466efbafc0cb011eeb800068ee00f20d86635080000000f22d866b9950300000f32660f38826bd3", 0x46}], 0x1, 0x8, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_NMI(r2, 0xae9a)
prlimit64(0x0, 0xe, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000340), 0xffffffffffffffff)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x100000000, 0x0, 0x81, 0x100000, 0x0, 0x2004c8, 0x8000000, 0x0, 0x0, 0x7, 0x0, 0x5, 0x0, 0x2, 0xffffffffffffffff], 0x0, 0x200})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

4.869192687s ago: executing program 1 (id=689):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$GIO_UNIMAP(r3, 0x4b66, &(0x7f0000000040)={0x0, 0x0})

3.645684806s ago: executing program 1 (id=690):
mkdir(&(0x7f0000000400)='./file1\x00', 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
sendmsg$NL80211_CMD_DEL_PMKSA(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x40}, 0x400c1)
r0 = socket$l2tp(0x2, 0x2, 0x73)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x0, @multicast1}, 0x10)
syz_emit_ethernet(0x74, &(0x7f0000000000)={@link_local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0, 0x73, 0x0, @private=0x300, @multicast1}, {0x0, 0x0, 0xfffffe9a, 0x0, @gue={{0x2}}}}}}}, 0x0)
r1 = socket$inet_smc(0x2b, 0x1, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/igmp\x00')
pread64(r2, &(0x7f0000000180)=""/15, 0xf, 0x80000358)
setsockopt$inet_tcp_int(r1, 0x6, 0x5, 0x0, 0x0)
ioctl$sock_SIOCINQ(r0, 0x541b, 0x0)

3.366085708s ago: executing program 4 (id=691):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x1000000, &(0x7f0000000400)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
r0 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
mknodat$loop(r0, &(0x7f0000001600)='./file1\x00', 0x0, 0x0)
chdir(&(0x7f00000003c0)='./bus\x00')
openat$dir(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x64)
linkat(r0, &(0x7f0000000100)='./file1\x00', r0, &(0x7f0000000240)='./file0\x00', 0x0)
unlink(&(0x7f0000000280)='./file1\x00')
creat(&(0x7f0000001380)='./file0\x00', 0x0)

3.300516034s ago: executing program 5 (id=692):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f00000001c0)={0x73622a85, 0x108, 0x3})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x10000000000)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x100})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000580)={0x4c, 0x0, &(0x7f0000000280)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x9, 0x18, &(0x7f00000004c0)={@fd={0x66642a85, 0x0, r2}, @ptr={0x66642a85, 0x0, 0x0, 0x0, 0x1, 0x29}, @ptr={0x70742a85, 0x1, 0x0, 0x0, 0x1, 0x1a}}, &(0x7f0000000240)={0x0, 0x18, 0x40}}, 0x1000}], 0x0, 0x0, 0x0})

3.266835026s ago: executing program 3 (id=693):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = socket(0x400000000010, 0x3, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0x25dfdbfd, {0x0, 0x0, 0x0, r5, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x2}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@newtfilter={0x44, 0x2c, 0xd27, 0x70bd21, 0x25dfdbff, {0x0, 0x0, 0x0, r5, {0xc, 0xfff2}, {}, {0xfff2, 0x2}}, [@filter_kind_options=@f_bpf={{0x8}, {0x18, 0x2, [@TCA_BPF_OPS={{0x6, 0x4, 0x1}, {0xc, 0x5, [{0x6, 0xd, 0x5, 0x4}]}}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x8848}, 0x20004804)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@newtfilter={0x24, 0x2c, 0xd27, 0x70bd24, 0x25dfdbff, {0x0, 0x0, 0x0, r6, {0xb, 0x9}, {}, {0xfff2, 0x2}}}, 0x24}, 0x1, 0x0, 0x0, 0x8848}, 0x20004804)

3.174137254s ago: executing program 2 (id=694):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x7)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$IP_VS_SO_GET_SERVICES(r1, 0x0, 0x482, &(0x7f0000001640)=""/139, &(0x7f0000000100)=0x8)

3.173516604s ago: executing program 1 (id=695):
ioctl$LOOP_CONFIGURE(0xffffffffffffffff, 0x4c0a, &(0x7f0000000080)={0xffffffffffffffff, 0x0, {0x0, 0x0, 0x0, 0x6, 0x2, 0x0, 0x0, 0x19, 0xc, "fafd8317e5a114998a1a8dbe43ea6a4996e3a2503dc3bd3fe37d58128bbad0099cebdc25f5ab60c9e6d680f985891a7beda9d69098c8b534464c516bdd8e0f35", "32d8cc26f7061a74df2cfc06c89f3d9e234b30c50997d3bef409ff2176ff7bfe55cd4a0b2f7b6aa54cc50a1fcaed1e831fa79a00", "67523760fd40f78d2cfc03d81a8cc85ba139c01802c4dae4162e43ac61b7ad33", [0x800000000005, 0x7]}})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x400, 0x0)
openat2$dir(0xffffffffffffff9c, 0x0, &(0x7f0000000280)={0x0, 0x101, 0x22}, 0x18)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000200)={0x0, 0x1, 0xf000, 0x2000, &(0x7f0000f9a000/0x2000)=nil})
r3 = dup(r2)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000040)=@arm64={0x6, 0x4, 0x9, '\x00', 0x1})
ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f00000000c0)=0xffff)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

3.082068621s ago: executing program 4 (id=696):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x0, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x401c2, 0x0)
ftruncate(r1, 0x8800000)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
recvmmsg(r3, &(0x7f00000034c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x700, 0x0)
sendfile(r2, r1, 0x0, 0x578410eb)

2.893544956s ago: executing program 5 (id=697):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000200), 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r1, 0x10e, 0x4, &(0x7f0000000180)=0x9, 0x4)
syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), r1)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000001440), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001500)={0x34, r2, 0x1, 0x4000, 0x0, {}, [@ETHTOOL_A_COALESCE_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}, @ETHTOOL_A_COALESCE_RX_MAX_FRAMES={0x8, 0x3, 0xa000000}]}, 0x34}}, 0x0)

1.622911639s ago: executing program 4 (id=698):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(cipher_null)\x00'}, 0x58)
r1 = accept$alg(r0, 0x0, 0x0)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
bind$inet6(r2, &(0x7f0000000080)={0xa, 0x4e21, 0x5, @ipv4={'\x00', '\xff\xff', @empty}, 0x4}, 0x1c)
connect$inet6(r2, &(0x7f00000000c0)={0xa, 0x4e21, 0x659, @empty, 0xff}, 0x1c)
r3 = fcntl$dupfd(r2, 0x406, r1)
setsockopt$inet6_udp_int(r2, 0x11, 0xa, &(0x7f0000000140)=0x9, 0x4)
write$cgroup_pid(r3, &(0x7f0000000100), 0x12)
read$FUSE(r3, &(0x7f00000022c0)={0x2020}, 0x2020)

1.581482052s ago: executing program 2 (id=699):
sendmsg$IPCTNL_MSG_CT_GET(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="9800000001010500006d0000000000000000007d740500010005000000050001000b00000008000340fffffffa050001000000000008000b400000000608000240000000053c000f80080003400000ffff080002406d91653a080003400000000008"], 0x98}, 0x1, 0x0, 0x0, 0x800}, 0x2000c010)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xd, 0x9, 0x4, 0x1, 0x0, 0xffffffffffffffff, 0x200001, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2}, 0x50)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000200)={0x0, 0x0, 0xf000, 0x2000, &(0x7f0000f9a000/0x2000)=nil})
r3 = dup(r2)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000)=@x86={0x2, 0x0, 0xd7, 0x0, 0x8, 0xf9, 0x80, 0xf, 0x7d, 0x2, 0x4e, 0x1, 0x0, 0x6, 0x527e, 0x6, 0x6, 0x9, 0x6, '\x00', 0x1, 0x1})
ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f00000002c0)=0x10000)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

1.552206475s ago: executing program 1 (id=700):
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000480)={0xffffffffffffffff, 0x0, 0x25, 0x2, @val=@uprobe_multi={0x0, 0x0, 0x0, 0x6, 0x0, 0x1}}, 0x40)
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x0, 0x0, 0x0}, 0x94)
r1 = eventfd(0xffffffff)
ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r1)
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/247, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f00000006c0)={0x2, 0x0, [{0x0, 0xe, &(0x7f00000001c0)=""/14}, {0x2, 0xe0, &(0x7f0000000580)=""/224}]})
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1)

1.551420965s ago: executing program 3 (id=701):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_SPLIT_IRQCHIP(r1, 0x4068aea3, &(0x7f00000001c0)={0x79, 0x0, 0xc73})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000040)=0x3)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1000003, 0x13, r2, 0x0)
ioctl$KVM_INTERRUPT(r2, 0x4004ae86, &(0x7f0000000240)=0x4)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000000c0)={[0x1, 0x9, 0x7, 0x0, 0x1, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x6, 0x1, 0x5], 0x8000000, 0x8340})
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000080)=@x86={0x7f, 0x3, 0xfd, 0x0, 0x1, 0x7e, 0xcb, 0x10, 0x8, 0x5, 0xb, 0x8, 0x0, 0x10003, 0x9, 0xff, 0x4, 0x2, 0x12, '\x00', 0xb})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

1.49116796s ago: executing program 5 (id=702):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, &(0x7f0000000100)={0x1, "ff0f000000000000f5a72d866b0000000000f0ffdefe00"})
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
r2 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$DMA_HEAP_IOCTL_ALLOC(r2, 0xc0184800, &(0x7f0000000100)={0x4, <r3=>r1})
ioctl$DMA_BUF_SET_NAME_A(r3, 0x40086203, &(0x7f00000001c0)='\x02\x00\x00\x00\x05\x00\x00\x00-control\x00')
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x3, 0x2, 0x6, 0xfffa}, 0x3a, [0x8000, 0xc95a, 0xf, 0x8, 0x80, 0x2, 0x7, 0x7f, 0xa9, 0x4d, 0x6, 0x5f, 0x9, 0x15, 0xffff2d37, 0xff7fff01, 0x6, 0x5, 0x7, 0x5, 0x6, 0x0, 0x7, 0x3c5b, 0x1, 0x24, 0xd, 0x1, 0x0, 0xffffffff, 0xe661, 0x4, 0x7, 0x5, 0x8, 0x4c74, 0x10000, 0x242, 0x3, 0xe, 0x0, 0x80008071, 0x7, 0x17, 0x1, 0x7, 0x5, 0x3e, 0x18e, 0x6, 0x6, 0x0, 0x6, 0x4, 0x8, 0x3ff, 0x80, 0x0, 0x5, 0x6, 0x8, 0x4, 0x1, 0x40], [0x10000007, 0x9, 0x8000012f, 0x8004, 0x5, 0xfffffff3, 0x129432f6, 0xc8, 0xf1, 0xe, 0x2bf, 0x6c7, 0x9, 0xfffffffc, 0x3, 0x0, 0x0, 0x5, 0x2f, 0xe, 0x312, 0x66abcbd2, 0xea4, 0x0, 0x4, 0x7, 0x7fff, 0x6, 0x400, 0x401, 0x6, 0x1, 0xff, 0x5, 0x1000005, 0x5f31, 0xd, 0x4e0, 0x381, 0x4, 0xb, 0x4, 0x9, 0x8, 0x40, 0x6, 0x47, 0x8000, 0x1, 0xfe000000, 0xffff, 0x2, 0x4, 0x9, 0x3, 0x3, 0x4000009, 0x6, 0x0, 0x3, 0xbc45, 0x48c93690, 0x42, 0x3], [0x7, 0x408, 0x3ff, 0x5, 0xfffffffd, 0x100, 0x4, 0x9, 0x5, 0x7fff, 0x0, 0x5, 0xb, 0x4, 0x5, 0x5, 0x0, 0x1ef, 0x5, 0x9, 0x86, 0x3, 0x303c, 0x3e7, 0xb, 0x5, 0x2, 0x2, 0x3, 0x20000008, 0x4, 0x6d01, 0x6, 0x38, 0x200, 0x200, 0x80, 0x3, 0x4, 0x2950bfaf, 0x1000, 0xa2, 0x4, 0xa9, 0x5, 0x6, 0xac8, 0xbf, 0x2, 0x3, 0x7ff, 0x12b, 0x4, 0x1, 0xa, 0xffffffff, 0x5, 0x1c, 0x120000, 0x7ff, 0x2006, 0x80a2ed, 0x4, 0x25], [0x9, 0xbb33, 0x7, 0xb, 0x5, 0x938, 0x6, 0x6, 0x0, 0xb9, 0xce4, 0x1ff, 0x2, 0x57, 0x5, 0x3, 0x2, 0x10000, 0x4, 0x7fff, 0xffff, 0xa620, 0x1, 0x5, 0x1, 0x2000002, 0x150, 0x60a7, 0x6, 0x16, 0xffffffff, 0x80000000, 0x5, 0x5, 0xc8, 0x1, 0xfffff000, 0x10000, 0x3, 0x7e, 0x100, 0x9622, 0x7, 0xaf, 0x20000008, 0x5, 0x226, 0x2, 0x5, 0x0, 0x30b1d693, 0xa1f, 0xf40, 0x7, 0x530e, 0x6c1b, 0x0, 0x4, 0x5, 0x7ff, 0xd7, 0x200, 0xb, 0xfffffff8]}, 0x45c)
ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0)
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0006}]})
close_range(r4, 0xffffffffffffffff, 0x0)

1.325460613s ago: executing program 4 (id=703):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x804e20}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
write$6lowpan_control(0xffffffffffffffff, &(0x7f00000001c0)='connect aa:aa:aa:aa:aa:10 1', 0x1b)
r3 = io_uring_setup(0x5f45, &(0x7f00000001c0)={0x0, 0x0, 0x2})
r4 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r4, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
socket$inet6_mptcp(0xa, 0x1, 0x106)
getpeername$qrtr(0xffffffffffffffff, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @empty}, 0xf}, 0x1c)
r5 = socket$l2tp6(0xa, 0x2, 0x73)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000e80)={'wlan0\x00', <r6=>0x0})
sendmsg$NL80211_CMD_CANCEL_REMAIN_ON_CHANNEL(0xffffffffffffffff, &(0x7f0000000f40)={0x0, 0x0, &(0x7f0000000f00)={&(0x7f0000000ec0)={0x1c, 0x0, 0x1, 0x70bd26, 0x25dfdbff, {{}, {@val={0x8, 0x3, r6}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x1}, 0x4)
close_range(r3, 0xffffffffffffffff, 0x0)

1.320682863s ago: executing program 5 (id=704):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000300)=@abs={0x0, 0x0, 0xb}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)={0x20, r4, 0x7, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0xc, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @local}]}]}, 0x20}}, 0x0)

1.284893146s ago: executing program 1 (id=705):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000140)='ramfs\x00', 0x10, 0x0)
syz_mount_image$fuse(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x400a8, &(0x7f0000000180)=ANY=[], 0x1, 0x0, 0x0)
symlinkat(&(0x7f0000000080)='.\x00', 0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00')
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x104000, 0x0)
mount$bind(&(0x7f0000000480)='./file0/file0\x00', &(0x7f0000000140)='./file0/file0/../file0\x00', 0x0, 0xa1c08, 0x0)
syz_mount_image$iso9660(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000e80)={[{@overriderock}, {@iocharset={'iocharset', 0x3d, 'maccroatian'}}, {@nojoliet}, {@nojoliet}, {@mode={'mode', 0x3d, 0x8000}}, {@iocharset={'iocharset', 0x3d, 'macgreek'}}, {@dmode={'dmode', 0x3d, 0x2}}, {@unhide}]}, 0x1, 0x67f, &(0x7f0000000740)="$eJzs3c+PE+f5APDHC6vw3a8UVW0VIUTIBFoJJLLY3rBolZPrnd2dxPZYM94ITikKS4RYkhZSqXAKl1SV2mvvufaPaP+iqNf2lMozNpjsD1MIuwh9Pha8r2eemXnewcyj2fXMBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQje56s9lqRC8bbF9PDtZdL/L+IfOn6/vnM80h241ojP/EqVNxup50+pdPZ78z/ut8nK3fnY1T4+ZUPPr/d3720S9OLkyXPyShI/Hg4aO7N3d3d+7vmfOfE8eS0BHbTAdZmWf9zmaaZGWerK2uNq9sbZTJRtZLyxvlKO0n3SLtjPIiudi9lLTW1laSdPlGvj3YXO/00unEax+0m83V5OPlYdopynxw5ePlsruV9XrZYLOKGc8ex1wbfxA/yUbJKO30k+T2nd2dlXlJjoNazxPUnhfUbrbbrVa73Vq9unb1WrN5cs+E5o/Enojj/9ByvH7iIzi8uIVJ/Y9eZDGI7bgeyb6vbqxHEXn0D5g/Ma3/v76S1r1v9t/ubP2fVvnTT2efiar+n6vfndtb//9WL79/Lkf3ehAP41HcjZuxG7uxE/ePPaOjfW1GGoPIoow8suhHp5qSTKYksRarsRrN+Cy2YiPKSGIjsuhFGmXciDJGkVafqG4UkUYnRpFHEUlcjG5ciiRasRZrsRJJpLEcNyKP7RjEZqxHp1rL7bhT7feVQ3J8EtR6nqD2IUHqPy/v1RzI4QX8MK3/AAAAwBurUf30fXz+vxjvVr2NrJc2jzstAAAA4CdU/eb/7LhZHPfejYbzfwAAAHjTNKpr7BoRsRTv1b3plVB+CAAAAABviOr3/+fGzdK49140nP8DAADAm2b9/yadA++xXw7favzjX1EUi43Hw+u/atzrjOM6907Uy1XNv3+ojfujjTONtycrqZrVk5N33fRsY3L3yyc3wVysm+9vz7vXf+PQBGYdnED8Jd6vY96/Vbe3pnPqrSxtZL10uZv3PmpFp/P2wii9PvrDl3f+GNXw/zzov92I23d2d5Y//2r3VpXL4/FaHt+b3EBxz30U98llOuvr6n4L1TUX+454sboQY7LdpXq7zdnxL9SLL/wP4/82ztcx55fqdunZ8Z8ab7O1fNDoJ1m0XnDkT7O4UMdcuHihbvbJoj0vi/ZsFi+0L54ji5V5Way8ZBYAx+X2nCrU2Fv4X+AodzTV/du4WMdcPFMdWE+e2eeI3px3RG++ZHX7e1yqYy5Ngw+qsePt/vVHVfW78QLfHbjdstdujHfhia/v/S7eefDw0Qd37t38YueLnS/b7ZXV5ofN5tV2LFbDmDRqDwD7OOwZO3X9nxvR+HDOWfXPn3ylYDk+j69iN27F5epqg+obB/uudWnmawiX55y1Ls084eXynLO6pZkHvTx/7MoR/EsAwNE5P6cOP0/9vzznvPvZWn742fFsLQcAXo20+L6xNPpToyiy4WettbVWZ7SVJkXe/SQpsvXNNMkGo7TobnUGm2kyLPJR3s17486n2XpaJuX2cJgXo2QjL5JhXmbXqye/J5NHv5dpvzMYZd1y2Es7ZZp088Go0x0l61nZTYbbv+ll5VZaVAuXw7SbbWTdzijLB0mZbxfddDlJyjSdCczW08Eo28jG3UEyLLJ+p7iRfJr3tvtpsp6W3SIbjvJ6hdNtZYONvOhXq10+7p0NAK+JBw8f3b25u7tz/xV24q3jHiUAMGumSgMAAAAAAAAAAAAAAK+po7j+7w3s/P7ZXXciXpfEdA7sLLweaRx355vf1v/z5wUf95EJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPb6bwAAAP//qNpafA==")
mount$9p_unix(&(0x7f0000000100)='./file0/file0\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x12d7498, 0x0)
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2a05004, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000700)='mounts\x00')
read$FUSE(r0, &(0x7f00000029c0)={0x2020}, 0x2020)

1.223182851s ago: executing program 2 (id=706):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x1000, 0x2})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x44, 0x0, &(0x7f0000000900)=[@transaction={0x40406300, {0x1, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x1, 0x100000000000000, &(0x7f0000000a40)="82"})
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)

270.066618ms ago: executing program 5 (id=707):
syz_mount_image$btrfs(&(0x7f00000004c0), &(0x7f00000015c0)='./file0\x00', 0x0, &(0x7f0000000180)={[{@clear_cache}, {@user_subvol_rm}, {@nodiscard}, {@noautodefrag}, {@autodefrag}, {@autodefrag}, {@max_inline={'max_inline', 0x3d, [0x7, 0x32, 0x38, 0x2d, 0x32, 0x36, 0x78, 0x2d, 0x2d, 0x37]}}, {@space_cache}]}, 0x0, 0x559e, &(0x7f00000103c0)="$eJzs3X9sVeX9B/BzWwoN+C39jhUYfxAgBoMkyJYtjqB4MQa24eKlgsKcCEQlBivYRDcYqUWSZcaghU4EF5GQaDJjscM/FMywy7CMZfzY5hZjs4JSaZZsAzVrHDG69N77XO49l9tembNOXy/SnvPcz3me+9yT88d9X/qcGwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAURUcSc9+d0f3i0ZE1X77/Hz+e+OjGn4zfvX/roVvu23T/gjMjbto5a1nf+mlN8zdsbDjS/PS+ObdGUSLdL5Htf9u136q/88bbvlsdBly+MLOtrS31lJmuJzON4QUP9vcr/FkRRVFVbIDK7PbV7E5FwQC53cbiAQf0Tuui6O7J8ya1dT01bklyYU/xS6df9VBPYKhkr6ue89dSMv27InZErp136SUKLtFM//gF96m8CADgY5mZSm9yb0ezb3Fz7eZ4PdZOxtotsXZ4h9CS37gYmXGHl5rnpHh9iOaZzESFESXnGatnz3+unYr3j7VjUeNjzLPw0GykqS41z7Wx+lDNEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOCzZOzxo2tWtD2y575fdtQceff9OVc+8KWOw22LT4y8eunKHWum/HTWsr7105rmb9jYcKT56X1zbo2i2nS/RKZ74kTL5b9NjZ3fvXfcG427n6vpq8yOG7bD8g6OXg87s0ZH0cq8Sk8Y9q81UZQqLKSb0Y7iwl3pnW+HAgAAAJ8nX0n/rsi1M3GwqqCdSKfJRPpfkAmL77Quiu6ePG9SW9dT45YkF/Zc/HipEuMlLzherl17/ieRF4xD/I2Pd74eDm0sGmdg8RHjef7SMWPefmty/eSvT5v7xA3PjOru+r8nZ2xJ/bGu5oUrru+tf/a6ovxfO3D+D2dO/gcAAOA/If/HxxnYYPn/jqVTt7z+i2Grft3a8MTB+h1/bv3OMzsXneq54Ud9L09N3v7o1UX5f1LBUxbl/zDjkP8roovL/wAAAPBZ9t/O/8micQY2WP5vONM3+wcHX6vr+PucxXt+9dAVi8+e/tv8U7t3DV9zR8v6uoeuLMr/M8vL/8Pypx0e/F2Y8OrRUTSz/JMKAAAAFAj/737+o4WQ1zOfHMTz+rX/vKp5380ffPMbD97zpzff/s2xA7MnrdteN/PgyzfVf1j5ve3dRfk/WV7+r/p0Xi4AAABQhuePrpw773jPucfPvtB18vDu3pMznjyzrqnvdOslLatXbTr2WlH+T5WX/0cMzcsBAAAALuDeO59bsfnVl/oe2H/X2Ck9FVc1XpK4ZduOqU0TPuq8tPfy7VuL8v/y8vL/yOw2u/Ih06kz/BVC6+goqu7fWZspHIparskVAAAAgE9IyOlbP1ixbOzOsb3jj59+rObQG4dn/2Vt55yN13RXdW/uXNZ4WdH9AkJiL3X//3Cng7D+v+D+f0Xr//MKmbv+zXZjAAAAAL6Iitfzh9vjZ765oNT375e7/n9J3cQTiba33lv11XMHzo1ZsP/7129aV9/be8+El37/wz9M/6i6KP83l5f/K/O3n+T3/wEAAMBF+F/7/r+lReMMbLD7/zdV9DWsWrd3+uota7csTCw7UH3qwdV731+w5l9Tb36+qea6A0X5v6W8/B+2o/JfXkc4P5tGR9H4/p3s3QR/Hqa7OlZor8orZE58rMeNoUe20D4ir5C2Ntbja6OjaHL/TnOs8P+h0BIrnK3JFnbFCsdCIXs95Ap7YoWOcKVtq8lON154MRSyCyzawwqKUbklEbEe75Xq0V+4YI+u3JMDAAB8oYTwnM2yVYXNKB5l2xODHTBysAMqBjugcrADhsUOiB9Y6vFoeWEhPH575yMbNjVMSb7y8NzHfvbms40T9j1+WV3v5g9f2XbvxJ3TW6YW5f9d5eX/cCqGZzal1v9HYf1/9nsNc+v/l4dCbazQHgqp+B0DUuE5MmH34fActalsj7PjcwUAAAD4XAufC1QO8TwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/s3evcdJVd0JAj/d9INumqaNE9GMk3TUgGakaWwNw+AoaoxGRZpZddxkNBBoEGmE8FgFURtQZxziZ3ztrJnoCAoiu+qHGFeDwUhcxIw6iWLiA/Cxjq7r+h6VGM2E/XTfOkXVrS67EFDa+X7/6DpVv/O89eg69946FwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/xjuPfjlk4YunP0PHzace8nqqqmL/kfH6Mv+cNW3vvjUPy5b9G9h/i9GnLll3kEXHjd/wbR/6Vi++ogzQmjtKleWFC977oqvPtS613HP3jFw48wbb63fUpWpNxMP/Tr/lGfuXBxbfbF/CHeXhVCRDgypSwKVmft1sb5960LYI2wLZEu01SYl0g2HB2pCWBK2BbJVra4JoS4ncMqG+++7vDNxTU0IXwkhVKfbeKY6aaMmHRhUlQRq04HpFUngt1sT2cBPypMA7LD4Zsi+6Fe15mdo6L5ckddf5U7r2KcrPbw+MdFQPN/rR+3iTuWoSj/QukNPW0F17BIFb4+13m294N1WsJ2v8LTlfpHKfEPZui1UHcontk0aP6d9dnykPDQ19SlW0y56np9+e/6E7Un3mtdh7EDDTnkdXvrYiun9lo2+9OrNvxqz4ayaA3a0m0/lbNLc9K5WHTKvuV7zPEajfJ70grdfwbekRl+6Qghbzz17xtfnTDz7iD63PLnu1QcfrNty9pwFvzhz4nmLLj55w7/Pf6lg/t/w0fP/+HKOt+V5uWOrH9Ync/P4SF1MvFmfzM0BAACg1+gNe01Xnv/6X73+/bWtMxed/u23Dj73w71afz3i/gFVB7yxrqn1/I2ff6Vg/t9Y2vH/eMi/Lne0a0MY1ZVYNCCEvbseTwIrY3e+OyCEL3elWvMDR6UCa0PYpytxULaqVIm+sURjKvByfSYwKhVYHwOtqcDyGLgiFbg4BlalAhNiYG0qcHQMhCn54/hqfWYcJQdqYmBcshFXxbMQ3qmPraW21aZsVQAAADtJZnZYmX8351yHHc0Qp5eranrKEM/ALpqhOlVDegabnVYVraGipxrKe6ohO+6Ojx5+Qc1lPdVccBpGWX6GG9f85X2LXjzsC2P3mvj5xUMvmPKz8eGst++uerx5yYtv7XvEzesK5v/NHz3/r+6mI2UFx/9DGNv1N+Yuz0Tas/FxrXkZAAAAgB1w0R//xR61Lw85oGHT+2X3zl/7xKMrfrl5j1NOf3/c8a//8PCaxnsL5v+jSjv/P+4T6ZOTOTwSd0NMHRBCc34gqXZkYSA56t0vEwAAAIDeIHs8PnssfErmNjlFOz2fLszfup3544H/Ud3m//09/7P2jq3/+mLZBd89d0TNgKX/9GrHhBNOPvqW47/1zj4VB/yyvGD+31ra+f+1+bdJJ9bHXlw9IIS+OYEHYy87A10aY+D5I/MDmfGvjxtgcawqc2JCtqrFscS4GGhOBZYUK/FotsTe+YHMk5VtfFF2HFMyJXICAAAA8ImLuwPicfl4/n/LGSNO++vvzfrbha88eN7qCy75q+Ed80eedP/THzbMvXJp2PTmEQXz/3Hbd/5/1zy44PT+9n4hDK0IoU/6hwGP1CYLA8ZAXVkmcW9tUlefdFULa0MY2TmwdFUvZNb/r0ivMfh4TVJVDOy93y1vD+pMLKsJYWhu4IlvLz2sMzEnFcg2flpNCF/qHG268bv6Jo1Xphu/tm8IX8wJZKua0DeEzsaq0lX9r+rMdQzSVa2qDmHPnEC2quHVIcwNAPRW8X/pxNwHZ82dN3V8e3vbzF2YiDvxa8KkKe1tTROmt0+sLtKniak+561jtKBwTKVe+mZTZo2ixSsnV5aSzv5QsDm3rcyO/IIzBzP345ehyq5xHlKZd7clPeQD9y9sIuR8lSo25PJdPOTa3Eq2PYkF9cf8VaFf6DtnVtvMpvPGz549c1jyt9TshyR/43GmZFsNS2+r2u76VsLLo+hyWSkfd1sNyq1k6OxpM4bOmjtvyJRp4ye3TW47p+XQP2sZMXz410YM7RxUc/K3h5EO6q7m1Ei3Li1xWDtxpF+oyKnkk/jQkJCQ6G2J/f7L5odH77n+nOt/9tqPz+/3zdPu3fvImT889KqpD1Xve/ji24ccWDD/n/HR8//4qRM/+DPrMxQ7/t8QD/Mnj287zD8uBpaUevy/odjR/OyJAY2pQEcMdDjMDwAAwGdD3B0Z92bGndKbb1m/buOSlrk/aHin5dY17Utvuum+U39y58ATvjQ47LXhuhM+VzD/7yjt9/87af3/7NL1JxRb5v+gWKK52Pr/6WX+s+v/dxRb/z+9zH92/f8ln8L6/3OygdQmecf6/wAAwGfBJ7f+f4/L+6cvEFCQocfl/dMXCCjI0OMy/qVeIGC71/9f8+Bff6Wq35g7/qTlN/WXvPZ39xzWeuS6zTP/5Etb10+877qxt6wpmP9fUdr838L9AAAAsPv4z5ddU3H02Xff0bJu6sZxbw5+98m3lgzq80HF0Q+3j3xh4Bu3nlcw/19S2vz/k1//LxQ7/7+xWKC12MKA1v8DAACglyq2/t89Q1sa/zCm/x+eHvab5Q/ePPqnj/z898v3+/mJPyvfZ8Gxz8+8bFLB/H9VafP/eNpFeV7u2JsP65M17UJ6Tbs367M/GQAAAIDeoTw0NVWWmDdvYdSjPn6bT2eWAv2odK7vvXLt2ZtfmH7c46ev+7uaEwbvOWHaBasa/2b4gXd+ftQley7ddGrB/H9tafP/vN9lXPrYiun9lo2+9MOrN/9qzIazag7YdvwfAAAA2HVK3S8BAAAAAAAAAAAAAAB8+s7tWHzhI8uOfe+bt//F/kcseXXwbXcd+Lsh/V664qoHJq1648zJXy/4/X8Y21Wu2O//43X/4u8L/igvd2y15/X/MvdPOfH2uV1LFj5SH8L+uYGpC6fuETLX5h+cG7jvjIMGdiYWpkusefbolzoT30kHjh/yuS2dicNTgXFxkcR90oF4VcUt/VOBuLzi4+lA3B6r0oGqTOCy/sk4ytLb6pW6ZFuVpbfVxroQBuQEstvq7rqkjbL0AK9JBbID/F46EAd4ciZQnu7V7f2SXsVAXSx6Q7+kVwAA7Lbit8DKMGlKe1tz/Aofb79QkX8b5S1ZtqCw2rISm9+UWZps8crJlaWk+6S/i2671nhlqO4cwrCCr6u5Wcq6Rrlzaulh0/1RkSH3tNpbeZFyadu76aqKj6gmGVHThOntEyt7HHhLz1kOqegxy7CCyU5ulvKuTVpCLSX0pYQRlbhtSuhyvF8empr6pHL9eQw2hDw9vSJK/b1+7jp/xV4FuXluO/TKt758zE+f++CfP/9E/2+cVnP7rO+/e+KvX7//wEOOuG5C05otBfP/htLm/9W549qSuRhAR7yy3sgBIYwrcUQAAADw2XfbRbfecfr09a9MWlvx5GOPTS0fc3rl1vl3zp93ycZ7Fx9/2cErdjR+2Fm//f5vBu//b89e9dJPR+7zwA03/58nD3v8z3//8I8eeqduZZ+x7xXM/xtLm//HPViZQ8HJ3o618fr/iwaE0HVp/YYksDIO97sDQvhyV6o1lkguqH9CLNGcBFbGHSYHxRLjWvOr6hsDq1KBl+szgbWpwPoYyOyluCVkduVcWR/CYV2psfklZsQSDanAmBhoTAWaYqA5FegfA6NSgdf6ZwKtqcDDMRCm5G+rH/fPbCsAAIDtkZlnVebfDel53qqKnjKU9ZShtqcM5T1lqO4pQ7FRxPt3xAyVqZNXynIyVaZrrUnVUpAhXgx/u/tVkCE8mp8zXbCg6Xj+QfZ8g7L8DFf+4NlT1w+e/tDqzcd8beBt/zhkz4Obp9e9t+CGp3475pzrnv/TQQXz/+bS5v+1+bdJ6+vj/H/b9f+SwIOxe1fHU8cbY+D5I/MDmR0D6+Nkd3G2qtZMicykfXEsMSoGGlOBGTEwKhUYNzYTWDIwP5CZaWcbX5RtfEqmRE4AAAAAPnFxB0HcTRPn/zce9YOr3x8wccuyeTPvH9vyxMmjv3H1XT+6d/9ld767YvCAce99p2D+P6q0+X9sr19uYxfH3rzYP4S7y7b1JhsYUpcE4n6Muvjz+H3rQtgjZwdHtkRbbVKiKtVweKAm+YV6Vbqq1TXJGgPx/ikb7r/v8s7ENTUhfCVn70u2jWeqkzZq0oFBVUmgNh2YXpEE4p6fbOAn5UkAdlh2r2B8QWVOdclq6L5ckdffZ+WaoOnhFewD7SZfd7+52lWq0w9k9qlmbd/TVlAdu0TB22Otd1tvfLc1eLflfpHKfEPZui1UHcontk0aP6d9dnwk95esBXbR85z7K9VS0jvhddjx8Xvbs+p0B5pTHx/N3Zfr/nVYFqu79LEV0/stG33p1Zt/NWbDWTUHlNyNIuIPhX+05X9XPpWzeXe16pB5zfW6z5NWnye98d9Ao6cthHDZ9cfsu+TdX+/33A3Pnbqu7Maxr/7lrHs2Lf+bysNHrXv/yaGjLy+Y/7eWNv+vSN12+V3cmLMGhHBgzsZ9JG7+YwYkn4M5geRTcs/CQHLI/V/ri35yAgAAwM6W3d2R3V8wJXObnBCenicX5m/dzvxxf8WobvOX2u9j121cedLQN6474G8vOPGNv7/28Kceuv6ysnXL//vYD1avuXzxe08UzP/HffT8v2+qm47/O/7PLuL4f7d2913RfdMPdOzQruiC6tglHP/v1u7+bnP8v1uO/zv+3x3H/3vg+H+3dvenreBb0gxfujonwdff+fPfTbzpg7mN+x180lPPHDrxun+6quXuu0555b+de9601761uWD+P6O0+b/1/7pftC+7/t+4Yuv/zSi2/l+H9f8AAIBdqshCc+l5XsHqfQUZ0qv3FWTocYHAHpcYtP7fdq//t3Dkv1904Q+fb7n2nTvHXb5m07Fnvvr0utXPzFpx3Lnnv9V6112tBfP/jtLm//Hl0C+39d6y/l/j2CJVXREDMywMCAAAwO6o2A4CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPl2HnvbO+5d8/R/aBv1ixc1/f+v/+7/P1q594JvfuGn4L6f86RllazZcM+LMLfMOuvC4+Qum/UvH8tVHnBHClK5yZUnxsueu+OpDrXsd9+wdAzfOvPHW+i3VmXorM7d/nJc7tvphfQhLch6pi4k36zvvbAuccuLtcys6E4/Uh7B/bmDqwql7dCaW14cwODdw3xkHDexMLEyXWPPs0S91Jr6TDhw/5HNbOhOHZwJl6e5e1z/pblm6u5f3D2FATiDb3bP751eVbeO4TKA83caKuqSNGKiLRa+tS9qIgfZYYkrfEIZWhNAnXdU/VydV9UlXdU91UlWfdFUXVYcwMoRQka7quaqkqor0yB+tSqqKgb33u+XtQZ2JpVUhDM0NPPHtpYd1JmamAtnG/1NVCF/qfMmkG/9xZdJ4Zbrx/1oZwhdDCFXpEu9VJCWq0iVeqAhhz5zAto1YEcLcwGdD/PSZmPvgrLnzpo5vb2+buQsTVZm2asKkKe1tTROmt0+sTvWpmLKc9NYFH3/sm96eP6HzdvHKyZWlpCsy5Sq7unxIZd7dlt2997FftbmVbHs+CuqP+atCv9B3zqy2mU3njZ89e+aw5G+p2Q9J/vbJRJNtNay3bKtBuZUMnT1txtBZc+cNmTJt/OS2yW3ntBz6Zy0jhg//2oihnYNqTv7ujJEu/eRH+oWKnEo+ife/hIREb0uU5326Ne/un+MFX/S3dbQyVHd9QBdMK3KzlHWNcmcM+qiPOeKP8zWlxxENK5g4FGQ5pOcsLQWTiW1ZapIsXV/rCiaHuTWVd23SeL88NDX1KbYdGvLv5m7e13dg8z6d2XSlpgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+P/swIEAAAAAAJD/ayNUVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYQcOBAAAAACA/F8boaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqgo7cCwAAAAAIMzfOoyeDQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4FAAA//8fSxmR")
chdir(&(0x7f0000000080)='./file0\x00')
syz_mount_image$exfat(0x0, &(0x7f0000020c80)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x4808, 0x0, 0xfe, 0x0, &(0x7f0000000240))
r0 = open$dir(&(0x7f0000000000)='.\x00', 0x0, 0x0)
fsync(r0)
syz_mount_image$exfat(0x0, &(0x7f0000000100)='./bus\x00', 0x10000, 0x0, 0x1, 0x0, &(0x7f00000000c0))
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
mkdirat(r1, &(0x7f0000000000)='./bus/file0\x00', 0x1)
renameat2(r1, &(0x7f0000000240)='./bus/file0\x00', r1, &(0x7f00000001c0)='./file0\x00', 0x2)

268.476019ms ago: executing program 3 (id=708):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101097, 0x0)
mount$bind(&(0x7f0000000100)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b100a, 0x0)
mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
umount2(&(0x7f00000003c0)='./file0\x00', 0xa)

261.700469ms ago: executing program 4 (id=709):
syz_mount_image$hfs(&(0x7f00000001c0), &(0x7f0000000000)='./file2\x00', 0x40, &(0x7f0000000280)=ANY=[], 0x13, 0x2ff, &(0x7f0000000300)="$eJzs3U9rE0EYx/HfbNImtbGmf0TwWC3oRbRexEtE8hYE8SDaNkIxVNQK6sVUPIno3btvwRfhRfEN6MmD+ALa08rM/kk22c2msUka/H5A3Wzm2Xkmm919JiAjAP+tm/Ufn67+sn+MVFBBentd8iSVpaKk0zpTfrazu73bbGz1O1DBRejAl1EQaXrabO403L97yd02zkWEqvZVUZXOfRgN3/dv/Oza99ubUDKYGHf1p/CkUnh1uvfLY8+sv70h41pHnMe0Mfva13MtTDoPAMCkBI99+/zfCwp/u6MS1u+eJ62Fj/1j+fwf1v6kExg5v++7Hc9/N8vyjT2/p9xb7fmem8LZ971oljhIzzNdr2cVFJKJAtPkzSpdLt7cg+1m49Lmo+aWp9eqhTqarcQ9hOw3NCfb1ZS5aR8DjN2kVpRBWt6MHcN6Rv7LQ/bYR8/0LXFCzBfzzdw1VX3UVlz/FX1js3UJV7vOVJD/5ez+5l2UbaXwtlGr1Tx3oMii6+Rs8kzljLKcPiNR9MEuKvkDQTUvTxe11BUVjO5KakApjlpOjVqPXmX0tZKIsqOJv83ZWY6aeW9um1X90WfVO+p/z+a35hp4WVdm+6oxa8GF5j7xYDyz6d0V3TGrPU+Olu5UknviT7GUlfpB/3saBhCdw3fa0DUtPH3x8mGh2Ww8sRv3UzYeV+I9M2+k1Db/vmGK0tDharX3lOQ7PY2je+AIks/cuHikB7T3j9zG9iobywBH9U1wG/LGeZoOv1H/Oqovkl86DgM8OcEbFMapfdKHCu8u9TF9bN1lgvmfq+TDet8VCvavW6XsOj0qyNJKNle9h0f0bY0dz4DKifglt3UiWUbnzA3mwzomZR7X0mBzrnMXpPOD91gN85wO/qucBqau77rH7/8AAAAAAAAAAAAAAAAAAADT5vD/Q2Du0FGTHiMAAAAAAAAAAAAAAAAAAAAAANMuXv9X0fq/Gmz93+6lWML1f8vKWf93ozeHnvV/P+zItCTW/wVG628AAAD//+RRfuQ=")
creat(&(0x7f0000000100)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.time_recursive\x00', 0x275a, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000001800)='cpuacct.usage_all\x00', 0x275a, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.swap.events\x00', 0x275a, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x44)
creat(&(0x7f00000000c0)='./bus\x00', 0x182)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.throttle.io_service_bytes\x00', 0x275a, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000200)='./bus\x00', 0x141842, 0x0)

120.81383ms ago: executing program 1 (id=710):
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@textreal={0x8, &(0x7f00000000c0)="66b8006000000f23d00f21f866352000000d0f23f80f792e00000f01c9c02efaa1003ef3268c850000f30fc7b60076bad10466ed670f013462f30fbdd0bad004ec", 0x41}], 0x1, 0x0, 0x0, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x1c1842, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=@newlink={0x20, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x137b}}, 0x20}}, 0x20048840)

55.475915ms ago: executing program 3 (id=711):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20040, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000007040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000007000)={0x20}, 0x0})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000600)=[@text64={0x40, &(0x7f0000000640)="430fc73f0f2390b9800000c00f3235010000000f300f20d835080000000f22d8c4e18173f53866baf80cb83879e487ef66bafc0cec66b88e008ec02d1aa80000460f1c460041ae", 0x47}], 0x1, 0x74, 0x0, 0x0)
getsockopt$sock_buf(0xffffffffffffffff, 0x1, 0x0, 0x0, &(0x7f0000000240))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
rt_sigaction(0x16, &(0x7f0000000080)={0x0, 0x98000004, 0x0}, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, 0x0, &(0x7f0000000080)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x94)
setrlimit(0xf, &(0x7f0000000000)={0x1, 0x5})

0s ago: executing program 2 (id=712):
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000006240), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f00000021c0)={0x2020, 0x0, <r1=>0x0, <r2=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000000040)={0x50, 0x0, r1, {0x7, 0x1f, 0x0, 0x10400}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f0000008380)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000480)={0x20, 0x0, 0x88, {0x0, 0x10}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(r0, &(0x7f0000004200)="a28096c80abf3543ecde7564abff5085d2227ebcb0f164ae92706ad0b083a3f469a3efd15b4921e9c3063b98b3082068e7c31950dde842eac55df0f991453cad62a6956b0b6f7b8cf49b506a3060fe1127eca99663ade8efa89ee189acb5f3b92f6bc4c46621c803eed0d0bb5f32384870ed08f89d4f74445762fb99715e083c4c92a8878be19ffacc30d0f2da64f971cd40563163adc15670ecf25cd3ad96138967c4b53ad9d04b5193ab5fb674aa0030a9d703d1baf810ce897f969121f142161919e583c275671b999e7f363891dfdfdf3556d01b86ee29eca8fccbfeaf1771395148706cc6e6be7ce29fc9ffef061b5420950c1a525bf75ad06edec51538d1c5bbc77da72dc90fd9998936fffdda2427e5a68966c7e2208f76304680182ec73007e482f034195712af922db2726195d997708734db9e7825a864be00b2a4f800881fc0363f5e618398454f35b148b4ccb88d418269fac868a8ba4a2d5b4f06a1ac01b5ad158b842e05adca22c7372585bf4ce95560b6c1e021a3ed2ff7bd3b6b3c7734c3b66d7e4c460096312082f89b16baa6e73814aa60925780cd92cd65087e260ec046fc363264366a9df2c849c0644911303946adad544521ceb469a3e193ecc9a7876403fac461a4a70d6193b2451189a5c5120b3535e9edf619108af7f517b58abd3fa7fb1ab832213430d2e6901076fba9c9e1acc6c6f48ff0e419bbc45589745a176f52a7407ad5e3dd49acb31b47862806f47077dda04905e45a80a12cbcd4d2dd9fe66c2d1f99394fed8ec60961cd2dc7115a96ece432fac86d51bebb08b95f447a83792fe80291fca7b298c9043ef2c26f0f7e42798d3f54c84b94c24c76c555d83ccc53b99bb22d71845e5cf21a5ba7fbeffeb6306e1730db14561b950a3f24bcfd78d4ab0d97de8054bb1a6077ae7cca6e45d846d3df82298d07212922742cb0facac3b77edfbab90e9ee2d4f7b0ee9b17bb11ec5e5721340d84cb6bd93428167e69b47759172557acda313c3decdfc6fe9336bfade459f43b39d0f2289f9142db280f4ee668e650e12858c577e12e2b9a57ee66c834be97979bcbe94747fa5d8d0b7d3a9f8f218df1bf960f828429a1efe838616b18faf6629236ddbded43a093efae163228e5c38fd7714743c2fcca47e3382bcfb1ab893fd7377527b4ec43f3fa60ebd338161d8de7cad65b15579e4af258f5fe3a63c2637a15703207029b0899b5427767647baef11e291358e6e54f6f13d3d2ca7a5e7969e04d2733b3b9ab822c69a3cfac097384de5071a9b74a656136d55eb190df08747b509fd610ff62b4950ef71c934fe21a48a4931d3d9458b415f112cee65c660f5490e982341da1c58634b3967ca6f3596d20cc90f508382156e36f16539093240ef5f2aa6a2c0dff2a67df30dcf50bf6e0b82a3d49f2d532a8dde1b3ceefcf0837190b74186090d1c18b59917d7efce1adfb238ef4a7b1d22c4cef09320221de883e97e6882466508de06fcdabad3b741bdca2cff879d57ddda52f42b3dcb8a78cfc05826af7e4ff155960ff8491194f4d321ef195990abaeeefdcb852d1e1e3703f317385a9458b6c2dd9db830f757ec29c9939fc7313e639fe485bc1e41ddaaef3fbf1f7cc527c8fad0d21b8082482caad7bee440e5097665f636c3dfec82f8c98afb6243bc3944939675a594277d278ba4361461f7da52e224e4ce5dee4a467bf6ae9f67b61ac6eb0a440406abac2016eec907e241c57f5f44be47290fd0fef785ff04df3810ccd637b4d97a84bae8486a36f75d872e645fe46625969fc2d1f032c56ed44bd98ea27bd9b6ddc8eb2dc2ec9f90f2f1ca1bd20e37ac58b03c84c872f4ba47310654986641460dfdd531ac62a76ad87b89c103ac5c9c2e7e70c66447b3412d4a1e5cbc30e16939505116c04de33ae054ed366de8d1f971c2de439957a194e22a488f58d7efd46439177f3f3c45a1475927eecd846d3d2e6a2ab5c7f8addd99062c2fc6b272d1f51bb8f22f1b6f8bb3faf8aa85e5eb9abf7df5cf8f26267323808b0833a987989cbe59205e7ad06556e2d1b8a4873ca1cbcbc8d43abc145fd4eb832e7a58ab2c793d003ce7b1850ce45eb7480417a1e9eb9d39a1028a2a04a2aa649c098c4f8eee514db5f6021173bb254b8e22b150b2ca01dc7ff235db46ed78d07f43d1adab13b8445d1b32069eb45f9d389fcf5a3f7d3ebe243c5b1fe17b1f5a3d571b65f21b9e471e818172554dc956749b99cb7a5f303ec480d7194a2ba86e204f06aa1becdddc8c49082c527e7064ac2ad77dc05639d3d2a7778f6943ed6105ebf6f0b9e94fddbe05c236ec000f4d1d4e496b10068211ab68ada4c7f7ac61f5f5ba5f1810d5bbe87ff4f8356af0d3f682baedb0ad8f8488b277421f0a03fc5e3095ee34bc4472d8f17e3f7013cf2f79f5ff3ea4b6bae56d1365a33b09bfa9a496323f7da923b7e29dce4beb81035f13130004c96e56d7ef6ca6c101d20c27a218e623227c33c9e488b17e7ae9ac20da8240501f7b614a1730f164553fe479ef149866e4ea47296814284a3d3eb7cbb294289ffb996e0eb053b9c16e54cf267832e3d360eb196ed51305630223309ea97215628f01ec9d3ea48096418d5e962cac5063460f0a18772ec7ce66d14a1cce14b52c40bbbfafccbf1e76f09e57ff0718048e5b993157a6cf4718826b1e09430413a3596a15c4a620fa8c8e1d1663e5739f9f790ddbb3be0e00187d43717d659242467d8681ac10303346157f894d9037641417010e9654c6a5b22263e73a5a37128f50078a980c30930321aa5c5e7851d5d392ddce3a14a96916fa8421ae6728f37f5de7c3e98feb4babd4e1bd2315d595e209d52748f70adc2284fcdaa6ad880470d2a071f3490aaf3491fb64b4547419e8eccdc491a8921156cb4811ad1e66514a32b0b31b641438881f28c1e6461b4f451938999af671e8c6a5cd0c072a9fe4cdbefe24ca616f3d0a15ac97cca835b1a440e04fa28340c6044176c8ecc8ee0d033d47db8a0aacfa0eabdfa1c9509fc2604008f01cbafeb5bd2b503b809ed672340b9a576593f1ef388391b54b605e7a15bef7b1345627a34fca57738b0f8f4f19eea93c903495274a4425a1a1cc6c4c6e335b631df5185c95b485e4257867b5347a40e4e14dcc560f061fd4fd265137dc68afd548adde778f1330f769acb1ccf5da14ff6992c24e210ea6e6179421881b803393bc6974e37106c5b5b3b5d0b3469f8969bffb7e4ceb2c98e928e74366492d27235ae4c74a2f48511aeeaa53a2beafa7a331b50e454c507af1b63350a5cef35668a5b9325014192277e509561008b3601088f79d42eaa8b1e4ae2000b31749e2b8094312ddb7f3c1cd625ef885c11fa22a66e374b52b3425e0b8016154e1fd8471339e32e7373d63ab646d893fbe09ae07b06074c01401ea76b3c382a9d32f24f93c789964e16bc4206ecd75c10917ab84ffd8d6cdf4cd28fd90375ff28518f8c1a3befc538e1b9e427fb671988d29f2fb2fcd039f4d341c84eb4d7cf600ddaba88bb094e4d87a1419180149f491368e648b69985b05ac39a4ecdd3c5135f3a5c8ad7792dacb6470144bb9e67805a211efb3ec9ccaf8e0901345fb19e4da579e1fbe86a1207f4f13c3436009c2c640b7cf3f8b77ca7bd994bf93308027359c6dd1b7db1e153fc0821968ef36c003b6c73fe890f4de24f5c6458dbaaf3819edeaa91783c3cfc7e773689236248195c7bbd60113f2476fa3687621d668d1728ee433d2f8f4db707345d30f1e52ab87a2a0afd547c6b3f0000f59f17facde48f693490e22494b75d11df1a143b85068d143ef6a9bb5937a9df380c8948f1a01e9675e18409edb0f6b9605b68e34632fcce472dc50b90b0f6dcd57931f78e1e8861a0fb62e72b0baad6f9d23c1cfb0f19b25013c8d9fcd786a2f6f79768b5fb398f7b2baa31ce8156d1fc4a46c1c463fdf30360d42aeed2ef11611d0b7f654bb51052fd4dc39328f8ec4c58bbda05e6f1b3c8f6d8adca0268f2410e9a4a7d63b6616006d0e02f6edacc10e5c54fd85f15a8bd7648a293f23d6a699bd9a675250475a73a96d7475e4fabb89fb5e7de5d7a3479aa485c0befc60d0ac4fd5ac6dbecceb06cad86e219fc0ce4720758917811a3215f8d13e413bfb64fc065fc421aede0b56691797dac428c7e463479fa591b9072c309b7533e427c5cc11a1f6cf9a5b995d328d796d874c5b55dfc12a5039b413ce319cf5ba1f355c4e0717d32650b43e18010f37f048731931c52c4f36eb969dda702afe96c2a5241350a67ba2d026946189c5e281293c9a8e2cff3784753f1de78b917101b54e5ab00c045ea15f28a0e3f509962cf8bd3385d85250737eae5c34ece86b86669c13b00308a3b13c0ac3c83ff26fb52a4aa83c1233a9490cb9ca917a056908931751bddb88a62379a713395f0764e4a393faf253a4026d0472270e6036287d56850df1751543484d65b3062155b6300e0024241c59a862ae769c1a9232a2d9fb24705177a09cceb3eefbf9f106f67e01be14cdeb4d2fc7d8661df3e75de5ccd09a7e559f028fb9837c621ea0045b4d1b679067f246339c974631aa7134d4e910efb28d3c48929cef1df7e6c73668762d55086b6c59c36ac90154135fd7ca4e4047dd0aa161fa982d8edf9c0cb9666477e096c55718f6e4742415fefd4f696d1f1ccd6322bc19496ddebd36282a7c707d5b44113e30678e6e33ab7d34be04a59ac614d6a54134490998be02636fa91633d6294781c2b9a54c611c0045cfcfe81f49aa21b29d835cd2047c854486fd8e65a2ebf629f7ced602b9dd107bfde483e5c9b5cbba4a08cdce09920bda9978b7fc2b4a89bf1573a26389e52090fdf5dccf22111dc8c42fd3c8c477092895398086cc22cca665269e193fc650742a361a44b857d258429f701f22e9b7615bc3dab78c1479a41cf8575cdb17169470b347adfc03e03daea3e269725cfc72df5664b9df36d2f2b55013b71133e0b80577a47182511ebb308b6248d457bd2af7b28e77182c305241178c4124ab102771fd5a8c3dacb8775de881301d71587c76bcf0a97a72ad244d0c42fd71aceec32dd48bb5c9a95b391166c832ac5bac8c7cae4d18b3f7d9f2e4782fdf97732e3d51f67bbb57f989ee0d7589dbd0c2a5c63840e914b9d7d720fa120acbffebf816b588b2ccc052e7fa78992e0ea39dd21a122add41195f8e2e1acd777c1a4e8ef4362fef441feb4d9252c6bfbd2742152300a32027776e3341620d3c8d9365e10e81adcca7d87a0e555c98a0353c692557d90ee9be3fbaab766abf93e2462149fd99c92a5fc58d899ee75535cd1fe1386c5ab0b157c2102039d6015258f59cef3f15b951893a30ae839f740402a30b34e7be73796286403c5beb0853d856d83f1b00b48328f56dcb32e1faab08a3435b1482bf18b21c95aefeaafa7fd761c7f28d416fcde06bf7aee5c6e9eb50e55874253ba3f1d0ce2505b4fc7c3fc996bfbb8446bafe84f5bea94bfd7ca5aeaf237fe793b66e5c521d4092e4e1f9bde1dfcfe53fa55005d21cfa833a338fd9792614129336060e10d1911862070761aa20c2902eb7c5a355eff4cf6253d7102a2ca1fead4c53b57d576d104c081310d92797e4e2e8c269d19910d0d4cedf30fa28ba680c00137f83de940624229b6a125ce5233c6cf4a3640b74f58f288dad8451fbe37641c5559a5f3caf1299c8bfb230723652278fe378efd8e459b9da26cffeb58468a6301dbc06d713ba2d8d43d9038f5f2dc8b831ba58a88eeb5b1786b21e398aeeeb7c1f3d6f01d82b3947862fb9e7cbd7da5d04c5fcd34da28d53e2246e3ac1e3a619ad174efa6435eaa0fc94d610799ce0158421dce046306eb5042143daa336d52206b12610ea6389cdda49bf5af1d4ee42ac090a94ae7b7612073f3a5c36a2205eda887f41478f7d20f18667f941f71eebcfa76c1ab28f2a49a3bd56bd3f4e6bd079ab3fe2d94782236e83585a03e52907abaef7456a95d5d3f3d37efdc035dbfd7c41b8ba0af2df8adf1cf24f7ff0beccd3d26bc91caf42314ef7e466f74e19ae0df2e2298fc2f694a7ec134632035585d530e7e19f65c256f001d75382d9825ef741bc213af186377d9ca10d3722354e1897ca5c23ac6a52c9ad0e6b686e1776f7ec65df033e8f4d5db80c1bc354093b319cb70df93d610667675816328c99322f14e636b95f04e6497f139d508b453f53ddb5c289d849fd5407c9bdcefd1642abd46e28cb4e94371bdc606eeb67c9fe17747c68f2d50e82711da4d3edb0eda06f41b7f93fa8fb4d83cf21c79da67000bac2275508217ade1659fa8d24e5f8efb9f4bd21073ebef3d06368eb03fa3cf0d638448bd055ed20d292033ffdba538559c8ff9a2a5c8f83b5c393643d6585d1df994c3be43e72b8f3f53114d2a5f6bcedb573842b23b6a3eb7fca8495bf03bd03fde7b19bd39a16cec49e01f38e671af33cae082d9788e3202799bc466babec2080528d0609c0b731964719093735b4c1e73bd0705637c47516922197c552baeaf3516b5e3bbc2cd1afa3ef8215196ed580d9561092f620b897e98e786a0c7cbb0eedda8063292ba6482497f5f6bb62fb5ab4c97cb7658dc6579718eb97b547fcf47ced1426561af93a15fb4dc6d3d93b868644943c2c94b23b0570bbb81df2666c24f5abccfcdd71e209f3bb43c01d17f9bc8b9af2c26762fc6a741a150b7d1186e4f35175f3c315243e1c11e92c43a1fc492eef5a13c77a81fcf514ebfd0f8e645dae15a07e86b2f01fda065db4505a5eea83cb616f744f6bee731be191c65449c02603556d5a51422cf9c2f19f8d6843e0c1091e0708aa271e91f71c8602b9fa72189e036b7cb6af1569f21269283de94a6d7fe5849fd433d5b719c80419873db0587fc29786cc598d896fb16360bddd2ce12e54d05418f4f5e5f2d7aafe9fcd6268cbe2e9e6329ffb6c67fab8f3ce673028cc06aaa6b857556bba3b44d3fab5b6e875e70a2f3ad4b2ff76f31ead3462d3801ba373b3c2f545e94f57021575e2947f81f53283fc0a5137fd44fa3d074c92de54a0a3465c858f5a7ef08313faddbc3663e4e0167f3cba39612057a7518fbfb031f5ad0f9f75831973ebd733b82e554bf3fdec84e51f65dab6028c6c51366d9d4700fdf255e4c7bd70766e7f2281b3f2a5363f85ce49f9135904d14bcb117ad754c2594dcdca2d30e40ff265b5accfb116f64ed99aad570c4c5a91efdbb984ac651d8721405a0342cf77f448c17a152eabf29e88950558a86d0074e1cefab1eb7c366682f686ee1338737e675ea58eb8b4c86b9f28a6f6e96459f29e3b4dc59ff044c61a0dcc5c31d803e6e98420e446229ccdec3d0f705e92ffe016bb3696373eadab7f35ccf65ab4d9be09a085ce21bbd7c0555376e4d7fe68b5e7a64f48b5127825fb2be598d991f9c1a54bf52713417dcc599e812d85513a537e6eafa738edc972b67e065595d11678449bce6cd3d69800a649b560d0e057c502ca3e72e97820829ecfea801192c3f4e2c8763c095a43ee6fe45fe8730130937668df1d4ee577ada28238be03286481f2d2a004cc4d48856e71fbd64f1a0043a4520ecbbf1b3abdc96b87a27be8495a20542967aa4cd3a44a11502419a083d84e97abfde0901b66dde48388649a0ed6d93b9f20c530e990c7c52370a114d800d6ab3f6687d6bbc105b63738fe05fa6cac98ad6663936bb18cb923264e44312c24c2ce8e642bb73c921012b68a26a70977446b8f15f9d62467d8b356560c183a6bd6cd76ec868c3bd94a595cd7bf996755a508a814980c5e588b275200c45afd900c8c2de329ec2484b0e3ecd7b0960e5e3425881d1ff7f8bd8b20f5cc98ffc3acb77f5e88775a4bd3ab9f9eb027e27d3af55ebdf4eebab48ea911128d668d00fc3f5b5480aa0d9a4af563ba577384448e5425157133d59e1cef3c722f33700bd372825046b1fa5824e405154a3af1440bc2b75acfbd07cf92e8c162587e74b5ab66b1c6aeab3ad5fa3ee91da4900ef30ad04baea326df912517dd96e1696b4a91faa66675978a375e81f25464a1073dc6737af08d7e25956bb31d438548a7da38662d49db812a8cf1d6cc65f5c63879fd9ee7fd2a66ca3fc1a748cb239aab88c87206470b4c60592afeb6d69ed97a8f990155862ba4e22b64804142c131a23792937aa8a8696e165c24d7692a04bb4471b0f0d2507fe7c8618421428fc7a0acc984ca5cc6bacb772e8a717bbaa646f9643275910a6037afaf5a80678d18edda138a4e13d06d04a5d06431eab48738225cf1567e960e765728dc12e91b91c6f2b33dfb6e033aa68c1c2334d24335abc4a7a1df5636dec29091da54d5f5a1fff41e4a35a0c2f04f968f7d78e2f51c73577e2192bb20f289aaba5a175c2ed533855bd9ed9a842ad482136dd5e0cf45eb5e2d31ff62a3be1cf8a94a58316e74f4ab9fc54f3a0bb83beef0f355993bdea2c83e61cdc796bf2564ae51fae616799e8711998cd88d35cd9824452fdd65226174b46792cb87f4dd282e4e6f67eb66da413ad877ed6ce775f7e19bc93f48bb9e5ec04009de3c042aeacf7f4b25ad6b30e017303f64fe07ac79e8744aab6926d117f13513d0469cef335fe1d0d787c2d0b2c031a9521786ac10e9f8b768271680337f2c3262abdccb5d3107c632bf1f74c83ee91f49988222fb080cc8faa9b1a02526d8b6087e0b2354173d29016b3309587c16f057dd812aa63c3169150de81f3af97d082a8f8da4ce4f909ff649821d7f96d97613552e8cc4902e046ecfa329b1d980ff5ece69b8f1615fdff5244f41cec0af924624ae1641ecae5fa26c5fb9006e57100ee71377ced7c255ae17a0845e2ee0287c62c1852f93877f9f86157ca9675d383fff5cd6f2b001ec0136c07cf37f5ace1853122c2baa1092d418e2a490c4a5c8f56b828ce1bafeef4e77f095d6b4ed99d56f66812cb19be540ebe5d52e7eff2d69cbb8477e11514f7e3604bf9999f78c2f1ca6f60a2216b87fa0f25269c425b7d50709b200912b3b7899c95e12d6e9c4dacc19e327721860e0477a53e6793fbb7fb9704a848f395f48c24a6e79b9e1358cc3497251de88b8d3a7b22c6d8af1a7fab81530d9f0cc98f62debb222b54780d89794238532717b447d71b46a60ed481c21db85b590b31720009695ecffd4ef029964e5d5149622233ac013e960a005c924f73ea82c318455546c53d74aa3f7e2ff26aa074c40a55aba8b08027fc19b596eec6c4f89bae39e74b9aad88344f7cc5ad3eefa5095f2ab47222e9a357ecd71c6700ac576025201490d9e446603dfd4bda7617dd500981b2d2ab8c43882a5208494cb3f8ebc720bca8a7cf6c80bd7aaaf89507bb3412ea490a78973f12cc30413e9df1458917ea3d68b438d424c1314bc8d01939c5a5a842438281e62d0c800dee704b2a6cd3e1e4b885a6b26b894a98765fa3308c9e4b87f93625faecdb17c29a27cd243bf6030a67874ec9f2443cf8154261ac2a834c01cbe1f314ee7aa3ca552e1648cf8b42a63f249e3538026e09e44d69dc259adb0d1a0cbccb5a5dd5d0dccc90d023da79d5634188ff060f7e35a5f9d7ad99546824d63975d4452de876093f4e997dc46eedcd80a9eebf5e4f077fbb10c7d9e19a3419e7b845972a3b62613c5404a209b16fa88e0ff49d7b4f21fecc1f773c5b4be61021e0cab8602c6e8257649303aaeafcbb178e7a460ff07f219c46eb6fe5bf8113723e454003bd707767c107daf4255751daaf8decf35262640058924eb6587868b2c08230b317e97396ebc928ba8d274ca0eed0bfcb637676003c64e8c1e1a0420b6c96a44226061ced41b8448382abd2f3d0c472afcde231fbc9ee90c2f1132f8e2391246f95ad93354c7460e20de996ad0f61b13b27646887a637cede90b94b7d8c3130f0fe060e8d955c711a2700b302a75bdeb32a0a6802ea795cb114f5f82a1a381a86bbff88b299e47728b746dff964c94c52b661b9429376b1320b46081426b7c340206dc0da151bf84be2a49e78b6b5938753d2b1be8d9e67c43c5d70e72519f5f90d9f95e84ee38f82b191ac4d968b0a37901fd923cb289d585693ac3c3f8a94fca6df45e694e199a9cd0b1bc1fa7394bcc96aae670dca6605a998793b7e067ac410ba631057b8b76fcbe9524df820c02efef1608b743cd2aa6d60d3d8e476fa12d3acc329f8272b087d89471177ed531fec1f9c24a975ca2fcd8c246a33e291a3f00b7f234052067a0059c86762475256bb5e7dac6f121a0925506b18933c6e314915d4b3b2130aafc2483ef22ff8bb7b887565b1bd22fabca22037d8fc9437f675c5313526266f60bb7c7c47f30c7d567ed142ea5ec367c4298328d20e5344f01c0c90cf8a6302f4d84b6ba7495fba314a05ba29b63bb6d458fdb05a4411136958309f418fb178e19aa09ff9e62b29732fb2986c96e738f7a688cb2122dbb8f2ad9a5f28bc49ec0c462413552afee8e403259b55ad6dc334dde7f2d306929dd01f2aa6036cafd41874522689301b81c9e50e86828894140356db0a3317b081ed9d8148c41e77e6bda6287762532b86eb91f5480915680deb8a91fb8656b7f0109064865d2b846af0861f67d3f720d6e306540cd7b68f095ef3690b88ea93fb6a402ff5697597cda83171f159e85307d1a8c01611189bd4eb4f0453ab88d43ae181a562a76902a67c687514079d6f4304d9a7c0fa24b6e86074ea0a9fd8187c120312078f5ebfa674adc0303734bf8f6b5585943706594192ad24c9f7d9794fb83758924f862855ddd50bff58b522c43d73c03289baec628cd693cab93101b1e473b76532510e10f03e86812fea6f2d6f5467dcf29e6d7cf8524f383a0ded3f0951c3ffb171a6b8a6d97b5fa8899a19f1a3d0e934a1d4741076e4394ba225158f697bf7d5651717c6950229a0be22e8120d76a414edbcd03d505264b7ede8272ccbd6dbdcebaf11daf6a652f6f9eb74ba7a3ecc942892891388005ae5d971e4e79d696564906dffd44845b704a9abc2fa5ba1bb69a548423a08044ad6d0e365db7e6bea0f3844a452759716cb98dcf326001ec90c1c343174098cdf47ea2e13341058ca014d2a30e9ba3c526de72a6e387181bf76a278c9cbc518d8c374a3f1d9802a39464a100903dbec16f8f095f5d82d9d09507281e4f7fe0ce4fbeced193902a5f658af2a4c1d0952dabdc6ae5830b6b5a2c3f5b8d33a73665990822e5f4a7ce5366755a1615543bdf78299c71e890e0bedb6ec277b10a389d6a3ba9c037221421279e51ab50fb115de2076cc99444202e88ebd9d0fbe4e60234b7b761495ac6c9e615ddac8176164a88fb6d6cc2b52672c8949afe3efc1e87a598896bc93e421423844fcaafe65af898a015b3bcaf623ebeef9a57155af5278ceb52b995f7ca466d9e18b05e86380679e0257cff6d0c6750078462f2ee4701d6d8289ed848b877cf5918625b7937060d667c11119881c30809056892352c6c53c01e395af6866ea350e6f21fa3db772c1177c759999973b51e11ffc5908", 0x2000, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000540)={0x78, 0x0, 0x65, {0x0, 0xfffffffc, 0x0, {0x1, 0x0, 0x0, 0x4, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x3ff, 0xc000, 0x0, r2}}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(r0, 0x0, 0x0, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x101001, 0x0)
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000c80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000580)={0x78, 0x0, 0x400000400, {0x0, 0x0, 0x0, {0x2, 0x10000000, 0x0, 0x6, 0x7ff, 0xfffffffffffffffd, 0x0, 0x3966, 0x3, 0x8000, 0x4, 0x0, 0x0, 0xc3d, 0x4}}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
writev(r3, &(0x7f0000000000)=[{&(0x7f0000000cc0)="e1", 0x56000}], 0x1)

kernel console output (not intermixed with test programs):

, idProduct=8007, bcdDevice=af.a6
[  220.627292][   T41] usb 3-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3
[  220.663091][   T41] usb 3-1: Product: syz
[  220.667302][   T41] usb 3-1: Manufacturer: syz
[  220.702379][ T5464] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  220.713859][   T41] usb 3-1: SerialNumber: syz
[  220.728883][   T41] usb 3-1: config 0 descriptor??
[  220.804143][ T4332] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  220.858822][ T4276] XFS (loop3): Unmounting Filesystem
[  220.916288][ T5464] device hsr_slave_0 entered promiscuous mode
[  220.943812][ T5464] device hsr_slave_1 entered promiscuous mode
[  220.972128][ T4393] usb 3-1: USB disconnect, device number 5
[  221.015948][ T4332] usb 2-1: Using ep0 maxpacket: 8
[  221.022929][ T4332] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  221.062163][ T4332] usb 2-1: New USB device found, idVendor=07b5, idProduct=0312, bcdDevice= 0.00
[  221.093249][ T4332] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  221.113989][ T4332] usb 2-1: config 0 descriptor??
[  221.334877][ T5709] loop4: detected capacity change from 0 to 32768
[  221.353574][ T5709] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 scanned by syz.4.313 (5709)
[  221.409503][ T5709] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  221.432327][ T5464] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  221.442324][ T5709] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm
[  221.461332][ T5709] BTRFS info (device loop4): force clearing of disk cache
[  221.472922][ T5464] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  221.481186][ T5709] BTRFS info (device loop4): enabling auto defrag
[  221.490780][ T5709] BTRFS info (device loop4): max_inline at 0
[  221.507771][ T5464] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  221.514972][ T5709] BTRFS info (device loop4): enabling disk space caching
[  221.531604][ T5464] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  221.544539][ T4332] megaworld 0003:07B5:0312.0001: item fetching failed at offset 10/11
[  221.554785][ T5709] BTRFS info (device loop4): disk space caching is enabled
[  221.565671][ T4332] megaworld 0003:07B5:0312.0001: parse failed
[  221.571780][ T4332] megaworld: probe of 0003:07B5:0312.0001 failed with error -22
[  221.653258][ T5594] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  221.742010][ T4393] usb 2-1: USB disconnect, device number 3
[  221.820619][ T5464] 8021q: adding VLAN 0 to HW filter on device bond0
[  221.831506][ T5709] BTRFS info (device loop4): enabling ssd optimizations
[  221.839728][ T5464] 8021q: adding VLAN 0 to HW filter on device team0
[  221.846486][ T5594] usb 4-1: Using ep0 maxpacket: 16
[  221.854550][ T5594] usb 4-1: config 0 interface 0 altsetting 1 endpoint 0x81 has invalid wMaxPacketSize 0
[  221.865662][ T4361] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  221.872938][ T5594] usb 4-1: config 0 interface 0 has no altsetting 0
[  221.876438][ T5709] BTRFS info (device loop4): rebuilding free space tree
[  221.880018][ T5594] usb 4-1: New USB device found, idVendor=04d9, idProduct=a04a, bcdDevice= 0.00
[  221.896900][ T5594] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  221.913522][ T5594] usb 4-1: config 0 descriptor??
[  221.921560][ T4361] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  221.943770][ T4361] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  221.954212][ T4361] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  221.963092][ T4361] bridge0: port 1(bridge_slave_0) entered blocking state
[  221.970181][ T4361] bridge0: port 1(bridge_slave_0) entered forwarding state
[  222.004159][ T4361] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  222.017656][ T4361] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  222.029680][ T4361] bridge0: port 2(bridge_slave_1) entered blocking state
[  222.037468][ T4361] bridge0: port 2(bridge_slave_1) entered forwarding state
[  222.048682][ T5709] BTRFS info (device loop4): disabling free space tree
[  222.055941][ T5709] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  222.068092][ T4361] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  222.076219][ T5709] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  222.100377][ T4361] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  222.117201][ T4361] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  222.138718][ T4361] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  222.167606][ T4361] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  222.187892][   T41] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  222.204639][ T4361] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  222.222377][ T4361] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  222.258829][ T4361] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  222.277751][ T4361] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  222.302140][ T4361] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  222.319637][ T4266] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  222.331335][ T4361] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  222.355798][ T5594] holtek_mouse 0003:04D9:A04A.0002: unbalanced collection at end of report description
[  222.378088][ T4361] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  222.380901][   T41] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x86 has an invalid bInterval 0, changing to 7
[  222.393587][ T5594] holtek_mouse 0003:04D9:A04A.0002: hid parse failed: -22
[  222.426301][   T41] usb 3-1: New USB device found, idVendor=2040, idProduct=5530, bcdDevice=a8.82
[  222.427511][ T5464] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  222.447352][ T5594] holtek_mouse: probe of 0003:04D9:A04A.0002 failed with error -22
[  222.490617][   T41] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  222.543324][   T41] usb 3-1: config 0 descriptor??
[  222.569060][   T41] smsusb:smsusb_probe: board id=8, interface number 0
[  222.584644][ T5594] usb 4-1: USB disconnect, device number 6
[  222.601019][   T41] smsusb:smsusb_probe: Device initialized with return code -19
[  223.124194][ T5778] loop4: detected capacity change from 0 to 1024
[  223.267609][ T4645] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  223.305775][ T4645] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  223.342748][ T5464] 8021q: adding VLAN 0 to HW filter on device batadv0
[  223.404256][ T5787] loop3: detected capacity change from 0 to 256
[  223.455889][ T5787] exfat: Bad value for 'uid'
[  224.147565][ T5594] usb 3-1: USB disconnect, device number 6
[  224.378678][ T5787] loop3: detected capacity change from 0 to 32768
[  224.403881][ T5787] JFS: Invalid value of umask
[  224.411764][ T5790] loop4: detected capacity change from 0 to 32768
[  224.449803][ T4928] I/O error, dev loop3, sector 32640 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  224.495990][ T5790] XFS (loop4): DAX unsupported by block device. Turning off DAX.
[  224.526314][ T5790] XFS (loop4): Mounting V5 Filesystem
[  224.529005][ T4361] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  224.570196][ T4361] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  224.610518][ T4361] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  224.629145][ T4361] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  224.680668][ T5790] XFS (loop4): Ending clean mount
[  224.689534][ T5464] device veth0_vlan entered promiscuous mode
[  224.708255][ T5790] XFS (loop4): Quotacheck needed: Please wait.
[  224.731949][ T4361] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  224.768773][ T4361] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  224.838984][ T5464] device veth1_vlan entered promiscuous mode
[  224.883235][ T5790] XFS (loop4): Quotacheck: Done.
[  224.955122][ T4361] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  225.023475][ T4361] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  225.059151][ T4361] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  225.118133][ T4361] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  225.185696][ T5464] device veth0_macvtap entered promiscuous mode
[  225.329279][ T5837] loop2: detected capacity change from 0 to 65536
[  225.349506][ T4266] XFS (loop4): Unmounting Filesystem
[  225.360376][ T5464] device veth1_macvtap entered promiscuous mode
[  225.438738][ T5464] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  225.449506][ T5837] XFS (loop2): Mounting V5 Filesystem
[  225.455490][ T5464] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  225.465802][ T5464] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  225.490392][ T5464] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  225.519025][ T5837] XFS (loop2): Ending clean mount
[  225.528869][ T5464] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  225.551099][ T5464] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  225.561058][ T5767] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  225.606530][ T5464] batman_adv: batadv0: Interface activated: batadv_slave_0
[  225.678826][ T4501] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  225.708056][ T5856] loop1: detected capacity change from 0 to 8192
[  225.729968][ T4501] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  225.734023][ T5856] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  225.738768][ T4501] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  225.759377][ T5767] usb 4-1: Using ep0 maxpacket: 8
[  225.766547][ T5767] usb 4-1: config index 0 descriptor too short (expected 30, got 18)
[  225.772869][ T4501] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  225.777063][ T5856] REISERFS (device loop1): found reiserfs format "3.5" with non-standard journal
[  226.428706][ T5767] usb 4-1: New USB device found, idVendor=1660, idProduct=0932, bcdDevice=80.ea
[  226.472720][ T5767] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  226.480583][ T5856] REISERFS (device loop1): using ordered data mode
[  226.487360][ T5464] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  226.487449][ T5856] reiserfs: using flush barriers
[  226.507223][ T5856] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  226.521512][ T5464] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  226.524402][ T5856] REISERFS (device loop1): checking transaction log (loop1)
[  226.542672][ T5767] usb 4-1: Product: syz
[  226.563244][ T5767] usb 4-1: Manufacturer: syz
[  226.563406][ T5464] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  226.578039][ T5767] usb 4-1: SerialNumber: syz
[  226.590425][ T5856] REISERFS (device loop1): Using r5 hash to sort names
[  226.612936][ T5767] usb 4-1: config 0 descriptor??
[  226.616710][ T5856] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage.
[  226.628519][ T5464] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  226.641659][ T5767] dvb-usb: found a 'Medion MD95700 (MDUSBTV-HYBRID)' in warm state.
[  226.643131][ T5464] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  226.680984][ T5767] usb 4-1: setting power ON
[  226.693165][ T5464] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  226.701805][ T5767] dvb-usb: bulk message failed: -22 (2/0)
[  226.719614][   T26] audit: type=1800 audit(1754638726.956:276): pid=5856 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.333" name="file1" dev="loop1" ino=2 res=0 errno=0
[  226.733213][ T5464] batman_adv: batadv0: Interface activated: batadv_slave_1
[  226.753179][ T4318] XFS (loop2): Metadata CRC error detected at xfs_agf_read_verify+0x18d/0x250, xfs_agf block 0x1 
[  226.755271][ T5767] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  226.777481][ T5767] dvbdev: DVB: registering new adapter (Medion MD95700 (MDUSBTV-HYBRID))
[  226.786921][ T5767] usb 4-1: media controller created
[  226.804551][ T4318] XFS (loop2): Unmount and run xfs_repair
[  226.812745][ T4318] XFS (loop2): First 128 bytes of corrupted metadata buffer:
[  226.832985][ T4518] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  226.848007][ T4318] 00000000: 58 41 47 46 00 00 00 01 00 00 00 00 00 00 40 00  XAGF..........@.
[  226.850407][ T5844] dvb-usb: bulk message failed: -22 (3/0)
[  226.874879][ T4518] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  226.879117][ T4318] 00000010: 00 00 00 02 00 00 00 03 00 00 00 00 00 00 00 01  ................
[  226.892235][ T5844] dvb-usb: bulk message failed: -22 (3/0)
[  226.897344][ T5767] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  226.940709][ T4318] 00000020: 00 00 00 01 00 00 00 00 00 00 00 01 00 00 00 04  ................
[  226.949040][ T5767] usb 4-1: selecting invalid altsetting 6
[  226.958707][ T5464] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  226.963637][ T5767] usb 4-1: digital interface selection failed (-22)
[  226.972446][ T5464] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  226.990248][ T4318] 00000030: 00 00 00 04 00 00 3f ca 00 00 3f c7 00 00 00 00  ......?...?.....
[  226.999362][ T5464] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  227.010799][ T4318] 00000040: 9b 73 48 e5 2f a0 41 a5 95 26 c5 3a 67 8b 01 f3  .sH./.A..&.:g...
[  227.015902][ T5767] dvb-usb: no frontend was attached by 'Medion MD95700 (MDUSBTV-HYBRID)'
[  227.020113][ T5464] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  227.043013][ T4318] 00000050: 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00  ................
[  227.052564][ T4318] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  227.081212][ T4318] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  227.083695][ T5767] usb 4-1: setting power OFF
[  227.090837][ T4630] XFS (loop2): metadata I/O error in "xfs_read_agf+0x2a0/0x620" at daddr 0x1 len 1 error 74
[  227.131050][ T5767] dvb-usb: bulk message failed: -22 (2/0)
[  227.137661][ T4630] XFS (loop2): page discard on page ffffea0001440800, inode 0x29, pos 0.
[  227.159960][ T5767] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully initialized and connected.
[  227.189903][ T5767] (NULL device *): no alternate interface
[  227.191727][ T4507] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  227.208686][ T4507] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  227.248439][ T4518] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  227.263442][ T5767] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully deinitialized and disconnected.
[  227.277581][ T5767] usb 4-1: USB disconnect, device number 7
[  227.299640][ T5763] XFS (loop2): Metadata CRC error detected at xfs_agf_read_verify+0x18d/0x250, xfs_agf block 0x1 
[  227.320743][ T5763] XFS (loop2): Unmount and run xfs_repair
[  227.327322][ T5763] XFS (loop2): First 128 bytes of corrupted metadata buffer:
[  227.334897][ T5763] 00000000: 58 41 47 46 00 00 00 01 00 00 00 00 00 00 40 00  XAGF..........@.
[  227.344548][ T5763] 00000010: 00 00 00 02 00 00 00 03 00 00 00 00 00 00 00 01  ................
[  227.354172][ T5763] 00000020: 00 00 00 01 00 00 00 00 00 00 00 01 00 00 00 04  ................
[  227.365468][    T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  227.374393][ T5763] 00000030: 00 00 00 04 00 00 3f ca 00 00 3f c7 00 00 00 00  ......?...?.....
[  227.377278][    T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  227.397631][ T5763] 00000040: 9b 73 48 e5 2f a0 41 a5 95 26 c5 3a 67 8b 01 f3  .sH./.A..&.:g...
[  227.421658][ T4645] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  227.435782][ T5763] 00000050: 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00  ................
[  227.461053][ T5763] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  227.486757][ T5763] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  227.512829][ T4630] XFS (loop2): metadata I/O error in "xfs_read_agf+0x2a0/0x620" at daddr 0x1 len 1 error 74
[  227.542875][ T4630] XFS (loop2): page discard on page ffffea0001aaf240, inode 0x26, pos 1024.
[  227.607314][ T4376] loop2: writeback error on inode 38, offset 0, sector 22
[  227.619575][ T5766] XFS (loop2): Metadata CRC error detected at xfs_agf_read_verify+0x18d/0x250, xfs_agf block 0x1 
[  227.666258][ T5766] XFS (loop2): Unmount and run xfs_repair
[  227.672028][ T5766] XFS (loop2): First 128 bytes of corrupted metadata buffer:
[  227.687981][ T5875] loop5: detected capacity change from 0 to 1024
[  227.703162][ T5766] 00000000: 58 41 47 46 00 00 00 01 00 00 00 00 00 00 40 00  XAGF..........@.
[  227.712046][ T5766] 00000010: 00 00 00 02 00 00 00 03 00 00 00 00 00 00 00 01  ................
[  227.771982][ T5766] 00000020: 00 00 00 01 00 00 00 00 00 00 00 01 00 00 00 04  ................
[  227.785021][ T5875] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869)
[  227.828312][ T5766] 00000030: 00 00 00 04 00 00 3f ca 00 00 3f c7 00 00 00 00  ......?...?.....
[  227.856600][ T5875] EXT4-fs (loop5): group descriptors corrupted!
[  227.868900][ T5766] 00000040: 9b 73 48 e5 2f a0 41 a5 95 26 c5 3a 67 8b 01 f3  .sH./.A..&.:g...
[  227.898765][ T5766] 00000050: 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00  ................
[  227.942712][ T5766] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  227.983172][ T5766] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  228.008394][ T4630] XFS (loop2): metadata I/O error in "xfs_read_agf+0x2a0/0x620" at daddr 0x1 len 1 error 74
[  228.013542][ T5866] loop4: detected capacity change from 0 to 32768
[  228.036090][ T4630] XFS (loop2): page discard on page ffffea0001546640, inode 0x29, pos 4096.
[  228.078739][ T4318] XFS (loop2): Metadata CRC error detected at xfs_agf_read_verify+0x18d/0x250, xfs_agf block 0x1 
[  228.093172][ T5594] usb 4-1: new low-speed USB device number 8 using dummy_hcd
[  228.138982][ T4318] XFS (loop2): Unmount and run xfs_repair
[  228.166233][ T4318] XFS (loop2): First 128 bytes of corrupted metadata buffer:
[  228.185848][ T4318] 00000000: 58 41 47 46 00 00 00 01 00 00 00 00 00 00 40 00  XAGF..........@.
[  228.213189][ T4318] 00000010: 00 00 00 02 00 00 00 03 00 00 00 00 00 00 00 01  ................
[  228.232520][ T4318] 00000020: 00 00 00 01 00 00 00 00 00 00 00 01 00 00 00 04  ................
[  228.241780][ T4318] 00000030: 00 00 00 04 00 00 3f ca 00 00 3f c7 00 00 00 00  ......?...?.....
[  228.251586][ T4318] 00000040: 9b 73 48 e5 2f a0 41 a5 95 26 c5 3a 67 8b 01 f3  .sH./.A..&.:g...
[  228.261872][ T4318] 00000050: 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00  ................
[  228.293702][ T4318] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  228.302628][ T4318] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  228.314629][ T5594] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  228.331162][ T5594] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 32, setting to 8
[  228.343094][ T4630] XFS (loop2): metadata I/O error in "xfs_read_agf+0x2a0/0x620" at daddr 0x1 len 1 error 74
[  228.360830][ T4630] XFS (loop2): page discard on page ffffea0001440640, inode 0x29, pos 8192.
[  228.370360][ T5594] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  228.388126][ T5594] usb 4-1: New USB device found, idVendor=056a, idProduct=0326, bcdDevice= 0.00
[  228.397727][ T5594] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  228.411834][ T4376] XFS (loop2): Metadata CRC error detected at xfs_agf_read_verify+0x18d/0x250, xfs_agf block 0x1 
[  228.411970][ T5866] XFS (loop4): Mounting V5 Filesystem
[  228.431045][ T5594] usb 4-1: config 0 descriptor??
[  228.443122][ T4376] XFS (loop2): Unmount and run xfs_repair
[  228.450240][ T5879] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  228.469340][ T4376] XFS (loop2): First 128 bytes of corrupted metadata buffer:
[  228.488093][ T4376] 00000000: 58 41 47 46 00 00 00 01 00 00 00 00 00 00 40 00  XAGF..........@.
[  228.499016][ T4376] 00000010: 00 00 00 02 00 00 00 03 00 00 00 00 00 00 00 01  ................
[  228.508627][ T4376] 00000020: 00 00 00 01 00 00 00 00 00 00 00 01 00 00 00 04  ................
[  228.522538][ T4376] 00000030: 00 00 00 04 00 00 3f ca 00 00 3f c7 00 00 00 00  ......?...?.....
[  228.538394][ T4376] 00000040: 9b 73 48 e5 2f a0 41 a5 95 26 c5 3a 67 8b 01 f3  .sH./.A..&.:g...
[  228.549380][ T4376] 00000050: 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00  ................
[  228.560246][ T4376] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  228.570422][ T4376] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  228.579834][ T4630] XFS (loop2): metadata I/O error in "xfs_read_agf+0x2a0/0x620" at daddr 0x1 len 1 error 74
[  228.594210][ T4630] XFS (loop2): page discard on page ffffea000144a4c0, inode 0x29, pos 12288.
[  228.618987][ T5767] XFS (loop2): Metadata CRC error detected at xfs_agf_read_verify+0x18d/0x250, xfs_agf block 0x1 
[  228.631844][ T5866] XFS (loop4): Ending clean mount
[  228.651536][ T5767] XFS (loop2): Unmount and run xfs_repair
[  228.657655][ T5767] XFS (loop2): First 128 bytes of corrupted metadata buffer:
[  228.678117][ T5767] 00000000: 58 41 47 46 00 00 00 01 00 00 00 00 00 00 40 00  XAGF..........@.
[  228.712873][ T5767] 00000010: 00 00 00 02 00 00 00 03 00 00 00 00 00 00 00 01  ................
[  228.727922][ T5767] 00000020: 00 00 00 01 00 00 00 00 00 00 00 01 00 00 00 04  ................
[  228.737108][ T5767] 00000030: 00 00 00 04 00 00 3f ca 00 00 3f c7 00 00 00 00  ......?...?.....
[  228.746063][ T4318] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  228.758750][ T5767] 00000040: 9b 73 48 e5 2f a0 41 a5 95 26 c5 3a 67 8b 01 f3  .sH./.A..&.:g...
[  228.767983][ T5767] 00000050: 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00  ................
[  228.780746][ T5767] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  228.791552][ T5767] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  228.805201][ T4630] XFS (loop2): metadata I/O error in "xfs_read_agf+0x2a0/0x620" at daddr 0x1 len 1 error 74
[  228.816211][ T4630] XFS (loop2): page discard on page ffffea00014da800, inode 0x29, pos 16384.
[  228.824459][ T5866] XFS (loop4): Quotacheck needed: Please wait.
[  228.831520][    T7] XFS (loop2): Metadata CRC error detected at xfs_agf_read_verify+0x18d/0x250, xfs_agf block 0x1 
[  228.852580][    T7] XFS (loop2): Unmount and run xfs_repair
[  228.888861][ T5594] wacom 0003:056A:0326.0003: ignoring exceeding usage max
[  228.902858][    T7] XFS (loop2): First 128 bytes of corrupted metadata buffer:
[  228.917178][    T7] 00000000: 58 41 47 46 00 00 00 01 00 00 00 00 00 00 40 00  XAGF..........@.
[  228.938905][ T5594] wacom 0003:056A:0326.0003: Unknown device_type for 'HID 056a:0326'. Ignoring.
[  228.948345][ T4318] usb 6-1: Using ep0 maxpacket: 16
[  228.955608][ T4318] usb 6-1: config 0 has an invalid interface number: 8 but max is 0
[  228.973162][ T4318] usb 6-1: config 0 has no interface number 0
[  228.979692][    T7] 00000010: 00 00 00 02 00 00 00 03 00 00 00 00 00 00 00 01  ................
[  228.991762][ T4318] usb 6-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  229.012374][    T7] 00000020: 00 00 00 01 00 00 00 00 00 00 00 01 00 00 00 04  ................
[  229.029703][ T4318] usb 6-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  229.040044][    T7] 00000030: 00 00 00 04 00 00 3f ca 00 00 3f c7 00 00 00 00  ......?...?.....
[  229.049481][    T7] 00000040: 9b 73 48 e5 2f a0 41 a5 95 26 c5 3a 67 8b 01 f3  .sH./.A..&.:g...
[  229.060251][    T7] 00000050: 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00  ................
[  229.070205][    T7] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  229.083442][ T4318] usb 6-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f
[  229.092500][ T4318] usb 6-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3
[  229.113152][    T7] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  229.123502][ T4630] XFS (loop2): metadata I/O error in "xfs_read_agf+0x2a0/0x620" at daddr 0x1 len 1 error 74
[  229.138330][ T4318] usb 6-1: Product: syz
[  229.142516][ T4318] usb 6-1: SerialNumber: syz
[  229.147683][ T4630] XFS (loop2): page discard on page ffffea000156cc80, inode 0x29, pos 20480.
[  229.175125][ T4318] usb 6-1: config 0 descriptor??
[  229.182093][ T5763] XFS (loop2): Metadata CRC error detected at xfs_agf_read_verify+0x18d/0x250, xfs_agf block 0x1 
[  229.182946][ T5866] XFS (loop4): Quotacheck: Done.
[  229.198555][ T5594] usb 4-1: USB disconnect, device number 8
[  229.212208][ T4318] cm109 6-1:0.8: invalid payload size 0, expected 4
[  229.212536][ T5763] XFS (loop2): Unmount and run xfs_repair
[  229.237795][ T4318] input: CM109 USB driver as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.8/input/input12
[  229.277537][ T5763] XFS (loop2): First 128 bytes of corrupted metadata buffer:
[  229.305052][ T5763] 00000000: 58 41 47 46 00 00 00 01 00 00 00 00 00 00 40 00  XAGF..........@.
[  229.323250][ T5763] 00000010: 00 00 00 02 00 00 00 03 00 00 00 00 00 00 00 01  ................
[  229.343799][ T5763] 00000020: 00 00 00 01 00 00 00 00 00 00 00 01 00 00 00 04  ................
[  229.383526][ T5763] 00000030: 00 00 00 04 00 00 3f ca 00 00 3f c7 00 00 00 00  ......?...?.....
[  229.392501][ T5763] 00000040: 9b 73 48 e5 2f a0 41 a5 95 26 c5 3a 67 8b 01 f3  .sH./.A..&.:g...
[  229.422201][ T5763] 00000050: 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00  ................
[  229.449517][    C0] cm109 6-1:0.8: cm109_urb_ctl_callback: urb status -71
[  229.452581][ T5763] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  229.463285][    C0] cm109 6-1:0.8: cm109_urb_ctl_callback: urb status -71
[  229.473185][    C0] cm109 6-1:0.8: cm109_urb_ctl_callback: urb status -71
[  229.480354][    C0] cm109 6-1:0.8: cm109_urb_ctl_callback: urb status -71
[  229.491486][ T5594] usb 6-1: USB disconnect, device number 2
[  229.503423][ T5763] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  229.505324][    C0] cm109 6-1:0.8: cm109_urb_ctl_callback: urb status -71
[  229.519237][    C0] cm109 6-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19
[  229.530777][ T4630] XFS (loop2): metadata I/O error in "xfs_read_agf+0x2a0/0x620" at daddr 0x1 len 1 error 74
[  229.546597][ T5594] cm109 6-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19
[  229.551516][ T4630] XFS (loop2): page discard on page ffffea000156ccc0, inode 0x29, pos 24576.
[  229.607975][ T5763] XFS (loop2): Metadata CRC error detected at xfs_agf_read_verify+0x18d/0x250, xfs_agf block 0x1 
[  229.621592][ T5763] XFS (loop2): Unmount and run xfs_repair
[  229.623514][ T4266] XFS (loop4): Unmounting Filesystem
[  229.653534][ T5763] XFS (loop2): First 128 bytes of corrupted metadata buffer:
[  229.662808][ T5763] 00000000: 58 41 47 46 00 00 00 01 00 00 00 00 00 00 40 00  XAGF..........@.
[  229.690857][ T5763] 00000010: 00 00 00 02 00 00 00 03 00 00 00 00 00 00 00 01  ................
[  229.710197][ T5763] 00000020: 00 00 00 01 00 00 00 00 00 00 00 01 00 00 00 04  ................
[  229.766294][ T5763] 00000030: 00 00 00 04 00 00 3f ca 00 00 3f c7 00 00 00 00  ......?...?.....
[  229.798567][ T5763] 00000040: 9b 73 48 e5 2f a0 41 a5 95 26 c5 3a 67 8b 01 f3  .sH./.A..&.:g...
[  229.822620][ T5907] loop1: detected capacity change from 0 to 32768
[  229.840240][ T5763] 00000050: 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00  ................
[  229.889859][ T5763] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  229.930827][ T5763] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  229.963523][ T4630] XFS (loop2): metadata I/O error in "xfs_read_agf+0x2a0/0x620" at daddr 0x1 len 1 error 74
[  229.986114][ T4630] XFS (loop2): page discard on page ffffea00014b1cc0, inode 0x29, pos 28672.
[  229.987782][ T5907] XFS (loop1): Mounting V5 Filesystem
[  230.103146][ T5767] XFS (loop2): Metadata CRC error detected at xfs_agf_read_verify+0x18d/0x250, xfs_agf block 0x1 
[  230.163305][ T5767] XFS (loop2): Unmount and run xfs_repair
[  230.204427][ T5767] XFS (loop2): First 128 bytes of corrupted metadata buffer:
[  230.262613][ T5767] 00000000: 58 41 47 46 00 00 00 01 00 00 00 00 00 00 40 00  XAGF..........@.
[  230.317426][ T5767] 00000010: 00 00 00 02 00 00 00 03 00 00 00 00 00 00 00 01  ................
[  230.348282][ T5931] loop4: detected capacity change from 0 to 512
[  230.353070][ T5767] 00000020: 00 00 00 01 00 00 00 00 00 00 00 01 00 00 00 04  ................
[  230.369448][ T5931] EXT4-fs: Ignoring removed nomblk_io_submit option
[  230.381442][ T5928] loop5: detected capacity change from 0 to 4096
[  230.395934][ T5767] 00000030: 00 00 00 04 00 00 3f ca 00 00 3f c7 00 00 00 00  ......?...?.....
[  230.406464][ T5767] 00000040: 9b 73 48 e5 2f a0 41 a5 95 26 c5 3a 67 8b 01 f3  .sH./.A..&.:g...
[  230.429023][ T5767] 00000050: 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00  ................
[  230.429894][ T5931] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  230.437954][ T5928] ntfs3: loop5: Different NTFS' sector size (1024) and media sector size (512)
[  230.438344][ T5767] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  230.464507][ T5767] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  230.473612][ T4630] XFS (loop2): metadata I/O error in "xfs_read_agf+0x2a0/0x620" at daddr 0x1 len 1 error 74
[  230.474078][ T5931] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8802c01d, mo2=0102]
[  230.490613][ T5907] XFS (loop1): Ending clean mount
[  230.493263][ T5931] EXT4-fs (loop4): couldn't mount RDWR because of unsupported optional features (80)
[  230.507911][ T5931] EXT4-fs (loop4): Skipping orphan cleanup due to unknown ROCOMPAT features
[  230.516864][ T5931] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  230.526314][ T4630] XFS (loop2): page discard on page ffffea0001588280, inode 0x29, pos 32768.
[  230.537443][ T5767] XFS (loop2): Metadata CRC error detected at xfs_agf_read_verify+0x18d/0x250, xfs_agf block 0x1 
[  230.552406][ T5767] XFS (loop2): Unmount and run xfs_repair
[  230.559168][ T5767] XFS (loop2): First 128 bytes of corrupted metadata buffer:
[  230.566737][ T5767] 00000000: 58 41 47 46 00 00 00 01 00 00 00 00 00 00 40 00  XAGF..........@.
[  230.586424][ T5767] 00000010: 00 00 00 02 00 00 00 03 00 00 00 00 00 00 00 01  ................
[  230.601496][ T5767] 00000020: 00 00 00 01 00 00 00 00 00 00 00 01 00 00 00 04  ................
[  230.610701][ T5767] 00000030: 00 00 00 04 00 00 3f ca 00 00 3f c7 00 00 00 00  ......?...?.....
[  230.618959][ T5928] ntfs3: loop5: ntfs3_write_inode r=1e failed, -22.
[  230.626045][ T5767] 00000040: 9b 73 48 e5 2f a0 41 a5 95 26 c5 3a 67 8b 01 f3  .sH./.A..&.:g...
[  230.644536][ T5767] 00000050: 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00  ................
[  230.693655][ T5767] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  230.702550][ T5767] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  230.749462][ T4318] XFS (loop2): Metadata CRC error detected at xfs_agf_read_verify+0x18d/0x250, xfs_agf block 0x1 
[  230.749961][ T4266] EXT4-fs (loop4): unmounting filesystem.
[  230.786138][ T5464] ntfs3: loop5: ntfs_evict_inode r=1e failed, -22.
[  230.797159][ T4318] XFS (loop2): Unmount and run xfs_repair
[  230.823118][ T5464] ntfs3: loop5: Mark volume as dirty due to NTFS errors
[  230.831453][ T4318] XFS (loop2): First 128 bytes of corrupted metadata buffer:
[  230.845980][ T5939] loop3: detected capacity change from 0 to 256
[  230.854185][ T4318] 00000000: 58 41 47 46 00 00 00 01 00 00 00 00 00 00 40 00  XAGF..........@.
[  230.895407][ T4318] 00000010: 00 00 00 02 00 00 00 03 00 00 00 00 00 00 00 01  ................
[  230.933293][ T4318] 00000020: 00 00 00 01 00 00 00 00 00 00 00 01 00 00 00 04  ................
[  230.946146][ T5939] FAT-fs (loop3): Directory bread(block 64) failed
[  230.957277][ T5939] FAT-fs (loop3): Directory bread(block 65) failed
[  230.972145][ T4318] 00000030: 00 00 00 04 00 00 3f ca 00 00 3f c7 00 00 00 00  ......?...?.....
[  230.976190][ T5943] loop5: detected capacity change from 0 to 256
[  231.005993][ T5939] FAT-fs (loop3): Directory bread(block 66) failed
[  231.432310][ T5939] FAT-fs (loop3): Directory bread(block 67) failed
[  231.453235][ T5939] FAT-fs (loop3): Directory bread(block 68) failed
[  231.458717][ T4318] 00000040: 9b 73 48 e5 2f a0 41 a5 95 26 c5 3a 67 8b 01 f3  .sH./.A..&.:g...
[  231.469499][ T4318] 00000050: 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00  ................
[  231.477828][ T5939] FAT-fs (loop3): Directory bread(block 69) failed
[  231.478972][ T4318] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  231.494242][ T4318] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  231.503668][ T5939] FAT-fs (loop3): Directory bread(block 70) failed
[  231.511317][ T5943] exfat: Deprecated parameter 'utf8'
[  231.522386][ T5943] exfat: Deprecated parameter 'utf8'
[  231.529444][ T5767] XFS (loop2): Metadata CRC error detected at xfs_agf_read_verify+0x18d/0x250, xfs_agf block 0x1 
[  231.530721][ T5907] XFS (loop1): Quotacheck needed: Please wait.
[  231.554399][ T5939] FAT-fs (loop3): Directory bread(block 71) failed
[  231.561293][ T5939] FAT-fs (loop3): Directory bread(block 72) failed
[  231.562691][ T5767] XFS (loop2): Unmount and run xfs_repair
[  231.575583][ T5939] FAT-fs (loop3): Directory bread(block 73) failed
[  231.594271][ T5943] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d)
[  231.625734][ T5767] XFS (loop2): First 128 bytes of corrupted metadata buffer:
[  231.654034][ T5767] 00000000: 58 41 47 46 00 00 00 01 00 00 00 00 00 00 40 00  XAGF..........@.
[  231.662931][ T5767] 00000010: 00 00 00 02 00 00 00 03 00 00 00 00 00 00 00 01  ................
[  231.713176][ T5767] 00000020: 00 00 00 01 00 00 00 00 00 00 00 01 00 00 00 04  ................
[  231.743637][ T5767] 00000030: 00 00 00 04 00 00 3f ca 00 00 3f c7 00 00 00 00  ......?...?.....
[  231.752545][ T5767] 00000040: 9b 73 48 e5 2f a0 41 a5 95 26 c5 3a 67 8b 01 f3  .sH./.A..&.:g...
[  231.789162][ T5767] 00000050: 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00  ................
[  231.825759][ T5767] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  231.826973][ T5950] loop3: detected capacity change from 0 to 1024
[  231.839357][ T5767] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  231.871799][ T5763] XFS (loop2): Metadata CRC error detected at xfs_agf_read_verify+0x18d/0x250, xfs_agf block 0x1 
[  231.910409][ T5763] XFS (loop2): Unmount and run xfs_repair
[  231.925804][ T5763] XFS (loop2): First 128 bytes of corrupted metadata buffer:
[  231.938099][ T5950] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  231.943553][ T5763] 00000000: 58 41 47 46 00 00 00 01 00 00 00 00 00 00 40 00  XAGF..........@.
[  231.949879][ T5950] ext4 filesystem being mounted at /77/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  231.975812][ T5763] 00000010: 00 00 00 02 00 00 00 03 00 00 00 00 00 00 00 01  ................
[  231.997273][ T5763] 00000020: 00 00 00 01 00 00 00 00 00 00 00 01 00 00 00 04  ................
[  232.018984][ T5763] 00000030: 00 00 00 04 00 00 3f ca 00 00 3f c7 00 00 00 00  ......?...?.....
[  232.039569][ T5763] 00000040: 9b 73 48 e5 2f a0 41 a5 95 26 c5 3a 67 8b 01 f3  .sH./.A..&.:g...
[  232.051598][ T5950] EXT4-fs error (device loop3): ext4_map_blocks:745: inode #15: block 3: comm syz.3.346: lblock 3 mapped to illegal pblock 3 (length 1)
[  232.059846][ T5763] 00000050: 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00  ................
[  232.080183][ T5763] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  232.081746][ T5950] EXT4-fs (loop3): Remounting filesystem read-only
[  232.089728][ T5763] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  232.110915][ T5767] XFS (loop2): Metadata CRC error detected at xfs_agf_read_verify+0x18d/0x250, xfs_agf block 0x1 
[  232.125150][ T5767] XFS (loop2): Unmount and run xfs_repair
[  232.125949][ T5950] EXT4-fs error (device loop3): ext4_ext_remove_space:2930: inode #15: comm syz.3.346: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0)
[  232.130884][ T5767] XFS (loop2): First 128 bytes of corrupted metadata buffer:
[  232.130903][ T5767] 00000000: 58 41 47 46 00 00 00 01 00 00 00 00 00 00 40 00  XAGF..........@.
[  232.130916][ T5767] 00000010: 00 00 00 02 00 00 00 03 00 00 00 00 00 00 00 01  ................
[  232.130928][ T5767] 00000020: 00 00 00 01 00 00 00 00 00 00 00 01 00 00 00 04  ................
[  232.130939][ T5767] 00000030: 00 00 00 04 00 00 3f ca 00 00 3f c7 00 00 00 00  ......?...?.....
[  232.130950][ T5767] 00000040: 9b 73 48 e5 2f a0 41 a5 95 26 c5 3a 67 8b 01 f3  .sH./.A..&.:g...
[  232.130963][ T5767] 00000050: 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00  ................
[  232.130973][ T5767] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  232.130984][ T5767] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  232.132623][ T5763] XFS (loop2): Metadata CRC error detected at xfs_agf_read_verify+0x18d/0x250, xfs_agf block 0x1 
[  232.203928][ T5950] EXT4-fs (loop3): Remounting filesystem read-only
[  232.218379][ T5763] XFS (loop2): Unmount and run xfs_repair
[  232.258069][ T5907] XFS (loop1): Quotacheck: Done.
[  232.292900][ T4268] XFS (loop1): Unmounting Filesystem
[  232.328913][ T5763] XFS (loop2): First 128 bytes of corrupted metadata buffer:
[  232.336466][ T5763] 00000000: 58 41 47 46 00 00 00 01 00 00 00 00 00 00 40 00  XAGF..........@.
[  232.346459][ T5962] loop4: detected capacity change from 0 to 256
[  232.358219][ T5962] exfat: Deprecated parameter 'utf8'
[  232.363650][ T5763] 00000010: 00 00 00 02 00 00 00 03 00 00 00 00 00 00 00 01  ................
[  232.384837][ T5962] exfat: Deprecated parameter 'utf8'
[  232.390195][ T5962] exfat: Deprecated parameter 'namecase'
[  232.406175][ T5763] 00000020: 00 00 00 01 00 00 00 00 00 00 00 01 00 00 00 04  ................
[  232.438591][ T5763] 00000030: 00 00 00 04 00 00 3f ca 00 00 3f c7 00 00 00 00  ......?...?.....
[  232.441068][ T4276] EXT4-fs (loop3): unmounting filesystem.
[  232.448031][ T5763] 00000040: 9b 73 48 e5 2f a0 41 a5 95 26 c5 3a 67 8b 01 f3  .sH./.A..&.:g...
[  232.466933][ T5962] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d)
[  232.503842][ T5763] 00000050: 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00  ................
[  232.517912][ T5763] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  232.539299][ T5763] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  232.562793][ T4630] xfs_discard_folio: 5 callbacks suppressed
[  232.562806][ T4630] XFS (loop2): page discard on page ffffea0001448980, inode 0x29, pos 57344.
[  232.635924][ T5767] XFS (loop2): Metadata CRC error detected at xfs_agf_read_verify+0x18d/0x250, xfs_agf block 0x1 
[  232.661054][ T5965] loop4: detected capacity change from 0 to 1024
[  232.677028][ T5767] XFS (loop2): Unmount and run xfs_repair
[  232.702875][ T5767] XFS (loop2): First 128 bytes of corrupted metadata buffer:
[  232.722014][ T5767] 00000000: 58 41 47 46 00 00 00 01 00 00 00 00 00 00 40 00  XAGF..........@.
[  232.742458][ T5767] 00000010: 00 00 00 02 00 00 00 03 00 00 00 00 00 00 00 01  ................
[  232.793233][ T5767] 00000020: 00 00 00 01 00 00 00 00 00 00 00 01 00 00 00 04  ................
[  232.812340][ T5767] 00000030: 00 00 00 04 00 00 3f ca 00 00 3f c7 00 00 00 00  ......?...?.....
[  232.832586][ T5767] 00000040: 9b 73 48 e5 2f a0 41 a5 95 26 c5 3a 67 8b 01 f3  .sH./.A..&.:g...
[  232.852995][ T5767] 00000050: 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00  ................
[  232.865313][ T5767] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  232.874566][ T5767] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  232.884113][ T4630] XFS (loop2): page discard on page ffffea0001459ec0, inode 0x29, pos 61440.
[  232.977499][    T7] XFS (loop2): Metadata CRC error detected at xfs_agf_read_verify+0x18d/0x250, xfs_agf block 0x1 
[  232.992132][ T5974] loop4: detected capacity change from 0 to 256
[  233.007584][    T7] XFS (loop2): Unmount and run xfs_repair
[  233.031762][    T7] XFS (loop2): First 128 bytes of corrupted metadata buffer:
[  233.060123][ T5974] FAT-fs (loop4): Directory bread(block 64) failed
[  233.070003][    T7] 00000000: 58 41 47 46 00 00 00 01 00 00 00 00 00 00 40 00  XAGF..........@.
[  233.079004][ T5974] FAT-fs (loop4): Directory bread(block 65) failed
[  233.079120][ T5974] FAT-fs (loop4): Directory bread(block 66) failed
[  233.079144][ T5974] FAT-fs (loop4): Directory bread(block 67) failed
[  233.079208][ T5974] FAT-fs (loop4): Directory bread(block 68) failed
[  233.079230][ T5974] FAT-fs (loop4): Directory bread(block 69) failed
[  233.079290][ T5974] FAT-fs (loop4): Directory bread(block 70) failed
[  233.079315][ T5974] FAT-fs (loop4): Directory bread(block 71) failed
[  233.103124][    T7] 00000010: 00 00 00 02 00 00 00 03 00 00 00 00 00 00 00 01  ................
[  233.135175][ T5974] FAT-fs (loop4): Directory bread(block 72) failed
[  233.141997][ T4318] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  233.154759][ T5974] FAT-fs (loop4): Directory bread(block 73) failed
[  233.187844][    T7] 00000020: 00 00 00 01 00 00 00 00 00 00 00 01 00 00 00 04  ................
[  233.199335][    T7] 00000030: 00 00 00 04 00 00 3f ca 00 00 3f c7 00 00 00 00  ......?...?.....
[  233.210477][    T7] 00000040: 9b 73 48 e5 2f a0 41 a5 95 26 c5 3a 67 8b 01 f3  .sH./.A..&.:g...
[  233.231450][    T7] 00000050: 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00  ................
[  233.266411][    T7] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  233.279732][    T7] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  233.289873][ T4630] XFS (loop2): page discard on page ffffea00013aa580, inode 0x26, pos 4096.
[  233.311449][ T5763] XFS (loop2): Metadata CRC error detected at xfs_agf_read_verify+0x18d/0x250, xfs_agf block 0x1 
[  233.329471][ T5763] XFS (loop2): Unmount and run xfs_repair
[  233.357265][ T5763] XFS (loop2): First 128 bytes of corrupted metadata buffer:
[  233.360400][ T4318] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  233.383743][ T5763] 00000000: 58 41 47 46 00 00 00 01 00 00 00 00 00 00 40 00  XAGF..........@.
[  233.402976][ T4318] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  233.408403][ T5763] 00000010: 00 00 00 02 00 00 00 03 00 00 00 00 00 00 00 01  ................
[  233.427206][ T4318] usb 4-1: New USB device found, idVendor=046d, idProduct=c295, bcdDevice= 0.00
[  233.451187][ T5981] loop4: detected capacity change from 0 to 1024
[  233.462332][ T5763] 00000020: 00 00 00 01 00 00 00 00 00 00 00 01 00 00 00 04  ................
[  233.463635][ T4318] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  233.482549][ T5763] 00000030: 00 00 00 04 00 00 3f ca 00 00 3f c7 00 00 00 00  ......?...?.....
[  233.510046][ T5981] EXT4-fs: Ignoring removed bh option
[  233.510263][ T5763] 00000040: 9b 73 48 e5 2f a0 41 a5 95 26 c5 3a 67 8b 01 f3  .sH./.A..&.:g...
[  233.537072][ T4318] usb 4-1: config 0 descriptor??
[  233.582726][ T5763] 00000050: 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00  ................
[  233.601987][ T5981] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  233.602366][ T5763] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  233.625995][ T5763] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  233.636586][ T4630] XFS (loop2): page discard on page ffffea0001475b80, inode 0x26, pos 8192.
[  233.655594][ T5594] XFS (loop2): Metadata CRC error detected at xfs_agf_read_verify+0x18d/0x250, xfs_agf block 0x1 
[  233.688411][ T5594] XFS (loop2): Unmount and run xfs_repair
[  233.709254][   T26] audit: type=1800 audit(1754638733.946:277): pid=5981 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.354" name="bus" dev="loop4" ino=18 res=0 errno=0
[  233.716375][ T5594] XFS (loop2): First 128 bytes of corrupted metadata buffer:
[  233.752581][ T5981] EXT4-fs error (device loop4): mb_free_blocks:1815: group 0, inode 18: block 113:freeing already freed block (bit 7); block bitmap corrupt.
[  233.776314][ T5981] EXT4-fs (loop4): Remounting filesystem read-only
[  233.974294][ T4284] Bluetooth: hci1: command 0x0401 tx timeout
[  234.235894][ T5594] 00000000: 58 41 47 46 00 00 00 01 00 00 00 00 00 00 40 00  XAGF..........@.
[  234.247513][ T5594] 00000010: 00 00 00 02 00 00 00 03 00 00 00 00 00 00 00 01  ................
[  234.258764][ T4318] logitech 0003:046D:C295.0004: item fetching failed at offset 5/7
[  234.267049][ T5594] 00000020: 00 00 00 01 00 00 00 00 00 00 00 01 00 00 00 04  ................
[  234.287631][ T4318] logitech 0003:046D:C295.0004: parse failed
[  234.301357][ T4318] logitech: probe of 0003:046D:C295.0004 failed with error -22
[  234.311436][ T5594] 00000030: 00 00 00 04 00 00 3f ca 00 00 3f c7 00 00 00 00  ......?...?.....
[  234.342829][ T5594] 00000040: 9b 73 48 e5 2f a0 41 a5 95 26 c5 3a 67 8b 01 f3  .sH./.A..&.:g...
[  234.356225][ T5594] 00000050: 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00  ................
[  234.366378][ T5594] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  234.375500][ T5594] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  234.385142][ T4630] XFS (loop2): page discard on page ffffea000142a4c0, inode 0x26, pos 12288.
[  234.396615][ T5763] XFS (loop2): Metadata CRC error detected at xfs_agf_read_verify+0x18d/0x250, xfs_agf block 0x1 
[  234.401517][ T4266] EXT4-fs (loop4): unmounting filesystem.
[  234.407880][ T5763] XFS (loop2): Unmount and run xfs_repair
[  234.420406][ T5763] XFS (loop2): First 128 bytes of corrupted metadata buffer:
[  234.428038][ T5763] 00000000: 58 41 47 46 00 00 00 01 00 00 00 00 00 00 40 00  XAGF..........@.
[  234.437884][ T5763] 00000010: 00 00 00 02 00 00 00 03 00 00 00 00 00 00 00 01  ................
[  234.449122][ T5763] 00000020: 00 00 00 01 00 00 00 00 00 00 00 01 00 00 00 04  ................
[  234.522236][ T5763] 00000030: 00 00 00 04 00 00 3f ca 00 00 3f c7 00 00 00 00  ......?...?.....
[  234.555719][ T5594] usb 4-1: USB disconnect, device number 9
[  234.578332][ T5763] 00000040: 9b 73 48 e5 2f a0 41 a5 95 26 c5 3a 67 8b 01 f3  .sH./.A..&.:g...
[  234.607729][ T5763] 00000050: 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00  ................
[  234.616723][ T5763] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  234.630033][ T5763] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  234.639281][ T4630] XFS (loop2): page discard on page ffffea00014ab840, inode 0x26, pos 16384.
[  234.668531][    T7] XFS (loop2): Metadata CRC error detected at xfs_agf_read_verify+0x18d/0x250, xfs_agf block 0x1 
[  234.694408][    T7] XFS (loop2): Unmount and run xfs_repair
[  234.700814][    T7] XFS (loop2): First 128 bytes of corrupted metadata buffer:
[  234.724091][    T7] 00000000: 58 41 47 46 00 00 00 01 00 00 00 00 00 00 40 00  XAGF..........@.
[  234.756156][    T7] 00000010: 00 00 00 02 00 00 00 03 00 00 00 00 00 00 00 01  ................
[  234.784376][    T7] 00000020: 00 00 00 01 00 00 00 00 00 00 00 01 00 00 00 04  ................
[  234.809870][    T7] 00000030: 00 00 00 04 00 00 3f ca 00 00 3f c7 00 00 00 00  ......?...?.....
[  234.829371][    T7] 00000040: 9b 73 48 e5 2f a0 41 a5 95 26 c5 3a 67 8b 01 f3  .sH./.A..&.:g...
[  234.849641][    T7] 00000050: 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00  ................
[  234.867985][ T6000] loop5: detected capacity change from 0 to 64
[  234.874428][    T7] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  234.877650][ T5998] loop1: detected capacity change from 0 to 4096
[  234.884735][    T7] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  234.931148][ T4630] XFS (loop2): page discard on page ffffea0001567cc0, inode 0x26, pos 20480.
[  234.957294][ T5766] XFS (loop2): Metadata CRC error detected at xfs_agf_read_verify+0x18d/0x250, xfs_agf block 0x1 
[  234.994326][ T5766] XFS (loop2): Unmount and run xfs_repair
[  235.000125][ T5766] XFS (loop2): First 128 bytes of corrupted metadata buffer:
[  235.030816][ T5766] 00000000: 58 41 47 46 00 00 00 01 00 00 00 00 00 00 40 00  XAGF..........@.
[  235.047078][ T5766] 00000010: 00 00 00 02 00 00 00 03 00 00 00 00 00 00 00 01  ................
[  235.064048][ T6003] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  235.075773][ T5766] 00000020: 00 00 00 01 00 00 00 00 00 00 00 01 00 00 00 04  ................
[  235.085427][ T5766] 00000030: 00 00 00 04 00 00 3f ca 00 00 3f c7 00 00 00 00  ......?...?.....
[  235.138229][ T5766] 00000040: 9b 73 48 e5 2f a0 41 a5 95 26 c5 3a 67 8b 01 f3  .sH./.A..&.:g...
[  235.162300][ T5766] 00000050: 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00  ................
[  235.200338][ T5766] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  235.211908][ T5766] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  235.225806][ T4630] XFS (loop2): page discard on page ffffea0001544f80, inode 0x26, pos 24576.
[  235.227423][ T6005] loop3: detected capacity change from 0 to 8
[  235.244528][ T5594] XFS (loop2): Metadata CRC error detected at xfs_agf_read_verify+0x18d/0x250, xfs_agf block 0x1 
[  235.275437][ T6005] MTD: Attempt to mount non-MTD device "/dev/loop3"
[  235.283608][ T5594] XFS (loop2): Unmount and run xfs_repair
[  235.289361][ T5594] XFS (loop2): First 128 bytes of corrupted metadata buffer:
[  235.298971][ T4928] udevd[4928]: incorrect cramfs checksum on /dev/loop3
[  235.321938][ T5993] loop4: detected capacity change from 0 to 40427
[  235.348732][ T5993] F2FS-fs (loop4): build fault injection attr: rate: 693, type: 0x3ffff
[  235.352090][ T5594] 00000000: 58 41 47 46 00 00 00 01 00 00 00 00 00 00 40 00  XAGF..........@.
[  235.391324][ T5594] 00000010: 00 00 00 02 00 00 00 03 00 00 00 00 00 00 00 01  ................
[  235.392434][ T5993] F2FS-fs (loop4): invalid crc value
[  235.413124][ T5594] 00000020: 00 00 00 01 00 00 00 00 00 00 00 01 00 00 00 04  ................
[  235.431287][ T5594] 00000030: 00 00 00 04 00 00 3f ca 00 00 3f c7 00 00 00 00  ......?...?.....
[  235.441292][ T5594] 00000040: 9b 73 48 e5 2f a0 41 a5 95 26 c5 3a 67 8b 01 f3  .sH./.A..&.:g...
[  235.450315][ T5594] 00000050: 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00  ................
[  235.459488][ T5594] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  235.468630][ T5594] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  235.478566][ T4630] XFS (loop2): page discard on page ffffea0001549500, inode 0x26, pos 28672.
[  235.494352][ T5993] F2FS-fs (loop4): Found nat_bits in checkpoint
[  235.498023][ T4332] XFS (loop2): Metadata CRC error detected at xfs_agf_read_verify+0x18d/0x250, xfs_agf block 0x1 
[  235.552160][ T4332] XFS (loop2): Unmount and run xfs_repair
[  235.560099][ T4332] XFS (loop2): First 128 bytes of corrupted metadata buffer:
[  235.609547][ T4332] 00000000: 58 41 47 46 00 00 00 01 00 00 00 00 00 00 40 00  XAGF..........@.
[  235.621133][ T4332] 00000010: 00 00 00 02 00 00 00 03 00 00 00 00 00 00 00 01  ................
[  235.634951][ T4332] 00000020: 00 00 00 01 00 00 00 00 00 00 00 01 00 00 00 04  ................
[  235.647695][ T4332] 00000030: 00 00 00 04 00 00 3f ca 00 00 3f c7 00 00 00 00  ......?...?.....
[  235.649392][ T5993] F2FS-fs (loop4): Start checkpoint disabled!
[  235.658835][ T4332] 00000040: 9b 73 48 e5 2f a0 41 a5 95 26 c5 3a 67 8b 01 f3  .sH./.A..&.:g...
[  235.681488][ T4332] 00000050: 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00  ................
[  235.691552][ T6017] loop1: detected capacity change from 0 to 512
[  235.692982][ T4332] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  235.707811][ T5993] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6
[  235.716031][ T4332] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  235.735257][ T4630] XFS (loop2): page discard on page ffffea00014739c0, inode 0x26, pos 32768.
[  235.767111][ T5594] XFS (loop2): Metadata CRC error detected at xfs_agf_read_verify+0x18d/0x250, xfs_agf block 0x1 
[  235.795784][ T6017] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  235.809496][ T5594] XFS (loop2): Unmount and run xfs_repair
[  235.827534][ T6017] ext4 filesystem being mounted at /74/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  235.838545][ T5594] XFS (loop2): First 128 bytes of corrupted metadata buffer:
[  235.852737][ T5594] 00000000: 58 41 47 46 00 00 00 01 00 00 00 00 00 00 40 00  XAGF..........@.
[  235.862217][ T5594] 00000010: 00 00 00 02 00 00 00 03 00 00 00 00 00 00 00 01  ................
[  235.875207][ T5594] 00000020: 00 00 00 01 00 00 00 00 00 00 00 01 00 00 00 04  ................
[  235.885761][ T5594] 00000030: 00 00 00 04 00 00 3f ca 00 00 3f c7 00 00 00 00  ......?...?.....
[  235.901349][ T5594] 00000040: 9b 73 48 e5 2f a0 41 a5 95 26 c5 3a 67 8b 01 f3  .sH./.A..&.:g...
[  235.916313][ T5594] 00000050: 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00  ................
[  235.928686][ T5594] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  235.939491][ T5594] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  235.949979][ T5767] XFS (loop2): Metadata CRC error detected at xfs_agf_read_verify+0x18d/0x250, xfs_agf block 0x1 
[  235.969860][ T5767] XFS (loop2): Unmount and run xfs_repair
[  235.974915][ T4268] EXT4-fs (loop1): unmounting filesystem.
[  235.976624][ T5767] XFS (loop2): First 128 bytes of corrupted metadata buffer:
[  235.989073][ T5767] 00000000: 58 41 47 46 00 00 00 01 00 00 00 00 00 00 40 00  XAGF..........@.
[  236.004292][ T5767] 00000010: 00 00 00 02 00 00 00 03 00 00 00 00 00 00 00 01  ................
[  236.020462][ T5767] 00000020: 00 00 00 01 00 00 00 00 00 00 00 01 00 00 00 04  ................
[  236.071336][ T5767] 00000030: 00 00 00 04 00 00 3f ca 00 00 3f c7 00 00 00 00  ......?...?.....
[  236.092229][ T5767] 00000040: 9b 73 48 e5 2f a0 41 a5 95 26 c5 3a 67 8b 01 f3  .sH./.A..&.:g...
[  236.115816][ T4387] kworker/u4:7: attempt to access beyond end of device
[  236.115816][ T4387] loop4: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  236.131806][ T5767] 00000050: 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00  ................
[  236.154976][ T5767] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  236.202089][ T5767] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  236.230170][ T5594] XFS (loop2): Metadata CRC error detected at xfs_agf_read_verify+0x18d/0x250, xfs_agf block 0x1 
[  236.266158][ T5594] XFS (loop2): Unmount and run xfs_repair
[  236.271932][ T5594] XFS (loop2): First 128 bytes of corrupted metadata buffer:
[  236.306751][ T5594] 00000000: 58 41 47 46 00 00 00 01 00 00 00 00 00 00 40 00  XAGF..........@.
[  236.347237][ T5594] 00000010: 00 00 00 02 00 00 00 03 00 00 00 00 00 00 00 01  ................
[  236.387838][ T5594] 00000020: 00 00 00 01 00 00 00 00 00 00 00 01 00 00 00 04  ................
[  236.413256][ T5594] 00000030: 00 00 00 04 00 00 3f ca 00 00 3f c7 00 00 00 00  ......?...?.....
[  236.422160][ T5594] 00000040: 9b 73 48 e5 2f a0 41 a5 95 26 c5 3a 67 8b 01 f3  .sH./.A..&.:g...
[  236.464396][ T5594] 00000050: 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00  ................
[  236.503146][ T5594] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  236.512203][ T5594] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  236.553668][    T7] XFS (loop2): Metadata CRC error detected at xfs_agf_read_verify+0x18d/0x250, xfs_agf block 0x1 
[  236.573126][    T7] XFS (loop2): Unmount and run xfs_repair
[  236.578935][    T7] XFS (loop2): First 128 bytes of corrupted metadata buffer:
[  236.603281][    T7] 00000000: 58 41 47 46 00 00 00 01 00 00 00 00 00 00 40 00  XAGF..........@.
[  236.612171][    T7] 00000010: 00 00 00 02 00 00 00 03 00 00 00 00 00 00 00 01  ................
[  236.663408][    T7] 00000020: 00 00 00 01 00 00 00 00 00 00 00 01 00 00 00 04  ................
[  236.672299][    T7] 00000030: 00 00 00 04 00 00 3f ca 00 00 3f c7 00 00 00 00  ......?...?.....
[  236.717287][    T7] 00000040: 9b 73 48 e5 2f a0 41 a5 95 26 c5 3a 67 8b 01 f3  .sH./.A..&.:g...
[  236.753087][    T7] 00000050: 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00  ................
[  236.762166][    T7] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  236.762551][ T6025] loop3: detected capacity change from 0 to 32768
[  236.813152][    T7] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  236.823438][ T6025] BTRFS: device fsid 97240a68-9a28-4597-b04c-66b27e1182f2 devid 1 transid 8 /dev/loop3 scanned by syz.3.366 (6025)
[  236.825477][ T4332] XFS (loop2): Metadata CRC error detected at xfs_agf_read_verify+0x18d/0x250, xfs_agf block 0x1 
[  236.863156][ T4332] XFS (loop2): Unmount and run xfs_repair
[  236.868924][ T4332] XFS (loop2): First 128 bytes of corrupted metadata buffer:
[  236.893150][ T4332] 00000000: 58 41 47 46 00 00 00 01 00 00 00 00 00 00 40 00  XAGF..........@.
[  236.912325][ T4332] 00000010: 00 00 00 02 00 00 00 03 00 00 00 00 00 00 00 01  ................
[  236.943165][ T4332] 00000020: 00 00 00 01 00 00 00 00 00 00 00 01 00 00 00 04  ................
[  236.961154][ T4332] 00000030: 00 00 00 04 00 00 3f ca 00 00 3f c7 00 00 00 00  ......?...?.....
[  236.983113][ T4332] 00000040: 9b 73 48 e5 2f a0 41 a5 95 26 c5 3a 67 8b 01 f3  .sH./.A..&.:g...
[  236.993379][ T5766] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  236.998433][ T4332] 00000050: 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00  ................
[  237.014379][ T6024] loop1: detected capacity change from 0 to 40427
[  237.023983][ T4332] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  237.032929][ T4332] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  237.034781][ T6024] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  237.052817][ T5594] XFS (loop2): Metadata CRC error detected at xfs_agf_read_verify+0x18d/0x250, xfs_agf block 0x1 
[  237.065522][ T5594] XFS (loop2): Unmount and run xfs_repair
[  237.071306][ T5594] XFS (loop2): First 128 bytes of corrupted metadata buffer:
[  237.076248][ T6025] BTRFS info (device loop3): first mount of filesystem 97240a68-9a28-4597-b04c-66b27e1182f2
[  237.083150][ T5594] 00000000: 58 41 47 46 00 00 00 01 00 00 00 00 00 00 40 00  XAGF..........@.
[  237.098172][ T6024] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  237.113571][ T6025] BTRFS info (device loop3): using blake2b (blake2b-256-generic) checksum algorithm
[  237.114461][ T5594] 00000010: 00 00 00 02 00 00 00 03 00 00 00 00 00 00 00 01  ................
[  237.128561][ T6025] BTRFS info (device loop3): using free space tree
[  237.160340][ T5594] 00000020: 00 00 00 01 00 00 00 00 00 00 00 01 00 00 00 04  ................
[  237.184007][ T5766] usb 6-1: Using ep0 maxpacket: 32
[  237.190283][ T5594] 00000030: 00 00 00 04 00 00 3f ca 00 00 3f c7 00 00 00 00  ......?...?.....
[  237.192182][ T5766] usb 6-1: config 0 interface 0 altsetting 128 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  237.210515][ T5594] 00000040: 9b 73 48 e5 2f a0 41 a5 95 26 c5 3a 67 8b 01 f3  .sH./.A..&.:g...
[  237.222332][ T6024] F2FS-fs (loop1): Found nat_bits in checkpoint
[  237.242537][ T5594] 00000050: 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00  ................
[  237.257436][ T5766] usb 6-1: config 0 interface 0 has no altsetting 0
[  237.275313][ T5766] usb 6-1: New USB device found, idVendor=1b1c, idProduct=0c10, bcdDevice= 0.00
[  237.285494][ T5766] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  237.289459][ T5594] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  237.296460][ T5766] usb 6-1: config 0 descriptor??
[  237.315464][ T6024] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  237.323169][ T6024] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  237.330692][ T5594] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  237.331459][ T4332] XFS (loop2): Metadata CRC error detected at xfs_agf_read_verify+0x18d/0x250, xfs_agf block 0x1 
[  237.351277][ T4332] XFS (loop2): Unmount and run xfs_repair
[  237.357182][ T4332] XFS (loop2): First 128 bytes of corrupted metadata buffer:
[  237.364954][ T4332] 00000000: 58 41 47 46 00 00 00 01 00 00 00 00 00 00 40 00  XAGF..........@.
[  237.414116][ T4332] 00000010: 00 00 00 02 00 00 00 03 00 00 00 00 00 00 00 01  ................
[  237.434844][ T4332] 00000020: 00 00 00 01 00 00 00 00 00 00 00 01 00 00 00 04  ................
[  237.457375][ T4332] 00000030: 00 00 00 04 00 00 3f ca 00 00 3f c7 00 00 00 00  ......?...?.....
[  237.462530][ T6025] BTRFS info (device loop3): enabling ssd optimizations
[  237.477611][ T4332] 00000040: 9b 73 48 e5 2f a0 41 a5 95 26 c5 3a 67 8b 01 f3  .sH./.A..&.:g...
[  237.486864][ T4332] 00000050: 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00  ................
[  237.496198][    T7] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  237.504794][ T4332] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  237.513987][ T4332] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  237.535109][ T4275] XFS (loop2): Unmounting Filesystem
[  237.593738][ T4276] BTRFS info (device loop3): last unmount of filesystem 97240a68-9a28-4597-b04c-66b27e1182f2
[  237.708733][    T7] usb 5-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  237.717344][ T5766] hid (null): report_id 33322 is invalid
[  237.721042][    T7] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  237.744739][ T5766] corsair-cpro 0003:1B1C:0C10.0005: report_id 33322 is invalid
[  237.750319][    T7] usb 5-1: config 0 descriptor??
[  237.752393][ T5766] corsair-cpro 0003:1B1C:0C10.0005: item 0 2 1 8 parsing failed
[  237.776814][    T7] cp210x 5-1:0.0: cp210x converter detected
[  237.786911][ T5766] corsair-cpro: probe of 0003:1B1C:0C10.0005 failed with error -22
[  237.929284][ T4928] BTRFS: device fsid 97240a68-9a28-4597-b04c-66b27e1182f2 devid 1 transid 8 /dev/loop3 scanned by udevd (4928)
[  237.978897][ T6068] netlink: 'syz.1.373': attribute type 7 has an invalid length.
[  237.993174][ T6068] netlink: 'syz.1.373': attribute type 8 has an invalid length.
[  238.004059][ T6069] usb 6-1: USB disconnect, device number 3
[  238.249292][ T6076] loop1: detected capacity change from 0 to 256
[  238.350972][ T6076] FAT-fs (loop1): Directory bread(block 64) failed
[  238.379968][    T7] cp210x 5-1:0.0: failed to get vendor val 0x370c size 73: -71
[  238.393362][ T6076] FAT-fs (loop1): Directory bread(block 65) failed
[  238.402834][    T7] cp210x 5-1:0.0: GPIO initialisation failed: -71
[  238.420882][ T6076] FAT-fs (loop1): Directory bread(block 66) failed
[  238.448046][    T7] usb 5-1: cp210x converter now attached to ttyUSB0
[  238.466116][ T6076] FAT-fs (loop1): Directory bread(block 67) failed
[  238.480100][ T6076] FAT-fs (loop1): Directory bread(block 68) failed
[  238.505925][    T7] usb 5-1: USB disconnect, device number 4
[  238.517737][ T6076] FAT-fs (loop1): Directory bread(block 69) failed
[  238.543289][ T6076] FAT-fs (loop1): Directory bread(block 70) failed
[  238.552159][ T6076] FAT-fs (loop1): Directory bread(block 71) failed
[  238.561878][    T7] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  238.575408][ T6076] FAT-fs (loop1): Directory bread(block 72) failed
[  238.607625][ T6076] FAT-fs (loop1): Directory bread(block 73) failed
[  238.616803][    T7] cp210x 5-1:0.0: device disconnected
[  238.714060][ T6082] loop5: detected capacity change from 0 to 64
[  238.819606][ T6084] loop2: detected capacity change from 0 to 1764
[  239.791389][ T6080] loop3: detected capacity change from 0 to 40427
[  239.816007][ T6080] F2FS-fs (loop3): invalid crc value
[  239.845406][ T6080] F2FS-fs (loop3): Found nat_bits in checkpoint
[  240.031702][ T6109] loop2: detected capacity change from 0 to 1024
[  240.049598][ T6080] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4
[  240.066802][ T6110] loop5: detected capacity change from 0 to 4096
[  240.079435][ T6109] EXT4-fs: inline encryption not supported
[  240.113763][ T6109] EXT4-fs: Ignoring removed bh option
[  240.170327][ T6110] ntfs: volume version 3.1.
[  240.202352][ T6109] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  240.235781][ T6110] ntfs: (device loop5): ntfs_ucstonls(): Unicode name contains characters that cannot be converted to character set iso8859-14.  You might want to try to use the mount option nls=utf8.
[  240.257147][ T6110] ntfs: (device loop5): ntfs_filldir(): Skipping unrepresentable inode 0x4.
[  240.420995][ T4276] syz-executor: attempt to access beyond end of device
[  240.420995][ T4276] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  240.447833][    T7] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  240.465605][ T4275] EXT4-fs (loop2): unmounting filesystem.
[  240.595340][ T6105] loop1: detected capacity change from 0 to 32768
[  240.644585][ T6105] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop1 scanned by syz.1.383 (6105)
[  240.657226][    T7] usb 5-1: Using ep0 maxpacket: 16
[  240.669150][    T7] usb 5-1: config 0 interface 0 altsetting 1 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  240.682993][    T7] usb 5-1: config 0 interface 0 altsetting 1 endpoint 0x81 has invalid wMaxPacketSize 0
[  240.700011][    T7] usb 5-1: config 0 interface 0 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  240.723002][    T7] usb 5-1: config 0 interface 0 has no altsetting 0
[  240.732441][    T7] usb 5-1: New USB device found, idVendor=045e, idProduct=05da, bcdDevice= 0.00
[  240.768845][    T7] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  241.190676][    T7] usb 5-1: config 0 descriptor??
[  241.203335][ T6105] BTRFS info (device loop1): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  241.232266][ T6105] BTRFS info (device loop1): using blake2b (blake2b-256-generic) checksum algorithm
[  241.243576][ T5767] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  241.262192][ T6105] BTRFS info (device loop1): using free space tree
[  241.406077][ T6141] loop3: detected capacity change from 0 to 64
[  241.433131][ T5767] usb 6-1: Using ep0 maxpacket: 16
[  241.440571][ T5767] usb 6-1: config 0 has an invalid interface number: 1 but max is 0
[  241.449829][ T5767] usb 6-1: config 0 has no interface number 0
[  241.456398][ T5767] usb 6-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  241.468500][ T5767] usb 6-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  241.478773][ T5767] usb 6-1: New USB device found, idVendor=5543, idProduct=0781, bcdDevice= 0.00
[  241.533140][ T6105] BTRFS info (device loop1): enabling ssd optimizations
[  241.541518][ T5767] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  241.585420][ T5767] usb 6-1: config 0 descriptor??
[  241.642390][    T7] hid-generic 0003:045E:05DA.0006: unbalanced collection at end of report description
[  241.661180][    T7] hid-generic: probe of 0003:045E:05DA.0006 failed with error -22
[  241.855260][ T6070] usb 5-1: USB disconnect, device number 5
[  241.911228][ T4268] BTRFS info (device loop1): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  242.017571][ T5767] uclogic 0003:5543:0781.0007: unknown main item tag 0x0
[  242.024112][    T7] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  242.041840][ T5767] uclogic 0003:5543:0781.0007: unknown main item tag 0x0
[  242.060087][ T5767] uclogic 0003:5543:0781.0007: unknown main item tag 0x0
[  242.067476][ T5767] uclogic 0003:5543:0781.0007: unknown main item tag 0x0
[  242.082919][ T5767] uclogic 0003:5543:0781.0007: unknown main item tag 0x0
[  242.127320][ T5767] uclogic 0003:5543:0781.0007: No inputs registered, leaving
[  242.133288][ T6069] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  242.147892][ T5767] uclogic 0003:5543:0781.0007: hidraw0: USB HID v0.40 Device [HID 5543:0781] on usb-dummy_hcd.5-1/input1
[  242.213297][    T7] usb 4-1: Using ep0 maxpacket: 8
[  242.216689][ T6155] loop1: detected capacity change from 0 to 256
[  242.220669][    T7] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  242.256742][    T7] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  242.263884][ T5767] usb 6-1: USB disconnect, device number 4
[  242.282399][    T7] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  242.323245][    T7] usb 4-1: New USB device found, idVendor=06cb, idProduct=81a7, bcdDevice= 0.00
[  242.326930][ T6155] FAT-fs (loop1): Directory bread(block 64) failed
[  242.339070][    T7] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  242.349500][ T6069] usb 3-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[  242.366660][ T6155] FAT-fs (loop1): Directory bread(block 65) failed
[  242.373361][ T6069] usb 3-1: config 0 interface 0 has no altsetting 0
[  242.375691][ T6069] usb 3-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  242.387696][ T6155] FAT-fs (loop1): Directory bread(block 66) failed
[  242.400477][    T7] usb 4-1: config 0 descriptor??
[  242.417415][ T6155] FAT-fs (loop1): Directory bread(block 67) failed
[  242.432968][ T6155] FAT-fs (loop1): Directory bread(block 68) failed
[  242.439532][ T6156] fido_id[6156]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.5/usb6/report_descriptor': No such file or directory
[  242.440114][ T6069] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  242.507321][ T6069] usb 3-1: Product: syz
[  242.511567][ T6069] usb 3-1: Manufacturer: syz
[  242.527028][ T6069] usb 3-1: SerialNumber: syz
[  242.534685][ T6158] loop4: detected capacity change from 0 to 512
[  242.535960][ T6155] FAT-fs (loop1): Directory bread(block 69) failed
[  242.554406][ T6069] usb 3-1: config 0 descriptor??
[  242.569256][ T6155] FAT-fs (loop1): Directory bread(block 70) failed
[  242.594582][ T6069] usb 3-1: selecting invalid altsetting 0
[  242.595081][ T6155] FAT-fs (loop1): Directory bread(block 71) failed
[  242.623129][ T6155] FAT-fs (loop1): Directory bread(block 72) failed
[  242.629342][ T6158] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2195: inode #15: comm syz.4.393: corrupted in-inode xattr
[  242.629657][ T6155] FAT-fs (loop1): Directory bread(block 73) failed
[  242.739948][ T6158] EXT4-fs error (device loop4): ext4_orphan_get:1405: comm syz.4.393: couldn't read orphan inode 15 (err -117)
[  242.756957][ T6158] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  242.832659][ T6069] usb 3-1: USB disconnect, device number 7
[  242.839616][    T7] hid-rmi 0003:06CB:81A7.0008: unknown main item tag 0x0
[  242.857057][    T7] hid-rmi 0003:06CB:81A7.0008: unknown main item tag 0x0
[  242.903812][    T7] hid-rmi 0003:06CB:81A7.0008: unknown main item tag 0x0
[  242.930012][    T7] hid-rmi 0003:06CB:81A7.0008: unknown main item tag 0x0
[  242.946876][ T6158] EXT4-fs warning (device loop4): ext4_empty_dir:3147: inode #2: comm syz.4.393: directory missing '.'
[  242.974348][    T7] hid-rmi 0003:06CB:81A7.0008: unknown main item tag 0x0
[  242.981929][    T7] hid-rmi 0003:06CB:81A7.0008: unknown main item tag 0x0
[  243.037790][    T7] hid-rmi 0003:06CB:81A7.0008: unknown main item tag 0x0
[  243.083123][    T7] hid-rmi 0003:06CB:81A7.0008: unknown main item tag 0x0
[  243.102819][    T7] hid-rmi 0003:06CB:81A7.0008: unknown main item tag 0x0
[  243.120628][    T7] hid-rmi 0003:06CB:81A7.0008: unknown main item tag 0x0
[  243.139193][    T7] hid-rmi 0003:06CB:81A7.0008: unknown main item tag 0x0
[  243.151429][ T4266] EXT4-fs (loop4): unmounting filesystem.
[  243.208781][    T7] hid-rmi 0003:06CB:81A7.0008: hidraw0: USB HID v0.00 Device [HID 06cb:81a7] on usb-dummy_hcd.3-1/input0
[  243.247664][    T7] usb 4-1: USB disconnect, device number 10
[  243.452364][ T6178] fido_id[6178]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/report_descriptor': No such file or directory
[  243.724418][ T6192] bond0: option mode: unable to set because the bond device has slaves
[  244.009683][ T6203] loop4: detected capacity change from 0 to 4096
[  244.053133][ T5766] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  244.100686][ T6208] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  244.243302][ T5766] usb 3-1: Using ep0 maxpacket: 16
[  244.250436][ T5766] usb 3-1: config 0 has an invalid interface number: 8 but max is 0
[  244.273193][ T5766] usb 3-1: config 0 has no interface number 0
[  244.290531][ T5766] usb 3-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  244.312996][ T6212] loop5: detected capacity change from 0 to 64
[  244.335449][ T5766] usb 3-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  244.394055][ T5766] usb 3-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f
[  244.398895][ T6215] loop4: detected capacity change from 0 to 1764
[  244.413760][ T5766] usb 3-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3
[  244.421912][ T5766] usb 3-1: Product: syz
[  244.435252][ T5766] usb 3-1: SerialNumber: syz
[  244.446617][ T5766] usb 3-1: config 0 descriptor??
[  244.470441][ T5766] cm109 3-1:0.8: invalid payload size 0, expected 4
[  244.497124][ T5766] input: CM109 USB driver as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.8/input/input13
[  244.628925][ T6196] loop3: detected capacity change from 0 to 32768
[  244.721657][    C1] cm109 3-1:0.8: cm109_urb_ctl_callback: urb status -71
[  244.722518][ T6196] XFS: ikeep mount option is deprecated.
[  244.729112][    C1] cm109 3-1:0.8: cm109_urb_ctl_callback: urb status -71
[  244.756175][    C1] cm109 3-1:0.8: cm109_urb_ctl_callback: urb status -71
[  244.765006][    C1] cm109 3-1:0.8: cm109_urb_ctl_callback: urb status -71
[  244.828825][    C1] cm109 3-1:0.8: cm109_urb_ctl_callback: urb status -71
[  244.838001][    C1] cm109 3-1:0.8: cm109_urb_ctl_callback: urb status -71
[  244.949353][    C1] cm109 3-1:0.8: cm109_urb_ctl_callback: urb status -71
[  244.958045][    C1] cm109 3-1:0.8: cm109_urb_ctl_callback: urb status -71
[  245.175875][    C1] cm109 3-1:0.8: cm109_urb_ctl_callback: urb status -71
[  245.184739][    C1] cm109 3-1:0.8: cm109_urb_ctl_callback: urb status -71
[  245.350553][ T6196] XFS (loop3): Mounting V5 Filesystem
[  245.372419][ T6069] usb 3-1: USB disconnect, device number 8
[  245.372567][    C1] cm109 3-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19
[  245.420115][ T6069] cm109 3-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19
[  245.593576][ T6196] XFS (loop3): Ending clean mount
[  245.601046][ T6196] XFS (loop3): Quotacheck needed: Please wait.
[  245.744839][ T6196] XFS (loop3): Quotacheck: Done.
[  246.405771][ T4276] XFS (loop3): Unmounting Filesystem
[  246.498917][ T6224] loop5: detected capacity change from 0 to 32768
[  246.554927][ T6224] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop5 scanned by syz.5.410 (6224)
[  246.596012][ T6249] loop2: detected capacity change from 0 to 4096
[  246.656429][ T6224] BTRFS info (device loop5): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  246.692723][ T6224] BTRFS info (device loop5): using sha256 (sha256-avx2) checksum algorithm
[  246.707398][ T6224] BTRFS info (device loop5): enabling disk space caching
[  246.742194][ T6224] BTRFS info (device loop5): doing ref verification
[  246.752810][ T6249] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  246.779894][ T6224] BTRFS info (device loop5): setting nodatacow, compression disabled
[  246.788616][ T6224] BTRFS info (device loop5): force clearing of disk cache
[  246.796270][ T6224] BTRFS info (device loop5): doing ref verification
[  246.802958][ T6224] BTRFS info (device loop5): disk space caching is enabled
[  246.807623][ T6258] loop1: detected capacity change from 0 to 64
[  246.903940][ T6249] EXT4-fs (loop2): Online defrag not supported with bigalloc
[  247.027252][ T4275] EXT4-fs (loop2): unmounting filesystem.
[  247.182404][ T6224] BTRFS info (device loop5): rebuilding free space tree
[  247.213923][ T6224] BTRFS info (device loop5): disabling free space tree
[  247.238922][ T6224] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  247.269980][ T6224] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  247.805073][    T7] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  247.831880][ T6307] hub 9-0:1.0: USB hub found
[  247.847594][ T6307] hub 9-0:1.0: 1 port detected
[  248.024158][    T7] usb 2-1: Using ep0 maxpacket: 32
[  248.031173][    T7] usb 2-1: config index 0 descriptor too short (expected 156, got 27)
[  248.096841][    T7] usb 2-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[  248.144386][    T7] usb 2-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7
[  248.160269][ T5464] BTRFS info (device loop5): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  248.185278][    T7] usb 2-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[  248.236326][ T6322] loop4: detected capacity change from 0 to 128
[  248.265272][    T7] usb 2-1: config 0 interface 0 has no altsetting 0
[  248.306105][    T7] usb 2-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[  248.335745][ T6322] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  248.376059][    T7] usb 2-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[  248.416586][ T6322] ext4 filesystem being mounted at /101/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  248.448787][    T7] usb 2-1: Product: syz
[  248.452998][    T7] usb 2-1: Manufacturer: syz
[  248.467491][ T6326] netlink: 'syz.3.431': attribute type 1 has an invalid length.
[  248.475755][ T6326] netlink: 'syz.3.431': attribute type 2 has an invalid length.
[  248.520375][    T7] usb 2-1: SerialNumber: syz
[  248.556899][    T7] usb 2-1: config 0 descriptor??
[  248.597184][    T7] ldusb 2-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  248.714422][    T7] ldusb 2-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  248.729446][ T4266] EXT4-fs (loop4): unmounting filesystem.
[  248.894986][ T5766] usb 2-1: USB disconnect, device number 4
[  248.909189][ T5766] ldusb 2-1:0.0: LD USB Device #0 now disconnected
[  248.979614][ T6334] loop4: detected capacity change from 0 to 1024
[  249.052665][ T6334] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  249.281750][ T4266] EXT4-fs (loop4): unmounting filesystem.
[  249.337325][ T6317] loop2: detected capacity change from 0 to 40427
[  249.394268][ T6317] F2FS-fs (loop2): build fault injection attr: rate: 690, type: 0x3ffff
[  249.400580][ T6346] Falling back ldisc for ttyS3.
[  249.442399][ T6317] F2FS-fs (loop2): invalid crc value
[  249.446797][ T6348] netlink: 60 bytes leftover after parsing attributes in process `syz.4.436'.
[  249.498671][ T6317] F2FS-fs (loop2): Found nat_bits in checkpoint
[  249.513814][ T6348] netlink: 60 bytes leftover after parsing attributes in process `syz.4.436'.
[  249.571410][ T6351] netlink: 60 bytes leftover after parsing attributes in process `syz.4.436'.
[  249.614217][ T6354] netlink: 60 bytes leftover after parsing attributes in process `syz.4.436'.
[  249.667899][ T6317] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  249.752387][ T6328] loop5: detected capacity change from 0 to 32768
[  249.841818][ T6328] XFS (loop5): Mounting V5 Filesystem
[  249.988393][ T6328] XFS (loop5): Ending clean mount
[  250.045424][ T6328] XFS (loop5): Quotacheck needed: Please wait.
[  250.127304][ T6328] XFS (loop5): Quotacheck: Done.
[  250.195260][ T6377] syz.4.441 uses obsolete (PF_INET,SOCK_PACKET)
[  250.289060][ T5464] XFS (loop5): Unmounting Filesystem
[  250.580537][ T6355] loop1: detected capacity change from 0 to 32768
[  250.618808][ T6355] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 scanned by syz.1.437 (6355)
[  250.691032][ T6355] BTRFS info (device loop1): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  250.719857][ T6355] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm
[  250.760695][ T6355] BTRFS info (device loop1): enabling auto defrag
[  250.789430][ T6355] BTRFS info (device loop1): doing ref verification
[  250.829864][ T6355] BTRFS info (device loop1): use no compression
[  250.863117][ T6355] BTRFS info (device loop1): force clearing of disk cache
[  250.885361][ T6355] BTRFS info (device loop1): setting nodatacow, compression disabled
[  250.902654][ T6391] loop5: detected capacity change from 0 to 2048
[  250.914803][ T6355] BTRFS info (device loop1): disabling free space tree
[  250.979490][ T6379] loop2: detected capacity change from 0 to 32768
[  251.017294][ T6401] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  251.054167][ T6408] loop4: detected capacity change from 0 to 512
[  251.072266][ T6391] NILFS error (device loop5): nilfs_lookup: deleted inode referenced: 12
[  251.103170][ T6408] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  251.138249][ T6379] XFS (loop2): Mounting V5 Filesystem
[  251.191937][ T6379] XFS (loop2): Ending clean mount
[  251.209490][ T6391] Remounting filesystem read-only
[  251.245031][ T4275] XFS (loop2): Unmounting Filesystem
[  251.277073][ T6355] BTRFS info (device loop1): enabling ssd optimizations
[  251.302246][ T6355] BTRFS info (device loop1): rebuilding free space tree
[  251.304760][ T6408] EXT4-fs error (device loop4): ext4_do_update_inode:5254: inode #16: comm syz.4.447: corrupted inode contents
[  251.360042][ T6355] BTRFS info (device loop1): disabling free space tree
[  251.389921][ T6355] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  251.422488][ T6408] EXT4-fs error (device loop4): ext4_dirty_inode:6119: inode #16: comm syz.4.447: mark_inode_dirty error
[  251.453759][ T6355] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  251.475189][ T6408] EXT4-fs error (device loop4): ext4_do_update_inode:5254: inode #16: comm syz.4.447: corrupted inode contents
[  251.511415][ T6408] EXT4-fs error (device loop4): __ext4_ext_dirty:202: inode #16: comm syz.4.447: mark_inode_dirty error
[  251.534635][ T6408] EXT4-fs error (device loop4): ext4_do_update_inode:5254: inode #16: comm syz.4.447: corrupted inode contents
[  251.598861][ T6408] EXT4-fs error (device loop4) in ext4_orphan_del:305: Corrupt filesystem
[  251.669836][ T6408] EXT4-fs error (device loop4): ext4_do_update_inode:5254: inode #16: comm syz.4.447: corrupted inode contents
[  251.768487][ T4268] BTRFS info (device loop1): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  251.824065][ T4274] Bluetooth: hci5: command 0x1003 tx timeout
[  251.824107][ T4284] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  252.203247][ T6408] EXT4-fs error (device loop4): ext4_truncate:4312: inode #16: comm syz.4.447: mark_inode_dirty error
[  252.304209][ T6408] EXT4-fs error (device loop4) in ext4_process_orphan:347: Corrupt filesystem
[  252.500273][ T6408] EXT4-fs (loop4): 1 truncate cleaned up
[  252.521069][ T6408] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  252.576757][ T6408] ext4 filesystem being mounted at /109/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  252.602799][ T6443] loop5: detected capacity change from 0 to 256
[  252.685389][ T4484] Quota error (device loop4): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  252.699112][ T4484] EXT4-fs error (device loop4): ext4_release_dquot:6850: comm kworker/u4:10: Failed to release dquot type 1
[  252.727322][ T4928] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 12 /dev/loop1 scanned by udevd (4928)
[  252.746824][ T6443] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x20261ffc, utbl_chksum : 0xe619d30d)
[  252.837878][ T4266] EXT4-fs (loop4): unmounting filesystem.
[  252.963309][ T5597] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[  253.168522][ T5597] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  253.207179][ T5597] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  253.386498][ T5597] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  253.400426][ T5597] usb 4-1: New USB device found, idVendor=056a, idProduct=0027, bcdDevice= 0.00
[  253.412671][ T5597] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  253.427948][ T5597] usb 4-1: config 0 descriptor??
[  254.347382][ T5597] wacom 0003:056A:0027.0009: item 0 1 0 9 parsing failed
[  254.380633][ T5597] wacom 0003:056A:0027.0009: parse failed
[  254.397343][ T5597] wacom: probe of 0003:056A:0027.0009 failed with error -22
[  254.556281][ T5766] usb 4-1: USB disconnect, device number 11
[  254.565556][ T6450] loop1: detected capacity change from 0 to 32768
[  254.608371][ T6450] XFS: noikeep mount option is deprecated.
[  255.431103][ T6450] XFS (loop1): Mounting V5 Filesystem
[  255.486072][ T1267] ieee802154 phy0 wpan0: encryption failed: -22
[  255.492423][ T1267] ieee802154 phy1 wpan1: encryption failed: -22
[  255.628042][ T6450] XFS (loop1): Torn write (CRC failure) detected at log block 0x30. Truncating head block from 0x51.
[  255.679335][ T6450] XFS (loop1): Starting recovery (logdev: internal)
[  255.729254][ T6450] XFS (loop1): Ending recovery (logdev: internal)
[  255.877571][ T6478] loop5: detected capacity change from 0 to 32768
[  255.905468][ T6450] XFS (loop1): Metadata corruption detected at xfs_btree_lookup_get_block+0x512/0x640, xfs_bnobt block 0x8
[  255.977263][ T6450] XFS (loop1): Unmount and run xfs_repair
[  256.014144][ T6510] XFS (loop1): Internal error ltbno + ltlen > bno at line 1955 of file fs/xfs/libxfs/xfs_alloc.c.  Caller xfs_free_ag_extent+0xe3e/0x1350
[  256.029221][ T6510] CPU: 0 PID: 6510 Comm: syz.1.450 Not tainted 6.1.147-syzkaller #0
[  256.037219][ T6510] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  256.047293][ T6510] Call Trace:
[  256.050579][ T6510]  <TASK>
[  256.053526][ T6510]  dump_stack_lvl+0x168/0x22e
[  256.058220][ T6510]  ? __xfs_printk+0x90/0x90
[  256.062747][ T6510]  ? show_regs_print_info+0x12/0x12
[  256.067967][ T6510]  ? xfs_alloc_get_rec+0x27b/0x560
[  256.073102][ T6510]  xfs_corruption_error+0x11e/0x170
[  256.078319][ T6510]  ? xfs_free_ag_extent+0xe3e/0x1350
[  256.083626][ T6510]  xfs_free_ag_extent+0xe78/0x1350
[  256.088754][ T6510]  ? xfs_free_ag_extent+0xe3e/0x1350
[  256.094044][ T6510]  ? xfs_free_agfl_block+0x320/0x320
[  256.099319][ T6510]  ? xfs_defer_finish_noroll+0xd39/0x1e50
[  256.105027][ T6510]  ? xfs_attr_set+0xf00/0x13e0
[  256.109786][ T6510]  ? xfs_xattr_set+0x115/0x210
[  256.114549][ T6510]  ? __vfs_setxattr+0x3e0/0x420
[  256.119387][ T6510]  ? vfs_setxattr+0x168/0x2f0
[  256.124050][ T6510]  ? setxattr+0x2b2/0x2d0
[  256.128368][ T6510]  ? path_setxattr+0x142/0x280
[  256.133120][ T6510]  ? do_syscall_64+0x4c/0xa0
[  256.137697][ T6510]  ? entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  256.143762][ T6510]  __xfs_free_extent+0x243/0x3b0
[  256.148703][ T6510]  xfs_trans_free_extent+0x3d4/0x8a0
[  256.154001][ T6510]  ? xfs_efi_item_free+0xb0/0xb0
[  256.158923][ T6510]  ? slab_pre_alloc_hook+0x59/0x310
[  256.164111][ T6510]  ? xfs_trans_add_item+0x16f/0x330
[  256.169318][ T6510]  xfs_extent_free_finish_item+0x2e/0x90
[  256.174970][ T6510]  ? xfs_extent_free_create_done+0x150/0x150
[  256.180957][ T6510]  xfs_defer_finish_noroll+0xf3f/0x1e50
[  256.186506][ T6510]  ? __xfs_trans_commit+0x266/0xe00
[  256.191703][ T6510]  ? xfs_da3_node_add+0xb10/0xb10
[  256.196729][ T6510]  ? rcu_is_watching+0x11/0xa0
[  256.201498][ T6510]  __xfs_trans_commit+0x266/0xe00
[  256.206522][ T6510]  ? xfs_trans_commit+0x20/0x20
[  256.211363][ T6510]  ? slab_free_freelist_hook+0x131/0x1a0
[  256.216990][ T6510]  ? xfs_trans_log_inode+0x11b/0x190
[  256.222263][ T6510]  xfs_attr_set+0xf00/0x13e0
[  256.226844][ T6510]  ? preempt_count_add+0x8d/0x190
[  256.231904][ T6510]  ? xfs_attr_leaf_shrink+0x350/0x350
[  256.237288][ T6510]  ? __lock_acquire+0x13c0/0x7c50
[  256.242342][ T6510]  xfs_xattr_set+0x115/0x210
[  256.246933][ T6510]  ? xfs_xattr_get+0x190/0x190
[  256.251699][ T6510]  ? evm_protect_xattr+0x7a0/0x990
[  256.256808][ T6510]  ? xfs_xattr_get+0x190/0x190
[  256.261562][ T6510]  __vfs_setxattr+0x3e0/0x420
[  256.266240][ T6510]  __vfs_setxattr_noperm+0x129/0x5e0
[  256.271526][ T6510]  vfs_setxattr+0x168/0x2f0
[  256.276023][ T6510]  ? xattr_permission+0x500/0x500
[  256.281035][ T6510]  ? _copy_from_user+0x10b/0x170
[  256.285960][ T6510]  ? setxattr+0x243/0x2d0
[  256.290279][ T6510]  setxattr+0x2b2/0x2d0
[  256.294428][ T6510]  ? path_setxattr+0x280/0x280
[  256.299206][ T6510]  ? __mnt_want_write+0x21f/0x2a0
[  256.304232][ T6510]  path_setxattr+0x142/0x280
[  256.308815][ T6510]  ? simple_xattr_list_add+0xf0/0xf0
[  256.314091][ T6510]  ? lock_chain_count+0x20/0x20
[  256.318933][ T6510]  __x64_sys_setxattr+0xb7/0xd0
[  256.323776][ T6510]  do_syscall_64+0x4c/0xa0
[  256.328181][ T6510]  ? clear_bhb_loop+0x60/0xb0
[  256.332849][ T6510]  ? clear_bhb_loop+0x60/0xb0
[  256.337514][ T6510]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  256.343396][ T6510] RIP: 0033:0x7ff566f8eb69
[  256.347812][ T6510] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  256.367407][ T6510] RSP: 002b:00007ff567d0e038 EFLAGS: 00000246 ORIG_RAX: 00000000000000bc
[  256.375807][ T6510] RAX: ffffffffffffffda RBX: 00007ff5671b6080 RCX: 00007ff566f8eb69
[  256.383851][ T6510] RDX: 00002000000001c0 RSI: 0000200000000180 RDI: 00002000000000c0
[  256.391811][ T6510] RBP: 00007ff567011df1 R08: 0000000000000000 R09: 0000000000000000
[  256.399768][ T6510] R10: 0000000000001001 R11: 0000000000000246 R12: 0000000000000000
[  256.407728][ T6510] R13: 0000000000000001 R14: 00007ff5671b6080 R15: 00007ffc9397fbf8
[  256.415696][ T6510]  </TASK>
[  256.459243][ T6478] XFS (loop5): Mounting V5 Filesystem
[  256.504104][ T6510] XFS (loop1): Corruption detected. Unmount and run xfs_repair
[  256.527445][ T6510] XFS (loop1): Corruption of in-memory data (0x8) detected at xfs_defer_finish_noroll+0x1784/0x1e50 (fs/xfs/libxfs/xfs_defer.c:580).  Shutting down filesystem.
[  256.543858][ T6510] XFS (loop1): Please unmount the filesystem and rectify the problem(s)
[  256.566771][ T6478] XFS (loop5): Ending clean mount
[  256.631351][ T6526] loop2: detected capacity change from 0 to 256
[  256.645666][ T6478] XFS (loop5): Quotacheck needed: Please wait.
[  256.687092][ T4268] XFS (loop1): Unmounting Filesystem
[  256.739341][ T6478] XFS (loop5): Quotacheck: Done.
[  256.944184][ T5464] XFS (loop5): Unmounting Filesystem
[  257.090470][ T6500] loop4: detected capacity change from 0 to 32768
[  257.135022][ T6537] loop3: detected capacity change from 0 to 22
[  257.157027][ T6537] MTD: Attempt to mount non-MTD device "/dev/loop3"
[  257.180569][ T6537] romfs: Mounting image 'rom 637cf1fa' through the block layer
[  257.391299][ T6500] XFS (loop4): Mounting V5 Filesystem
[  257.564855][ T6500] XFS (loop4): Ending clean mount
[  257.653707][ T6500] XFS (loop4): Quotacheck needed: Please wait.
[  257.740706][ T6560] netlink: 'syz.2.475': attribute type 34 has an invalid length.
[  258.579602][ T6500] XFS (loop4): Quotacheck: Done.
[  258.623156][ T6567] device syzkaller1 entered promiscuous mode
[  258.668630][ T4266] XFS (loop4): Unmounting Filesystem
[  258.761681][ T6572] loop2: detected capacity change from 0 to 1024
[  258.865078][ T4418] hfsplus: b-tree write err: -5, ino 4
[  259.441145][ T6586] device syzkaller1 entered promiscuous mode
[  259.504624][ T6568] loop1: detected capacity change from 0 to 32768
[  259.512836][ T6564] loop3: detected capacity change from 0 to 32768
[  259.544476][ T6564] XFS: attr2 mount option is deprecated.
[  259.558850][ T6568] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 scanned by syz.1.477 (6568)
[  259.653657][ T6568] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  259.679914][ T6564] XFS (loop3): DAX unsupported by block device. Turning off DAX.
[  259.691830][ T6564] XFS (loop3): Mounting V5 Filesystem
[  259.697558][ T6568] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm
[  259.744649][ T6578] loop5: detected capacity change from 0 to 32768
[  259.752268][ T6578] XFS: noikeep mount option is deprecated.
[  259.772898][ T6568] BTRFS info (device loop1): doing ref verification
[  259.791886][ T6568] BTRFS info (device loop1): setting nodatasum
[  259.817268][ T6568] BTRFS info (device loop1): enabling auto defrag
[  259.843483][ T6564] XFS (loop3): Ending clean mount
[  259.849568][ T6578] XFS (loop5): Mounting V5 Filesystem
[  259.860059][ T6564] XFS (loop3): Quotacheck needed: Please wait.
[  259.862603][ T6599] loop4: detected capacity change from 0 to 1024
[  259.896571][ T6568] BTRFS info (device loop1): max_inline at 0
[  259.902796][ T6568] BTRFS info (device loop1): using free space tree
[  259.954024][ T6599] EXT4-fs: Ignoring removed nomblk_io_submit option
[  259.983841][ T6564] XFS (loop3): Quotacheck: Done.
[  260.033628][ T6599] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  260.045250][ T6578] XFS (loop5): Torn write (CRC failure) detected at log block 0x30. Truncating head block from 0x51.
[  260.111292][ T6578] XFS (loop5): Starting recovery (logdev: internal)
[  260.224864][ T6578] XFS (loop5): Ending recovery (logdev: internal)
[  260.310492][ T4276] XFS (loop3): Unmounting Filesystem
[  260.330896][ T4266] EXT4-fs (loop4): unmounting filesystem.
[  260.541413][ T4268] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  260.579800][ T5464] XFS (loop5): Unmounting Filesystem
[  261.483269][ T6666] input: syz1 as /devices/virtual/input/input14
[  262.390097][ T6690] netlink: 40 bytes leftover after parsing attributes in process `syz.3.500'.
[  262.502118][ T6691] netlink: 40 bytes leftover after parsing attributes in process `syz.3.500'.
[  262.511155][ T6688] loop1: detected capacity change from 0 to 1024
[  262.562124][ T6688] EXT4-fs: Ignoring removed bh option
[  262.572301][ T6688] EXT4-fs: Ignoring removed bh option
[  262.578174][ T6688] EXT4-fs: Ignoring removed nobh option
[  262.621491][ T6688] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  262.672772][ T6688] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  262.872956][ T6701] loop2: detected capacity change from 0 to 128
[  262.911111][ T6701] netlink: 8 bytes leftover after parsing attributes in process `syz.2.505'.
[  262.973478][ T6701] netlink: 8 bytes leftover after parsing attributes in process `syz.2.505'.
[  263.038255][ T4268] EXT4-fs (loop1): unmounting filesystem.
[  263.112548][ T6705] loop5: detected capacity change from 0 to 1024
[  263.145474][ T6705] EXT4-fs: Ignoring removed orlov option
[  263.151561][ T6705] EXT4-fs: Ignoring removed nomblk_io_submit option
[  263.221183][ T6710] loop1: detected capacity change from 0 to 47
[  263.240034][ T6705] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  263.592481][ T6722] loop2: detected capacity change from 0 to 2048
[  263.650837][ T6722] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  263.668734][ T6722] ext4 filesystem being mounted at /95/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  263.678137][ T6699] loop3: detected capacity change from 0 to 32768
[  263.770741][ T6699] XFS (loop3): Mounting V5 Filesystem
[  263.848305][ T6699] XFS (loop3): Ending clean mount
[  263.874078][ T6699] XFS (loop3): Quotacheck needed: Please wait.
[  263.925732][ T4275] EXT4-fs (loop2): unmounting filesystem.
[  263.949567][ T6699] XFS (loop3): Quotacheck: Done.
[  263.998542][ T6720] loop1: detected capacity change from 0 to 32768
[  264.030101][ T6720] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 scanned by syz.1.510 (6720)
[  264.108374][ T6720] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  264.153380][ T6720] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm
[  264.162132][ T6720] BTRFS info (device loop1): turning on sync discard
[  264.170641][ T4276] XFS (loop3): Unmounting Filesystem
[  264.185155][ T6720] BTRFS info (device loop1): use zlib compression, level 3
[  264.202510][ T5464] EXT4-fs (loop5): unmounting filesystem.
[  264.208267][ T6738] kernel read not supported for file /eth0 (pid: 6738 comm: syz.2.513)
[  264.216799][   T26] audit: type=1800 audit(1754638764.446:278): pid=6738 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.513" name="eth0" dev="mqueue" ino=41119 res=0 errno=0
[  264.237671][ T6720] BTRFS info (device loop1): turning off barriers
[  264.246390][ T6720] BTRFS warning (device loop1): 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  264.259592][ T6720] BTRFS info (device loop1): trying to use backup root at mount time
[  264.268131][ T6720] BTRFS info (device loop1): enabling auto defrag
[  264.274982][ T6720] BTRFS info (device loop1): max_inline at 0
[  264.281488][ T6720] BTRFS info (device loop1): using free space tree
[  264.508557][ T4507] BTRFS warning (device loop1): checksum verify failed on logical 5337088 mirror 1 wanted 0xe63dbdda found 0xc926492d level 0
[  264.565950][ T6720] BTRFS error (device loop1): failed to load root extent
[  264.596767][ T6720] BTRFS warning (device loop1): try to load backup roots slot 1
[  264.617325][   T33] BTRFS warning (device loop1): checksum verify failed on logical 5324800 mirror 1 wanted 0x9f73850b found 0x80379423 level 0
[  264.655601][ T6736] loop4: detected capacity change from 0 to 32768
[  264.662311][ T6720] BTRFS warning (device loop1): couldn't read tree root
[  264.671888][ T6720] BTRFS warning (device loop1): try to load backup roots slot 2
[  264.700257][ T6736] BTRFS warning: duplicate device /dev/loop4 devid 1 generation 8 scanned by syz.4.514 (6736)
[  264.734001][ T6720] BTRFS error (device loop1): parent transid verify failed on logical 5255168 mirror 1 wanted 5 found 7
[  264.803462][ T6720] BTRFS warning (device loop1): couldn't read tree root
[  264.853168][ T6720] BTRFS warning (device loop1): try to load backup roots slot 3
[  264.945139][ T6720] BTRFS info (device loop1): enabling ssd optimizations
[  264.963217][ T6720] BTRFS info (device loop1): rebuilding free space tree
[  265.042183][ T4928] BTRFS warning: duplicate device /dev/loop4 devid 1 generation 8 scanned by udevd (4928)
[  265.116944][ T6720] BTRFS info (device loop1): checking UUID tree
[  265.981489][ T6777] loop3: detected capacity change from 0 to 4096
[  266.110500][ T6777] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  266.448817][ T4268] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  266.463158][ T4276] EXT4-fs (loop3): unmounting filesystem.
[  266.669113][ T6797] loop2: detected capacity change from 0 to 1024
[  266.725978][ T6797] EXT4-fs: Ignoring removed orlov option
[  266.749970][ T6799] loop4: detected capacity change from 0 to 2048
[  266.786120][ T6797] EXT4-fs: Ignoring removed nomblk_io_submit option
[  266.874251][ T6797] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  266.985070][ T6804] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  267.129217][ T6804] NILFS (loop4): vblocknr = 23 has abnormal lifetime: start cno (= 4294967298) > current cno (= 3)
[  267.182467][ T6804] NILFS error (device loop4): nilfs_bmap_propagate: broken bmap (inode number=4)
[  267.202058][ T4275] EXT4-fs (loop2): unmounting filesystem.
[  267.270312][ T6804] Remounting filesystem read-only
[  267.459055][ T4266] NILFS (loop4): disposed unprocessed dirty file(s) when stopping log writer
[  267.568025][ T6811] block device autoloading is deprecated and will be removed.
[  268.891264][ T6791] loop5: detected capacity change from 0 to 65536
[  269.148712][ T6791] XFS (loop5): Mounting V5 Filesystem
[  269.285462][ T6865] loop3: detected capacity change from 0 to 512
[  269.294139][ T6865] EXT4-fs: Ignoring removed mblk_io_submit option
[  269.298491][ T6791] XFS (loop5): log mount failed
[  269.307680][ T6865] EXT4-fs: Ignoring removed nomblk_io_submit option
[  269.366078][ T6865] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  269.391253][ T6865] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[  269.507206][ T6865] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3841: comm syz.3.542: Allocating blocks 41-42 which overlap fs metadata
[  269.588212][ T6865] Quota error (device loop3): write_blk: dquota write failed
[  269.598160][ T6865] Quota error (device loop3): find_free_dqentry: Can't write quota data block 5
[  269.638002][ T6865] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota
[  269.657012][ T6865] EXT4-fs error (device loop3): ext4_acquire_dquot:6814: comm syz.3.542: Failed to acquire dquot type 1
[  269.670205][ T6865] EXT4-fs error (device loop3): mb_free_blocks:1815: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt.
[  269.700175][ T6865] EXT4-fs error (device loop3): ext4_do_update_inode:5254: inode #12: comm syz.3.542: corrupted inode contents
[  269.740548][ T6865] EXT4-fs error (device loop3): ext4_dirty_inode:6119: inode #12: comm syz.3.542: mark_inode_dirty error
[  269.763851][ T6865] EXT4-fs error (device loop3): ext4_do_update_inode:5254: inode #12: comm syz.3.542: corrupted inode contents
[  269.813424][ T6865] EXT4-fs error (device loop3): __ext4_ext_dirty:202: inode #12: comm syz.3.542: mark_inode_dirty error
[  269.847277][ T6865] EXT4-fs error (device loop3): ext4_do_update_inode:5254: inode #12: comm syz.3.542: corrupted inode contents
[  269.913238][ T6865] EXT4-fs error (device loop3) in ext4_orphan_del:305: Corrupt filesystem
[  269.933833][ T6865] EXT4-fs error (device loop3): ext4_do_update_inode:5254: inode #12: comm syz.3.542: corrupted inode contents
[  269.983684][ T6865] EXT4-fs error (device loop3): ext4_truncate:4312: inode #12: comm syz.3.542: mark_inode_dirty error
[  270.012574][ T6865] EXT4-fs error (device loop3) in ext4_process_orphan:347: Corrupt filesystem
[  270.058336][ T6865] EXT4-fs (loop3): 1 truncate cleaned up
[  270.073097][ T6865] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  270.219976][ T4276] EXT4-fs (loop3): unmounting filesystem.
[  270.458631][ T6873] loop4: detected capacity change from 0 to 32768
[  270.482087][ T6873] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 scanned by syz.4.543 (6873)
[  271.259151][ T6873] BTRFS info (device loop4): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  271.283245][ T6873] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm
[  271.292033][ T6873] BTRFS info (device loop4): enabling auto defrag
[  271.317093][ T6873] BTRFS info (device loop4): doing ref verification
[  271.332421][ T6873] BTRFS info (device loop4): use no compression
[  271.362422][ T6875] loop2: detected capacity change from 0 to 32768
[  271.367089][ T6873] BTRFS info (device loop4): force clearing of disk cache
[  271.425627][ T6873] BTRFS info (device loop4): max_inline at 57
[  271.431988][ T6875] XFS (loop2): Mounting V5 Filesystem
[  271.443436][ T6873] BTRFS info (device loop4): disabling free space tree
[  271.560776][ T6875] XFS (loop2): Ending clean mount
[  271.585488][ T6875] XFS (loop2): Quotacheck needed: Please wait.
[  271.623286][ T5604] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  271.765949][ T6875] XFS (loop2): Quotacheck: Done.
[  271.806541][ T6873] BTRFS info (device loop4): enabling ssd optimizations
[  271.817875][ T6875] XFS (loop2): User initiated shutdown received.
[  271.824355][ T5604] usb 6-1: Using ep0 maxpacket: 16
[  271.829854][ T6873] BTRFS info (device loop4): rebuilding free space tree
[  271.832350][ T5604] usb 6-1: config 1 has an invalid interface number: 105 but max is 0
[  271.859194][ T6875] XFS (loop2): Log I/O Error (0x6) detected at xfs_fs_goingdown+0x6d/0x150 (fs/xfs/xfs_fsops.c:499).  Shutting down filesystem.
[  271.888750][ T6873] BTRFS info (device loop4): disabling free space tree
[  271.896393][ T5604] usb 6-1: config 1 has no interface number 0
[  271.909172][ T5604] usb 6-1: config 1 interface 105 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16
[  271.917302][ T6873] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  271.929584][ T6875] XFS (loop2): Please unmount the filesystem and rectify the problem(s)
[  271.948275][ T5604] usb 6-1: config 1 interface 105 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64
[  271.959202][ T6873] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  271.987686][ T5604] usb 6-1: config 1 interface 105 has no altsetting 0
[  272.017018][ T5604] usb 6-1: New USB device found, idVendor=20f4, idProduct=e05a, bcdDevice=6c.6d
[  272.055878][ T5604] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  272.066861][ T4275] XFS (loop2): Unmounting Filesystem
[  272.105744][ T5604] usb 6-1: Product: syz
[  272.109951][ T5604] usb 6-1: Manufacturer: syz
[  272.162423][ T5604] usb 6-1: SerialNumber: syz
[  272.200489][ T6892] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  272.213258][ T6892] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  272.304192][ T4266] BTRFS info (device loop4): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  272.680531][ T6892] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  272.703447][ T6892] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  272.709486][ T6939] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  272.847884][ T6939] siw: device registration error -19
[  273.207753][ T5604] aqc111 6-1:1.105 (unnamed net_device) (uninitialized): Failed to read(0x1) reg index 0x0001: -32
[  273.226596][ T5604] aqc111 6-1:1.105 (unnamed net_device) (uninitialized): Failed to read(0x1) reg index 0x0001: -32
[  273.272300][ T5604] aqc111 6-1:1.105 eth5: register 'aqc111' at usb-dummy_hcd.5-1, USB-C 3.1 to 5GBASE-T Ethernet Adapter, 62:ad:09:5a:53:c1
[  273.994337][ T5604] usb 6-1: USB disconnect, device number 5
[  274.001047][ T5604] aqc111 6-1:1.105 eth5: unregister 'aqc111' usb-dummy_hcd.5-1, USB-C 3.1 to 5GBASE-T Ethernet Adapter
[  274.006973][ T6965] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3482940618 (6965881236 ns) > initial count (504378442 ns). Using initial count to start timer.
[  274.074076][ T5604] aqc111 6-1:1.105 eth5 (unregistered): Failed to write(0x1) reg index 0x0002: -19
[  274.113216][ T5604] aqc111 6-1:1.105 eth5 (unregistered): Failed to write(0x1) reg index 0x0002: -19
[  274.142729][ T5604] aqc111 6-1:1.105 eth5 (unregistered): Failed to write(0x61) reg index 0x0000: -19
[  274.321627][ T6946] loop3: detected capacity change from 0 to 32768
[  274.350724][ T6946] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 scanned by syz.3.560 (6946)
[  274.376951][ T6946] BTRFS info (device loop3): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  275.101375][ T6946] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm
[  275.171131][ T6946] BTRFS info (device loop3): enabling disk space caching
[  275.193873][ T6946] BTRFS info (device loop3): doing ref verification
[  275.202038][ T6946] BTRFS info (device loop3): setting nodatacow, compression disabled
[  275.297098][ T6946] BTRFS info (device loop3): force clearing of disk cache
[  275.346743][ T6946] BTRFS info (device loop3): doing ref verification
[  275.380136][ T6946] BTRFS info (device loop3): disk space caching is enabled
[  275.688054][ T6946] BTRFS info (device loop3): rebuilding free space tree
[  275.774109][ T6946] BTRFS info (device loop3): disabling free space tree
[  275.803894][ T6946] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  275.839283][ T6946] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  275.863190][ T5604] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  275.934973][ T7016] loop5: detected capacity change from 0 to 32768
[  275.975782][ T7016] find_entry called with index = 0
[  275.982228][ T7016] read_mapping_page failed!
[  275.986928][ T7016] ERROR: (device loop5): txCommit: 
[  275.986928][ T7016] 
[  275.998389][ T7016] ERROR: (device loop5): remounting filesystem as read-only
[  276.040826][ T4276] BTRFS info (device loop3): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  276.063299][ T5604] usb 5-1: Using ep0 maxpacket: 32
[  276.075478][ T5604] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  276.089498][ T5464] ERROR: (device loop5): diFree: numfree > numinos
[  276.089498][ T5464] 
[  276.126762][ T5604] usb 5-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  276.170189][ T5604] usb 5-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  276.188603][ T4928] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 11 /dev/loop3 scanned by udevd (4928)
[  276.201917][ T5604] usb 5-1: Product: syz
[  276.211204][ T5604] usb 5-1: Manufacturer: syz
[  276.225864][ T5604] usb 5-1: SerialNumber: syz
[  276.247512][ T5604] usb 5-1: config 0 descriptor??
[  276.263388][ T7006] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  276.559718][ T5767] usb 5-1: USB disconnect, device number 6
[  277.371658][ T7040] kernel read not supported for file /eth0 (pid: 7040 comm: syz.5.584)
[  277.423946][   T26] audit: type=1800 audit(1754638777.666:279): pid=7040 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.584" name="eth0" dev="mqueue" ino=42944 res=0 errno=0
[  278.210421][ T7077] loop2: detected capacity change from 0 to 64
[  279.848062][ T7102] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  281.758335][ T7100] bridge: RTM_NEWNEIGH with invalid ether address
[  283.039544][ T7140] loop5: detected capacity change from 0 to 512
[  283.058274][ T7140] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349)
[  283.091473][ T7140] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=c802e12c, mo2=0002]
[  283.105898][ T7140] EXT4-fs (loop5): orphan cleanup on readonly fs
[  283.114319][ T7140] EXT4-fs error (device loop5): ext4_validate_block_bitmap:438: comm syz.5.613: bg 0: block 361: padding at end of block bitmap is not set
[  283.166467][ T7140] EXT4-fs (loop5): Remounting filesystem read-only
[  283.174368][ T7140] EXT4-fs error (device loop5) in ext4_mb_clear_bb:6170: Corrupt filesystem
[  283.195571][ T7140] EXT4-fs (loop5): Remounting filesystem read-only
[  283.202178][ T7140] EXT4-fs error (device loop5): ext4_clear_blocks:883: inode #11: comm syz.5.613: attempt to clear invalid blocks 33619980 len 1
[  283.229678][ T7140] EXT4-fs (loop5): Remounting filesystem read-only
[  283.248062][ T7140] EXT4-fs error (device loop5): ext4_free_branches:1030: inode #11: comm syz.5.613: invalid indirect mapped block 1811939328 (level 0)
[  283.277517][ T7140] EXT4-fs (loop5): Remounting filesystem read-only
[  283.307922][ T7140] EXT4-fs error (device loop5): ext4_free_branches:1030: inode #11: comm syz.5.613: invalid indirect mapped block 2185560079 (level 1)
[  283.467885][ T7140] EXT4-fs (loop5): Remounting filesystem read-only
[  283.614741][ T7140] EXT4-fs (loop5): 1 truncate cleaned up
[  283.682132][ T7140] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  283.892802][ T7140] EXT4-fs warning (device loop5): dx_probe:893: inode #2: comm syz.5.613: dx entry: limit 0 != root limit 125
[  283.924720][ T7140] EXT4-fs warning (device loop5): dx_probe:966: inode #2: comm syz.5.613: Corrupt directory, running e2fsck is recommended
[  283.933114][ T6064] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  283.947246][ T7158] EXT4-fs warning (device loop5): dx_probe:893: inode #2: comm syz.5.613: dx entry: limit 0 != root limit 125
[  283.969257][ T7158] EXT4-fs warning (device loop5): dx_probe:966: inode #2: comm syz.5.613: Corrupt directory, running e2fsck is recommended
[  284.007632][ T7140] EXT4-fs warning (device loop5): dx_probe:893: inode #2: comm syz.5.613: dx entry: limit 0 != root limit 125
[  284.043304][ T7140] EXT4-fs warning (device loop5): dx_probe:966: inode #2: comm syz.5.613: Corrupt directory, running e2fsck is recommended
[  284.065365][ T7140] EXT4-fs warning (device loop5): dx_probe:893: inode #2: comm syz.5.613: dx entry: limit 0 != root limit 125
[  284.077238][ T7140] EXT4-fs warning (device loop5): dx_probe:966: inode #2: comm syz.5.613: Corrupt directory, running e2fsck is recommended
[  284.102626][ T7140] EXT4-fs warning (device loop5): dx_probe:893: inode #2: comm syz.5.613: dx entry: limit 0 != root limit 125
[  284.143284][ T7140] EXT4-fs warning (device loop5): dx_probe:966: inode #2: comm syz.5.613: Corrupt directory, running e2fsck is recommended
[  284.170146][ T7158] EXT4-fs error (device loop5): ext4_readdir:263: inode #2: block 5: comm syz.5.613: path /52/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  284.193272][ T6064] usb 2-1: Using ep0 maxpacket: 32
[  284.213578][ T6064] usb 2-1: config 0 has an invalid interface number: 184 but max is 0
[  284.224983][ T6064] usb 2-1: config 0 has no interface number 0
[  284.235421][ T6064] usb 2-1: config 0 interface 184 has no altsetting 0
[  284.255687][ T6064] usb 2-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  284.273093][ T6064] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  284.284739][ T6064] usb 2-1: Product: syz
[  284.288917][ T6064] usb 2-1: Manufacturer: syz
[  284.309208][ T6064] usb 2-1: SerialNumber: syz
[  284.334710][ T5464] EXT4-fs (loop5): unmounting filesystem.
[  284.362925][ T6064] usb 2-1: config 0 descriptor??
[  284.377976][ T6064] smsc75xx v1.0.0
[  285.075075][ T5594] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[  285.293270][ T5594] usb 4-1: Using ep0 maxpacket: 8
[  285.301851][ T5594] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 13
[  285.338748][ T5594] usb 4-1: New USB device found, idVendor=046d, idProduct=08ae, bcdDevice=11.58
[  285.351019][ T5594] usb 4-1: New USB device strings: Mfr=241, Product=1, SerialNumber=3
[  285.377349][ T5594] usb 4-1: Product: syz
[  285.381589][ T5594] usb 4-1: Manufacturer: syz
[  285.387196][ T5594] usb 4-1: SerialNumber: syz
[  285.413681][ T5594] usb 4-1: config 0 descriptor??
[  285.424873][ T5594] gspca_main: gspca_zc3xx-2.14.0 probing 046d:08ae
[  285.461901][ T7185] capability: warning: `syz.2.626' uses deprecated v2 capabilities in a way that may be insecure
[  285.753188][ T5608] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  285.919651][ T6064] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000040: -32
[  285.953292][ T5608] usb 3-1: Using ep0 maxpacket: 32
[  285.961401][ T5608] usb 3-1: config 0 has an invalid interface number: 85 but max is 0
[  285.961482][ T6064] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  285.995448][ T5608] usb 3-1: config 0 has no interface number 0
[  286.021635][ T5608] usb 3-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  286.069745][ T5608] usb 3-1: config 0 interface 85 has no altsetting 0
[  286.103523][ T5608] usb 3-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72
[  286.143262][ T5608] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  286.186197][ T5608] usb 3-1: Product: syz
[  286.209102][ T5608] usb 3-1: Manufacturer: syz
[  286.234985][ T5608] usb 3-1: SerialNumber: syz
[  286.271670][ T5608] usb 3-1: config 0 descriptor??
[  286.432691][ T6064] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000010: -71
[  286.481436][ T6064] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): Failed to write HW_CFG: -71
[  286.516842][ T5608] appletouch 3-1:0.85: Failed to read mode from device.
[  286.527470][ T5608] appletouch: probe of 3-1:0.85 failed with error -5
[  286.537040][ T6064] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71
[  286.542584][ T5608] usb 3-1: USB disconnect, device number 9
[  286.565975][ T6064] smsc75xx: probe of 2-1:0.184 failed with error -71
[  286.598984][ T6064] usb 2-1: USB disconnect, device number 5
[  286.645365][ T5594] gspca_zc3xx: reg_w_i err -71
[  287.298466][ T5594] gspca_zc3xx: Unknown sensor - set to TAS5130C
[  287.312814][ T5594] gspca_zc3xx: probe of 4-1:0.0 failed with error -71
[  287.350242][ T5594] usb 4-1: USB disconnect, device number 12
[  288.068614][ T7216] netlink: 24 bytes leftover after parsing attributes in process `syz.2.634'.
[  288.315698][ T7226] loop4: detected capacity change from 0 to 2048
[  288.758023][ T7226] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  290.533948][ T5594] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  290.583226][    T7] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  290.923492][ T5594] usb 3-1: Using ep0 maxpacket: 32
[  291.025944][ T5594] usb 3-1: config 0 has an invalid interface number: 67 but max is 0
[  291.034301][    T7] usb 5-1: Using ep0 maxpacket: 16
[  291.053289][    T7] usb 5-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  291.061973][    T7] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  291.073192][ T5594] usb 3-1: config 0 has no interface number 0
[  291.079807][    T7] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  291.091484][ T5594] usb 3-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[  291.101013][ T5594] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  291.113301][ T5594] usb 3-1: Product: syz
[  291.117648][ T5594] usb 3-1: Manufacturer: syz
[  291.122279][ T5594] usb 3-1: SerialNumber: syz
[  291.127735][    T7] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  291.147726][ T5594] usb 3-1: config 0 descriptor??
[  291.248858][    T7] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  291.257937][    T7] usb 5-1: Product: syz
[  291.262853][ T5594] smsc95xx v2.0.0
[  291.266920][    T7] usb 5-1: Manufacturer: syz
[  291.271557][    T7] usb 5-1: SerialNumber: syz
[  291.668951][ T5594] smsc95xx 3-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -32
[  291.687060][ T5594] smsc95xx 3-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  291.698049][    T7] usb 5-1: 0:2 : does not exist
[  291.874901][ T7288] loop3: detected capacity change from 0 to 8192
[  291.928389][ T7288] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  291.953183][ T7288] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal
[  291.972945][ T7288] REISERFS (device loop3): using ordered data mode
[  291.994317][ T7288] reiserfs: using flush barriers
[  292.032793][ T7288] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  292.090184][ T7288] REISERFS (device loop3): checking transaction log (loop3)
[  292.114626][ T7288] REISERFS (device loop3): Using r5 hash to sort names
[  292.135106][ T7288] REISERFS warning (device loop3): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 1) not found (pos 2)
[  292.163953][ T7288] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage.
[  292.300216][    C0] raw-gadget.1 gadget.4: ignoring, device is not running
[  292.321198][    T7] usb 5-1: 1:0: failed to get current value for ch 0 (-22)
[  292.332941][   T26] audit: type=1800 audit(1754638792.566:280): pid=7288 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.662" name="bus" dev="loop3" ino=5 res=0 errno=0
[  292.347741][ T7288] REISERFS warning (device loop3): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 1) not found (pos 2)
[  292.423261][    T7] usb 5-1: USB disconnect, device number 7
[  292.441535][ T7294] REISERFS warning (device loop3): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 1) not found (pos 2)
[  292.519673][ T7288] REISERFS warning (device loop3): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 1) not found (pos 2)
[  292.706036][ T4933] udevd[4933]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  292.916624][ T5594] smsc95xx 3-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71
[  292.939682][ T5594] smsc95xx: probe of 3-1:0.67 failed with error -71
[  292.952239][ T5594] usb 3-1: USB disconnect, device number 10
[  292.966183][ T7301] loop4: detected capacity change from 0 to 128
[  293.019056][ T7301] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  293.043168][ T7301] ext4 filesystem being mounted at /155/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  293.093912][    C1] vcan0: j1939_tp_rxtimer: 0xffff8880574e6400: rx timeout, send abort
[  293.105662][    C1] vcan0: j1939_xtp_rx_abort_one: 0xffff8880574e6400: 0x2f000: (3) A timeout occurred and this is the connection abort to close the session.
[  293.158088][ T7301] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5915: Corrupt filesystem
[  293.171114][ T7301] EXT4-fs error (device loop4): ext4_dirty_inode:6119: inode #12: comm syz.4.666: mark_inode_dirty error
[  293.187874][ T7301] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:477: comm syz.4.666: Invalid block bitmap block 0 in block_group 0
[  293.212030][ T7301] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5915: Corrupt filesystem
[  293.242517][ T7301] EXT4-fs error (device loop4): ext4_dirty_inode:6119: inode #12: comm syz.4.666: mark_inode_dirty error
[  293.264615][ T7301] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:477: comm syz.4.666: Invalid block bitmap block 0 in block_group 0
[  293.279130][ T7301] EXT4-fs error (device loop4): ext4_discard_preallocations:5119: comm syz.4.666: Error -117 reading block bitmap for 0
[  293.301617][ T7301] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:477: comm syz.4.666: Invalid block bitmap block 0 in block_group 0
[  293.317126][ T7301] EXT4-fs error (device loop4): ext4_discard_preallocations:5119: comm syz.4.666: Error -117 reading block bitmap for 0
[  293.330352][ T7301] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5915: Corrupt filesystem
[  293.443220][ T4266] EXT4-fs (loop4): unmounting filesystem.
[  293.901283][ T7325] loop4: detected capacity change from 0 to 40427
[  293.936604][ T7325] F2FS-fs (loop4): invalid crc value
[  293.947564][ T7325] F2FS-fs (loop4): Found nat_bits in checkpoint
[  293.980072][ T7325] F2FS-fs (loop4): Start checkpoint disabled!
[  293.992119][ T7325] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6
[  294.039716][ T7329] binder: 7327:7329 ioctl c0306201 200000000080 returned -14
[  295.625673][ T4484] kworker/u4:10: attempt to access beyond end of device
[  295.625673][ T4484] loop4: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  296.148296][ T7345] ªªªªªª: renamed from vlan0
[  296.183356][ T7349] binder: 7347:7349 unknown command 0
[  296.213152][ T7349] binder: 7347:7349 ioctl c0306201 2000000003c0 returned -22
[  296.898633][ T7366] loop5: detected capacity change from 0 to 128
[  297.429969][ T7366] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  297.473272][ T7366] ext4 filesystem being mounted at /72/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  297.906107][ T7366] EXT4-fs error (device loop5): __ext4_get_inode_loc:4507: comm syz.5.686: Invalid inode table block 0 in block_group 0
[  297.945299][ T7366] EXT4-fs warning (device loop5): ext4_group_add:1748: Error opening resize inode
[  299.055330][ T5464] EXT4-fs (loop5): unmounting filesystem.
[  300.940155][ T7414] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  301.338764][ T7429] loop1: detected capacity change from 0 to 764
[  301.348683][ T7429] rock: directory entry would overflow storage
[  301.360914][ T7429] rock: sig=0x5850, size=36, remaining=22
[  302.205998][ T7441] loop4: detected capacity change from 0 to 64
[  302.384851][ T7441] 
[  302.387234][ T7441] ======================================================
[  302.394250][ T7441] WARNING: possible circular locking dependency detected
[  302.401268][ T7441] 6.1.147-syzkaller #0 Not tainted
[  302.406376][ T7441] ------------------------------------------------------
[  302.413393][ T7441] syz.4.709/7441 is trying to acquire lock:
[  302.419278][ T7441] ffff888078c040b0 (&tree->tree_lock#2/1){+.+.}-{3:3}, at: hfs_find_init+0x15b/0x1d0
[  302.428785][ T7441] 
[  302.428785][ T7441] but task is already holding lock:
[  302.436149][ T7441] ffff88807762f5f8 (&HFS_I(tree->inode)->extents_lock){+.+.}-{3:3}, at: hfs_extend_file+0xd7/0x1280
[  302.446949][ T7441] 
[  302.446949][ T7441] which lock already depends on the new lock.
[  302.446949][ T7441] 
[  302.457333][ T7441] 
[  302.457333][ T7441] the existing dependency chain (in reverse order) is:
[  302.466325][ T7441] 
[  302.466325][ T7441] -> #1 (&HFS_I(tree->inode)->extents_lock){+.+.}-{3:3}:
[  302.475511][ T7441]        __mutex_lock+0x120/0xaf0
[  302.480521][ T7441]        hfs_extend_file+0xd7/0x1280
[  302.485791][ T7441]        hfs_bmap_reserve+0x103/0x420
[  302.491147][ T7441]        __hfs_ext_write_extent+0x1fa/0x470
[  302.497022][ T7441]        __hfs_ext_cache_extent+0x6b/0x9b0
[  302.502810][ T7441]        hfs_extend_file+0x313/0x1280
[  302.508163][ T7441]        hfs_get_block+0x3d4/0xbd0
[  302.513259][ T7441]        __block_write_begin_int+0x54b/0x1a70
[  302.519312][ T7441]        block_write_begin+0x96/0x1e0
[  302.524670][ T7441]        cont_write_begin+0x5c4/0x7d0
[  302.530023][ T7441]        hfs_write_begin+0x87/0xd0
[  302.535117][ T7441]        generic_perform_write+0x2db/0x560
[  302.540909][ T7441]        __generic_file_write_iter+0x172/0x430
[  302.547055][ T7441]        generic_file_write_iter+0xab/0x2e0
[  302.552933][ T7441]        vfs_write+0x44c/0x960
[  302.557681][ T7441]        ksys_write+0x143/0x240
[  302.562529][ T7441]        do_syscall_64+0x4c/0xa0
[  302.567461][ T7441]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  302.573875][ T7441] 
[  302.573875][ T7441] -> #0 (&tree->tree_lock#2/1){+.+.}-{3:3}:
[  302.581950][ T7441]        __lock_acquire+0x2cf8/0x7c50
[  302.587317][ T7441]        lock_acquire+0x1b4/0x490
[  302.592327][ T7441]        __mutex_lock+0x120/0xaf0
[  302.597340][ T7441]        hfs_find_init+0x15b/0x1d0
[  302.602438][ T7441]        hfs_extend_file+0x2eb/0x1280
[  302.607797][ T7441]        hfs_bmap_reserve+0x103/0x420
[  302.613163][ T7441]        hfs_cat_create+0x1c0/0x8d0
[  302.618359][ T7441]        hfs_create+0x62/0xd0
[  302.623033][ T7441]        path_openat+0x1187/0x2e70
[  302.628133][ T7441]        do_filp_open+0x1c1/0x3c0
[  302.633145][ T7441]        do_sys_openat2+0x142/0x490
[  302.638332][ T7441]        __x64_sys_openat+0x135/0x160
[  302.643688][ T7441]        do_syscall_64+0x4c/0xa0
[  302.648611][ T7441]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  302.655014][ T7441] 
[  302.655014][ T7441] other info that might help us debug this:
[  302.655014][ T7441] 
[  302.665239][ T7441]  Possible unsafe locking scenario:
[  302.665239][ T7441] 
[  302.672675][ T7441]        CPU0                    CPU1
[  302.678024][ T7441]        ----                    ----
[  302.683376][ T7441]   lock(&HFS_I(tree->inode)->extents_lock);
[  302.689343][ T7441]                                lock(&tree->tree_lock#2/1);
[  302.696713][ T7441]                                lock(&HFS_I(tree->inode)->extents_lock);
[  302.705196][ T7441]   lock(&tree->tree_lock#2/1);
[  302.710043][ T7441] 
[  302.710043][ T7441]  *** DEADLOCK ***
[  302.710043][ T7441] 
[  302.718174][ T7441] 4 locks held by syz.4.709/7441:
[  302.723189][ T7441]  #0: ffff888028efa460 (sb_writers#25){.+.+}-{0:0}, at: mnt_want_write+0x3d/0x90
[  302.732410][ T7441]  #1: ffff88807762d728 (&type->i_mutex_dir_key#21){+.+.}-{3:3}, at: path_openat+0x7c2/0x2e70
[  302.742671][ T7441]  #2: ffff888078c000b0 (&tree->tree_lock#2){+.+.}-{3:3}, at: hfs_find_init+0x15b/0x1d0
[  302.752413][ T7441]  #3: ffff88807762f5f8 (&HFS_I(tree->inode)->extents_lock){+.+.}-{3:3}, at: hfs_extend_file+0xd7/0x1280
[  302.763624][ T7441] 
[  302.763624][ T7441] stack backtrace:
[  302.769492][ T7441] CPU: 0 PID: 7441 Comm: syz.4.709 Not tainted 6.1.147-syzkaller #0
[  302.777452][ T7441] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  302.787491][ T7441] Call Trace:
[  302.790757][ T7441]  <TASK>
[  302.793676][ T7441]  dump_stack_lvl+0x168/0x22e
[  302.798340][ T7441]  ? load_image+0x3b0/0x3b0
[  302.802835][ T7441]  ? show_regs_print_info+0x12/0x12
[  302.808018][ T7441]  ? print_circular_bug+0x12b/0x1a0
[  302.813200][ T7441]  check_noncircular+0x274/0x310
[  302.818129][ T7441]  ? add_chain_block+0x940/0x940
[  302.823050][ T7441]  ? lockdep_lock+0xdc/0x1e0
[  302.827622][ T7441]  ? _find_first_zero_bit+0xcf/0x100
[  302.832895][ T7441]  __lock_acquire+0x2cf8/0x7c50
[  302.837731][ T7441]  ? mark_lock+0x94/0x320
[  302.842050][ T7441]  ? _raw_spin_unlock_irqrestore+0x82/0x100
[  302.847962][ T7441]  ? verify_lock_unused+0x140/0x140
[  302.853147][ T7441]  ? _raw_spin_unlock_irqrestore+0xaa/0x100
[  302.859025][ T7441]  ? _raw_spin_unlock+0x40/0x40
[  302.863868][ T7441]  ? stack_trace_save+0x98/0xe0
[  302.868704][ T7441]  ? __stack_depot_save+0x421/0x460
[  302.873888][ T7441]  lock_acquire+0x1b4/0x490
[  302.878376][ T7441]  ? hfs_find_init+0x15b/0x1d0
[  302.883136][ T7441]  ? hfs_extend_file+0x2eb/0x1280
[  302.888161][ T7441]  ? hfs_bmap_reserve+0x103/0x420
[  302.893186][ T7441]  ? __x64_sys_openat+0x135/0x160
[  302.898201][ T7441]  ? __might_sleep+0xd0/0xd0
[  302.902786][ T7441]  ? read_lock_is_recursive+0x10/0x10
[  302.908151][ T7441]  __mutex_lock+0x120/0xaf0
[  302.912639][ T7441]  ? hfs_find_init+0x15b/0x1d0
[  302.917392][ T7441]  ? hfs_find_init+0x15b/0x1d0
[  302.922152][ T7441]  ? mutex_lock_nested+0x10/0x10
[  302.927074][ T7441]  ? __kmem_cache_alloc_node+0x140/0x260
[  302.932695][ T7441]  ? hfs_find_init+0x84/0x1d0
[  302.937357][ T7441]  ? hfs_find_init+0x84/0x1d0
[  302.942016][ T7441]  ? __kmalloc+0xe1/0x240
[  302.946336][ T7441]  hfs_find_init+0x15b/0x1d0
[  302.950932][ T7441]  hfs_extend_file+0x2eb/0x1280
[  302.955785][ T7441]  ? hfs_get_block+0xbd0/0xbd0
[  302.960540][ T7441]  ? rcu_is_watching+0x11/0xa0
[  302.965320][ T7441]  ? trace_contention_end+0x5f/0x170
[  302.970607][ T7441]  ? __mutex_lock+0x19e/0xaf0
[  302.975280][ T7441]  ? hfs_find_init+0x15b/0x1d0
[  302.980035][ T7441]  ? mutex_lock_nested+0x10/0x10
[  302.984968][ T7441]  hfs_bmap_reserve+0x103/0x420
[  302.989828][ T7441]  hfs_cat_create+0x1c0/0x8d0
[  302.994493][ T7441]  ? hfs_cat_build_key+0x170/0x170
[  302.999595][ T7441]  ? _raw_spin_unlock+0x24/0x40
[  303.004433][ T7441]  ? hfs_new_inode+0x92c/0xc00
[  303.009184][ T7441]  hfs_create+0x62/0xd0
[  303.013335][ T7441]  ? hfs_lookup+0x2a0/0x2a0
[  303.017838][ T7441]  path_openat+0x1187/0x2e70
[  303.022426][ T7441]  ? do_filp_open+0x3c0/0x3c0
[  303.027098][ T7441]  do_filp_open+0x1c1/0x3c0
[  303.031590][ T7441]  ? vfs_tmpfile+0x480/0x480
[  303.036172][ T7441]  ? _raw_spin_unlock+0x24/0x40
[  303.041011][ T7441]  ? alloc_fd+0x58f/0x630
[  303.045329][ T7441]  do_sys_openat2+0x142/0x490
[  303.049991][ T7441]  ? do_sys_open+0xe0/0xe0
[  303.054392][ T7441]  ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[  303.060356][ T7441]  ? lock_chain_count+0x20/0x20
[  303.065193][ T7441]  __x64_sys_openat+0x135/0x160
[  303.070028][ T7441]  do_syscall_64+0x4c/0xa0
[  303.074427][ T7441]  ? clear_bhb_loop+0x60/0xb0
[  303.079087][ T7441]  ? clear_bhb_loop+0x60/0xb0
[  303.083745][ T7441]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  303.089624][ T7441] RIP: 0033:0x7f171c58eb69
[  303.094020][ T7441] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  303.113605][ T7441] RSP: 002b:00007f171d443038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  303.121997][ T7441] RAX: ffffffffffffffda RBX: 00007f171c7b5fa0 RCX: 00007f171c58eb69
[  303.129962][ T7441] RDX: 000000000000275a RSI: 0000200000000200 RDI: ffffffffffffff9c
[  303.137916][ T7441] RBP: 00007f171c611df1 R08: 0000000000000000 R09: 0000000000000000
[  303.145883][ T7441] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  303.153845][ T7441] R13: 0000000000000000 R14: 00007f171c7b5fa0 R15: 00007ffdefa84ac8
[  303.161808][ T7441]  </TASK>
[  303.283333][ T7440] loop5: detected capacity change from 0 to 32768
[  303.290759][ T7440] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop5 scanned by syz.5.707 (7440)
[  303.314487][ T7440] BTRFS info (device loop5): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  303.325186][ T7440] BTRFS info (device loop5): using sha256 (sha256-avx2) checksum algorithm
[  303.345363][ T7440] BTRFS info (device loop5): force clearing of disk cache
[  303.352517][ T7440] BTRFS info (device loop5): enabling auto defrag
[  303.364577][ T7440] BTRFS info (device loop5): max_inline at 0
[  303.370592][ T7440] BTRFS info (device loop5): enabling disk space caching
[  303.378261][ T7440] BTRFS info (device loop5): disk space caching is enabled
[  303.398990][ T7440] BTRFS info (device loop5): enabling ssd optimizations
[  303.409261][ T7440] BTRFS info (device loop5): rebuilding free space tree
[  303.422417][ T7440] BTRFS info (device loop5): disabling free space tree
[  303.429551][ T7440] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  303.440487][ T7440] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  303.498296][ T5464] BTRFS info (device loop5): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  303.534987][ T4928] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 12 /dev/loop5 scanned by udevd (4928)