last executing test programs:

3m23.131320977s ago: executing program 3 (id=272):
bpf$OBJ_GET_PROG(0x9, 0x0, 0x0)
r0 = syz_usb_connect(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12014101f2c59620d016b8108ede010203010902240001"], 0x0)
syz_usb_control_io$uac1(r0, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r1, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(r1, &(0x7f0000000080)={0xa, 0x3d, 0x0, @ipv4={'\x00', '\xff\xff', @remote}, 0x4}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r1, 0x6, 0x1f, &(0x7f0000001280), 0x3)
setsockopt$inet6_tcp_TLS_TX(r1, 0x11a, 0x2, &(0x7f0000000140)=@ccm_128={{0x303, 0x39}, '\x00\x00\x00\x00\x00\x00\x00@', "0bf70000000000000000061000000001", "00000004", "ba0200"}, 0x28)
setsockopt$inet6_tcp_TLS_RX(r1, 0x11a, 0x2, &(0x7f00000001c0)=@ccm_128={{0x304}, "bd85475b1379ad1c", "38fa4c1636d8ea5fca0abefb3b226077", "0bb21c98", "ce162769bce2e9a0"}, 0x28)

3m18.387011484s ago: executing program 3 (id=285):
r0 = socket$inet6_sctp(0xa, 0x801, 0x84)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f000068c000/0xc000)=nil, &(0x7f0000817000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r1 = io_uring_setup(0x7, &(0x7f0000000040)={0x0, 0x30bd, 0xc000, 0x8, 0x40000183})
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x12, 0x3, 0x0, &(0x7f0000000240)='syzkaller\x00', 0x80000000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(0xffffffffffffffff, 0x10e, 0xc, &(0x7f0000000000)=0x201, 0x4)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="16"], 0x50)
io_uring_enter(r1, 0x2219, 0x7721, 0x16, 0x0, 0x0)
shutdown(r0, 0x1)

3m17.082004267s ago: executing program 3 (id=288):
rt_sigtimedwait(0x0, 0x0, &(0x7f00000000c0), 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xc, 0x8b}, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000002000)=""/102400, 0x19000)
request_key(&(0x7f0000000240)='dns_resolver\x00', &(0x7f0000000140)={'syz', 0x1}, &(0x7f0000000180)='\x00', 0xfffffffffffffffc)
getsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, 0x0, 0x0)

3m15.333985158s ago: executing program 3 (id=292):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000180)='./bus\x00', 0x1400c, &(0x7f0000000840)={[{@stripe={'stripe', 0x3d, 0x3d}}, {@nombcache}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}]}, 0x3, 0x44d, &(0x7f0000000340)="$eJzs281vFGUYAPBnZrvFWrAV8Qv8qKKx8aOlgMrBgxpNPGBiogc9Nm0hyAKG1kQIiWAMnowx8W48+i940osxnky86t2QENOL4GnN7M60u8vu0pbdLrK/XzLwvPPR93125t19Z97dAIbWVPZPErEzIv6IiIl6sXmHqfp/11YvLFxfvbCQRLX67t9Jbb9/Vi8sFLsWx43nhek0Iv08iX1t6l0+d/7kfKWydDYvz66c+mh2+dz5F06cmj++dHzp9MEjRw4fmnv5pYMv9iTP8Ujz6K0Pvn776JdN+bfk0SNT3TY+Xa32uLrB2tUQJyMDbAibUoqI7HSVa/1/IkqxfvIm4s3PBto4oK+q1Wp1vPPmi1XgDpZEc1mXh2FRfNBn97/F0joIeLV/w4+Bu/pa/QYoy/tavtS3jKw9MSi33N/20lREvH/x32+zJfrzHAIAoMmP2fjn+Wy00zr+S+OBhv3uyeeGJiPi3ojYHRH3xenYExH3R9T2fTAiHtpk/a2TJDeOf9IrW0psg7Lx3yv53Fbz+K8Y/cVkKS/tquVfTo6dqCwdyF+T6SjvyMpzXer46Y3fv+q0rXH8ly1Z/cVYMG/HlZEdzccszq/M30rOja5eitg70i7/ZG0mIImIhyNi7xbrOPHs94902nbz/LvowTxT9buIZ+rn/2K05F9Ius9Pzt4VlaUDs8VVcaNff7v8Tqf6byn/HsjO/91tr/+1/CeTxvna5c3XcfnPLzre02z1+h9N3qvFo/m6T+ZXVs7ORYwmR+uNblx/cP3Yolzsn+U/vb99/98d66/EvojILuJHI+KxiHg8b/sTEfFkROzvkv8vrz/1Yeu6sQ3n319Z/oubOv/rwWi0rmkflE7+/ENTpZPrYZ7/9e7n/3Atms7XbOT9byPt2trVDAAAAP8/aUTsjCSdWYvTdGam/h3+PRFp5czyynPHznx8erH+G4HJKKfFk66Jhuehc/ltfb18KSLqXy0oth/Knxt/UxqrlWcWzlQWB508DLnxDv0/81dp0K0D+s7vtWB46f8wvPR/GF6b6/87+tYOYPu16f9jg2gHsP3aff5/OoB2ANuvpf+b9oMh4vkfDC/9H4aX/g9DaXksbv4j+a5B8Ze2ePgdG0T5tmhG34JIb4tmCPoUDPZ9CQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoFf+CwAA//9kXt09")
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x8, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000100)='\x00', 0x89901)
r1 = fspick(r0, &(0x7f00000000c0)='.\x00', 0x0)
fsconfig$FSCONFIG_SET_FLAG(r1, 0x0, &(0x7f0000000080)='ro\x00', 0x0, 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r1, 0x7, 0x0, 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x4, 0x80)
statx(r2, &(0x7f0000000100)='./file0\x00', 0x800, 0x1, 0x0)
getdents64(r2, &(0x7f0000000400)=""/4096, 0x1000)

3m11.80059827s ago: executing program 3 (id=299):
socket$netlink(0x10, 0x3, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5)
close(0x4)
r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000040)='ns/cgroup\x00')
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbee6, 0x8031, r0, 0x215eb000)
ioctl$XFS_IOC_FD_TO_HANDLE(r0, 0xc038586a, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000002c0)=@setlink={0x20, 0x13, 0x1, 0x3, 0x0, {0x0, 0x0, 0x0, 0x0, 0x8009, 0x40984}}, 0x20}}, 0x0)

3m10.874056459s ago: executing program 3 (id=304):
prlimit64(0x0, 0xe, &(0x7f0000000600)={0x9, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x9)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
recvmsg(r1, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x40000100)
bind$inet(r1, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
syz_emit_ethernet(0xbe, &(0x7f0000000000)={@dev={'\xaa\xaa\xaa\xaa\xaa', 0xf}, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x4000, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x4e24, 0x4e20, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "7b4b143b7461fd777b1c012bd14efb9f49fcdb8f080c26a04883ad5c8c82b8af", "584cbf2649a50f2dbc43efa845942824251d7d17b5191584bcd4fbe40a23424d00", "bcfd56f1375461caaa2f19935e6996c7096ffeeb0300000000000064", {"9a3bfbc1f39cb307b3472eb9cdb042d2", "643fcbb2c5a57df67d544af6e8dafe09"}}}}}}}, 0x0)
recvmmsg(r1, 0x0, 0x0, 0x102, 0x0)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x80, &(0x7f0000000080)={0xa, 0x4e21, 0x10, @private1}, 0x1c)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x3}, 0x94)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x7}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

3m9.568986207s ago: executing program 32 (id=304):
prlimit64(0x0, 0xe, &(0x7f0000000600)={0x9, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x9)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
recvmsg(r1, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x40000100)
bind$inet(r1, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
syz_emit_ethernet(0xbe, &(0x7f0000000000)={@dev={'\xaa\xaa\xaa\xaa\xaa', 0xf}, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x4000, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x4e24, 0x4e20, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "7b4b143b7461fd777b1c012bd14efb9f49fcdb8f080c26a04883ad5c8c82b8af", "584cbf2649a50f2dbc43efa845942824251d7d17b5191584bcd4fbe40a23424d00", "bcfd56f1375461caaa2f19935e6996c7096ffeeb0300000000000064", {"9a3bfbc1f39cb307b3472eb9cdb042d2", "643fcbb2c5a57df67d544af6e8dafe09"}}}}}}}, 0x0)
recvmmsg(r1, 0x0, 0x0, 0x102, 0x0)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x80, &(0x7f0000000080)={0xa, 0x4e21, 0x10, @private1}, 0x1c)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x3}, 0x94)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x7}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

23.411516051s ago: executing program 0 (id=611):
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x2, 0x13, @empty}, 0x10, 0x0, 0x0, 0x0, 0x7}, 0xa00)
r0 = socket$rds(0x15, 0x5, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
bind$inet6(r1, &(0x7f0000000100)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
r2 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r2, 0x0, 0x0)
syz_open_dev$video4linux(&(0x7f0000000080), 0xe97, 0x0)
futex(0x0, 0x8c, 0x1, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = inotify_add_watch(0xffffffffffffffff, 0x0, 0x50000100)
inotify_rm_watch(0xffffffffffffffff, r3)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r4, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000003, 0x50032, 0xffffffffffffffff, 0x0)
r5 = openat$rfkill(0xffffffffffffff9c, &(0x7f00000000c0), 0x2642, 0x0)
writev(r5, &(0x7f0000000400)=[{0x0}, {0x0}, {0x0}], 0x3)
r6 = syz_open_dev$vcsa(&(0x7f0000000040), 0x1, 0x48042)
writev(r6, &(0x7f0000000c40)=[{0x0}, {&(0x7f00000005c0)="c21cfb", 0x3}, {0x0}], 0x3)
bind$netlink(r6, &(0x7f0000000180)={0x10, 0x0, 0x25dfdbfe}, 0xc)
setsockopt$SO_RDS_MSG_RXPATH_LATENCY(r0, 0x114, 0x3f, &(0x7f0000000000)=ANY=[], 0x4)

21.853868931s ago: executing program 0 (id=616):
r0 = io_uring_setup(0x7a76, &(0x7f0000000180)={0x0, 0x3a4d, 0x100, 0x43, 0x10000000})
mount$overlay(0x0, 0x0, 0x0, 0x48000, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f0000000580)=0x2)
openat$dsp1(0xffffff9c, &(0x7f0000000000), 0x2, 0x0)
r1 = syz_open_procfs(0x0, 0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='.\x00', &(0x7f0000000080), 0x0, 0x0)
ioctl$KDFONTOP_SET(r1, 0x4b72, &(0x7f0000000a80)={0x0, 0x0, 0x0, 0x1e, 0xce, &(0x7f0000000680)="11d100a05ec99f1e575f5172c7a909c330ef6feaaf4e8e93044445172dd05a3cde8e7e44644b00a4bee15b77fb177d346985db416f54eb3fa115d0e0af319aa6ab4c9bbdd18caf0234d1dbe31d415e7d2ecf20b8b6469ec7815b9061f19e2d1197a2e9f5e5b75a1781e1d3bbf0429dc232512402e0395315a12f75c370ed10842c009f42ab0c2f0d31beb72962643b3a5beb5e6d2141651cd77aec522abdab109c2d4721e203d12c18792a342b683c4018298ca1191da72815b00f49bbdaa5fd05ba77a0cbbe2e7ae017bcf58066c9f2f99d8a721f1d81b2f4c43e8ab0350cf3785f4df6a0735a9f023f0cccf52108f84e91246b11a5807a219ede9cf008b0b7555fe89687f9687cca6cb8c02b287e1d4039805c6f1cabd7801f6cea95b2b1fe80e829c17861b98214ee02832480e9184d8fcf5f9cab6c8840f017e7d353f578aee2b8377573e4db95febdf1b300958bebfbc79761eadce63b107124124b1635833b4eab022e47d76b6416d7505a16598108d1e65627a581d7e3fd0d72496db0a3e239d2237911910063ca709753b641b5d9f7dd3a6bfceaa2bb41ca48fb6e4ef757badcb7e5491a32fea7e67867467b367358d9de9300be254fdf696c96f72a0af3b1c68ead53263fce81d6c37bad627d8129b49a5b22a55214fcbe761e3bb3a315d37d0cf354d2b4302ca42db89618e3692ed5c16f2b42555dceb1cf4dc9e31cbc385b5551238f9b9d559543cb874d262e8162973c63ccf5d48c9f6de3ea6c2acb23042896359afdac6343fbcc3f33340e71094042ffc42360f2fd0280e5208e1b7ea1ee83864b52f6db10943ee206de561afd85ab6b69113a7e4229287ea75deb9b2661010934468d8339ce1b0f4625f226fefa90c14c1cb17c43a8ab97f5e7ff4d363256cc6462335af924ef7ed6367e23a9270fb8b2a6d1437aa232fa618e5196c86ae96d30bc7e9e5f0ba6799c1e1710712355accb75c2609985a678dd1e1f683e9138aa819ff80bd0ab0a592a7b2ef59100e1c2f456b591f1c4d4ffda621cc4d4c1c9685364093d5f23b259969f0183f4bf72102c4ca0835761d8c833462b8b11d8939c44bb8091fa1a0c8ee20da85d5278fc793840abe7106fe9c98c089ecf4d21c6b743e4b2ca0d0536d6e409b53d4321a949295e3c37137907bfb8938204127c9be102042f2ce81f0a7834b2b38790466efea8ea3093cb1844f63766c6eca2f6ee2735d6cafbaa6aa746bfe0dd480b420cd98954b37718eb80198f2f4eb39e60b413d63a1f35a0c391c3e584b75fe9e29edf0d547a1a2e4c1a672cb8efb6991c0bea4eb164c2f77a37bee55d56e9f8b347d0a9412da3b1aa21dbfdd86dc3139f6a2d182f8b9ab0f39cfffae6f006be6537ba81659d067d1919bafc0db401190b1272c358212629457a15b5b45afafe40bdb40b0ea5d3865b920150"})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000001a40)=""/102392, 0x18ff8)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001680)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x40001}, 0x4040850)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000009c0)=ANY=[@ANYBLOB="140000001000010000000000000000000700000a4c000000030a0fdb00000000000000000a0020050900030073797a30000000000900010073797a310000000014000480080002403cb140bb08000140000000030a002800726f75746500000014000000110001"], 0x74}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000840)
r3 = socket$kcm(0xa, 0x922000000003, 0x11)
setsockopt$sock_attach_bpf(r3, 0x29, 0x24, &(0x7f0000000080), 0x4)
sendmsg$kcm(r3, &(0x7f0000000040)={&(0x7f00000007c0)=@l2tp6={0xa, 0x0, 0x4, @loopback, 0xffffffff, 0x1}, 0x80, &(0x7f0000000540)=[{&(0x7f0000000280)="f4000900062b3325fe80000000000000dc8b850f2323fcb11ea3548466cc00007a000000ad", 0x25}, {&(0x7f0000000100)="42e9", 0x2}, {&(0x7f00000002c0)="8b3306", 0x3}], 0x3}, 0x0)
bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0)
ioctl$DVB_DEMUX_DMX_REMOVE_PID(r1, 0x40026f34, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

18.884442979s ago: executing program 0 (id=623):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180), 0x109802, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r0, 0xc0045005, &(0x7f0000000000)=0x400)
mmap$dsp(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x2000002, 0x8012, r0, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ffb000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000fe9000/0x2000)=nil, &(0x7f0000ff0000/0xd000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ff1000/0x2000)=nil, &(0x7f0000fec000/0x14000)=nil, &(0x7f0000fe9000/0x3000)=nil, &(0x7f0000ff0000/0x4000)=nil, &(0x7f0000ffe000/0x1000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r1 = io_uring_setup(0x1c79, &(0x7f0000000040)={0x0, 0xc8a1, 0xc000, 0x8, 0xc1})
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000002, 0x5d031, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x17, 0x3, 0x0, 0x0, 0x8000000, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x2f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
io_uring_enter(r1, 0x2219, 0x7721, 0x16, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000180)=@abs, 0x6e)
r5 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT6_DEL_MIF(r5, 0x29, 0xc8, 0x0, 0xc000000)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, 0x0, 0x0, 0x2, 0x0)
socket$inet6(0xa, 0x2, 0x0)

17.197938896s ago: executing program 0 (id=626):
syz_mount_image$bfs(&(0x7f0000000000), &(0x7f0000000240)='./bus\x00', 0x8008, &(0x7f0000000100)=ANY=[@ANYRES64=0x0], 0xf, 0xab, &(0x7f0000010140)="$eJzs1zGKwkAYBeB/s7CbdptFsLBO4x08ilhqI1aK4A3Ei3gVj5DewiKtiCOYiIidRQT5vmLgzWPgtbM7brubIiKtIlLRme7T3Wy+GA8n9Rl8pCwifiMij4jeX50Pg7r7avqyWo7K6vv58c+69b0AAMDrsug/5nNqLk7NL/Aa/m993vI+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgHe7BAAA//+dfyiL")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.current\x00', 0x275a, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file2\x00', 0x143042, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='rdma.current\x00', 0x275a, 0x0)
mknodat(0xffffffffffffff9c, &(0x7f0000000140)='./file4\x00', 0x40, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file7\x00', 0x105042, 0x1ff)
linkat(0xffffffffffffff9c, &(0x7f0000000000)='./file4\x00', 0xffffffffffffff9c, &(0x7f00000006c0)='./file5\x00', 0x0)
syz_mount_image$udf(&(0x7f0000000000), &(0x7f0000000080)='./bus\x00', 0x1000000, &(0x7f0000000040)=ANY=[@ANYBLOB='\x00'], 0x2, 0x58a, &(0x7f0000000740)="$eJzs3c1rXWkZAPDnPc1NbzrtzJ22ttaOckHBMmJJ006qpjjWyQSE4oRp04UrY5N2wtwkJclIOgzahejG/8HVbBRkQN0ILnTrQnciA67ErVEGBhRHOSfnfiUZk5mbm4/m94PknnvOcz7eAwk872cAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABFff/nm8JW0308BAAAA9NM3b786PCL/BwAAgCfaHe3/AAAAAAAAAHDYpcjih5Fi9dRaOll8X1e9NbfwxurU+MTWpw2l4sxjRXz+U70ycvXaC6PXv9T8/P/n77YL8crtOzfrLy3OP1yaXV6enalPLczdW5yZ3fEVej1/o+eLF1Cff/2Nmfv3l+sjl692HV6t/e34U+dqY19++eytZuzU+MTE7Y6YgcrHvvsmengAAAAcbYORxbVIcefiz9OpiMii91x4m7qDfhuKWp5/F4WYGp8oCtKYm15YyQ9ONhPhWndOPNjMkfcgF+9JLeJ0/qyDMnoAAAB2rhJZfCZSXPhgLT0dEceaefAXiokBt79AbQ8ecgsDEXEmIi7FIcjZAQAAYJ8djyxejRS/adTimTKvLvL/r0WM7ffDAQAAALtiILK4HineG1tLtaI/QEQ8PzU+Ub91t/6NhfuLHbGTqWxRP+zjA/aSvgkAAAAcANXI4lTR4r+Wnv2QmIE9fiYAAABgdw1FFv+KFJ9/8bvFvHJRzEv/zNhXTt6Y6Jxh7vw218ljL0fExR2Oya+Ucw1OpsmUsk1Xe7wrhQMAAAAK1ZTFXyPF+3+uFt8vlbl50ugPAAAAT46UxQ8ixVcn11LasC79sY71/VsO+9j//j7/UPWlxYePluYevLay5fET1ZvfWV5Zmr639eH1tQu7ukNst44hAAAA7EAlZfHPSPH7xjutvLNcA6DsAdBONN++0c5Nq2nD0aLe4Omi3qA1huCpkZHO7S1T1o8wP16tvO+x3osNAAAAR0pKWQxGis/97pPl2v8nYlMbdBn3h0hxY/G5Mi4bzOOawwRqxe/q/bnG7HAeOx4pftloxkYRe7yMPdOOvZLH/ja/7nR3bLWMPduOHcljP4gUry1tHfuJduzVPHYpUvzsJ/Vm7Ik89mQZe64de/neYmOmby8YAAAADoBKyuJXkeLH/663hvx3t/+3W9vffqvd3r9pgr4PafPvtf2/1rHvcVkPcbysrxjYpr7ilUhx4dnnmuUp6gqa3QrW1zpo11f8I1Isfas7drCMPd2OvbLjFwsAAAAHSLP//x/v/rrV5b7MgcuvW+f/n9o4P2Cf8v/ONQnzey4/evP16UZjdmk/Nyof8azvR0TXnnQQSmHjv6WD8jx7ulH+UT0+KM/T60Zv/wcBAOAoyPP/u5Fi9b13W+3dZf5fdpVv5//vf6+d/49tvFCf8v/THfvGyvkGKgMR1ZX5h5XzEdXlR29+cW5++sHsg9mFq6MvjA6Pjl6/NlIZbDbut7d6flcAAABwWOX5/3Ck+PuPftoan7+T9v8TGy/Up/z/TMe+/J7tRr98z196LT4AAAAcCXn+/4tI8aeL77Tm0evO/zvm/3+rPc7+0mfXewu0agf6lP+f7dhXK+4bMbRLZQcAAAAAAAAAAAAAAAAAAICDopKy+E+keLc6kMoJ/3c0/9/Mxgv1afz/uY59M7E36//1/FIBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgkMoii7lI8enza+nFfMe3I052fgIAAACH3v8CAAD//16XHzs=")
write$binfmt_script(r0, &(0x7f00000008c0), 0xfecc)
open(&(0x7f0000000140)='./file1\x00', 0x64042, 0x178)
open(&(0x7f00000003c0)='./file3\x00', 0x14507e, 0x148)
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000006ac0)='cpuacct.stat\x00', 0x275a, 0x0)
openat$incfs(0xffffffffffffff9c, &(0x7f0000000640)='.log\x00', 0xa5d, 0x1)
syz_clone(0x2000400, 0x0, 0xfffffebf, 0x0, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000340)='pids.current\x00', 0x275a, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpu.stat\x00', 0x275a, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='freezer.state\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r0, 0x0)

15.717871684s ago: executing program 0 (id=634):
r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f0000000100))
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
dup3(r2, r1, 0x0)
read$FUSE(r0, &(0x7f0000004800)={0x2020}, 0x2020)

14.068458486s ago: executing program 1 (id=638):
r0 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
writev(r0, &(0x7f0000000280)=[{&(0x7f0000000180)="e9", 0x1}], 0x1)
landlock_create_ruleset(&(0x7f0000000140)={0x2c8d, 0x3, 0xae4dca4475240a2a}, 0x1b, 0x0)
ioctl$VIDIOC_LOG_STATUS(r0, 0x5646, 0x0)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f0000000080)={[{@i_version}, {@nogrpid}, {@bh}]}, 0x1, 0x51d, &(0x7f0000000200)="$eJzs3c9vHFcdAPDvTLK2k7h1WnoABG1oCwFFWceb1qp6gHJCCFVC9AhSauyNZXnXa3nXpTaRcM9ckajECY78AZx74s4FwY1LOSDxwwLVSBwGzezY2di79uaHvZb385FG89688X7fizPvzbxd7wtgbN2IiJ2ImIiI9yNipjyelFu8093y8z7bfbC4t/tgMYkse++fSVGeH4uen8ldK19zKiJ+8J2IHydH47a3tlcXGo36Rpmf7TTXZ9tb27dXmgvL9eX6Wq02Pzd/5627b9YeozVTx5a+0pwoU1/+9A873/hpXq3p8khvO56lbtMrB3FylyPie6cRbAQule2ZGHVFeCJpRLwYEa8W1/9MXCp+mwDARZZlM5HN9OYBgIsuLebAkrRazgVMR5pWq905vJfiatpotTu37rc215a6c2XXo5LeX2nU75RzhdejkuT5uSL9MF87lL8bES9ExC8mrxT56mKrsTTKGx8AGGPXDo3//5nsjv8AwAV3/MdmAICLyPgPAOPH+A8A48f4DwDjpzv+X3ncH8uy7GenUR0A4Ax4/geA8WP8B4Cx8v133823bK/8/uulD7Y2V1sf3F6qt1erzc3F6mJrY7263GotF9/Z0zzp9Rqt1vrcG7H54fVvrrc7s+2t7XvN1uZa517xvd736pXirJ0zaBkAMMgLr3zy5yQfkd++UmzRs5ZDZaQ1A05bOuoKACNzadQVAEbGal8wvh4+4z/2hwBMD8AF0WeJ3kdM9fsDoSzLstOrEnDKbn7B/D+Mq575f58ChjFz0vx/sTawNwnhQjL/D+Mry5Jh1/yPYU8EAM63Y+b4r5/lfQgwOgPe/3+x3P+2fHPgR0uHz/j4NGsFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA59v++r/Vcpnf6UjTajXiuWIBoEpyf6VRvxMRz0fEnyYrk3l+bsR1BgCeVvq3pFz/6+bM69OPFL187SA5ERE/+dV7v/xwodPZ+GPERPKvyf3jnY/L47UTg02dRgsAgOPtj9PFvudB/rPdB4v721nW5+/f7t4V5HH3didi7yD+5bhc7KeiEhFX/52U+a6kZ+7iaex8FBGf79f+JKaLOZDuLcvh+Hns5840fvpI/LRcoDkt/y0+9wzqAuPmk7z/eaff9ZfGjWLf//qfKnqop1f2f/lLLe4VfeDD+Pv936UB/d+NYWO88fvvdlNXjpZ9FPHFyxH7sfd6+p/9+MmA+K8PGf8vX3r51UFl2a8jbkb/+L2xZjvN9dn21vbtlebCcn25vlarzc/N33nr7pu12WKOenbwaPCPt289P6gsb//VAfGnTmj/V4ds/2/+9/4Pv3JM/K+/1i9+Gi8dEz8fE782ZPyFq78b+Nydx1862v5kmN//rSHjf/rX7SPLhgMAo9Pe2l5daDTqGxIS5z+R/5c9B9Xom/jWWcWaiP5FP3+te00fKsqyJ4o1qMd4FrNuwHlwcNFHxH9HXRkAAAAAAAAAAAAAAKCvs/iLpVG3EQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIvr/wEAAP//Rb3T2A==")
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000780)='./file0\x00', 0x0, &(0x7f00000035c0)=ANY=[@ANYBLOB="73686f72746e656d653d77696e6e742c73686f72746e616d653d77696e39352c636f6465706167653d313235352c73686f72746e616d653d77696e6e742c73686f72746e616d653d6c6f7765722c73686f72746e616d653d6d697865642c756e695f786c6174653d312c636865636b3d7374726963742c73686f72746e616d653d77696e6e742c696f636861727365743d757466382c6c323fc933b5d8a4c5ad95ae28327e7f5587b43b14ba9b38c69b0f707ac798420971453b49a49f8855b7af99369508e2372b84ea0cc935deacb52b348793ae9cb256"], 0x1, 0x232, &(0x7f0000000ac0)="$eJzs3TFrU10YB/Anbfq2FF7SQSgVwSsuTqGtuFdEQSgoSAY3i21RmliwUGiH1k5+Cf0KOroKDuLqFxBBquBitw5CpL1Nm8akiWDuLfX3mx5yn3/OOTchhww5eXChtjS/vLK4s7MdIyOFKM7ETOwWYiwGYjBSzwIAOEt26/X4UU/lPRcAIBv2fwD49/S4/9/NcEoAQJ/1/P1/ILMpAQB9du9+vZBWyUhE7flqZbUSUdtqXL++GI+jGgsxGaX4GVE/lNa3bs/enEz2fB2LSm3zIL+5Whk8np+K0sRY+/xUkjqeH4rRg/yn0ViI6SjFufb56bb5/+LK5abxy1GKjw9jOaoxH3vZo/zGVJLcuDPbkh/e7/vNcFavDAAAAAAAAAAAAAAAAAAAAAAAZ1k5OdT2/J5yudP1NJ+er1OM7ucDtZ7PU4zzxXzXDgAAAAAAAAAAAAAAAAAAAKfFytr60ly1uvD0pOLJh1fvuvXsF41n7dxTOOjoPmi/i/8vfXnRuWfrT+7P3y3eXszztvRYvN9+NHF1ZfzaaZnP2vrS0Elvre+liD6N/jrTlW61PNJYdXNPoV18/OXM3JuNz996HSvbzyEAAAAAAAAAAAAAAAAAAKD59+15zwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8nP0//8diihGdOvpUuS9RgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+BUAAP//aAmY9w==")
syz_mount_image$tmpfs(&(0x7f0000000040), &(0x7f0000000100)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x206420, 0x0, 0x7, 0x0, &(0x7f0000006380))
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x110)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x105042, 0x0)
read(r2, &(0x7f0000001400)=""/4096, 0x1000)
fallocate(r1, 0x3, 0x46c, 0x8008c61)
r3 = memfd_create(&(0x7f0000000000)='+][)-%\x00', 0x1)
r4 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f00000003c0), 0x1, 0x0)
write$binfmt_register(r4, &(0x7f0000000400)={0x3a, 'syz1', 0x3a, 'M', 0x3a, 0xf700000000000000, 0x3a, 'netdevsim', 0x3a, 'netdevsim', 0x3a, './file0'}, 0x39)
sendfile(r3, r3, 0x0, 0x0)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x103)
r5 = syz_open_procfs(0x0, &(0x7f0000000240)='net/snmp6\x00')
read$FUSE(r5, &(0x7f00000004c0)={0x2020}, 0x2020)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000980), 0x2, 0x0)
r6 = syz_mount_image$ext4(&(0x7f00000001c0)='ext4\x00', &(0x7f0000003540)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x87c, &(0x7f0000000040)={[{@grpid}, {@init_itable}, {@journal_dev={'journal_dev', 0x3d, 0x2}}]}, 0x3, 0x47b, &(0x7f0000000bc0)="$eJzs3M1vFOUfAPDvTLvl11/RVsQ38KWKRmK0pYDKwYMaTTxgYqIHPW7aSpCChtZESBOLBzwZY+LdePRf8KQXYzyZeNW7ISGGi+BpzezObHe7L7S4wwL7+SQL32dmdp/nu888u8+8bAMYWbPZP0nE7oj4PSKmG8X2DWYb/129sr547cr6YhK12tt/JfXt/r6yvlhsWjxvqrUQSezvUu/qufOnqisry2fz8vza6Y/mV8+df+7k6eqJ5RPLZw4fO3b0yMKLLxx+fiB5TkWaR2+899Wbx79oy39LHgMy22/lU7XagKsbrrta4vEhtoOdGcv7q1If/9Mx1tJ70/H6Z83Cp0NqIFCaWq1Wm+q9eqMG3MGSaC8b8jAqii/64vi323Hwy6XNPobv8iuNA6As76v5o7FmvHnGoLLl+HaQZiPi3Y1/vskeUc55CACANj9k859ns9nO+mI299icf6Rxf8t2d+fXhmYi4p6I2BMR98aZ2BsR90XUt30gIh7cYf0tF0nq08zO+U966YaT24Zs/vdSfm2rff5XzP5iZqxeOtcoRCV5/+TK8qH8PTkYlV1ZeaFPHT++9tuXvda1zv+yR1Z/MRfM23FpfFf7c5aqa9Ubz7jd5QsR+8a75Z80rwQkEfFQROzr9gLp9es4+cx3D/da1zP/yjYaP4ALTbVvI55u9P9GbMm/kPS/Pjn/v1hZPjRf7BWdfvn14lu96r9+/5cr6///d93/m/nPJK3Xa1d3XsfFPz7veUwzW/TzDvb/jepadSJ5px5P5Ms+qa6tnV2ImEiONxrduvzw5nOLcrF9lv/BA93H/57YfCf2R0S2Ez8SEY9GxGN53z0eEU9ExIE++f/86pMfbF02WeR/C/T/0o76fzOYiPYlaZdtsmDs1E/ft1U6sxnm+V/r//l3tB4dzJds5/OvsxXdg//6/gEAAMDtII2I3ZGkc804TefmGvfw743mWbiPzyw1fiMwE5W0ONM13XI+dCE/rG+UL0RE49aCYv2RSOvnjb8em6yX5xY/XFkaaubAVI/xn/lzbNitA0rnB1swuox/GF19x3/PG3EcHcCdoGP89735blepbQFuri7f/5PDaAdw83Wb/3f+vR/f+3An2jL+HdjDCHH+H0aX8Q+jy/iHkbQ6Gaeqk9v9tXy3oHilG3z69YLpiCjnlUsOonJLNKO0INLSq5god9cqLUhuwzZ3BMP7TAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABikfwMAAP//TfbN6A==")
open_tree(0xffffffffffffffff, &(0x7f00000003c0)='./bus/file0\x00', 0x8000)
syz_usb_connect(0x0, 0x36, &(0x7f00000005c0)=ANY=[@ANYBLOB="1201100153a42908f00a717206823e02030109022451d3060000000904020002ffdeff0009050b0000000000000905065245"], 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
statx(r6, &(0x7f00000002c0)='./bus/file0\x00', 0x400, 0x200, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, <r7=>0x0})
ioctl$IOCTL_VMCI_CTX_GET_CPT_STATE(r5, 0x7b1, 0x0)
mount$9p_rdma(&(0x7f0000000140), &(0x7f0000000200)='./bus/file0/file0\x00', &(0x7f0000000240), 0x2001406, &(0x7f0000000600)=ANY=[@ANYBLOB='trans=rdma,port=0x0000000000004e20,rq=0x0000000000000007,rq=0x0000000000007fff,cache=readahead,rq=0x0000000000007fff,rq=0x0000000000000008,rq=0x0000000000000008,uid<', @ANYRESDEC=r7, @ANYBLOB=',fsfined_u,obj_user=/dev/fuse\x00,defcontext=unconfined_u,pcr=00000000000000000032,appraise,\x00'])
mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000180)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
r8 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r8)

13.718075525s ago: executing program 0 (id=639):
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe)
r0 = open(&(0x7f00000001c0)='./file1\x00', 0x169a7e, 0x68)
fallocate(r0, 0x0, 0x9b1, 0x1001ed)
r1 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000080), 0x129202, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r1, 0xc0045005, &(0x7f0000000140)=0x2000)
ppoll(&(0x7f00000003c0)=[{r1, 0x20}], 0x1, 0x0, 0x0, 0x0)
mmap$dsp(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x100000f, 0x11, r1, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r1, 0xc0045005, &(0x7f0000000000)=0x4000)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
r2 = socket(0xa, 0x1, 0x0)
setsockopt$sock_int(r2, 0x1, 0xf, &(0x7f0000000040)=0x9, 0x4)
bind$inet6(r2, &(0x7f0000000140)={0xa, 0xe64, 0xb, @empty, 0x8}, 0x1c)
r3 = socket(0xa, 0x1, 0x0)
setsockopt$sock_int(r3, 0x1, 0xf, &(0x7f0000000040)=0x9, 0x4)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0xe64, 0x4, @empty, 0x82}, 0x1c)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x1, 0x0, 0x0, 0x3)

11.950174343s ago: executing program 33 (id=639):
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe)
r0 = open(&(0x7f00000001c0)='./file1\x00', 0x169a7e, 0x68)
fallocate(r0, 0x0, 0x9b1, 0x1001ed)
r1 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000080), 0x129202, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r1, 0xc0045005, &(0x7f0000000140)=0x2000)
ppoll(&(0x7f00000003c0)=[{r1, 0x20}], 0x1, 0x0, 0x0, 0x0)
mmap$dsp(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x100000f, 0x11, r1, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r1, 0xc0045005, &(0x7f0000000000)=0x4000)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
r2 = socket(0xa, 0x1, 0x0)
setsockopt$sock_int(r2, 0x1, 0xf, &(0x7f0000000040)=0x9, 0x4)
bind$inet6(r2, &(0x7f0000000140)={0xa, 0xe64, 0xb, @empty, 0x8}, 0x1c)
r3 = socket(0xa, 0x1, 0x0)
setsockopt$sock_int(r3, 0x1, 0xf, &(0x7f0000000040)=0x9, 0x4)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0xe64, 0x4, @empty, 0x82}, 0x1c)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x1, 0x0, 0x0, 0x3)

11.048384586s ago: executing program 5 (id=648):
openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000180)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
execveat(0xffffffffffffff9c, 0x0, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mknodat(0xffffffffffffff9c, &(0x7f00000000c0)='./file2\x00', 0x81c0, 0x0)
r3 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$IP_VS_SO_SET_ADD(r3, 0x0, 0x482, &(0x7f0000000040)={0x84, @dev={0xac, 0x14, 0x14, 0xb}, 0x17, 0x3, 'lblcr\x00', 0xd, 0x4, 0x5d}, 0x2c)
r4 = socket$kcm(0xa, 0x2, 0x0)
mkdir(&(0x7f00000001c0)='./file0\x00', 0x8)
preadv(0xffffffffffffffff, &(0x7f0000002940)=[{&(0x7f0000002680)=""/236, 0xec}], 0x1, 0x2, 0x40)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, 0x0, 0x41)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x8, &(0x7f0000000440)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@workdir={'workdir', 0x3d, './bus'}}], [{@context={'context', 0x3d, 'sysadm_u'}}, {@seclabel}, {@fowner_lt}, {@smackfsfloor={'smackfsfloor', 0x3d, '#'}}]})
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file1\x00', 0x40)
mount$overlay(0x0, 0x0, &(0x7f0000000080), 0x0, &(0x7f0000000380)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
setsockopt$IP_VS_SO_SET_ADDDEST(r3, 0x0, 0x487, &(0x7f0000000000)={{0x84, @private=0xa010101, 0x4e21, 0x3, 'wrr\x00', 0x23, 0x81, 0x5}, {@dev={0xac, 0x14, 0x14, 0x3c}, 0x4e23, 0x10000, 0x1cb, 0x12d61, 0x12d58}}, 0x44)
sendmsg$sock(r4, &(0x7f0000000400)={&(0x7f0000000580)=@in6={0x2, 0x4e22, 0x0, @dev}, 0x80, 0x0, 0x0, &(0x7f0000000000)=[@mark={{0x14, 0x1, 0x24, 0x3}}], 0x18}, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='blkio.bfq.io_queued_recursive\x00', 0x275a, 0x0)
r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='attr/fscreate\x00')
write$binfmt_script(r5, &(0x7f0000003f80)={'#! ', './cgroup/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa'}, 0xff1)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)

10.051514937s ago: executing program 6 (id=650):
syz_mount_image$bfs(&(0x7f0000000000), &(0x7f0000000240)='./bus\x00', 0x8008, &(0x7f0000000100)=ANY=[@ANYRES64=0x0], 0xf, 0xab, &(0x7f0000010140)="$eJzs1zGKwkAYBeB/s7CbdptFsLBO4x08ilhqI1aK4A3Ei3gVj5DewiKtiCOYiIidRQT5vmLgzWPgtbM7brubIiKtIlLRme7T3Wy+GA8n9Rl8pCwifiMij4jeX50Pg7r7avqyWo7K6vv58c+69b0AAMDrsug/5nNqLk7NL/Aa/m993vI+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgHe7BAAA//+dfyiL")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.current\x00', 0x275a, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file2\x00', 0x143042, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='rdma.current\x00', 0x275a, 0x0)
mknodat(0xffffffffffffff9c, &(0x7f0000000140)='./file4\x00', 0x40, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file7\x00', 0x105042, 0x1ff)
linkat(0xffffffffffffff9c, &(0x7f0000000000)='./file4\x00', 0xffffffffffffff9c, &(0x7f00000006c0)='./file5\x00', 0x0)
write$binfmt_script(r0, &(0x7f00000008c0), 0xfecc)
open(&(0x7f0000000140)='./file1\x00', 0x64042, 0x178)

9.911815226s ago: executing program 5 (id=651):
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000180)={'vxcan1\x00', <r1=>0x0})
bind$can_raw(r0, &(0x7f0000000200)={0x1d, r1}, 0x10)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r3 = epoll_create1(0x0)
epoll_pwait(r3, &(0x7f0000000140), 0x0, 0xfff, 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, 0xffffffffffffffff, &(0x7f00000000c0)={0x1a0000010})
r4 = socket$inet6(0xa, 0x1, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xb, 0xc3072, 0xffffffffffffffff, 0x0)
r5 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r5, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/74, 0x328000, 0x1000, 0x1}, 0x20)
mmap(&(0x7f0000200000/0x4000)=nil, 0x4000, 0x4, 0x200000006c832, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x200000005c832, 0xffffffffffffffff, 0x0)
getsockopt$inet6_int(r4, 0x29, 0x2, 0x0, &(0x7f0000000000)=0xfffffffffffffd96)
gettid()
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001380)=[{&(0x7f0000001340)=ANY=[@ANYRES32=r2, @ANYRES32, @ANYRES32=r4], 0x1c}], 0x1, 0x0, 0x0, 0x48800}, 0x200400c4)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYBLOB="1c0000004600070128bd700001000000017c0000080002"], 0x1c}, 0x1, 0x0, 0x0, 0x4048011}, 0xc000)
ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f0000000080))
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)=ANY=[], 0x14}}, 0x20008880)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r7, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001700)=ANY=[@ANYBLOB="18000000"], 0x18}, 0x1, 0x0, 0x0, 0x8001}, 0x4000)
syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), r7)
recvmmsg(r7, &(0x7f0000001540)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000001500)=""/40, 0x28}}], 0x1, 0x2000, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000015c0)={0x1, 0x8, &(0x7f0000001680)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$kcm(0x10, 0x2, 0x0)

9.754193781s ago: executing program 4 (id=652):
r0 = socket$igmp(0x2, 0x3, 0x2)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r1, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x6a, 0x4)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
bind$inet(r1, &(0x7f0000001c00)={0x2, 0x4e23, @multicast2}, 0x10)
setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x41, &(0x7f0000000180)=0xb27, 0x4)
connect$inet(r1, &(0x7f0000001bc0)={0x2, 0x4e23, @loopback}, 0x10)
sendmmsg(r1, &(0x7f0000004fc0)=[{{0x0, 0x0, &(0x7f0000001800)=[{&(0x7f0000000380)="f2a3caf12c99b40132fd592132e08f0f952c87a30e5747a2d122cb755867e6eb5188ea264a07a2f38b58c6338ec4f67c78fcd77e9f7d11fd8d50fb354b4d31782546ce2b3be2c5fbca0f7f7b57063937aff9c2d3f560c35c4351633c58424e3bde9c932ebdd66045b093dce8bfae552a94248d75a06c0d41803451c4a2381c8a76c0172996b2411d070e5f6a334fead34442bbfb5593f3783b6f2315f2f638402afcfb2288b3f68b1e7b007fb5784296e68a40a21a6f8449b075b73d434259c9e677a6bac1096c9b59768b973f9a445a72ab6d03ca9a0257ed13efacacd226f45eb841359d97bb39e38e32aae3d2e2140195f491a69c7d68aeba120fea4eab5c17e8e216cd50", 0x106}, {0x0}], 0x2}}, {{0x0, 0x0, 0x0}}], 0x2, 0xc840)
sendto$inet(r1, &(0x7f00000002c0)="01a4acc7cf28ab9f6c7fc745c30bfc165466072a660bbf56352083db9d40454a67f8010000004bd29585885c89773ca3ba28a1e85ffe2a9220e0ecd440e345b745bf2146835ad015c801f95be5b890e44fb3dfbe8e88a1e5176e584c970207f23b0073ca5375abddf56331be396eaa2398ea66b93a74fd4147e826abed1b5d1de578682288c19ac23c1ccc1cdd936d2571c3510b0000000000000000000000000000000000f32bb3874c926a8944caa4677d2eae3bc831e748000000", 0xfffffffffffffe88, 0x5e, 0x0, 0x0)
setsockopt$MRT_FLUSH(r0, 0x0, 0xd4, &(0x7f0000002600)=0x2, 0x4)

9.71195541s ago: executing program 1 (id=653):
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe)
r0 = open(&(0x7f00000001c0)='./file1\x00', 0x169a7e, 0x68)
fallocate(r0, 0x0, 0x9b1, 0x1001ed)
ioctl$UFFDIO_COPY(r0, 0xc028aa03, &(0x7f0000000000)={&(0x7f0000532000/0x3000)=nil, &(0x7f0000593000/0x4000)=nil, 0x3000, 0x1})
r1 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000080), 0x129202, 0x0)
ppoll(&(0x7f00000003c0)=[{r1, 0x20}], 0x1, 0x0, 0x0, 0x0)
mmap$dsp(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x100000f, 0x11, r1, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r1, 0xc0045005, &(0x7f0000000000)=0x4000)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
r2 = socket(0xa, 0x1, 0x0)
setsockopt$sock_int(r2, 0x1, 0xf, &(0x7f0000000040)=0x9, 0x4)
bind$inet6(r2, &(0x7f0000000140)={0xa, 0xe64, 0xb, @empty, 0x8}, 0x1c)
r3 = socket(0xa, 0x1, 0x0)
setsockopt$sock_int(r3, 0x1, 0xf, &(0x7f0000000040)=0x9, 0x4)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0xe64, 0x4, @empty, 0x82}, 0x1c)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x1, 0x0, 0x0, 0x3)

9.295476292s ago: executing program 6 (id=655):
r0 = io_uring_setup(0x7a76, &(0x7f0000000180)={0x0, 0x3a4d, 0x100, 0x43, 0x10000000})
mount$overlay(0x0, 0x0, 0x0, 0x48000, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f0000000580)=0x2)
openat$dsp1(0xffffff9c, &(0x7f0000000000), 0x2, 0x0)
r1 = syz_open_procfs(0x0, 0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='.\x00', &(0x7f0000000080), 0x0, 0x0)
ioctl$KDFONTOP_SET(r1, 0x4b72, &(0x7f0000000a80)={0x0, 0x0, 0x0, 0x1e, 0xce, &(0x7f0000000680)="11d100a05ec99f1e575f5172c7a909c330ef6feaaf4e8e93044445172dd05a3cde8e7e44644b00a4bee15b77fb177d346985db416f54eb3fa115d0e0af319aa6ab4c9bbdd18caf0234d1dbe31d415e7d2ecf20b8b6469ec7815b9061f19e2d1197a2e9f5e5b75a1781e1d3bbf0429dc232512402e0395315a12f75c370ed10842c009f42ab0c2f0d31beb72962643b3a5beb5e6d2141651cd77aec522abdab109c2d4721e203d12c18792a342b683c4018298ca1191da72815b00f49bbdaa5fd05ba77a0cbbe2e7ae017bcf58066c9f2f99d8a721f1d81b2f4c43e8ab0350cf3785f4df6a0735a9f023f0cccf52108f84e91246b11a5807a219ede9cf008b0b7555fe89687f9687cca6cb8c02b287e1d4039805c6f1cabd7801f6cea95b2b1fe80e829c17861b98214ee02832480e9184d8fcf5f9cab6c8840f017e7d353f578aee2b8377573e4db95febdf1b300958bebfbc79761eadce63b107124124b1635833b4eab022e47d76b6416d7505a16598108d1e65627a581d7e3fd0d72496db0a3e239d2237911910063ca709753b641b5d9f7dd3a6bfceaa2bb41ca48fb6e4ef757badcb7e5491a32fea7e67867467b367358d9de9300be254fdf696c96f72a0af3b1c68ead53263fce81d6c37bad627d8129b49a5b22a55214fcbe761e3bb3a315d37d0cf354d2b4302ca42db89618e3692ed5c16f2b42555dceb1cf4dc9e31cbc385b5551238f9b9d559543cb874d262e8162973c63ccf5d48c9f6de3ea6c2acb23042896359afdac6343fbcc3f33340e71094042ffc42360f2fd0280e5208e1b7ea1ee83864b52f6db10943ee206de561afd85ab6b69113a7e4229287ea75deb9b2661010934468d8339ce1b0f4625f226fefa90c14c1cb17c43a8ab97f5e7ff4d363256cc6462335af924ef7ed6367e23a9270fb8b2a6d1437aa232fa618e5196c86ae96d30bc7e9e5f0ba6799c1e1710712355accb75c2609985a678dd1e1f683e9138aa819ff80bd0ab0a592a7b2ef59100e1c2f456b591f1c4d4ffda621cc4d4c1c9685364093d5f23b259969f0183f4bf72102c4ca0835761d8c833462b8b11d8939c44bb8091fa1a0c8ee20da85d5278fc793840abe7106fe9c98c089ecf4d21c6b743e4b2ca0d0536d6e409b53d4321a949295e3c37137907bfb8938204127c9be102042f2ce81f0a7834b2b38790466efea8ea3093cb1844f63766c6eca2f6ee2735d6cafbaa6aa746bfe0dd480b420cd98954b37718eb80198f2f4eb39e60b413d63a1f35a0c391c3e584b75fe9e29edf0d547a1a2e4c1a672cb8efb6991c0bea4eb164c2f77a37bee55d56e9f8b347d0a9412da3b1aa21dbfdd86dc3139f6a2d182f8b9ab0f39cfffae6f006be6537ba81659d067d1919bafc0db401190b1272c358212629457a15b5b45afafe40bdb40b0ea5d3865b920150"})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001680)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x40001}, 0x4040850)
sendmsg$NFT_BATCH(r2, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000009c0)=ANY=[@ANYBLOB="140000001000010000000000000000000700000a4c000000030a0fdb00000000000000000a0020050900030073797a30000000000900010073797a310000000014000480080002403cb140bb08000140000000030a002800726f75746500000014000000110001"], 0x74}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000840)
r3 = socket$kcm(0xa, 0x922000000003, 0x11)
setsockopt$sock_attach_bpf(r3, 0x29, 0x24, &(0x7f0000000080), 0x4)
sendmsg$kcm(r3, &(0x7f0000000040)={&(0x7f00000007c0)=@l2tp6={0xa, 0x0, 0x4, @loopback, 0xffffffff, 0x1}, 0x80, &(0x7f0000000540)=[{&(0x7f0000000280)="f4000900062b3325fe80000000000000dc8b850f2323fcb11ea3548466cc00007a000000ad", 0x25}, {&(0x7f0000000100)="42e9", 0x2}, {&(0x7f00000002c0)="8b3306", 0x3}], 0x3}, 0x0)
bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0)
ioctl$DVB_DEMUX_DMX_REMOVE_PID(r1, 0x40026f34, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

8.21335673s ago: executing program 6 (id=657):
syz_mount_image$bfs(&(0x7f0000000000), &(0x7f0000000240)='./bus\x00', 0x8008, &(0x7f0000000100)=ANY=[@ANYRES64=0x0], 0xf, 0xab, &(0x7f0000010140)="$eJzs1zGKwkAYBeB/s7CbdptFsLBO4x08ilhqI1aK4A3Ei3gVj5DewiKtiCOYiIidRQT5vmLgzWPgtbM7brubIiKtIlLRme7T3Wy+GA8n9Rl8pCwifiMij4jeX50Pg7r7avqyWo7K6vv58c+69b0AAMDrsug/5nNqLk7NL/Aa/m993vI+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgHe7BAAA//+dfyiL")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.current\x00', 0x275a, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file2\x00', 0x143042, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='rdma.current\x00', 0x275a, 0x0)
mknodat(0xffffffffffffff9c, &(0x7f0000000140)='./file4\x00', 0x40, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file7\x00', 0x105042, 0x1ff)
linkat(0xffffffffffffff9c, &(0x7f0000000000)='./file4\x00', 0xffffffffffffff9c, &(0x7f00000006c0)='./file5\x00', 0x0)
syz_mount_image$udf(&(0x7f0000000000), &(0x7f0000000080)='./bus\x00', 0x1000000, &(0x7f0000000040)=ANY=[@ANYBLOB='\x00'], 0x2, 0x58a, &(0x7f0000000740)="$eJzs3c1rXWkZAPDnPc1NbzrtzJ22ttaOckHBMmJJ006qpjjWyQSE4oRp04UrY5N2wtwkJclIOgzahejG/8HVbBRkQN0ILnTrQnciA67ErVEGBhRHOSfnfiUZk5mbm4/m94PknnvOcz7eAwk872cAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABFff/nm8JW0308BAAAA9NM3b786PCL/BwAAgCfaHe3/AAAAAAAAAHDYpcjih5Fi9dRaOll8X1e9NbfwxurU+MTWpw2l4sxjRXz+U70ycvXaC6PXv9T8/P/n77YL8crtOzfrLy3OP1yaXV6enalPLczdW5yZ3fEVej1/o+eLF1Cff/2Nmfv3l+sjl692HV6t/e34U+dqY19++eytZuzU+MTE7Y6YgcrHvvsmengAAAAcbYORxbVIcefiz9OpiMii91x4m7qDfhuKWp5/F4WYGp8oCtKYm15YyQ9ONhPhWndOPNjMkfcgF+9JLeJ0/qyDMnoAAAB2rhJZfCZSXPhgLT0dEceaefAXiokBt79AbQ8ecgsDEXEmIi7FIcjZAQAAYJ8djyxejRS/adTimTKvLvL/r0WM7ffDAQAAALtiILK4HineG1tLtaI/QEQ8PzU+Ub91t/6NhfuLHbGTqWxRP+zjA/aSvgkAAAAcANXI4lTR4r+Wnv2QmIE9fiYAAABgdw1FFv+KFJ9/8bvFvHJRzEv/zNhXTt6Y6Jxh7vw218ljL0fExR2Oya+Ucw1OpsmUsk1Xe7wrhQMAAAAK1ZTFXyPF+3+uFt8vlbl50ugPAAAAT46UxQ8ixVcn11LasC79sY71/VsO+9j//j7/UPWlxYePluYevLay5fET1ZvfWV5Zmr639eH1tQu7ukNst44hAAAA7EAlZfHPSPH7xjutvLNcA6DsAdBONN++0c5Nq2nD0aLe4Omi3qA1huCpkZHO7S1T1o8wP16tvO+x3osNAAAAR0pKWQxGis/97pPl2v8nYlMbdBn3h0hxY/G5Mi4bzOOawwRqxe/q/bnG7HAeOx4pftloxkYRe7yMPdOOvZLH/ja/7nR3bLWMPduOHcljP4gUry1tHfuJduzVPHYpUvzsJ/Vm7Ik89mQZe64de/neYmOmby8YAAAADoBKyuJXkeLH/663hvx3t/+3W9vffqvd3r9pgr4PafPvtf2/1rHvcVkPcbysrxjYpr7ilUhx4dnnmuUp6gqa3QrW1zpo11f8I1Isfas7drCMPd2OvbLjFwsAAAAHSLP//x/v/rrV5b7MgcuvW+f/n9o4P2Cf8v/ONQnzey4/evP16UZjdmk/Nyof8azvR0TXnnQQSmHjv6WD8jx7ulH+UT0+KM/T60Zv/wcBAOAoyPP/u5Fi9b13W+3dZf5fdpVv5//vf6+d/49tvFCf8v/THfvGyvkGKgMR1ZX5h5XzEdXlR29+cW5++sHsg9mFq6MvjA6Pjl6/NlIZbDbut7d6flcAAABwWOX5/3Ck+PuPftoan7+T9v8TGy/Up/z/TMe+/J7tRr98z196LT4AAAAcCXn+/4tI8aeL77Tm0evO/zvm/3+rPc7+0mfXewu0agf6lP+f7dhXK+4bMbRLZQcAAAAAAAAAAAAAAAAAAICDopKy+E+keLc6kMoJ/3c0/9/Mxgv1afz/uY59M7E36//1/FIBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgkMoii7lI8enza+nFfMe3I052fgIAAACH3v8CAAD//16XHzs=")
write$binfmt_script(r0, &(0x7f00000008c0), 0xfecc)
open(&(0x7f0000000140)='./file1\x00', 0x64042, 0x178)
open(&(0x7f00000003c0)='./file3\x00', 0x14507e, 0x148)
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000006ac0)='cpuacct.stat\x00', 0x275a, 0x0)
openat$incfs(0xffffffffffffff9c, &(0x7f0000000640)='.log\x00', 0xa5d, 0x1)
syz_clone(0x2000400, 0x0, 0xfffffebf, 0x0, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000340)='pids.current\x00', 0x275a, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpu.stat\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_service_time_recursive\x00', 0x275a, 0x0)

7.75881674s ago: executing program 6 (id=658):
syz_mount_image$bfs(&(0x7f0000000000), &(0x7f0000000240)='./bus\x00', 0x8008, &(0x7f0000000100)=ANY=[@ANYRES64=0x0], 0xf, 0xab, &(0x7f0000010140)="$eJzs1zGKwkAYBeB/s7CbdptFsLBO4x08ilhqI1aK4A3Ei3gVj5DewiKtiCOYiIidRQT5vmLgzWPgtbM7brubIiKtIlLRme7T3Wy+GA8n9Rl8pCwifiMij4jeX50Pg7r7avqyWo7K6vv58c+69b0AAMDrsug/5nNqLk7NL/Aa/m993vI+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgHe7BAAA//+dfyiL")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.current\x00', 0x275a, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file2\x00', 0x143042, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='rdma.current\x00', 0x275a, 0x0)
mknodat(0xffffffffffffff9c, &(0x7f0000000140)='./file4\x00', 0x40, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file7\x00', 0x105042, 0x1ff)
linkat(0xffffffffffffff9c, &(0x7f0000000000)='./file4\x00', 0xffffffffffffff9c, &(0x7f00000006c0)='./file5\x00', 0x0)
syz_mount_image$udf(&(0x7f0000000000), &(0x7f0000000080)='./bus\x00', 0x1000000, &(0x7f0000000040)=ANY=[@ANYBLOB='\x00'], 0x2, 0x58a, &(0x7f0000000740)="$eJzs3c1rXWkZAPDnPc1NbzrtzJ22ttaOckHBMmJJ006qpjjWyQSE4oRp04UrY5N2wtwkJclIOgzahejG/8HVbBRkQN0ILnTrQnciA67ErVEGBhRHOSfnfiUZk5mbm4/m94PknnvOcz7eAwk872cAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABFff/nm8JW0308BAAAA9NM3b786PCL/BwAAgCfaHe3/AAAAAAAAAHDYpcjih5Fi9dRaOll8X1e9NbfwxurU+MTWpw2l4sxjRXz+U70ycvXaC6PXv9T8/P/n77YL8crtOzfrLy3OP1yaXV6enalPLczdW5yZ3fEVej1/o+eLF1Cff/2Nmfv3l+sjl692HV6t/e34U+dqY19++eytZuzU+MTE7Y6YgcrHvvsmengAAAAcbYORxbVIcefiz9OpiMii91x4m7qDfhuKWp5/F4WYGp8oCtKYm15YyQ9ONhPhWndOPNjMkfcgF+9JLeJ0/qyDMnoAAAB2rhJZfCZSXPhgLT0dEceaefAXiokBt79AbQ8ecgsDEXEmIi7FIcjZAQAAYJ8djyxejRS/adTimTKvLvL/r0WM7ffDAQAAALtiILK4HineG1tLtaI/QEQ8PzU+Ub91t/6NhfuLHbGTqWxRP+zjA/aSvgkAAAAcANXI4lTR4r+Wnv2QmIE9fiYAAABgdw1FFv+KFJ9/8bvFvHJRzEv/zNhXTt6Y6Jxh7vw218ljL0fExR2Oya+Ucw1OpsmUsk1Xe7wrhQMAAAAK1ZTFXyPF+3+uFt8vlbl50ugPAAAAT46UxQ8ixVcn11LasC79sY71/VsO+9j//j7/UPWlxYePluYevLay5fET1ZvfWV5Zmr639eH1tQu7ukNst44hAAAA7EAlZfHPSPH7xjutvLNcA6DsAdBONN++0c5Nq2nD0aLe4Omi3qA1huCpkZHO7S1T1o8wP16tvO+x3osNAAAAR0pKWQxGis/97pPl2v8nYlMbdBn3h0hxY/G5Mi4bzOOawwRqxe/q/bnG7HAeOx4pftloxkYRe7yMPdOOvZLH/ja/7nR3bLWMPduOHcljP4gUry1tHfuJduzVPHYpUvzsJ/Vm7Ik89mQZe64de/neYmOmby8YAAAADoBKyuJXkeLH/663hvx3t/+3W9vffqvd3r9pgr4PafPvtf2/1rHvcVkPcbysrxjYpr7ilUhx4dnnmuUp6gqa3QrW1zpo11f8I1Isfas7drCMPd2OvbLjFwsAAAAHSLP//x/v/rrV5b7MgcuvW+f/n9o4P2Cf8v/ONQnzey4/evP16UZjdmk/Nyof8azvR0TXnnQQSmHjv6WD8jx7ulH+UT0+KM/T60Zv/wcBAOAoyPP/u5Fi9b13W+3dZf5fdpVv5//vf6+d/49tvFCf8v/THfvGyvkGKgMR1ZX5h5XzEdXlR29+cW5++sHsg9mFq6MvjA6Pjl6/NlIZbDbut7d6flcAAABwWOX5/3Ck+PuPftoan7+T9v8TGy/Up/z/TMe+/J7tRr98z196LT4AAAAcCXn+/4tI8aeL77Tm0evO/zvm/3+rPc7+0mfXewu0agf6lP+f7dhXK+4bMbRLZQcAAAAAAAAAAAAAAAAAAICDopKy+E+keLc6kMoJ/3c0/9/Mxgv1afz/uY59M7E36//1/FIBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgkMoii7lI8enza+nFfMe3I052fgIAAACH3v8CAAD//16XHzs=")
write$binfmt_script(r0, &(0x7f00000008c0), 0xfecc)
open(&(0x7f0000000140)='./file1\x00', 0x64042, 0x178)
open(&(0x7f00000003c0)='./file3\x00', 0x14507e, 0x148)
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000006ac0)='cpuacct.stat\x00', 0x275a, 0x0)
openat$incfs(0xffffffffffffff9c, &(0x7f0000000640)='.log\x00', 0xa5d, 0x1)
syz_clone(0x2000400, 0x0, 0xfffffebf, 0x0, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000340)='pids.current\x00', 0x275a, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpu.stat\x00', 0x275a, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='freezer.state\x00', 0x275a, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_service_time_recursive\x00', 0x275a, 0x0)

7.63931991s ago: executing program 1 (id=659):
syz_mount_image$bfs(&(0x7f0000000000), &(0x7f0000000240)='./bus\x00', 0x8008, &(0x7f0000000100)=ANY=[@ANYRES64=0x0], 0xf, 0xab, &(0x7f0000010140)="$eJzs1zGKwkAYBeB/s7CbdptFsLBO4x08ilhqI1aK4A3Ei3gVj5DewiKtiCOYiIidRQT5vmLgzWPgtbM7brubIiKtIlLRme7T3Wy+GA8n9Rl8pCwifiMij4jeX50Pg7r7avqyWo7K6vv58c+69b0AAMDrsug/5nNqLk7NL/Aa/m993vI+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgHe7BAAA//+dfyiL")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.current\x00', 0x275a, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file2\x00', 0x143042, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='rdma.current\x00', 0x275a, 0x0)
mknodat(0xffffffffffffff9c, &(0x7f0000000140)='./file4\x00', 0x40, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file7\x00', 0x105042, 0x1ff)
linkat(0xffffffffffffff9c, &(0x7f0000000000)='./file4\x00', 0xffffffffffffff9c, &(0x7f00000006c0)='./file5\x00', 0x0)
syz_mount_image$udf(&(0x7f0000000000), &(0x7f0000000080)='./bus\x00', 0x1000000, &(0x7f0000000040)=ANY=[@ANYBLOB='\x00'], 0x2, 0x58a, &(0x7f0000000740)="$eJzs3c1rXWkZAPDnPc1NbzrtzJ22ttaOckHBMmJJ006qpjjWyQSE4oRp04UrY5N2wtwkJclIOgzahejG/8HVbBRkQN0ILnTrQnciA67ErVEGBhRHOSfnfiUZk5mbm4/m94PknnvOcz7eAwk872cAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABFff/nm8JW0308BAAAA9NM3b786PCL/BwAAgCfaHe3/AAAAAAAAAHDYpcjih5Fi9dRaOll8X1e9NbfwxurU+MTWpw2l4sxjRXz+U70ycvXaC6PXv9T8/P/n77YL8crtOzfrLy3OP1yaXV6enalPLczdW5yZ3fEVej1/o+eLF1Cff/2Nmfv3l+sjl692HV6t/e34U+dqY19++eytZuzU+MTE7Y6YgcrHvvsmengAAAAcbYORxbVIcefiz9OpiMii91x4m7qDfhuKWp5/F4WYGp8oCtKYm15YyQ9ONhPhWndOPNjMkfcgF+9JLeJ0/qyDMnoAAAB2rhJZfCZSXPhgLT0dEceaefAXiokBt79AbQ8ecgsDEXEmIi7FIcjZAQAAYJ8djyxejRS/adTimTKvLvL/r0WM7ffDAQAAALtiILK4HineG1tLtaI/QEQ8PzU+Ub91t/6NhfuLHbGTqWxRP+zjA/aSvgkAAAAcANXI4lTR4r+Wnv2QmIE9fiYAAABgdw1FFv+KFJ9/8bvFvHJRzEv/zNhXTt6Y6Jxh7vw218ljL0fExR2Oya+Ucw1OpsmUsk1Xe7wrhQMAAAAK1ZTFXyPF+3+uFt8vlbl50ugPAAAAT46UxQ8ixVcn11LasC79sY71/VsO+9j//j7/UPWlxYePluYevLay5fET1ZvfWV5Zmr639eH1tQu7ukNst44hAAAA7EAlZfHPSPH7xjutvLNcA6DsAdBONN++0c5Nq2nD0aLe4Omi3qA1huCpkZHO7S1T1o8wP16tvO+x3osNAAAAR0pKWQxGis/97pPl2v8nYlMbdBn3h0hxY/G5Mi4bzOOawwRqxe/q/bnG7HAeOx4pftloxkYRe7yMPdOOvZLH/ja/7nR3bLWMPduOHcljP4gUry1tHfuJduzVPHYpUvzsJ/Vm7Ik89mQZe64de/neYmOmby8YAAAADoBKyuJXkeLH/663hvx3t/+3W9vffqvd3r9pgr4PafPvtf2/1rHvcVkPcbysrxjYpr7ilUhx4dnnmuUp6gqa3QrW1zpo11f8I1Isfas7drCMPd2OvbLjFwsAAAAHSLP//x/v/rrV5b7MgcuvW+f/n9o4P2Cf8v/ONQnzey4/evP16UZjdmk/Nyof8azvR0TXnnQQSmHjv6WD8jx7ulH+UT0+KM/T60Zv/wcBAOAoyPP/u5Fi9b13W+3dZf5fdpVv5//vf6+d/49tvFCf8v/THfvGyvkGKgMR1ZX5h5XzEdXlR29+cW5++sHsg9mFq6MvjA6Pjl6/NlIZbDbut7d6flcAAABwWOX5/3Ck+PuPftoan7+T9v8TGy/Up/z/TMe+/J7tRr98z196LT4AAAAcCXn+/4tI8aeL77Tm0evO/zvm/3+rPc7+0mfXewu0agf6lP+f7dhXK+4bMbRLZQcAAAAAAAAAAAAAAAAAAICDopKy+E+keLc6kMoJ/3c0/9/Mxgv1afz/uY59M7E36//1/FIBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgkMoii7lI8enza+nFfMe3I052fgIAAACH3v8CAAD//16XHzs=")
write$binfmt_script(r0, &(0x7f00000008c0), 0xfecc)
open(&(0x7f0000000140)='./file1\x00', 0x64042, 0x178)
open(&(0x7f00000003c0)='./file3\x00', 0x14507e, 0x148)
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000006ac0)='cpuacct.stat\x00', 0x275a, 0x0)
openat$incfs(0xffffffffffffff9c, &(0x7f0000000640)='.log\x00', 0xa5d, 0x1)
syz_clone(0x2000400, 0x0, 0xfffffebf, 0x0, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000340)='pids.current\x00', 0x275a, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpu.stat\x00', 0x275a, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='freezer.state\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r0, 0x0)

7.633148623s ago: executing program 4 (id=661):
r0 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000180)={0x80000000}, 0x19a)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000000)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(0xffffffffffffffff, 0x10, 0x0, 0x0)
r4 = syz_pidfd_open(0x0, 0x0)
setns(r4, 0x24020000)
r5 = syz_open_procfs$userns(r1, &(0x7f00000003c0))
mount_setattr(0xffffffffffffff9c, 0x0, 0x0, &(0x7f0000001dc0)={0x8c, 0x0, 0x20000, {r5}}, 0x20)
setns(0xffffffffffffffff, 0x24020000)
syz_mount_image$squashfs(&(0x7f0000000240), &(0x7f0000000280)='./file0\x00', 0x0, &(0x7f00000002c0), 0x1, 0x231, &(0x7f0000000000)="$eJzKKC4sZmdgYPj7sSaZgUGAAQRYGEQYLjAwMrAwMDDIM4KFGD4yQeipUPomlGaDyl+B0r5Q8XYo/de8KiKKgYExU+meGdMB8RRFRgEGHpGvpx4wJDPwxzJYzvMGKZxyVejt0v0g9V6hlZsYGNVT+BfN2TDBaSYv2FjGyChkc5gPyMziABnEwMAw+U/EvQcskgwiYLPWXArKnHJVlOOf2KmW5avMOu8zzOiYlsbAaDCLg4GBQe+I7kw7A95uJqiZxZVV2Yk5OalFxWcYUM2fzLifSZERpO7M36vBDxjtGLpjGRgZ5Db4qy3+9keqcuOm+sjpVRE1U7ubbi5dH8ewTf/vFROp9xMzwv4/OCSoZZGX/2GejNL3zQ1zPtTUPTFx7GxUnsvfevnvu/cxtcUJakyPxbsK2fgT3LRqPjk7uVk+npte3b6lWHFBVprLxGNTL/5NOL6WgWHyhSe2+jVnDsUrxnBKuVXOjbnrFi/ItUz9fN0bBoaDUZ8nMjAuZ9zPxMAwM2znHqi/2EH+Km+ARgYDMwMDgwoDAwMTAwtDWmZOqoEHAyMDM5RjyAJVBVPNxMABltBLzs9JaWdgBCcBsLblDCxwMwwfM7DCOUbIHGOLBqhJDO1QWgVKe0Dp5VD6MQMDGwNS8oIlGxawCf1QnkYDSFlFYklJkSFIOYQFFzOCixkJwG1mgto6lwnVc8eZGEbBKBgFo2AUjIJRMApGwSgYBaNgJANAAAAA//8+l7fR")

7.623199467s ago: executing program 5 (id=662):
r0 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000180)={0x80000000}, 0x19a)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000000)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(0xffffffffffffffff, 0x10, 0x0, 0x0)
r4 = syz_pidfd_open(0x0, 0x0)
setns(r4, 0x24020000)
r5 = syz_open_procfs$userns(r1, &(0x7f00000003c0))
mount_setattr(0xffffffffffffff9c, 0x0, 0x0, &(0x7f0000001dc0)={0x8c, 0x0, 0x20000, {r5}}, 0x20)
setns(0xffffffffffffffff, 0x24020000)
syz_mount_image$squashfs(&(0x7f0000000240), &(0x7f0000000280)='./file0\x00', 0x0, &(0x7f00000002c0), 0x1, 0x231, &(0x7f0000000000)="$eJzKKC4sZmdgYPj7sSaZgUGAAQRYGEQYLjAwMrAwMDDIM4KFGD4yQeipUPomlGaDyl+B0r5Q8XYo/de8KiKKgYExU+meGdMB8RRFRgEGHpGvpx4wJDPwxzJYzvMGKZxyVejt0v0g9V6hlZsYGNVT+BfN2TDBaSYv2FjGyChkc5gPyMziABnEwMAw+U/EvQcskgwiYLPWXArKnHJVlOOf2KmW5avMOu8zzOiYlsbAaDCLg4GBQe+I7kw7A95uJqiZxZVV2Yk5OalFxWcYUM2fzLifSZERpO7M36vBDxjtGLpjGRgZ5Db4qy3+9keqcuOm+sjpVRE1U7ubbi5dH8ewTf/vFROp9xMzwv4/OCSoZZGX/2GejNL3zQ1zPtTUPTFx7GxUnsvfevnvu/cxtcUJakyPxbsK2fgT3LRqPjk7uVk+npte3b6lWHFBVprLxGNTL/5NOL6WgWHyhSe2+jVnDsUrxnBKuVXOjbnrFi/ItUz9fN0bBoaDUZ8nMjAuZ9zPxMAwM2znHqi/2EH+Km+ARgYDMwMDgwoDAwMTAwtDWmZOqoEHAyMDM5RjyAJVBVPNxMABltBLzs9JaWdgBCcBsLblDCxwMwwfM7DCOUbIHGOLBqhJDO1QWgVKe0Dp5VD6MQMDGwNS8oIlGxawCf1QnkYDSFlFYklJkSFIOYQFFzOCixkJwG1mgto6lwnVc8eZGEbBKBgFo2AUjIJRMApGwSgYBaNgJANAAAAA//8+l7fR")

6.347022874s ago: executing program 4 (id=663):
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe)
r0 = open(&(0x7f00000001c0)='./file1\x00', 0x169a7e, 0x68)
fallocate(r0, 0x0, 0x9b1, 0x1001ed)
r1 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000080), 0x129202, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r1, 0xc0045005, &(0x7f0000000140)=0x2000)
ppoll(&(0x7f00000003c0)=[{r1, 0x20}], 0x1, 0x0, 0x0, 0x0)
mmap$dsp(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x100000f, 0x11, r1, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r1, 0xc0045005, &(0x7f0000000000)=0x4000)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
r2 = socket(0xa, 0x1, 0x0)
setsockopt$sock_int(r2, 0x1, 0xf, &(0x7f0000000040)=0x9, 0x4)
bind$inet6(r2, &(0x7f0000000140)={0xa, 0xe64, 0xb, @empty, 0x8}, 0x1c)
r3 = socket(0xa, 0x1, 0x0)
setsockopt$sock_int(r3, 0x1, 0xf, &(0x7f0000000040)=0x9, 0x4)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0xe64, 0x4, @empty, 0x82}, 0x1c)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x1, 0x0, 0x0, 0x3)

5.538663246s ago: executing program 5 (id=664):
r0 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
writev(r0, &(0x7f0000000280)=[{&(0x7f0000000180)="e9", 0x1}], 0x1)
landlock_create_ruleset(&(0x7f0000000140)={0x2c8d, 0x3, 0xae4dca4475240a2a}, 0x1b, 0x0)
ioctl$VIDIOC_LOG_STATUS(r0, 0x5646, 0x0)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f0000000080)={[{@i_version}, {@nogrpid}, {@bh}]}, 0x1, 0x51d, &(0x7f0000000200)="$eJzs3c9vHFcdAPDvTLK2k7h1WnoABG1oCwFFWceb1qp6gHJCCFVC9AhSauyNZXnXa3nXpTaRcM9ckajECY78AZx74s4FwY1LOSDxwwLVSBwGzezY2di79uaHvZb385FG89688X7fizPvzbxd7wtgbN2IiJ2ImIiI9yNipjyelFu8093y8z7bfbC4t/tgMYkse++fSVGeH4uen8ldK19zKiJ+8J2IHydH47a3tlcXGo36Rpmf7TTXZ9tb27dXmgvL9eX6Wq02Pzd/5627b9YeozVTx5a+0pwoU1/+9A873/hpXq3p8khvO56lbtMrB3FylyPie6cRbAQule2ZGHVFeCJpRLwYEa8W1/9MXCp+mwDARZZlM5HN9OYBgIsuLebAkrRazgVMR5pWq905vJfiatpotTu37rc215a6c2XXo5LeX2nU75RzhdejkuT5uSL9MF87lL8bES9ExC8mrxT56mKrsTTKGx8AGGPXDo3//5nsjv8AwAV3/MdmAICLyPgPAOPH+A8A48f4DwDjpzv+X3ncH8uy7GenUR0A4Ax4/geA8WP8B4Cx8v133823bK/8/uulD7Y2V1sf3F6qt1erzc3F6mJrY7263GotF9/Z0zzp9Rqt1vrcG7H54fVvrrc7s+2t7XvN1uZa517xvd736pXirJ0zaBkAMMgLr3zy5yQfkd++UmzRs5ZDZaQ1A05bOuoKACNzadQVAEbGal8wvh4+4z/2hwBMD8AF0WeJ3kdM9fsDoSzLstOrEnDKbn7B/D+Mq575f58ChjFz0vx/sTawNwnhQjL/D+Mry5Jh1/yPYU8EAM63Y+b4r5/lfQgwOgPe/3+x3P+2fHPgR0uHz/j4NGsFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA59v++r/Vcpnf6UjTajXiuWIBoEpyf6VRvxMRz0fEnyYrk3l+bsR1BgCeVvq3pFz/6+bM69OPFL187SA5ERE/+dV7v/xwodPZ+GPERPKvyf3jnY/L47UTg02dRgsAgOPtj9PFvudB/rPdB4v721nW5+/f7t4V5HH3didi7yD+5bhc7KeiEhFX/52U+a6kZ+7iaex8FBGf79f+JKaLOZDuLcvh+Hns5840fvpI/LRcoDkt/y0+9wzqAuPmk7z/eaff9ZfGjWLf//qfKnqop1f2f/lLLe4VfeDD+Pv936UB/d+NYWO88fvvdlNXjpZ9FPHFyxH7sfd6+p/9+MmA+K8PGf8vX3r51UFl2a8jbkb/+L2xZjvN9dn21vbtlebCcn25vlarzc/N33nr7pu12WKOenbwaPCPt289P6gsb//VAfGnTmj/V4ds/2/+9/4Pv3JM/K+/1i9+Gi8dEz8fE782ZPyFq78b+Nydx1862v5kmN//rSHjf/rX7SPLhgMAo9Pe2l5daDTqGxIS5z+R/5c9B9Xom/jWWcWaiP5FP3+te00fKsqyJ4o1qMd4FrNuwHlwcNFHxH9HXRkAAAAAAAAAAAAAAKCvs/iLpVG3EQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIvr/wEAAP//Rb3T2A==")
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000780)='./file0\x00', 0x0, &(0x7f00000035c0)=ANY=[@ANYBLOB="73686f72746e656d653d77696e6e742c73686f72746e616d653d77696e39352c636f6465706167653d313235352c73686f72746e616d653d77696e6e742c73686f72746e616d653d6c6f7765722c73686f72746e616d653d6d697865642c756e695f786c6174653d312c636865636b3d7374726963742c73686f72746e616d653d77696e6e742c696f636861727365743d757466382c6c323fc933b5d8a4c5ad95ae28327e7f5587b43b14ba9b38c69b0f707ac798420971453b49a49f8855b7af99369508e2372b84ea0cc935deacb52b348793ae9cb256"], 0x1, 0x232, &(0x7f0000000ac0)="$eJzs3TFrU10YB/Anbfq2FF7SQSgVwSsuTqGtuFdEQSgoSAY3i21RmliwUGiH1k5+Cf0KOroKDuLqFxBBquBitw5CpL1Nm8akiWDuLfX3mx5yn3/OOTchhww5eXChtjS/vLK4s7MdIyOFKM7ETOwWYiwGYjBSzwIAOEt26/X4UU/lPRcAIBv2fwD49/S4/9/NcEoAQJ/1/P1/ILMpAQB9du9+vZBWyUhE7flqZbUSUdtqXL++GI+jGgsxGaX4GVE/lNa3bs/enEz2fB2LSm3zIL+5Whk8np+K0sRY+/xUkjqeH4rRg/yn0ViI6SjFufb56bb5/+LK5abxy1GKjw9jOaoxH3vZo/zGVJLcuDPbkh/e7/vNcFavDAAAAAAAAAAAAAAAAAAAAAAAZ1k5OdT2/J5yudP1NJ+er1OM7ucDtZ7PU4zzxXzXDgAAAAAAAAAAAAAAAAAAAKfFytr60ly1uvD0pOLJh1fvuvXsF41n7dxTOOjoPmi/i/8vfXnRuWfrT+7P3y3eXszztvRYvN9+NHF1ZfzaaZnP2vrS0Elvre+liD6N/jrTlW61PNJYdXNPoV18/OXM3JuNz996HSvbzyEAAAAAAAAAAAAAAAAAAKD59+15zwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8nP0//8diihGdOvpUuS9RgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+BUAAP//aAmY9w==")
syz_mount_image$tmpfs(&(0x7f0000000040), &(0x7f0000000100)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x206420, 0x0, 0x7, 0x0, &(0x7f0000006380))
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x110)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x105042, 0x0)
read(r2, &(0x7f0000001400)=""/4096, 0x1000)
fallocate(r1, 0x3, 0x46c, 0x8008c61)
r3 = memfd_create(&(0x7f0000000000)='+][)-%\x00', 0x1)
r4 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f00000003c0), 0x1, 0x0)
write$binfmt_register(r4, &(0x7f0000000400)={0x3a, 'syz1', 0x3a, 'M', 0x3a, 0xf700000000000000, 0x3a, 'netdevsim', 0x3a, 'netdevsim', 0x3a, './file0'}, 0x39)
sendfile(r3, r3, 0x0, 0x0)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x103)
r5 = syz_open_procfs(0x0, &(0x7f0000000240)='net/snmp6\x00')
read$FUSE(r5, &(0x7f00000004c0)={0x2020}, 0x2020)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000980), 0x2, 0x0)
r6 = syz_mount_image$ext4(&(0x7f00000001c0)='ext4\x00', &(0x7f0000003540)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x87c, &(0x7f0000000040)={[{@grpid}, {@init_itable}, {@journal_dev={'journal_dev', 0x3d, 0x2}}]}, 0x3, 0x47b, &(0x7f0000000bc0)="$eJzs3M1vFOUfAPDvTLvl11/RVsQ38KWKRmK0pYDKwYMaTTxgYqIHPW7aSpCChtZESBOLBzwZY+LdePRf8KQXYzyZeNW7ISGGi+BpzezObHe7L7S4wwL7+SQL32dmdp/nu888u8+8bAMYWbPZP0nE7oj4PSKmG8X2DWYb/129sr547cr6YhK12tt/JfXt/r6yvlhsWjxvqrUQSezvUu/qufOnqisry2fz8vza6Y/mV8+df+7k6eqJ5RPLZw4fO3b0yMKLLxx+fiB5TkWaR2+899Wbx79oy39LHgMy22/lU7XagKsbrrta4vEhtoOdGcv7q1If/9Mx1tJ70/H6Z83Cp0NqIFCaWq1Wm+q9eqMG3MGSaC8b8jAqii/64vi323Hwy6XNPobv8iuNA6As76v5o7FmvHnGoLLl+HaQZiPi3Y1/vskeUc55CACANj9k859ns9nO+mI299icf6Rxf8t2d+fXhmYi4p6I2BMR98aZ2BsR90XUt30gIh7cYf0tF0nq08zO+U966YaT24Zs/vdSfm2rff5XzP5iZqxeOtcoRCV5/+TK8qH8PTkYlV1ZeaFPHT++9tuXvda1zv+yR1Z/MRfM23FpfFf7c5aqa9Ubz7jd5QsR+8a75Z80rwQkEfFQROzr9gLp9es4+cx3D/da1zP/yjYaP4ALTbVvI55u9P9GbMm/kPS/Pjn/v1hZPjRf7BWdfvn14lu96r9+/5cr6///d93/m/nPJK3Xa1d3XsfFPz7veUwzW/TzDvb/jepadSJ5px5P5Ms+qa6tnV2ImEiONxrduvzw5nOLcrF9lv/BA93H/57YfCf2R0S2Ez8SEY9GxGN53z0eEU9ExIE++f/86pMfbF02WeR/C/T/0o76fzOYiPYlaZdtsmDs1E/ft1U6sxnm+V/r//l3tB4dzJds5/OvsxXdg//6/gEAAMDtII2I3ZGkc804TefmGvfw743mWbiPzyw1fiMwE5W0ONM13XI+dCE/rG+UL0RE49aCYv2RSOvnjb8em6yX5xY/XFkaaubAVI/xn/lzbNitA0rnB1swuox/GF19x3/PG3EcHcCdoGP89735blepbQFuri7f/5PDaAdw83Wb/3f+vR/f+3An2jL+HdjDCHH+H0aX8Q+jy/iHkbQ6Gaeqk9v9tXy3oHilG3z69YLpiCjnlUsOonJLNKO0INLSq5god9cqLUhuwzZ3BMP7TAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABikfwMAAP//TfbN6A==")
open_tree(0xffffffffffffffff, &(0x7f00000003c0)='./bus/file0\x00', 0x8000)
syz_usb_connect(0x0, 0x36, &(0x7f00000005c0)=ANY=[@ANYBLOB="1201100153a42908f00a717206823e02030109022451d3060000000904020002ffdeff0009050b0000000000000905065245"], 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
statx(r6, &(0x7f00000002c0)='./bus/file0\x00', 0x400, 0x200, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, <r7=>0x0})
ioctl$IOCTL_VMCI_CTX_GET_CPT_STATE(r5, 0x7b1, 0x0)
mount$9p_rdma(&(0x7f0000000140), &(0x7f0000000200)='./bus/file0/file0\x00', &(0x7f0000000240), 0x2001406, &(0x7f0000000600)=ANY=[@ANYBLOB='trans=rdma,port=0x0000000000004e20,rq=0x0000000000000007,rq=0x0000000000007fff,cache=readahead,rq=0x0000000000007fff,rq=0x0000000000000008,rq=0x0000000000000008,uid<', @ANYRESDEC=r7, @ANYBLOB=',fsfined_u,obj_user=/dev/fuse\x00,defcontext=unconfined_u,pcr=00000000000000000032,appraise,\x00'])
mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000180)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
r8 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r8)

5.397024015s ago: executing program 2 (id=665):
r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f0000000100))
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r3 = dup3(r2, r1, 0x0)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r4, 0x0)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000fc0)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, 0x18, &(0x7f0000000300)={@flat=@weak_binder={0x77622a85, 0x100a, 0x8000000000}, @flat=@weak_binder={0x77622a85, 0x1100, 0x3}}, &(0x7f0000000200)={0x0, 0x18, 0x30}}}], 0x0, 0x0, 0x0})
read$FUSE(r0, &(0x7f0000004800)={0x2020}, 0x2020)

5.01650431s ago: executing program 2 (id=666):
syz_mount_image$bfs(&(0x7f0000000000), &(0x7f0000000240)='./bus\x00', 0x8008, &(0x7f0000000100)=ANY=[@ANYRES64=0x0], 0xf, 0xab, &(0x7f0000010140)="$eJzs1zGKwkAYBeB/s7CbdptFsLBO4x08ilhqI1aK4A3Ei3gVj5DewiKtiCOYiIidRQT5vmLgzWPgtbM7brubIiKtIlLRme7T3Wy+GA8n9Rl8pCwifiMij4jeX50Pg7r7avqyWo7K6vv58c+69b0AAMDrsug/5nNqLk7NL/Aa/m993vI+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgHe7BAAA//+dfyiL")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.current\x00', 0x275a, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file2\x00', 0x143042, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='rdma.current\x00', 0x275a, 0x0)

4.860444438s ago: executing program 1 (id=667):
syz_mount_image$bfs(&(0x7f0000000000), &(0x7f0000000240)='./bus\x00', 0x8008, &(0x7f0000000100)=ANY=[@ANYRES64=0x0], 0xf, 0xab, &(0x7f0000010140)="$eJzs1zGKwkAYBeB/s7CbdptFsLBO4x08ilhqI1aK4A3Ei3gVj5DewiKtiCOYiIidRQT5vmLgzWPgtbM7brubIiKtIlLRme7T3Wy+GA8n9Rl8pCwifiMij4jeX50Pg7r7avqyWo7K6vv58c+69b0AAMDrsug/5nNqLk7NL/Aa/m993vI+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgHe7BAAA//+dfyiL")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.current\x00', 0x275a, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file2\x00', 0x143042, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='rdma.current\x00', 0x275a, 0x0)
mknodat(0xffffffffffffff9c, &(0x7f0000000140)='./file4\x00', 0x40, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file7\x00', 0x105042, 0x1ff)
linkat(0xffffffffffffff9c, &(0x7f0000000000)='./file4\x00', 0xffffffffffffff9c, &(0x7f00000006c0)='./file5\x00', 0x0)
syz_mount_image$udf(&(0x7f0000000000), &(0x7f0000000080)='./bus\x00', 0x1000000, &(0x7f0000000040)=ANY=[@ANYBLOB='\x00'], 0x2, 0x58a, &(0x7f0000000740)="$eJzs3c1rXWkZAPDnPc1NbzrtzJ22ttaOckHBMmJJ006qpjjWyQSE4oRp04UrY5N2wtwkJclIOgzahejG/8HVbBRkQN0ILnTrQnciA67ErVEGBhRHOSfnfiUZk5mbm4/m94PknnvOcz7eAwk872cAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABFff/nm8JW0308BAAAA9NM3b786PCL/BwAAgCfaHe3/AAAAAAAAAHDYpcjih5Fi9dRaOll8X1e9NbfwxurU+MTWpw2l4sxjRXz+U70ycvXaC6PXv9T8/P/n77YL8crtOzfrLy3OP1yaXV6enalPLczdW5yZ3fEVej1/o+eLF1Cff/2Nmfv3l+sjl692HV6t/e34U+dqY19++eytZuzU+MTE7Y6YgcrHvvsmengAAAAcbYORxbVIcefiz9OpiMii91x4m7qDfhuKWp5/F4WYGp8oCtKYm15YyQ9ONhPhWndOPNjMkfcgF+9JLeJ0/qyDMnoAAAB2rhJZfCZSXPhgLT0dEceaefAXiokBt79AbQ8ecgsDEXEmIi7FIcjZAQAAYJ8djyxejRS/adTimTKvLvL/r0WM7ffDAQAAALtiILK4HineG1tLtaI/QEQ8PzU+Ub91t/6NhfuLHbGTqWxRP+zjA/aSvgkAAAAcANXI4lTR4r+Wnv2QmIE9fiYAAABgdw1FFv+KFJ9/8bvFvHJRzEv/zNhXTt6Y6Jxh7vw218ljL0fExR2Oya+Ucw1OpsmUsk1Xe7wrhQMAAAAK1ZTFXyPF+3+uFt8vlbl50ugPAAAAT46UxQ8ixVcn11LasC79sY71/VsO+9j//j7/UPWlxYePluYevLay5fET1ZvfWV5Zmr639eH1tQu7ukNst44hAAAA7EAlZfHPSPH7xjutvLNcA6DsAdBONN++0c5Nq2nD0aLe4Omi3qA1huCpkZHO7S1T1o8wP16tvO+x3osNAAAAR0pKWQxGis/97pPl2v8nYlMbdBn3h0hxY/G5Mi4bzOOawwRqxe/q/bnG7HAeOx4pftloxkYRe7yMPdOOvZLH/ja/7nR3bLWMPduOHcljP4gUry1tHfuJduzVPHYpUvzsJ/Vm7Ik89mQZe64de/neYmOmby8YAAAADoBKyuJXkeLH/663hvx3t/+3W9vffqvd3r9pgr4PafPvtf2/1rHvcVkPcbysrxjYpr7ilUhx4dnnmuUp6gqa3QrW1zpo11f8I1Isfas7drCMPd2OvbLjFwsAAAAHSLP//x/v/rrV5b7MgcuvW+f/n9o4P2Cf8v/ONQnzey4/evP16UZjdmk/Nyof8azvR0TXnnQQSmHjv6WD8jx7ulH+UT0+KM/T60Zv/wcBAOAoyPP/u5Fi9b13W+3dZf5fdpVv5//vf6+d/49tvFCf8v/THfvGyvkGKgMR1ZX5h5XzEdXlR29+cW5++sHsg9mFq6MvjA6Pjl6/NlIZbDbut7d6flcAAABwWOX5/3Ck+PuPftoan7+T9v8TGy/Up/z/TMe+/J7tRr98z196LT4AAAAcCXn+/4tI8aeL77Tm0evO/zvm/3+rPc7+0mfXewu0agf6lP+f7dhXK+4bMbRLZQcAAAAAAAAAAAAAAAAAAICDopKy+E+keLc6kMoJ/3c0/9/Mxgv1afz/uY59M7E36//1/FIBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgkMoii7lI8enza+nFfMe3I052fgIAAACH3v8CAAD//16XHzs=")
write$binfmt_script(r0, &(0x7f00000008c0), 0xfecc)
open(&(0x7f0000000140)='./file1\x00', 0x64042, 0x178)
open(&(0x7f00000003c0)='./file3\x00', 0x14507e, 0x148)
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000006ac0)='cpuacct.stat\x00', 0x275a, 0x0)
openat$incfs(0xffffffffffffff9c, &(0x7f0000000640)='.log\x00', 0xa5d, 0x1)
syz_clone(0x2000400, 0x0, 0xfffffebf, 0x0, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000340)='pids.current\x00', 0x275a, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpu.stat\x00', 0x275a, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='freezer.state\x00', 0x275a, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_service_time_recursive\x00', 0x275a, 0x0)

4.745887588s ago: executing program 6 (id=668):
r0 = landlock_create_ruleset(&(0x7f0000000040)={0x4000, 0x3}, 0x18, 0x0)
landlock_restrict_self(r0, 0x0)
landlock_restrict_self(r0, 0x0)
landlock_restrict_self(r0, 0x0)
r1 = landlock_create_ruleset(&(0x7f0000000040)={0x2, 0x3, 0x3}, 0x18, 0x0)
landlock_restrict_self(r1, 0x7)
landlock_restrict_self(r0, 0x3)
landlock_restrict_self(r1, 0x9)
landlock_restrict_self(r0, 0x5)
landlock_restrict_self(r0, 0x0)
landlock_restrict_self(r0, 0xa)
landlock_restrict_self(r1, 0x1)
landlock_restrict_self(r0, 0x6)
landlock_restrict_self(r1, 0x5)
landlock_restrict_self(r0, 0xe)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000280), 0x2, 0x0)

4.491185209s ago: executing program 2 (id=669):
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe)
fallocate(0xffffffffffffffff, 0x0, 0x9b1, 0x1001ed)
ioctl$UFFDIO_COPY(0xffffffffffffffff, 0xc028aa03, &(0x7f0000000000)={&(0x7f0000532000/0x3000)=nil, &(0x7f0000593000/0x4000)=nil, 0x3000, 0x1})
r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000080), 0x129202, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r0, 0xc0045005, &(0x7f0000000140)=0x2000)
ppoll(&(0x7f00000003c0)=[{r0, 0x20}], 0x1, 0x0, 0x0, 0x0)
mmap$dsp(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x100000f, 0x11, r0, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r0, 0xc0045005, &(0x7f0000000000)=0x4000)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
r1 = socket(0xa, 0x1, 0x0)
setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f0000000040)=0x9, 0x4)
bind$inet6(r1, &(0x7f0000000140)={0xa, 0xe64, 0xb, @empty, 0x8}, 0x1c)
r2 = socket(0xa, 0x1, 0x0)
setsockopt$sock_int(r2, 0x1, 0xf, &(0x7f0000000040)=0x9, 0x4)
bind$inet6(r2, &(0x7f0000000000)={0xa, 0xe64, 0x4, @empty, 0x82}, 0x1c)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x1, 0x0, 0x0, 0x3)

4.315414203s ago: executing program 6 (id=670):
r0 = socket$igmp(0x2, 0x3, 0x2)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r1, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x6a, 0x4)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
bind$inet(r1, &(0x7f0000001c00)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r1, &(0x7f0000001bc0)={0x2, 0x4e23, @loopback}, 0x10)
sendto$inet(r1, &(0x7f00000002c0)="01a4acc7cf28ab9f6c7fc745c30bfc165466072a660bbf56352083db9d40454a67f8010000004bd29585885c89773ca3ba28a1e85ffe2a9220e0ecd440e345b745bf2146835ad015c801f95be5b890e44fb3dfbe8e88a1e5176e584c970207f23b0073ca5375abddf56331be396eaa2398ea66b93a74fd4147e826abed1b5d1de578682288c19ac23c1ccc1cdd936d2571c3510b0000000000000000000000000000000000f32bb3874c926a8944caa4677d2eae3bc831e748000000", 0xfffffffffffffe88, 0x5e, 0x0, 0x0)
setsockopt$MRT_FLUSH(r0, 0x0, 0xd4, &(0x7f0000002600)=0x2, 0x4)

4.046479598s ago: executing program 4 (id=671):
syz_mount_image$bfs(&(0x7f0000000000), &(0x7f0000000240)='./bus\x00', 0x8008, &(0x7f0000000100)=ANY=[@ANYRES64=0x0], 0xf, 0xab, &(0x7f0000010140)="$eJzs1zGKwkAYBeB/s7CbdptFsLBO4x08ilhqI1aK4A3Ei3gVj5DewiKtiCOYiIidRQT5vmLgzWPgtbM7brubIiKtIlLRme7T3Wy+GA8n9Rl8pCwifiMij4jeX50Pg7r7avqyWo7K6vv58c+69b0AAMDrsug/5nNqLk7NL/Aa/m993vI+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgHe7BAAA//+dfyiL")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.current\x00', 0x275a, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file2\x00', 0x143042, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='rdma.current\x00', 0x275a, 0x0)
mknodat(0xffffffffffffff9c, &(0x7f0000000140)='./file4\x00', 0x40, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file7\x00', 0x105042, 0x1ff)
linkat(0xffffffffffffff9c, &(0x7f0000000000)='./file4\x00', 0xffffffffffffff9c, &(0x7f00000006c0)='./file5\x00', 0x0)
syz_mount_image$udf(&(0x7f0000000000), &(0x7f0000000080)='./bus\x00', 0x1000000, &(0x7f0000000040)=ANY=[@ANYBLOB='\x00'], 0x2, 0x58a, &(0x7f0000000740)="$eJzs3c1rXWkZAPDnPc1NbzrtzJ22ttaOckHBMmJJ006qpjjWyQSE4oRp04UrY5N2wtwkJclIOgzahejG/8HVbBRkQN0ILnTrQnciA67ErVEGBhRHOSfnfiUZk5mbm4/m94PknnvOcz7eAwk872cAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABFff/nm8JW0308BAAAA9NM3b786PCL/BwAAgCfaHe3/AAAAAAAAAHDYpcjih5Fi9dRaOll8X1e9NbfwxurU+MTWpw2l4sxjRXz+U70ycvXaC6PXv9T8/P/n77YL8crtOzfrLy3OP1yaXV6enalPLczdW5yZ3fEVej1/o+eLF1Cff/2Nmfv3l+sjl692HV6t/e34U+dqY19++eytZuzU+MTE7Y6YgcrHvvsmengAAAAcbYORxbVIcefiz9OpiMii91x4m7qDfhuKWp5/F4WYGp8oCtKYm15YyQ9ONhPhWndOPNjMkfcgF+9JLeJ0/qyDMnoAAAB2rhJZfCZSXPhgLT0dEceaefAXiokBt79AbQ8ecgsDEXEmIi7FIcjZAQAAYJ8djyxejRS/adTimTKvLvL/r0WM7ffDAQAAALtiILK4HineG1tLtaI/QEQ8PzU+Ub91t/6NhfuLHbGTqWxRP+zjA/aSvgkAAAAcANXI4lTR4r+Wnv2QmIE9fiYAAABgdw1FFv+KFJ9/8bvFvHJRzEv/zNhXTt6Y6Jxh7vw218ljL0fExR2Oya+Ucw1OpsmUsk1Xe7wrhQMAAAAK1ZTFXyPF+3+uFt8vlbl50ugPAAAAT46UxQ8ixVcn11LasC79sY71/VsO+9j//j7/UPWlxYePluYevLay5fET1ZvfWV5Zmr639eH1tQu7ukNst44hAAAA7EAlZfHPSPH7xjutvLNcA6DsAdBONN++0c5Nq2nD0aLe4Omi3qA1huCpkZHO7S1T1o8wP16tvO+x3osNAAAAR0pKWQxGis/97pPl2v8nYlMbdBn3h0hxY/G5Mi4bzOOawwRqxe/q/bnG7HAeOx4pftloxkYRe7yMPdOOvZLH/ja/7nR3bLWMPduOHcljP4gUry1tHfuJduzVPHYpUvzsJ/Vm7Ik89mQZe64de/neYmOmby8YAAAADoBKyuJXkeLH/663hvx3t/+3W9vffqvd3r9pgr4PafPvtf2/1rHvcVkPcbysrxjYpr7ilUhx4dnnmuUp6gqa3QrW1zpo11f8I1Isfas7drCMPd2OvbLjFwsAAAAHSLP//x/v/rrV5b7MgcuvW+f/n9o4P2Cf8v/ONQnzey4/evP16UZjdmk/Nyof8azvR0TXnnQQSmHjv6WD8jx7ulH+UT0+KM/T60Zv/wcBAOAoyPP/u5Fi9b13W+3dZf5fdpVv5//vf6+d/49tvFCf8v/THfvGyvkGKgMR1ZX5h5XzEdXlR29+cW5++sHsg9mFq6MvjA6Pjl6/NlIZbDbut7d6flcAAABwWOX5/3Ck+PuPftoan7+T9v8TGy/Up/z/TMe+/J7tRr98z196LT4AAAAcCXn+/4tI8aeL77Tm0evO/zvm/3+rPc7+0mfXewu0agf6lP+f7dhXK+4bMbRLZQcAAAAAAAAAAAAAAAAAAICDopKy+E+keLc6kMoJ/3c0/9/Mxgv1afz/uY59M7E36//1/FIBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgkMoii7lI8enza+nFfMe3I052fgIAAACH3v8CAAD//16XHzs=")
write$binfmt_script(r0, &(0x7f00000008c0), 0xfecc)
open(&(0x7f0000000140)='./file1\x00', 0x64042, 0x178)
open(&(0x7f00000003c0)='./file3\x00', 0x14507e, 0x148)
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000006ac0)='cpuacct.stat\x00', 0x275a, 0x0)
openat$incfs(0xffffffffffffff9c, &(0x7f0000000640)='.log\x00', 0xa5d, 0x1)
syz_clone(0x2000400, 0x0, 0xfffffebf, 0x0, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000340)='pids.current\x00', 0x275a, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpu.stat\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_service_time_recursive\x00', 0x275a, 0x0)

3.162199093s ago: executing program 1 (id=672):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x8, &(0x7f00000004c0)=ANY=[], &(0x7f0000000240)='GPL\x00', 0xa, 0x0, 0x0, 0x41100, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
r0 = socket$alg(0x26, 0x5, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000003c0)={0xfff, 0x4000000007}, 0x0)
io_setup(0x8, &(0x7f0000000600))
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_mount_image$jfs(&(0x7f0000000000), &(0x7f0000000080)='./file1\x00', 0x4000, &(0x7f0000000340)=ANY=[], 0x3, 0x60c0, &(0x7f000000d800)="$eJzs3U1vHVf9B/DfffC147RpVP1V5R+xcFMeWkrznEB5asqCBSxAQl2TyHWrlBRQEhCtIuLKC8QGeAmw6YZFJV4BL6CvASGxJVLSVReUQWOf44xvrn3tJp659vl8pJuZ35w7vmfyveOZ65m5EwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA/OD7PznXi4irv04Tjkc8FYOIfsSRul6KeuRKfv4wIk7EenM8FxGD+Yh6/vV/nom4GBEfH4u4/+DOcj35/C77cens7Zuf/fB7//jdH9dOvPPmTz8cb//x/1346Pd3I47/6NWPPrv7ZJYdAAAASlFVVdVLH/NPps/3/a47BQC0Im//qyRPV6vVavUTrf/Q38vznzradX/Vh7Ruqia72ywiYrU5T73P4HA8ABwwq/Fp112gQ/Iv2jAijnbdCWCm9bruAPvi/oM7y72Ub6+5PVjaaM9/p9yS/2pv8/qO7YbTjJ9j0tb7ay0G8ew2/TnSUh9mSc6/P57/1Y32UXrefufflu3yH21c+lScnP9gPP8xW/L/U0Qc2Pz7E/MvVc5/uJf8VwcHeP2XPwAAAAAAh1/++//xjo//zj/+ouzKTsd/l1rqAwAAAAAAAAA8aY97/79N7v8HAAAAM6v+rF7787GH07b7LrZ6+hu9iKfHng8UZqnx5YAAAAAAAAAAAAAAQDuGEYvpvP65iHh6cbGqqvrRNF7v1ePOf9CVvvxQsq5/yQMAwIaPj41dy9+LWIiIN9J3/c0tLi5W1VxELFZH5vP+7Gh+oTrS+Fybh/W0+dEudoiHo6r+YQuN+ZqmfV6e1j7+8+rXGlWDXXSsHR0GDgARsbE1um+LdMhU1TPR9V4OB4P1//Cx/rMbXb9PAQAAgP1XVVXVS1/nfTId8+933SkAoBV5+z9+XECtVquLqT/ZmDgz/VGr97Fuqia72ywiYrU5T73P4Hb8AHDArManXXeBDsm/aMOIONF1J4CZ1uu6A+yL+w/uLPdSvr3m9mBpoz2fC7Il/9Xe+nx5/knDacbPMWnr/bUWg3h2m/4811IfZknOvz+e/9WN9nyL/818FvYn/7Zsl3+9nMc76E/Xcv6D8fzH7Pf635a16E/Mv1Q5/+Ge8h/IHwAAAAAAZlj++/9xx3/zIgMAAAAAAADAgXP/wZ3lfN1rPv7/hQnP6zXHXP95aOT8e7vO3/W/h0nOvz+e/9gJOYPG+L3XH+b/yYM7yx/e/vf/5+HM5z83GNWvPdfrD4bpnJ9q7q24HjdiJc4+8vzhlvZzj7TPbWk/P6X9wiPto7r9SG4/Hcvxi7gRb262z085MWphSns1pT3nP7D+FynnP2w86vwXU3tvbFi790H/kfW+OZz0Olf++p8vP7p2tWG4pVqLweayNRyr/znVWp8eWv8/OTqKX91auXn6N9du3755LtJgy9TzkQZPWM5/Lj1y/i++sNGef+8319d7H4z2nP+sWIvhpPzX398vNMbr5X2p5b51Iec/So+cf94CTV7/D3L+E9f/9eV7uYP+AAAAAAAAAAAAAAAAwE6qqlq/RPRKRFxO1/90dW0mANCuvP2vkjxdre6g/tffZqs/arVavbXuzVh/PkfdVE32WrOIiL8356n3GX476YcBALPsvxHxz647QWfkX7D8fX/18ItddwZo1a333v/ZtRs3Vm7e6ronAAAAAAAAAMDnle//udS4//P6eUBj943ecv/X12PpwN7/sz8arN/rPC3Q87Hz/b9Pxc73/x5Oeb25Ke2jKe3zU9oXprRPvNCjIef/fMo4538yLVhJ9399sYP+dC3nfyrd6znn/5Wx5zXzr/5ykPPvb8n/zO13f3nm1nvvv3L93Wtvr7y98vNzZy9fvHDp4oVLl868df3GytmNfzvs8f7K+ed7XzsPtCw5/5y5/MuS8/9SquVflpT/5m6o/MuS1/+8vyf/suT882cf+Zcl5/9SquVflpz/V1Mt/7Lk/F9OtfzLkvP/WqrlX5ac/yupln9Zcv6nUy3/suT8z6Ra/mXJ+ecjXPIvS84/n9kg/7Lk/M+nWv5lyflfSLX8y5Lzv5hq+Zcl538p1fIvS87/cqrlX5ac/9dTLf+y5Py/kWr5lyXn/2qq5V+WnP83Uy3/suT8v5Vq+Zcl5//tVO+U/zst9ot25Py/k2rrf1ly/t9NtfzLkvN/LdXyL8vD7/83sueRxdnoRpsjVRUxA90wsu8jXf9mAgAAAAAAAAAAAADGtXE6cdfLCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwP/YgQMBAAAAACD/10aoqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwg4cCAAAAAAA+b82QlVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVRX27jVGrrO+H/izV6+TQPwnIYQQiO1cMGST3fUtMcFgrv809JIGQksLdYy9dgy+1buGBKFmaWgLAqmR2hf0RSkgQEhtlahCKpUoilSk9k1VXhVFlVArIdWVoDIRVKICtjpznufZmdnZmV3vrj1zzueD4p+9M2fmmTNnZve76DsHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABotuNts380FEIo/mv8sS2E64q/bw2Hin8u7L/aKwQAAADW6+eNP//q+vyFQ6vYqOk6//iaf/n64uLiYvjgixd/8SeLi/mC7SGMbAmhcVnyTz/9yWLzdaKnw8TQcNO/h3vc/UiPy0d7XD7W4/LxHpdv6XH5RI/Ll+2AZbaWv49p3Ngdjb9uK3dpuDGMNS67o8NWTw9tGR5Ov8tpGGpsszh2PJwMp8JsmF62zVDjfyF8c0dxXw+GdF/DTfd1awjh0o8+fjStYSju4ztCy501ND93P3xL2P7ijz5+9KvzP3hlp9lzNyxbaQi7dhbr/GQIS7+uCkNhS94naZ3DTeu8tcM6R1rWOdTYrvh7+zovrXKd6XFPxHV+p8s6b41fe+L2EMJCWPE67Z4Ow+GatnvN+3uiPCKK2yieypeF0TUdJztWcZwU23z/9tbjpP2YTPt/R9wnoyusofnp+OEnxpft98s9TopH3Q/HanHbDxd3OjHR/KvVlmO1uM7H71z5GOj43HU4BvKx3HQM7Ox1DAyPjzSOgeGlNe9sOQZmlm0zHIYa93Xxzu7HwNT86XNTc09+7J6Tp4+cmD0xe2Zmev/ePfv27tm3b+r4yVOz0+Wfa9ulA+SaMJyPwZ3xvSYdg69tu27zIbn4xY17HUz0yeugeOzvuatY0HXDYYVjvLjOJ3et/3WQv+83vQ5Gm14HHd9TO7wORlfxOiiuc2nX6r5njjb912kNm/VeuK3pGLia3w+L+3z/61Z+L7w1rutTr1/r98ORZcdAelhD8bVXfCX/vDdxf9wvy4+LW4oLrh0PF+Zmz9/7xJH5+fMzIY4r4oam56r9eLmm6TGFZcfL8JqPl0N/+bO7bunw9W1xX03cvfRcjXd4Horr7J3s/lw13t0778+Wr+4OcWywK70/O303K/ZnzhJdjv3iOp+8Z/0/C+Zc0vT+N9br/W9kbLR8/xvJe2Os5f1v+VMz0lhZCJfuWd3731j870q//93YJ+9/xb56/73dj4HiOp+aWusxMNr1/e/2OIfiel4XE8NEU+7/RePyhfIwbXouex43o6Nj8bgZTffYetzsWbZNcWvFfe+avrzjZtftrc9Vy88tFTxuin31p9Pdj5viOs/PrP+9Y2v6a9N7x3ivY2BsZLxY71g+CMr3u8Wt6Ri4NxwNZ8OpcCxvUzzLxX1N7l7dMTAe/7vS7x0398kxUOyrz+3ufgwU1/n2no392WlX/Eq+TtPPTu2/X1gp898yunR77bttozN/sc637+3+u6HiOj/Yu9ac0X0/3R2/cm2H/dT++lnpmD4Wrsx+ujmu89S+7r+bKq5z4/5VHk+HQggvzLzQ+H1X/P3u31z416+3/N630++UX5h54aGpR767lvUDAHD5ftH4c2G8/Fmz6f+xXs3//w8AAAAMhJT7h+PM5H8AAACojJT7R+LM5H8AAACojJT7R+PMapL/H7//wLM/fyrkTwNcjNLlaTc8/KbyeqnjvRD/vX1xSfH1t3557NlPP7W6+x4OIfzsoVd1vP7jb0rrKp1L63xD69eXufm2Vd3/Y48uXa/58xMuHShvPz2e1R4Gqav8zandjdvd/uRMYz7/UGjMRxY+9XR5++W/0/Uv7imv/+fxQ0sOHR9q2X5XXM8dcW6Pnynz8KGl/VDMtN2zt77mH25479L9pe2Gdr608TA/93vl7abPiHrmhvL66XGvtP6//8zXni2u/8Sdndf/1HDn9V+Mt/v9OH96sLx+8z7/dNP6/yCuP91f2u7eL32r4/qfe0V5/eficfGFONvX/5Y/fvXPOz1f6X4OPVBul+5/+n/2NrZLt5duv339E0/NtOyP9tt//sXydg5+5McjzddPX0/3kzz2QOvxPRSf35YeeQjha38YWvZzeGO53d+1rT/d3rkHOq//7rZ1nhu6rbH90uPZ1vK4Pv+V3R0fb1rPob/e1vJ4nnlH3H8vTn27uN2Lj8TjMV7+v98pb6/9s0yfe0fr+026/he2la/bdHtTbet/pm39C7cV+673+h98sVz/c2/e0rL+Q++Mx9OD5ey1/hN/cX3L9l/8avl8nP/o5JmzcxdOHosPZlvb63jLxNZrrr3uJS+9Pr6Xtv/78Nn5x2fPb5/ePh3C9gH8yMDNXv+X4vzvcixs/D2Uvvvj8rj77LvK71uv/Un572fi1x+Lz2f6/vj5PxtrOV7bn/eFN5dzvet/fVzHar3iM/9xW4cv/+eyz/y9+IFvXvjb3/9B+88F6fGce/lE4/F9bsdNjcuGni8vb3+/6uXfX976uv7e6HRjfiPu18X4ycw7byrvr/3202eTfPbd5es3/SSXtg9tnyeybaT1cax3/d+LP8d86+bW9790fHzjqbZPc94WhoolLMT3h7BQXp6ulfb3Zy/d1PH+0ufwhIVXrmWZK5p7cm7q1MkzF56Ymp+dm5+ae/Jjh0+fvXBm/nDjs0sPf6jX9kuv72sar+9js/v3hsar/Ww5NtnVXv+5R48eu2/6rmOzx49cOD7/6LnZ8yeOzs0dnT02d9eR48dnP9pr+5PHDs7sPrDnvt2TJ04eO3j/gQN7DkyePHO2WEa5qB72T3948sz5w41N5g7uPTCzb9/e6cnTZ4/NHrxvenryQq/tG9+bJoutPzJ5fvbUkfmTp2cn505+bPbgzIH9+3f3/PTH0+eOz22fOn/hzNSFudnzU+Vj2T7f+HLxva/X9tTD3Nn4ftdmKP50/r679+fPxy18+RMr3lR5ldYfT8MP42dBpe9vvf6dcv9YnFlN8j8AAADUQcr98YP/ly6Q/wEAAKAyUu7fEmcm/wMAAEBlpNw/EWdWk/yv/6//r/+v/6//fwX7/0H/f6Pp/29I/385/f9V0f/X/9f/1/+nu37r/6fcvzWEWuZ/AAAAqIOU+6+JM5P/AQAAoDJS7r82zkz+BwAAgMpIuf+6OLN65P+x9r/q/+v/6/839//TdfX/g/6//v9l0v/X/+9G/1//f5DX34f9/636//Sbfuv/p9z/kjizeuR/AAAAqIWU+18aZyb/AwAAQGWk3H99nJn8DwAAAJWRcv+2OLOa5P8NPP//Z+JF+v/6/4Pe/z+djmPn/9f/1/9fP/1//f9u9P/1/wd5/X3Y/3f+f/pOv/X/U+7/f3FmNcn/AAAAUAcp978szkz+BwAAgMpIuf+GODP5HwAAACoj5f4b48xqkv83sP/v/P/6/1Xp/zed/1//v5n+v/7/5dD/1//vRv9f/3/j1z8Uf0zQ/++1vf4/V0K/9f9T7n95nFlN8j8AAADUQcr9N8WZyf8AAABQGSn3vyLOTP4HAACAyki5/+Y4s5rkf/1//X/9f/1//X/9/82k/6//343+v/7/IK9f/1//n976rf+fcv8r48xqkv8BAACgDlLuvyXOTP4HAACAyki5/1VxZvI/AAAAVEbK/bfGmdUk/+v/91X//8mg/7+8/z+s/6//X1pr/79hoff69f8312D1/4dXvET/v6T/30r/X/9f/1//n+76rf+fcv+r48xqkv8BAACgDlLuf02cmfwPAAAAlZFy/21xZvI/AAAAVEbK/dvjzGqS//X/+6r/7/z/zv+v/+/8/0v9//kh/f9VcP5//f+g/3/ZrnZ/ftDXr/+v/09v/db/T7l/R5xZTfI/AAAA1EHK/TvjzOR/AAAAqIyU+2+PM5P/AQAAoDJS7r8jzqwm+V///zL7/1tb/6n/33n9+v/6//r/zv+v/6//343+v/7/IK9f/391/f/xXjdEpfVb/z/l/jvjzGqS/wEAAKAOUu6/K85M/gcAAIDKSLn/tXFm8j8AAABURsr9u+LMapL/9f+d/1//X/9f/1//fzPp/6+6/7/1cta1Kf3/9Car/9+T/r/+/6D0/yc6bO/8/1wJ/db/T7n/dXFmNcn/AAAAUAcp978+zkz+BwAAgMpIuf/uODP5HwAAACoj5f7JOLOa5H/9f/1//X/9f/1//f/NVNX+f34fdf5//X/9f/3/Te7/f2WF7Qfl/P/UW7/1/1PuvyfOrCb5HwAAAOog5f5748zkfwAAAKiMlPun4szkfwAAAKiMlPun48xqkv+r3/9vbxaX9P9L+v/6/0H/X/9/k1W1/99+/v8Qgv6//n+m/6//32/n/+9E/58rYf39//G8SePPdfb/U+6fiTOrSf4HAACAOki5f3ecmfwPAAAAlZFy/544M/kfAAAAKiPl/r1xZjXJ/9Xv/3em/1/S/9f/D/r/+v+brC79f+f/Ly/X/y/p/+v/6//r/9fRcIevrb//v7RJ48919v9T7t8XZ1aT/A8AAAB1kHL//jgz+R8AAAAqI+X+++LM5H8AAACojJT7748zq0n+1//X/9f/1//v3/5/6/1vXv//v/T/N5H+v/5/N/r/+v+DvH79f/1/etvY/v/16+7/p9x/IM6sJvkfAAAA6iDl/jfEmcn/AAAAUBkp9z8QZyb/AwAAwEDpdB7CJOX+N8aZ1ST/6/9Xvf+/uEX/X/9/cPv/rfvT+f/1/zuJb5/6/6tUr/7/1mX3p//f6mr35wd9/fr/+v/0trH9/2U/nq65/59y/8E4s5rkfwAAAKiDlPvfFGcm/wMAAEBlpNz/5jgz+R8AAAAqI+X+Q3FmNcn/+v9V7//33/n/h8Lg9v9H9f/1//X/18z5//X/u3H+/8Hs/6fP3dD/75/+f3EM6f/Tj/qt/59y/1vizGqS/wEAAKAOUu5/a5yZ/A8AAACVkXL/2+LM5H8AAACojJT73x5nVpP8r/+v/+/8/87/r/+v/7+Z9P/1/7vR/x/M/n+i/98//X/n/6df9Vv/P+X+d8SZ1ST/AwAAQB2k3P/OODP5HwAAACoj5f7/H2cm/wMAAEBlpNz/YJxZTfJ/hfr/Y3Hq/+v/6//r/zfo//cH/X/9/270//X/B3n9+v/6//TWb/3/lPt/Kc6sJvkfAAAA6iDl/ofizOR/AAAAqIyU+98VZyb/AwAAQGWk3P/LcWY1yf8V6v+X+vT8/8P59vX/9f/1//X/9f830oD2/yf0/0v6//r/g7x+/X/9f3rrt/5/yv2/EmdWk/wPAAAAdZBy/6/Gmcn/AAAAUBkp9/9anJn8DwAAAJWRcv/DcWY1yf/6/87/r/+v/9+3/f/R1v2p/6//38mA9v+d/z/S/9f/H+T16//r/9Nbv/X/U+7/9TizmuR/AAAAqIOU+x+JM5P/AQAAoDJS7n93nJn8DwAAAJWRcv974sxqkv/1//X/9f/1//u2/9+2P/X/+7X//29dL9X/1//vRv9f/3+Q16//r/9Pb/3W/0+5/9E4s5rkfwAAAKiDlPvfG2cm/wMAAEBlpNz/G3Fm8j8AAABURsr9vxlnNpj5f3itG+j/6//r/+v/r7r/vxBC0P/X/18j/f/l/f/iPexq9v/HV3NF/f9V0f/X/9f/1/+nu37r/6fc/744s8HM/wAAAEAHKff/VpyZ/A8AAACVkXL/b8eZyf8AAABQGSn3vz/OrCb5X/9f/1//X//f+f/1/zeT/n+9zv8/HvT/g/6//r/+v/4/Wb/1/1Pu/0CcWU3yPwAAANRByv2/E2cm/wMAAEBlpNx/OM5M/gcAAIDKSLn/sTizmuR//f+r1P/fWl5f/1//vzr9/0X9f/3/jvT/69X/d/7/kv6//r/+v/4/pX7r/6fcfyTOrCb5HwAAAOog5f4PxpnJ/wAAAFAZKfcfjTOT/wEAAKAyUu4/FmdWk/yv/+/8//r/+v/O/6//v5n0//X/u9H/1/8f5PXr/+v/01u/9f9T7p+NM6tJ/gcAAIA6SLn/eJyZ/A8AAACVkXL/iTgz+R8AAAAqI+X+x+PMapL/9f/1/1fV/x8L+v/6//r/+v+XRf9f/78b/X/9/0Fev/6//j+9bVz//583pP+fcv/JOLOa5H8AAACog5T7PxRnJv8DAABAZaTc/+E4M/kfAAAAKiPl/lNxZjXJ//r/+v/O/1/B/v+o/n/Q/+8b+v/6/93o/+v/D/L69f/1/+ltKGxU/z9sSP8/5f7TcWY1yf8AAABQByn3n4kzk/8BAACgMlLuPxtnJv8DAABAZaTcfy7OrCb5X/9f/1//v4L9f+f/b9D/7w/6//r/3ej/6/8P8vr1//X/6W3jzv+/Mf3/lPt/N86sJvkfAAAA6iDl/v9j7z6a5LyrPY63riWPVK5bd3X3vAV27OAd+DWwYUuRc44GTE4m55yTiSbnnIPJORlMBkOVKWvOOfZIPd2t0fT08/zP57PgMGaseayhxvUr1beee8ct9j8AAAAMI3f/feIW+x8AAACGkbv/vnFLk/2v/9f/6//1//p//f826f/1/6vo/+fT/59Z8vfr//X/+n/WmVr/n7v/fnFLk/0PAAAAHeTuv3/cYv8DAADAMHL3PyBusf8BAABgGLn7Hxi3NNn/+n/9v/5/Mv3/fuen/9f/6/8vif5f/7/Ydf9/Lj4YvP9fRv+v/9f/s87U+v/c/Q+KW5rsfwAAAOggd/+D4xb7HwAAAIaRu/8hcYv9DwAAAMPI3f/QuKXJ/tf/6//H7f/35tb/e/9/fl9H7P9P3f5l9f/HS/+v/1/suv9v8v7/ZfT/+n/9P+tMrf/P3f+wuKXJ/gcAAIAOcvc/PG6x/wEAAGAYufsfEbfY/wAAADCM3P2PjFua7H/9v/5/3P5/du//1//n93WI/v9c/Tre/6//1/8fTv+v/5/z8+v/9f+sN7X+P3f/o+KWJvsfAAAAOsjd/+i4xf4HAACAYeTuf0zcYv8DAADAMHL3PzZuabL/9f/6f/2//l//fwLv/9f/6//1/0vp//X/c35+/b/+n/Wm1v/n7n9c3NJk/wMAAEAHufsfH7fY/wAAADCM3P1PiFvsfwAAABhG7v4nxi1N9v+l9f+n9P+H0P8vf379v/5f/6//1//r/1fR/+v/5/z8+n/9P+ttvf+/+przd9P+P3f/NXFLk/0PAAAAHeTuf1LcYv8DAADAMHL3Pzlusf8BAABgGLn7nxK3NNn/S/r/KxYzfv//2c2+tP4/vv7B/v/WU/p//f80+/9b4qeM/l//f7F59/9n9f876//39P8r+/nNfif0//p//T/rbL3/X9P7X/hx7v5r45Ym+x8AAAA6yN3/1LjF/gcAAIBh5O5/Wtxi/wMAAMAwcvc/PW5psv8v7f3/0+//vf9/t+//z193C/3/mWXPr//v0v/v8/5//f8y8+7/vf9/i/3/PfI30/v/D7frfn7uz7+q/7/rBs+v/6eDqfX/ufufEbc02f8AAADQQe7+Z8Yt9j8AAAAMI3f/s+IW+x8AAACGkbv/2XFLg/1/Wv9fz5H0/97/v1H/f27/79f/H3we/b/+fxn9v/5/ld29/1//v5hAPz/35/f+//X9/1XrfhGGN7X+P3f/c+KWBvsfAAAAusjd/9y4xf4HAACAYeTuf17cYv8DAADAMHL3Pz9uabL/9f/6f/2/9/9fVv9/xTb6/9NLfz/1//r/ZfT/+v+F/v/Idt3Pz/359f/e/896U+v/c/dfF7fU8Dt9hH9KAAAAYEpy978gbmny5/8AAADQQe7+F8Yt9j8AAAAMI3f/i+KWJvtf/6//1//r/73/X/+/Tfr/4fr/U/r/2+n/9f/6f/0/q02t/8/d/+K4pcn+BwAAgA5y978kbrH/AQAAYBi5+18at9j/AAAAMIzc/S+LW5rsf/2//l//r//X/+v/t0n/P1z/7/3/d6D/1//r//X/rDa1/j93/8vjlib7HwAAADrI3f+KuMX+BwAAgGHk7n9l3GL/AwAAwDBy978qbpnd/r+woN2M/l//r//X/+v/9f/bNP3+/8xGn6X/36f/P2hb/f/ZQ76e/n9az388/X9+9/X/jGkC/f/d7vhx7v5Xxy2z2/8AAADAYXL3vyZusf8BAABgGLn7Xxu32P8AAAAwjNz9r4tbmuz/w/r/m6/a/9/X9P/5G6b/j6v/1/8v9P9F/6//X8yi/9+M/n+f/v8g7//X/3v/v/6f1SbQ/x/4OHf/6+OWJvsfAAAAOsjd/4a4xf4HAACAYeTuf2PcYv8DAADAMHL3vyluabL/vf9f/6//1//r//X/26T/1/+vMqP+f2/ZX9T/6//1//p/Vpta/5+7/81xS5P9DwAAAB3k7n9L3GL/AwAAwDBy9781brH/AQAAYBi5+98WtzTZ//p//f/O+///GbL/P/+I+n/9v/5f/6//X21G/f9S+n/9v/5f/89qU+v/c/e/PW5psv8BAACgg9z974hb7H8AAAAYRu7+d8Yt9j8AAAAMI3f/u+KWJvtf/6//33n/7/3/Rf8f31f9v/7/Euj/9f8L/f+R7bqfn/vz6//1/6w3tf4/d/+745Ym+x8AAAA6yN3/nrjF/gcAAIBh5O6/Pm6x/wEAAGAYufvfG7c02f/6f/2//l//r//X/2+T/l//v8rJ9v/X3qz/P2jX/fzcn1//r/9nvan1/7n73xe3NNn/AAAA0EHu/vfHLfY/AAAADCN3/wfiFvsfAAAAhpG7/4NxS5P9r/+fe/9/95viCabW/+en6P/1/yv7/73FxfT/+v9Lof/X/y+28v7/C39SLKf/1//r//X/rHZi/f89r77XXW77L2v6/9z9H4pbmux/AAAA6CB3/w1xi/0PAAAAw8jd/+G4xf4HAACAYeTu/0jc0mT/9+j/z1z0aeP0/97/r/+fdP+fP1S9/1//r//X/y813f5/M/p//b/+X//PalN7/3/u/o/GLU32PwAAAHSQu/9jcYv9DwAAAMPI3f/xuMX+BwAAgGHk7v9E3NJk//fo/y+m/9937P3/rf+n/9f/l03e/6//1/9fLv2//n+h/z+yXffzc3/+ofv/Uwv9P8diav1/7v5Pxi1N9j8AAAB0kLv/U3GL/Q8AAADDyN3/6bjF/gcAAIBh5O7/TNxw5//d3SOdKP2//t/7//X/+n/9/zbp/4/Q/586vfFz6f/36f+PZtf9/Nyff+j+3/v/OSZT6/9z9382bvHn/wAAADCM3P2fi1vsfwAAABhG7v7Pxy32PwAAAAxgv3fP3f+FuKXJ/l/T/+/l5x25/z93+NfW/+v/F/p//b/+X/9/mYbs/y+B/n+f/v9odt3Pz/35Z9f/X3/wQ/0/J2FJ/3/+J/Gu+v/c/V+MW5rsfwAAAOggd/+X4hb7HwAAAIaRu//LcYv9DwAAAMPI3f+VuKXJ/l/a/+95/7/+X/+v/1/o//X/x0L/r/9fRf+v/5/z88+u/7+A/p+TMLX3/+fu/2rc0mT/AwAAQAe5+78Wt9j/AAAAMIzc/V+PW+x/AAAAGEbu/m/ELU32/5r3/+v/N/tH0f/r/5f+/0H/r//fsP8/s9D/H5n+X/+/0P8f2a77+bk//+X0/+f0/zQxtf4/d/8345Ym+x8AAAA6yN3/rbjF/gcAAIBh5O7/dtxi/wMAAMAwcvd/J25psv9H7v9XfZr+f5/+X/+/0P9Pof/3/v/LoP/X/y/0/0e2635+7s/v/f/6f9abWv+fu/+7cUuT/Q8AAAAd5O7/Xtxi/wMAAMAwcvffuFjcYP8DAADAmG48/59nF9+PW5rs/5H7/1X0//v0//r/hf5f/79l+n/9/yr6f/3/nJ9f/6//Z72p9f+5+38QtzTZ/wAAANBB7v4fxi32PwAAAAwjd/+P4hb7HwAAAIaRu//HcUuT/a//1//r//X/+n/9/zbp//X/q+j/9f9zfn79v/6f9abW/+fu/0nc0mT/AwAAQAe5+38at9j/AAAAMIzc/T+LW+x/AAAAGEbu/p/HLU32v/5f/6//1//r//X/26T/1/+vov/X/8/5+fX/+n/Wm1r/n7v/F3FLk/0PAAAAHeTu/2XcYv8DAADAMHL3/ypusf8BAABgGLn7fx23NNn/+v/bnuNc/XX9v/5f/6//T/r/49G2/7/tX6v6/7X0//r/OT+//l//z3pT6/9z9/8mbmmy/wEAAKCD3P2/jVvsfwAAABhG7v7fxS32PwAAAAwjd//v45Ym+1//7/3/+n/9/zz6/yv1//r/pSbb/3v//0b0//r/OT+//l//z3pT6/9z998UtzTZ/wAAANBB7v4/xC32PwAAAAwjd/8f4xb7HwAAAIaRu//muKXJ/tf/6/+H7P/39P/j9f/e/z/L/v9O+n/9/2r6f/3/nJ9f/6//Z72p9f+5+/8UtzTZ/wAAANBB7v4/xy32PwAAAAwjd/9f4hb7HwAAAIaRu/+vcUuT/a//1/8P2f97/7/+X/8/Gfp//f8q+n/9/5yfX/+v/2e9qfX/ufv/Frc02f8AAADQQe7+v8ct9j8AAAAMI3f/P+IW+x8AAACGkbv/n3FLk/2v/9f/6//1//p//f826f/n2/9fuThC/3/dQv+v/9f/6//1/5Sp9f+5+/8VtzTZ/wAAANBB7v5b4pal+///T+ipAAAAgOOUu//fcYs//wcAAIBh5O7/T9zSZP/r//X/+n/9v/5f/79N+v/59v/e/7+e/l//r//X/7Pa1Pr/3P3/DQAA///E7/7M")
syz_clone3(&(0x7f00000014c0)={0x4300, 0x0, 0x0, 0x0, {0x2a}, &(0x7f0000000440)=""/34, 0x22, &(0x7f0000000480)=""/4096, &(0x7f0000001480)}, 0x58)
r1 = syz_open_dev$MSR(&(0x7f0000000080), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$l2tp6(0xa, 0x2, 0x73)
socket$nl_xfrm(0x10, 0x3, 0x6)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000740)=@newsa={0x138, 0x1a, 0x1, 0xfffffffe, 0x100, {{@in=@initdev={0xac, 0x1e, 0x1, 0x0}, @in6=@private1={0xfc, 0x1, '\x00', 0x1}, 0x1, 0x717, 0x4e23, 0x5, 0xa, 0x0, 0x20, 0x3a}, {@in6=@mcast2, 0x4d4, 0x6c}, @in6=@mcast1, {0xfe, 0x1000000000000192, 0xf, 0xcbed, 0x8251c, 0x5, 0xfffffffffffffffc}, {0xffffffffffffffff, 0x0, 0x1f, 0xfffffffffffffffe}, {0xfffffffe, 0x3fc}, 0x7e, 0x3505, 0x2, 0x1, 0x0, 0x20}, [@algo_comp={0x48, 0x3, {{'deflate\x00'}}}]}, 0x138}, 0x1, 0x0, 0x0, 0x81}, 0x844)
socket$nl_netfilter(0x10, 0x3, 0xc)
preadv2(0xffffffffffffffff, 0x0, 0x0, 0x1, 0x0, 0x8)
signalfd(r0, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f00000012c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x94)
bpf$BPF_PROG_DETACH(0x1c, &(0x7f0000000140)={@fallback=r3, r3, 0x2f}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f00000026c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x94)

1.910487339s ago: executing program 4 (id=673):
r0 = io_uring_setup(0x7a76, &(0x7f0000000180)={0x0, 0x3a4d, 0x100, 0x43, 0x10000000})
mount$overlay(0x0, 0x0, 0x0, 0x48000, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f0000000580)=0x2)
openat$dsp1(0xffffff9c, &(0x7f0000000000), 0x2, 0x0)
r1 = syz_open_procfs(0x0, 0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='.\x00', &(0x7f0000000080), 0x0, 0x0)
ioctl$KDFONTOP_SET(r1, 0x4b72, &(0x7f0000000a80)={0x0, 0x0, 0x0, 0x1e, 0xce, &(0x7f0000000680)="11d100a05ec99f1e575f5172c7a909c330ef6feaaf4e8e93044445172dd05a3cde8e7e44644b00a4bee15b77fb177d346985db416f54eb3fa115d0e0af319aa6ab4c9bbdd18caf0234d1dbe31d415e7d2ecf20b8b6469ec7815b9061f19e2d1197a2e9f5e5b75a1781e1d3bbf0429dc232512402e0395315a12f75c370ed10842c009f42ab0c2f0d31beb72962643b3a5beb5e6d2141651cd77aec522abdab109c2d4721e203d12c18792a342b683c4018298ca1191da72815b00f49bbdaa5fd05ba77a0cbbe2e7ae017bcf58066c9f2f99d8a721f1d81b2f4c43e8ab0350cf3785f4df6a0735a9f023f0cccf52108f84e91246b11a5807a219ede9cf008b0b7555fe89687f9687cca6cb8c02b287e1d4039805c6f1cabd7801f6cea95b2b1fe80e829c17861b98214ee02832480e9184d8fcf5f9cab6c8840f017e7d353f578aee2b8377573e4db95febdf1b300958bebfbc79761eadce63b107124124b1635833b4eab022e47d76b6416d7505a16598108d1e65627a581d7e3fd0d72496db0a3e239d2237911910063ca709753b641b5d9f7dd3a6bfceaa2bb41ca48fb6e4ef757badcb7e5491a32fea7e67867467b367358d9de9300be254fdf696c96f72a0af3b1c68ead53263fce81d6c37bad627d8129b49a5b22a55214fcbe761e3bb3a315d37d0cf354d2b4302ca42db89618e3692ed5c16f2b42555dceb1cf4dc9e31cbc385b5551238f9b9d559543cb874d262e8162973c63ccf5d48c9f6de3ea6c2acb23042896359afdac6343fbcc3f33340e71094042ffc42360f2fd0280e5208e1b7ea1ee83864b52f6db10943ee206de561afd85ab6b69113a7e4229287ea75deb9b2661010934468d8339ce1b0f4625f226fefa90c14c1cb17c43a8ab97f5e7ff4d363256cc6462335af924ef7ed6367e23a9270fb8b2a6d1437aa232fa618e5196c86ae96d30bc7e9e5f0ba6799c1e1710712355accb75c2609985a678dd1e1f683e9138aa819ff80bd0ab0a592a7b2ef59100e1c2f456b591f1c4d4ffda621cc4d4c1c9685364093d5f23b259969f0183f4bf72102c4ca0835761d8c833462b8b11d8939c44bb8091fa1a0c8ee20da85d5278fc793840abe7106fe9c98c089ecf4d21c6b743e4b2ca0d0536d6e409b53d4321a949295e3c37137907bfb8938204127c9be102042f2ce81f0a7834b2b38790466efea8ea3093cb1844f63766c6eca2f6ee2735d6cafbaa6aa746bfe0dd480b420cd98954b37718eb80198f2f4eb39e60b413d63a1f35a0c391c3e584b75fe9e29edf0d547a1a2e4c1a672cb8efb6991c0bea4eb164c2f77a37bee55d56e9f8b347d0a9412da3b1aa21dbfdd86dc3139f6a2d182f8b9ab0f39cfffae6f006be6537ba81659d067d1919bafc0db401190b1272c358212629457a15b5b45afafe40bdb40b0ea5d3865b920150"})
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000001a40)=""/102392, 0x18ff8)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001680)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x40001}, 0x4040850)
sendmsg$NFT_BATCH(r3, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000009c0)=ANY=[@ANYBLOB="140000001000010000000000000000000700000a4c000000030a0fdb00000000000000000a0020050900030073797a30000000000900010073797a310000000014000480080002403cb140bb08000140000000030a002800726f75746500000014000000110001"], 0x74}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000840)
r4 = socket$kcm(0xa, 0x922000000003, 0x11)
setsockopt$sock_attach_bpf(r4, 0x29, 0x24, &(0x7f0000000080), 0x4)
sendmsg$kcm(r4, &(0x7f0000000040)={&(0x7f00000007c0)=@l2tp6={0xa, 0x0, 0x4, @loopback, 0xffffffff, 0x1}, 0x80, &(0x7f0000000540)=[{&(0x7f0000000280)="f4000900062b3325fe80000000000000dc8b850f2323fcb11ea3548466cc00007a000000ad", 0x25}, {&(0x7f0000000100)="42e9", 0x2}, {&(0x7f00000002c0)="8b3306", 0x3}], 0x3}, 0x0)
bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0)
ioctl$DVB_DEMUX_DMX_REMOVE_PID(r1, 0x40026f34, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

1.886167788s ago: executing program 2 (id=674):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x0, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x0)
r3 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r3, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
write$FUSE_INIT(r3, &(0x7f0000000100)={0x50, 0x0, 0x0, {0x7, 0x1f, 0x1000001, 0x5069f481, 0xfffe, 0x7fff, 0x0, 0x0, 0x0, 0x0, 0x10}}, 0x50)
openat(0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x24c01, 0x0)
io_setup(0x202, &(0x7f0000000200))

657.587145ms ago: executing program 2 (id=675):
syz_mount_image$bfs(&(0x7f0000000000), &(0x7f0000000240)='./bus\x00', 0x8008, &(0x7f0000000100)=ANY=[@ANYRES64=0x0], 0xf, 0xab, &(0x7f0000010140)="$eJzs1zGKwkAYBeB/s7CbdptFsLBO4x08ilhqI1aK4A3Ei3gVj5DewiKtiCOYiIidRQT5vmLgzWPgtbM7brubIiKtIlLRme7T3Wy+GA8n9Rl8pCwifiMij4jeX50Pg7r7avqyWo7K6vv58c+69b0AAMDrsug/5nNqLk7NL/Aa/m993vI+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgHe7BAAA//+dfyiL")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.current\x00', 0x275a, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file2\x00', 0x143042, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='rdma.current\x00', 0x275a, 0x0)
mknodat(0xffffffffffffff9c, &(0x7f0000000140)='./file4\x00', 0x40, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file7\x00', 0x105042, 0x1ff)
linkat(0xffffffffffffff9c, &(0x7f0000000000)='./file4\x00', 0xffffffffffffff9c, &(0x7f00000006c0)='./file5\x00', 0x0)
syz_mount_image$udf(&(0x7f0000000000), &(0x7f0000000080)='./bus\x00', 0x1000000, &(0x7f0000000040)=ANY=[@ANYBLOB='\x00'], 0x2, 0x58a, &(0x7f0000000740)="$eJzs3c1rXWkZAPDnPc1NbzrtzJ22ttaOckHBMmJJ006qpjjWyQSE4oRp04UrY5N2wtwkJclIOgzahejG/8HVbBRkQN0ILnTrQnciA67ErVEGBhRHOSfnfiUZk5mbm4/m94PknnvOcz7eAwk872cAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABFff/nm8JW0308BAAAA9NM3b786PCL/BwAAgCfaHe3/AAAAAAAAAHDYpcjih5Fi9dRaOll8X1e9NbfwxurU+MTWpw2l4sxjRXz+U70ycvXaC6PXv9T8/P/n77YL8crtOzfrLy3OP1yaXV6enalPLczdW5yZ3fEVej1/o+eLF1Cff/2Nmfv3l+sjl692HV6t/e34U+dqY19++eytZuzU+MTE7Y6YgcrHvvsmengAAAAcbYORxbVIcefiz9OpiMii91x4m7qDfhuKWp5/F4WYGp8oCtKYm15YyQ9ONhPhWndOPNjMkfcgF+9JLeJ0/qyDMnoAAAB2rhJZfCZSXPhgLT0dEceaefAXiokBt79AbQ8ecgsDEXEmIi7FIcjZAQAAYJ8djyxejRS/adTimTKvLvL/r0WM7ffDAQAAALtiILK4HineG1tLtaI/QEQ8PzU+Ub91t/6NhfuLHbGTqWxRP+zjA/aSvgkAAAAcANXI4lTR4r+Wnv2QmIE9fiYAAABgdw1FFv+KFJ9/8bvFvHJRzEv/zNhXTt6Y6Jxh7vw218ljL0fExR2Oya+Ucw1OpsmUsk1Xe7wrhQMAAAAK1ZTFXyPF+3+uFt8vlbl50ugPAAAAT46UxQ8ixVcn11LasC79sY71/VsO+9j//j7/UPWlxYePluYevLay5fET1ZvfWV5Zmr639eH1tQu7ukNst44hAAAA7EAlZfHPSPH7xjutvLNcA6DsAdBONN++0c5Nq2nD0aLe4Omi3qA1huCpkZHO7S1T1o8wP16tvO+x3osNAAAAR0pKWQxGis/97pPl2v8nYlMbdBn3h0hxY/G5Mi4bzOOawwRqxe/q/bnG7HAeOx4pftloxkYRe7yMPdOOvZLH/ja/7nR3bLWMPduOHcljP4gUry1tHfuJduzVPHYpUvzsJ/Vm7Ik89mQZe64de/neYmOmby8YAAAADoBKyuJXkeLH/663hvx3t/+3W9vffqvd3r9pgr4PafPvtf2/1rHvcVkPcbysrxjYpr7ilUhx4dnnmuUp6gqa3QrW1zpo11f8I1Isfas7drCMPd2OvbLjFwsAAAAHSLP//x/v/rrV5b7MgcuvW+f/n9o4P2Cf8v/ONQnzey4/evP16UZjdmk/Nyof8azvR0TXnnQQSmHjv6WD8jx7ulH+UT0+KM/T60Zv/wcBAOAoyPP/u5Fi9b13W+3dZf5fdpVv5//vf6+d/49tvFCf8v/THfvGyvkGKgMR1ZX5h5XzEdXlR29+cW5++sHsg9mFq6MvjA6Pjl6/NlIZbDbut7d6flcAAABwWOX5/3Ck+PuPftoan7+T9v8TGy/Up/z/TMe+/J7tRr98z196LT4AAAAcCXn+/4tI8aeL77Tm0evO/zvm/3+rPc7+0mfXewu0agf6lP+f7dhXK+4bMbRLZQcAAAAAAAAAAAAAAAAAAICDopKy+E+keLc6kMoJ/3c0/9/Mxgv1afz/uY59M7E36//1/FIBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgkMoii7lI8enza+nFfMe3I052fgIAAACH3v8CAAD//16XHzs=")
write$binfmt_script(r0, &(0x7f00000008c0), 0xfecc)
open(&(0x7f0000000140)='./file1\x00', 0x64042, 0x178)
open(&(0x7f00000003c0)='./file3\x00', 0x14507e, 0x148)
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000006ac0)='cpuacct.stat\x00', 0x275a, 0x0)
openat$incfs(0xffffffffffffff9c, &(0x7f0000000640)='.log\x00', 0xa5d, 0x1)
syz_clone(0x2000400, 0x0, 0xfffffebf, 0x0, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000340)='pids.current\x00', 0x275a, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpu.stat\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_service_time_recursive\x00', 0x275a, 0x0)

557.38094ms ago: executing program 1 (id=676):
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe)
r0 = open(&(0x7f00000001c0)='./file1\x00', 0x169a7e, 0x68)
fallocate(r0, 0x0, 0x9b1, 0x1001ed)
ioctl$UFFDIO_COPY(r0, 0xc028aa03, &(0x7f0000000000)={&(0x7f0000532000/0x3000)=nil, &(0x7f0000593000/0x4000)=nil, 0x3000, 0x1})
r1 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000080), 0x129202, 0x0)
ppoll(&(0x7f00000003c0)=[{r1, 0x20}], 0x1, 0x0, 0x0, 0x0)
mmap$dsp(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x100000f, 0x11, r1, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r1, 0xc0045005, &(0x7f0000000000)=0x4000)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
r2 = socket(0xa, 0x1, 0x0)
setsockopt$sock_int(r2, 0x1, 0xf, &(0x7f0000000040)=0x9, 0x4)
bind$inet6(r2, &(0x7f0000000140)={0xa, 0xe64, 0xb, @empty, 0x8}, 0x1c)
r3 = socket(0xa, 0x1, 0x0)
setsockopt$sock_int(r3, 0x1, 0xf, &(0x7f0000000040)=0x9, 0x4)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0xe64, 0x4, @empty, 0x82}, 0x1c)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x1, 0x0, 0x0, 0x3)

508.463561ms ago: executing program 5 (id=677):
r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f0000000100))
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r3 = dup3(r2, r1, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000fc0)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, 0x18, &(0x7f0000000300)={@flat=@weak_binder={0x77622a85, 0x100a, 0x8000000000}, @flat=@weak_binder={0x77622a85, 0x1100, 0x3}}, &(0x7f0000000200)={0x0, 0x18, 0x30}}}], 0x0, 0x0, 0x0})
read$FUSE(r0, &(0x7f0000004800)={0x2020}, 0x2020)

331.226364ms ago: executing program 4 (id=678):
syz_mount_image$bfs(&(0x7f0000000000), &(0x7f0000000240)='./bus\x00', 0x8008, &(0x7f0000000100)=ANY=[@ANYRES64=0x0], 0xf, 0xab, &(0x7f0000010140)="$eJzs1zGKwkAYBeB/s7CbdptFsLBO4x08ilhqI1aK4A3Ei3gVj5DewiKtiCOYiIidRQT5vmLgzWPgtbM7brubIiKtIlLRme7T3Wy+GA8n9Rl8pCwifiMij4jeX50Pg7r7avqyWo7K6vv58c+69b0AAMDrsug/5nNqLk7NL/Aa/m993vI+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgHe7BAAA//+dfyiL")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.current\x00', 0x275a, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file2\x00', 0x143042, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='rdma.current\x00', 0x275a, 0x0)
mknodat(0xffffffffffffff9c, &(0x7f0000000140)='./file4\x00', 0x40, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file7\x00', 0x105042, 0x1ff)
linkat(0xffffffffffffff9c, &(0x7f0000000000)='./file4\x00', 0xffffffffffffff9c, &(0x7f00000006c0)='./file5\x00', 0x0)
syz_mount_image$udf(&(0x7f0000000000), &(0x7f0000000080)='./bus\x00', 0x1000000, &(0x7f0000000040)=ANY=[@ANYBLOB='\x00'], 0x2, 0x58a, &(0x7f0000000740)="$eJzs3c1rXWkZAPDnPc1NbzrtzJ22ttaOckHBMmJJ006qpjjWyQSE4oRp04UrY5N2wtwkJclIOgzahejG/8HVbBRkQN0ILnTrQnciA67ErVEGBhRHOSfnfiUZk5mbm4/m94PknnvOcz7eAwk872cAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABFff/nm8JW0308BAAAA9NM3b786PCL/BwAAgCfaHe3/AAAAAAAAAHDYpcjih5Fi9dRaOll8X1e9NbfwxurU+MTWpw2l4sxjRXz+U70ycvXaC6PXv9T8/P/n77YL8crtOzfrLy3OP1yaXV6enalPLczdW5yZ3fEVej1/o+eLF1Cff/2Nmfv3l+sjl692HV6t/e34U+dqY19++eytZuzU+MTE7Y6YgcrHvvsmengAAAAcbYORxbVIcefiz9OpiMii91x4m7qDfhuKWp5/F4WYGp8oCtKYm15YyQ9ONhPhWndOPNjMkfcgF+9JLeJ0/qyDMnoAAAB2rhJZfCZSXPhgLT0dEceaefAXiokBt79AbQ8ecgsDEXEmIi7FIcjZAQAAYJ8djyxejRS/adTimTKvLvL/r0WM7ffDAQAAALtiILK4HineG1tLtaI/QEQ8PzU+Ub91t/6NhfuLHbGTqWxRP+zjA/aSvgkAAAAcANXI4lTR4r+Wnv2QmIE9fiYAAABgdw1FFv+KFJ9/8bvFvHJRzEv/zNhXTt6Y6Jxh7vw218ljL0fExR2Oya+Ucw1OpsmUsk1Xe7wrhQMAAAAK1ZTFXyPF+3+uFt8vlbl50ugPAAAAT46UxQ8ixVcn11LasC79sY71/VsO+9j//j7/UPWlxYePluYevLay5fET1ZvfWV5Zmr639eH1tQu7ukNst44hAAAA7EAlZfHPSPH7xjutvLNcA6DsAdBONN++0c5Nq2nD0aLe4Omi3qA1huCpkZHO7S1T1o8wP16tvO+x3osNAAAAR0pKWQxGis/97pPl2v8nYlMbdBn3h0hxY/G5Mi4bzOOawwRqxe/q/bnG7HAeOx4pftloxkYRe7yMPdOOvZLH/ja/7nR3bLWMPduOHcljP4gUry1tHfuJduzVPHYpUvzsJ/Vm7Ik89mQZe64de/neYmOmby8YAAAADoBKyuJXkeLH/663hvx3t/+3W9vffqvd3r9pgr4PafPvtf2/1rHvcVkPcbysrxjYpr7ilUhx4dnnmuUp6gqa3QrW1zpo11f8I1Isfas7drCMPd2OvbLjFwsAAAAHSLP//x/v/rrV5b7MgcuvW+f/n9o4P2Cf8v/ONQnzey4/evP16UZjdmk/Nyof8azvR0TXnnQQSmHjv6WD8jx7ulH+UT0+KM/T60Zv/wcBAOAoyPP/u5Fi9b13W+3dZf5fdpVv5//vf6+d/49tvFCf8v/THfvGyvkGKgMR1ZX5h5XzEdXlR29+cW5++sHsg9mFq6MvjA6Pjl6/NlIZbDbut7d6flcAAABwWOX5/3Ck+PuPftoan7+T9v8TGy/Up/z/TMe+/J7tRr98z196LT4AAAAcCXn+/4tI8aeL77Tm0evO/zvm/3+rPc7+0mfXewu0agf6lP+f7dhXK+4bMbRLZQcAAAAAAAAAAAAAAAAAAICDopKy+E+keLc6kMoJ/3c0/9/Mxgv1afz/uY59M7E36//1/FIBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgkMoii7lI8enza+nFfMe3I052fgIAAACH3v8CAAD//16XHzs=")
write$binfmt_script(r0, &(0x7f00000008c0), 0xfecc)
open(&(0x7f0000000140)='./file1\x00', 0x64042, 0x178)
open(&(0x7f00000003c0)='./file3\x00', 0x14507e, 0x148)
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000006ac0)='cpuacct.stat\x00', 0x275a, 0x0)
openat$incfs(0xffffffffffffff9c, &(0x7f0000000640)='.log\x00', 0xa5d, 0x1)
syz_clone(0x2000400, 0x0, 0xfffffebf, 0x0, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000340)='pids.current\x00', 0x275a, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpu.stat\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_service_time_recursive\x00', 0x275a, 0x0)

166.207055ms ago: executing program 5 (id=679):
r0 = socket$igmp(0x2, 0x3, 0x2)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r1, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x6a, 0x4)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
bind$inet(r1, &(0x7f0000001c00)={0x2, 0x4e23, @multicast2}, 0x10)
setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x41, &(0x7f0000000180)=0xb27, 0x4)
connect$inet(r1, &(0x7f0000001bc0)={0x2, 0x4e23, @loopback}, 0x10)
sendmmsg(r1, &(0x7f0000004fc0)=[{{0x0, 0x0, &(0x7f0000001800)=[{&(0x7f0000000380)="f2a3caf12c99b40132fd592132e08f0f952c87a30e5747a2d122cb755867e6eb5188ea264a07a2f38b58c6338ec4f67c78fcd77e9f7d11fd8d50fb354b4d31782546ce2b3be2c5fbca0f7f7b57063937aff9c2d3f560c35c4351633c58424e3bde9c932ebdd66045b093dce8bfae552a94248d75a06c0d41803451c4a2381c8a76c0172996b2411d070e5f6a334fead34442bbfb5593f3783b6f2315f2f638402afcfb2288b3f68b1e7b007fb5784296e68a40a21a6f8449b075b73d434259c9e677a6bac1096c9b59768b973f9a445a72ab6d03ca9a0257ed13efacacd226f45eb841359d97bb39e38e32aae3d2e2140195f491a69c7d68aeba120fea4eab5c17e8e216cd50", 0x106}, {0x0}], 0x2}}, {{0x0, 0x0, 0x0}}], 0x2, 0xc840)
sendto$inet(r1, &(0x7f00000002c0)="01a4acc7cf28ab9f6c7fc745c30bfc165466072a660bbf56352083db9d40454a67f8010000004bd29585885c89773ca3ba28a1e85ffe2a9220e0ecd440e345b745bf2146835ad015c801f95be5b890e44fb3dfbe8e88a1e5176e584c970207f23b0073ca5375abddf56331be396eaa2398ea66b93a74fd4147e826abed1b5d1de578682288c19ac23c1ccc1cdd936d2571c3510b0000000000000000000000000000000000f32bb3874c926a8944caa4677d2eae3bc831e748000000", 0xfffffffffffffe88, 0x5e, 0x0, 0x0)
setsockopt$MRT_FLUSH(r0, 0x0, 0xd4, &(0x7f0000002600)=0x2, 0x4)

0s ago: executing program 2 (id=680):
syz_mount_image$bfs(&(0x7f0000000000), &(0x7f0000000240)='./bus\x00', 0x8008, &(0x7f0000000100)=ANY=[@ANYRES64=0x0], 0xf, 0xab, &(0x7f0000010140)="$eJzs1zGKwkAYBeB/s7CbdptFsLBO4x08ilhqI1aK4A3Ei3gVj5DewiKtiCOYiIidRQT5vmLgzWPgtbM7brubIiKtIlLRme7T3Wy+GA8n9Rl8pCwifiMij4jeX50Pg7r7avqyWo7K6vv58c+69b0AAMDrsug/5nNqLk7NL/Aa/m993vI+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgHe7BAAA//+dfyiL")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.current\x00', 0x275a, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file2\x00', 0x143042, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='rdma.current\x00', 0x275a, 0x0)
mknodat(0xffffffffffffff9c, &(0x7f0000000140)='./file4\x00', 0x40, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file7\x00', 0x105042, 0x1ff)
linkat(0xffffffffffffff9c, &(0x7f0000000000)='./file4\x00', 0xffffffffffffff9c, &(0x7f00000006c0)='./file5\x00', 0x0)
syz_mount_image$udf(&(0x7f0000000000), &(0x7f0000000080)='./bus\x00', 0x1000000, &(0x7f0000000040)=ANY=[@ANYBLOB='\x00'], 0x2, 0x58a, &(0x7f0000000740)="$eJzs3c1rXWkZAPDnPc1NbzrtzJ22ttaOckHBMmJJ006qpjjWyQSE4oRp04UrY5N2wtwkJclIOgzahejG/8HVbBRkQN0ILnTrQnciA67ErVEGBhRHOSfnfiUZk5mbm4/m94PknnvOcz7eAwk872cAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABFff/nm8JW0308BAAAA9NM3b786PCL/BwAAgCfaHe3/AAAAAAAAAHDYpcjih5Fi9dRaOll8X1e9NbfwxurU+MTWpw2l4sxjRXz+U70ycvXaC6PXv9T8/P/n77YL8crtOzfrLy3OP1yaXV6enalPLczdW5yZ3fEVej1/o+eLF1Cff/2Nmfv3l+sjl692HV6t/e34U+dqY19++eytZuzU+MTE7Y6YgcrHvvsmengAAAAcbYORxbVIcefiz9OpiMii91x4m7qDfhuKWp5/F4WYGp8oCtKYm15YyQ9ONhPhWndOPNjMkfcgF+9JLeJ0/qyDMnoAAAB2rhJZfCZSXPhgLT0dEceaefAXiokBt79AbQ8ecgsDEXEmIi7FIcjZAQAAYJ8djyxejRS/adTimTKvLvL/r0WM7ffDAQAAALtiILK4HineG1tLtaI/QEQ8PzU+Ub91t/6NhfuLHbGTqWxRP+zjA/aSvgkAAAAcANXI4lTR4r+Wnv2QmIE9fiYAAABgdw1FFv+KFJ9/8bvFvHJRzEv/zNhXTt6Y6Jxh7vw218ljL0fExR2Oya+Ucw1OpsmUsk1Xe7wrhQMAAAAK1ZTFXyPF+3+uFt8vlbl50ugPAAAAT46UxQ8ixVcn11LasC79sY71/VsO+9j//j7/UPWlxYePluYevLay5fET1ZvfWV5Zmr639eH1tQu7ukNst44hAAAA7EAlZfHPSPH7xjutvLNcA6DsAdBONN++0c5Nq2nD0aLe4Omi3qA1huCpkZHO7S1T1o8wP16tvO+x3osNAAAAR0pKWQxGis/97pPl2v8nYlMbdBn3h0hxY/G5Mi4bzOOawwRqxe/q/bnG7HAeOx4pftloxkYRe7yMPdOOvZLH/ja/7nR3bLWMPduOHcljP4gUry1tHfuJduzVPHYpUvzsJ/Vm7Ik89mQZe64de/neYmOmby8YAAAADoBKyuJXkeLH/663hvx3t/+3W9vffqvd3r9pgr4PafPvtf2/1rHvcVkPcbysrxjYpr7ilUhx4dnnmuUp6gqa3QrW1zpo11f8I1Isfas7drCMPd2OvbLjFwsAAAAHSLP//x/v/rrV5b7MgcuvW+f/n9o4P2Cf8v/ONQnzey4/evP16UZjdmk/Nyof8azvR0TXnnQQSmHjv6WD8jx7ulH+UT0+KM/T60Zv/wcBAOAoyPP/u5Fi9b13W+3dZf5fdpVv5//vf6+d/49tvFCf8v/THfvGyvkGKgMR1ZX5h5XzEdXlR29+cW5++sHsg9mFq6MvjA6Pjl6/NlIZbDbut7d6flcAAABwWOX5/3Ck+PuPftoan7+T9v8TGy/Up/z/TMe+/J7tRr98z196LT4AAAAcCXn+/4tI8aeL77Tm0evO/zvm/3+rPc7+0mfXewu0agf6lP+f7dhXK+4bMbRLZQcAAAAAAAAAAAAAAAAAAICDopKy+E+keLc6kMoJ/3c0/9/Mxgv1afz/uY59M7E36//1/FIBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgkMoii7lI8enza+nFfMe3I052fgIAAACH3v8CAAD//16XHzs=")
write$binfmt_script(r0, &(0x7f00000008c0), 0xfecc)
open(&(0x7f0000000140)='./file1\x00', 0x64042, 0x178)
open(&(0x7f00000003c0)='./file3\x00', 0x14507e, 0x148)
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000006ac0)='cpuacct.stat\x00', 0x275a, 0x0)
openat$incfs(0xffffffffffffff9c, &(0x7f0000000640)='.log\x00', 0xa5d, 0x1)
syz_clone(0x2000400, 0x0, 0xfffffebf, 0x0, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000340)='pids.current\x00', 0x275a, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpu.stat\x00', 0x275a, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='freezer.state\x00', 0x275a, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_service_time_recursive\x00', 0x275a, 0x0)

kernel console output (not intermixed with test programs):

 fsync data, check_only: 0
[  127.503802][ T6321] loop4: detected capacity change from 0 to 64
[  127.524514][ T6317] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  127.594996][   T30] audit: type=1800 audit(1778584915.221:2): pid=6321 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.126" name="file1" dev="loop4" ino=5 res=0 errno=0
[  127.623948][ T6321] syz.4.126: attempt to access beyond end of device
[  127.623948][ T6321] loop4: rw=0, sector=8192, nr_sectors = 2 limit=64
[  127.666459][ T6292] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  127.666552][ T6321] Buffer I/O error on dev loop4, logical block 4096, async page read
[  127.695713][   T30] audit: type=1800 audit(1778584915.271:3): pid=6317 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.128" name="file0" dev="loop1" ino=13 res=0 errno=0
[  127.758113][ T5625] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  127.784018][ T6321] syz.4.126: attempt to access beyond end of device
[  127.784018][ T6321] loop4: rw=0, sector=8192, nr_sectors = 2 limit=64
[  127.799272][ T6321] Buffer I/O error on dev loop4, logical block 4096, async page read
[  127.820830][   T30] audit: type=1800 audit(1778584915.461:4): pid=6321 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.126" name="file1" dev="loop4" ino=5 res=0 errno=0
[  127.860565][ T6325] netlink: 'syz.5.125': attribute type 6 has an invalid length.
[  127.899095][ T6325] netlink: 'syz.5.125': attribute type 4 has an invalid length.
[  128.066494][ T5629] syz-executor: attempt to access beyond end of device
[  128.066494][ T5629] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  128.135932][ T5629] CPU: 1 UID: 0 PID: 5629 Comm: syz-executor Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  128.135969][ T5629] Tainted: [L]=SOFTLOCKUP
[  128.135978][ T5629] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  128.135991][ T5629] Call Trace:
[  128.136001][ T5629]  <TASK>
[  128.136010][ T5629]  dump_stack_lvl+0xe8/0x150
[  128.136043][ T5629]  f2fs_stop_checkpoint+0x3c7/0x590
[  128.136077][ T5629]  f2fs_write_end_io+0x1274/0x1740
[  128.136133][ T5629]  __submit_merged_bio+0x256/0x6a0
[  128.136168][ T5629]  __submit_merged_write_cond+0x3c9/0x4e0
[  128.136220][ T5629]  ? __pfx___submit_merged_write_cond+0x10/0x10
[  128.136279][ T5629]  ? srso_alias_return_thunk+0x5/0xfbef5
[  128.136320][ T5629]  f2fs_write_data_pages+0x287e/0x34f0
[  128.136351][ T5629]  ? srso_alias_return_thunk+0x5/0xfbef5
[  128.136427][ T5629]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  128.136455][ T5629]  ? is_bpf_text_address+0x26/0x2b0
[  128.136495][ T5629]  ? arch_stack_walk+0xfb/0x150
[  128.136560][ T5629]  ? srso_alias_return_thunk+0x5/0xfbef5
[  128.136588][ T5629]  ? add_lock_to_list+0xc7/0x100
[  128.136624][ T5629]  ? srso_alias_return_thunk+0x5/0xfbef5
[  128.136652][ T5629]  ? __lock_acquire+0x146e/0x2cf0
[  128.136710][ T5629]  ? srso_alias_return_thunk+0x5/0xfbef5
[  128.136739][ T5629]  ? do_raw_spin_lock+0x12b/0x2f0
[  128.136784][ T5629]  ? srso_alias_return_thunk+0x5/0xfbef5
[  128.136817][ T5629]  ? srso_alias_return_thunk+0x5/0xfbef5
[  128.136845][ T5629]  ? do_raw_spin_unlock+0xf5/0x210
[  128.136883][ T5629]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  128.136915][ T5629]  do_writepages+0x32e/0x550
[  128.136943][ T5629]  ? srso_alias_return_thunk+0x5/0xfbef5
[  128.136974][ T5629]  ? srso_alias_return_thunk+0x5/0xfbef5
[  128.137007][ T5629]  ? srso_alias_return_thunk+0x5/0xfbef5
[  128.137036][ T5629]  ? do_raw_spin_unlock+0xf5/0x210
[  128.137077][ T5629]  filemap_fdatawrite+0x1e9/0x2f0
[  128.137109][ T5629]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  128.137178][ T5629]  ? srso_alias_return_thunk+0x5/0xfbef5
[  128.137210][ T5629]  ? srso_alias_return_thunk+0x5/0xfbef5
[  128.137244][ T5629]  ? do_raw_spin_unlock+0xf5/0x210
[  128.137286][ T5629]  f2fs_sync_dirty_inodes+0x30e/0x830
[  128.137336][ T5629]  f2fs_write_checkpoint+0x9df/0x26a0
[  128.137367][ T5629]  ? __lock_acquire+0x6b5/0x2cf0
[  128.137434][ T5629]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  128.137465][ T5629]  ? srso_alias_return_thunk+0x5/0xfbef5
[  128.137557][ T5629]  kill_f2fs_super+0x314/0x730
[  128.137595][ T5629]  ? __pfx_kill_f2fs_super+0x10/0x10
[  128.137641][ T5629]  ? srso_alias_return_thunk+0x5/0xfbef5
[  128.137669][ T5629]  ? lockdep_hardirqs_on+0x7a/0x110
[  128.137704][ T5629]  ? srso_alias_return_thunk+0x5/0xfbef5
[  128.137749][ T5629]  deactivate_locked_super+0xbc/0x130
[  128.137785][ T5629]  cleanup_mnt+0x437/0x4d0
[  128.137822][ T5629]  ? _raw_spin_unlock_irq+0x23/0x50
[  128.137859][ T5629]  task_work_run+0x1d9/0x270
[  128.137899][ T5629]  ? __pfx_task_work_run+0x10/0x10
[  128.137947][ T5629]  exit_to_user_mode_loop+0xf3/0x4d0
[  128.137971][ T5629]  ? rcu_is_watching+0x15/0xb0
[  128.138003][ T5629]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  128.138030][ T5629]  do_syscall_64+0x33e/0xf80
[  128.138064][ T5629]  ? trace_irq_disable+0x3b/0x140
[  128.138109][ T5629]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  128.138133][ T5629] RIP: 0033:0x7f807139e017
[  128.138155][ T5629] Code: a2 c7 05 dc 06 25 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8
[  128.138174][ T5629] RSP: 002b:00007ffe870d7b08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  128.138199][ T5629] RAX: 0000000000000000 RBX: 00007f8071432120 RCX: 00007f807139e017
[  128.138216][ T5629] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffe870d7bc0
[  128.138231][ T5629] RBP: 00007ffe870d7bc0 R08: 00007ffe870d8bc0 R09: 00000000ffffffff
[  128.138247][ T5629] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffe870d8c50
[  128.138262][ T5629] R13: 00007f8071432120 R14: 000000000001f3ba R15: 00007ffe870d8c90
[  128.138301][ T5629]  </TASK>
[  128.559380][ T5629] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  128.842553][ T5757] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  129.013756][ T5874] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  129.500902][ T5874] usb 2-1: Using ep0 maxpacket: 16
[  129.506677][ T6339] loop0: detected capacity change from 0 to 2048
[  129.515872][ T5874] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  129.527670][ T5874] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  129.533650][ T5757] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  129.542053][ T5874] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  129.570718][ T5757] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  129.590825][ T5874] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  129.616519][ T5757] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  129.617636][ T6340] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  129.644278][ T5874] usb 2-1: Product: syz
[  129.663721][ T5874] usb 2-1: Manufacturer: syz
[  129.668267][ T5757] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  129.669422][ T5874] usb 2-1: SerialNumber: syz
[  129.702810][ T5757] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  129.711133][ T5874] usb 2-1: 0:2 : does not exist
[  129.711257][ T5874] usb 2-1: unit 9 not found!
[  129.744652][ T6342] input: syz0 as /devices/virtual/input/input7
[  129.806271][ T6340] NILFS (loop0): vblocknr = 23 has abnormal lifetime: start cno (= 4294967298) > current cno (= 3)
[  129.815876][ T5757] usb 5-1: config 0 descriptor??
[  129.825418][ T6340] NILFS error (device loop0): nilfs_bmap_propagate: broken bmap (inode number=4)
[  129.866361][ T6340] Remounting filesystem read-only
[  129.875979][ T5618] NILFS (loop0): disposed unprocessed dirty file(s) when stopping log writer
[  129.933226][ T5874] usb 2-1: 4:0: cannot get min/max values for control 1 (id 4)
[  129.973477][ T5874] usb 2-1: 4:0: cannot get min/max values for control 2 (id 4)
[  130.182832][ T5874] usb 2-1: USB disconnect, device number 5
[  130.294503][ T6346] netlink: 64 bytes leftover after parsing attributes in process `syz.0.135'.
[  130.311116][ T6348] loop3: detected capacity change from 0 to 512
[  130.342529][ T5757] plantronics 0003:047F:FFFF.0004: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[  130.404004][ T6348] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  130.518600][ T6348] ext4 filesystem being mounted at /29/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  130.544960][  T987] usb 5-1: USB disconnect, device number 7
[  130.981501][ T6360] loop2: detected capacity change from 0 to 32768
[  131.004769][ T6360] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.140 (6360)
[  131.044841][ T5619] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  131.724434][ T6360] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  131.734649][ T6360] BTRFS info (device loop2): using crc32c checksum algorithm
[  131.776266][ T6356] loop0: detected capacity change from 0 to 131072
[  131.777343][ T6360] BTRFS info (device loop2): setting nodatasum
[  131.789034][ T6360] BTRFS info (device loop2): setting nodatacow
[  131.795266][ T6360] BTRFS info (device loop2): turning on async discard
[  131.804003][ T6360] BTRFS info (device loop2): enabling free space tree
[  131.812388][ T6360] BTRFS info (device loop2): enabling auto defrag
[  131.818812][ T6360] BTRFS info (device loop2): max_inline set to 0
[  131.885527][ T6360] BTRFS info (device loop2): scrub: started on devid 1
[  131.906436][ T6360] BTRFS info (device loop2): scrub: finished on devid 1 with status: 0
[  131.913640][ T6356] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  131.933285][ T6356] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  131.985010][ T6372] loop5: detected capacity change from 0 to 256
[  132.022186][ T5629] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  132.034217][   T30] audit: type=1804 audit(1778584919.641:5): pid=6356 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.139" name="/newroot/24/file1/bus" dev="loop0" ino=10 res=1 errno=0
[  132.061341][ T1308] ieee802154 phy0 wpan0: encryption failed: -22
[  132.070717][ T1308] ieee802154 phy1 wpan1: encryption failed: -22
[  133.108280][ T6410] loop4: detected capacity change from 0 to 2048
[  133.176932][ T6410] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  133.532240][ T6053] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1317: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  133.554161][ T6395] loop1: detected capacity change from 0 to 32768
[  133.597998][ T6053] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 10 with error 28
[  133.635738][ T6395] XFS (loop1): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  133.680936][ T6053] EXT4-fs (loop4): This should not happen!! Data will be lost
[  133.680936][ T6053] 
[  133.725160][ T6053] EXT4-fs (loop4): Total free blocks count 0
[  133.766357][ T6053] EXT4-fs (loop4): Free/Dirty block details
[  133.798461][ T6395] XFS (loop1): Ending clean mount
[  133.814651][ T6053] EXT4-fs (loop4): free_blocks=2415919504
[  133.847685][ T6400] loop3: detected capacity change from 0 to 32768
[  133.848530][ T6053] EXT4-fs (loop4): dirty_blocks=16
[  133.864318][ T6053] EXT4-fs (loop4): Block reservation details
[  133.871480][ T6053] EXT4-fs (loop4): i_reserved_data_blocks=1
[  133.889180][ T5633] EXT4-fs warning (device loop4): ext4_evict_inode:195: inode #18: comm syz-executor: data will be lost
[  133.889669][ T6395] XFS (loop1): Quotacheck needed: Please wait.
[  133.952477][ T5633] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  134.079734][ T6395] XFS (loop1): Quotacheck: Done.
[  134.184763][ T5625] XFS (loop1): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  134.480029][   T24] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  134.650705][   T24] usb 5-1: Using ep0 maxpacket: 16
[  134.686002][   T24] usb 5-1: New USB device found, idVendor=0d8c, idProduct=0102, bcdDevice= 0.40
[  134.711644][   T24] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  134.735734][ T6432] loop2: detected capacity change from 0 to 1024
[  134.744544][   T24] usb 5-1: Product: syz
[  134.753187][   T24] usb 5-1: Manufacturer: syz
[  134.763003][   T24] usb 5-1: SerialNumber: syz
[  134.768804][ T6434] loop1: detected capacity change from 0 to 512
[  134.826296][ T6434] EXT4-fs (loop1): 1 truncate cleaned up
[  134.838384][ T6423] loop5: detected capacity change from 0 to 32768
[  134.851226][ T6434] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  134.873315][ T6423] btrfs: Deprecated parameter 'usebackuproot'
[  134.906613][ T6423] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  134.926247][   T30] audit: type=1800 audit(1778584922.561:6): pid=6434 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.158" name="file1" dev="loop1" ino=13 res=0 errno=0
[  134.941437][ T6423] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.156 (6423)
[  135.051663][   T24] snd-usb-audio 5-1:1.0: probe with driver snd-usb-audio failed with error -71
[  135.063641][ T6440] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.158: bg 0: block 465: padding at end of block bitmap is not set
[  135.097089][   T24] usb 5-1: USB disconnect, device number 8
[  135.134614][ T6440] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6679: Corrupt filesystem
[  135.170925][ T6423] BTRFS info (device loop5): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  135.174396][ T6440] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #13: comm syz.1.158: invalid indirect mapped block 234881024 (level 0)
[  135.201958][ T6423] BTRFS info (device loop5): using crc32c checksum algorithm
[  135.347641][ T6423] BTRFS info (device loop5): rebuilding free space tree
[  135.544636][ T6423] BTRFS info (device loop5): enabling ssd optimizations
[  135.561578][ T6423] BTRFS info (device loop5): using spread ssd allocation scheme
[  135.574898][ T6423] BTRFS info (device loop5): turning on flush-on-commit
[  135.583962][ T6454] loop0: detected capacity change from 0 to 4096
[  135.598315][ T6423] BTRFS info (device loop5): enabling free space tree
[  135.611602][ T6454] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512).
[  135.620034][ T6423] BTRFS info (device loop5): force clearing of disk cache
[  135.649163][ T6423] BTRFS info (device loop5): trying to use backup root at mount time
[  135.677937][ T6423] BTRFS info (device loop5): force zlib compression, level 3
[  135.914108][   T30] audit: type=1800 audit(1778584923.551:7): pid=6423 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.156" name="file1" dev="loop5" ino=260 res=0 errno=0
[  135.970911][ T5625] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  136.306396][ T6468] overlayfs: overlapping lowerdir path
[  136.905783][ T5627] BTRFS info (device loop5): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  138.477946][ T6495] loop3: detected capacity change from 0 to 512
[  138.549979][ T6495] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  138.724569][ T6463] loop2: detected capacity change from 0 to 32768
[  138.783616][ T6463] XFS (loop2): Mounting V5 Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[  138.945740][ T6463] XFS (loop2): Ending clean mount
[  139.117514][ T5619] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  139.768488][ T5629] XFS (loop2): Unmounting Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[  139.867682][ T6494] loop1: detected capacity change from 0 to 32768
[  139.944209][ T6483] loop5: detected capacity change from 0 to 32768
[  139.956390][ T6483] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.167 (6483)
[  140.019849][ T6483] BTRFS info (device loop5): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  140.037942][ T6483] BTRFS info (device loop5): using sha256 checksum algorithm
[  140.048948][ T6494] XFS (loop1): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  140.090217][ T5874] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[  140.096474][ T6524] genirq: Flags mismatch irq 4. 00200000 (aio_iiro_16) vs. 00200080 (ttyS0)
[  140.141544][ T6494] XFS (loop1): Ending clean mount
[  140.188729][ T6483] BTRFS info (device loop5): rebuilding free space tree
[  140.207380][ T6542] loop2: detected capacity change from 0 to 128
[  140.237889][ T6542] EXT4-fs (loop2): Test dummy encryption mode enabled
[  140.250076][ T5874] usb 4-1: Using ep0 maxpacket: 8
[  140.259607][ T5874] usb 4-1: config 0 has an invalid interface number: 55 but max is 0
[  140.282464][ T5874] usb 4-1: config 0 has no interface number 0
[  140.299959][ T5874] usb 4-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  140.319014][ T5874] usb 4-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[  140.330739][ T5874] usb 4-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  140.341763][ T5874] usb 4-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  140.354769][ T5874] usb 4-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  140.364566][ T5874] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  140.379080][ T5874] usb 4-1: config 0 descriptor??
[  140.392814][ T6542] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  140.432508][ T6483] BTRFS warning (device loop5): discard failed for extent [5328896, 5345279]: errno=-512 unknown
[  140.483196][ T6542] ext4 filesystem being mounted at /28/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  140.489993][ T5874] ldusb 4-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[  140.494328][ T6483] BTRFS info (device loop5): disabling free space tree
[  140.537681][ T6483] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  140.559169][ T5625] XFS (loop1): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  140.593356][ T6483] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  140.713241][ T6483] BTRFS warning (device loop5): discard failed for extent [5345280, 5353471]: errno=-512 unknown
[  140.757226][ T5757] usb 4-1: USB disconnect, device number 2
[  140.786819][ T6483] BTRFS warning (device loop5): discard failed for extent [6881280, 6885375]: errno=-512 unknown
[  140.814472][ T6483] BTRFS info (device loop5): setting nodatasum
[  140.832802][ T5629] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  140.844401][ T6483] BTRFS info (device loop5): setting nodatacow
[  140.859762][ T5757] ldusb 4-1:0.55: LD USB Device #0 now disconnected
[  140.908575][ T6483] BTRFS info (device loop5): turning off barriers
[  140.943353][ T6549] loop0: Can't mount, would change RO state
[  140.950139][ T6483] BTRFS info (device loop5): turning on sync discard
[  140.993850][ T6483] BTRFS info (device loop5): force clearing of disk cache
[  141.117307][ T5627] BTRFS info (device loop5): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  141.671515][ T6546] loop0: detected capacity change from 0 to 32768
[  141.684133][ T6546] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.180 (6546)
[  141.752333][ T6546] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  141.770404][ T6546] BTRFS info (device loop0): using sha256 checksum algorithm
[  141.885689][    T9] usb 5-1: new full-speed USB device number 9 using dummy_hcd
[  141.918484][ T6546] BTRFS info (device loop0): enabling ssd optimizations
[  141.963735][ T6546] BTRFS info (device loop0): turning on async discard
[  141.996353][ T6546] BTRFS info (device loop0): enabling free space tree
[  142.013253][ T6589] loop1: detected capacity change from 0 to 512
[  142.070209][ T5757] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  142.103908][    T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 13961, setting to 64
[  142.125882][    T9] usb 5-1: New USB device found, idVendor=056a, idProduct=5000, bcdDevice= 0.00
[  142.133753][ T6589] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  142.146627][    T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  142.158524][ T6589] ext4 filesystem being mounted at /25/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  142.173309][    T9] usb 5-1: config 0 descriptor??
[  142.180109][ T6564] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  142.275091][ T5618] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  142.459238][ T6593] loop2: detected capacity change from 0 to 32768
[  142.466939][ T6593] btrfs: Deprecated parameter 'usebackuproot'
[  142.473070][ T6593] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  142.483756][ T6593] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.193 (6593)
[  142.505272][ T6593] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  142.516906][ T6593] BTRFS info (device loop2): using crc32c checksum algorithm
[  142.527556][ T5757] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  142.539038][ T5757] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  142.554089][ T5757] usb 6-1: New USB device found, idVendor=1038, idProduct=12b6, bcdDevice= 0.00
[  142.565686][ T5757] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  142.593269][ T5757] usb 6-1: config 0 descriptor??
[  142.614358][ T6598] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  142.681063][   T48] BTRFS warning (device loop2): checksum verify failed on logical 5337088 mirror 1 wanted 0xe63dbdda found 0xc926492d level 0
[  142.710314][ T5625] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  142.750356][ T6608] iommufd_mock iommufd_mock1: Adding to iommu group 1
[  142.803754][ T6593] BTRFS error (device loop2): failed to load root extent
[  142.810998][ T6593] BTRFS warning (device loop2): try to load backup roots slot 1
[  142.824954][ T6051] BTRFS warning (device loop2): checksum verify failed on logical 5324800 mirror 1 wanted 0x9f73850b found 0x80379423 level 0
[  142.839481][ T5757] usbhid 6-1:0.0: can't add hid device: -71
[  142.863202][ T5757] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[  142.902769][ T5757] usb 6-1: USB disconnect, device number 4
[  142.913556][ T6593] BTRFS warning (device loop2): couldn't read tree root
[  142.920960][ T6593] BTRFS warning (device loop2): try to load backup roots slot 2
[  142.929474][ T6051] BTRFS error (device loop2): level verify failed on logical 5255168 mirror 1 wanted 0 found 1
[  142.975373][ T6593] BTRFS warning (device loop2): couldn't read tree root
[  142.982396][ T6593] BTRFS warning (device loop2): try to load backup roots slot 3
[  143.013662][ T6593] BTRFS info (device loop2): rebuilding free space tree
[  143.018142][ T6613] i2c i2c-0: Frontend requested software zigzag, but didn't set the frequency step size
[  143.026518][    T9] hid_parser_main: 468 callbacks suppressed
[  143.026538][    T9] wacom 0003:056A:5000.0005: unknown main item tag 0x0
[  143.069686][ T6593] BTRFS info (device loop2): checking UUID tree
[  143.090313][ T6593] BTRFS info (device loop2): enabling ssd optimizations
[  143.097288][ T6593] BTRFS info (device loop2): turning on async discard
[  143.104118][ T6593] BTRFS info (device loop2): enabling free space tree
[  143.110916][ T6593] BTRFS info (device loop2): force clearing of disk cache
[  143.118022][ T6593] BTRFS info (device loop2): enabling auto defrag
[  143.124491][ T6593] BTRFS info (device loop2): trying to use backup root at mount time
[  143.132590][ T6593] BTRFS info (device loop2): use zstd compression, level 3
[  143.151307][    T9] wacom 0003:056A:5000.0005: unknown main item tag 0x0
[  143.183066][    T9] wacom 0003:056A:5000.0005: unknown main item tag 0x0
[  143.199955][    T9] wacom 0003:056A:5000.0005: unknown main item tag 0x0
[  143.214980][    T9] wacom 0003:056A:5000.0005: unknown main item tag 0x0
[  143.251419][    T9] wacom 0003:056A:5000.0005: unknown main item tag 0x0
[  143.271474][    T9] wacom 0003:056A:5000.0005: unknown main item tag 0x0
[  143.319774][    T9] wacom 0003:056A:5000.0005: unknown main item tag 0x0
[  143.360825][    T9] wacom 0003:056A:5000.0005: unknown main item tag 0x0
[  143.368129][    T9] wacom 0003:056A:5000.0005: unknown main item tag 0x0
[  143.402961][    T9] wacom 0003:056A:5000.0005: hidraw0: USB HID v7f.fd Device [HID 056a:5000] on usb-dummy_hcd.4-1/input0
[  143.468316][    T9] usb 5-1: USB disconnect, device number 9
[  143.500049][ T5757] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  143.565376][ T5629] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  143.666300][ T6621] fido_id[6621]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.4/usb5/report_descriptor': No such file or directory
[  143.718368][ T5757] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  143.736730][ T6627] loop1: detected capacity change from 0 to 4096
[  143.740444][   T24] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  143.758507][ T5757] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  143.813405][ T5757] usb 6-1: New USB device found, idVendor=1038, idProduct=12b6, bcdDevice= 0.00
[  143.883594][ T5757] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  144.150882][   T24] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  144.388086][   T24] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  144.602808][   T24] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  144.873964][ T5757] usb 6-1: config 0 descriptor??
[  144.881479][   T24] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  144.945287][   T24] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  144.990722][ T5757] usb 6-1: can't set config #0, error -71
[  145.007563][ T5757] usb 6-1: USB disconnect, device number 5
[  145.013000][   T24] usb 4-1: config 0 descriptor??
[  145.477239][ T5757] IPVS: starting estimator thread 0...
[  145.548519][ T5765] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  145.730635][ T6642] IPVS: using max 23 ests per chain, 55200 per kthread
[  146.071988][   T24] plantronics 0003:047F:FFFF.0006: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[  146.189277][   T24] usb 4-1: USB disconnect, device number 3
[  146.241954][ T5765] usb 1-1: Using ep0 maxpacket: 16
[  146.269668][ T5765] usb 1-1: New USB device found, idVendor=0471, idProduct=0327, bcdDevice=61.a4
[  146.314159][ T5765] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  147.199133][ T6650] loop2: detected capacity change from 0 to 131072
[  147.228117][ T6650] F2FS-fs (loop2): invalid crc value
[  147.239164][ T5765] usb 1-1: config 0 descriptor??
[  147.263044][ T6645] fido_id[6645]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/report_descriptor': No such file or directory
[  147.264069][ T5765] gspca_main: sonixj-2.14.0 probing 0471:0327
[  147.313822][ T6661] loop1: detected capacity change from 0 to 256
[  147.397590][ T6661] exFAT-fs (loop1): failed to load upcase table (idx : 0x0001e4a3, chksum : 0x009ea0b8, utbl_chksum : 0x7319d30d)
[  147.435139][ T6650] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  147.447961][ T6650] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4
[  147.471027][    T9] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  147.660059][    T9] usb 5-1: Using ep0 maxpacket: 16
[  147.728342][    T9] usb 5-1: config 0 has no interfaces?
[  147.799037][    T9] usb 5-1: New USB device found, idVendor=4752, idProduct=0011, bcdDevice=32.4f
[  147.799996][   T24] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  148.500067][    T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  148.558574][    T9] usb 5-1: Product: syz
[  148.584302][    T9] usb 5-1: Manufacturer: syz
[  148.596544][    T9] usb 5-1: SerialNumber: syz
[  148.758068][   T24] usb 4-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  148.787677][    T9] usb 5-1: config 0 descriptor??
[  148.789965][   T24] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  148.819937][   T24] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  148.840234][   T24] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  148.904970][   T24] usb 4-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  148.954828][   T24] usb 4-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  149.000072][   T24] usb 4-1: Manufacturer: syz
[  149.019947][   T24] usb 4-1: config 0 descriptor??
[  149.078588][ T6656] netlink: 4 bytes leftover after parsing attributes in process `syz.4.209'.
[  149.109964][ T5765] gspca_sonixj: i2c_w8 err -71
[  149.141532][ T5765] sonixj 1-1:0.0: probe with driver sonixj failed with error -71
[  149.158378][  T987] usb 5-1: USB disconnect, device number 10
[  149.174399][ T5765] usb 1-1: USB disconnect, device number 5
[  149.359973][    T9] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  149.482378][   T24] hid_parser_main: 441 callbacks suppressed
[  149.482402][   T24] appleir 0003:05AC:8243.0007: unknown main item tag 0x0
[  149.521236][    T9] usb 2-1: Using ep0 maxpacket: 8
[  149.537709][   T24] appleir 0003:05AC:8243.0007: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.3-1/input0
[  149.556070][    T9] usb 2-1: config 0 has an invalid interface number: 55 but max is 0
[  149.579144][    T9] usb 2-1: config 0 has no interface number 0
[  149.604308][    T9] usb 2-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  149.650423][    T9] usb 2-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[  149.698325][    T9] usb 2-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  149.744208][    T9] usb 2-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  149.783069][ T6673] loop5: detected capacity change from 0 to 32768
[  149.808587][    T9] usb 2-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  149.840545][    T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  149.856230][ T6673] XFS (loop5): DAX unsupported by block device. Turning off DAX.
[  149.878102][    T9] usb 2-1: config 0 descriptor??
[  149.891172][ T6683] netlink: 24 bytes leftover after parsing attributes in process `syz.0.217'.
[  149.903593][ T6673] XFS (loop5): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  149.935593][ T6683] netlink: 40 bytes leftover after parsing attributes in process `syz.0.217'.
[  149.945416][ T6687] loop4: detected capacity change from 0 to 128
[  149.966420][    T9] ldusb 2-1:0.55: LD USB Device #1 now attached to major 180 minor 1
[  149.988011][ T6687] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=16, mo=a84ec018, mo2=0002]
[  150.000229][ T6687] System zones: 1-3, 19-19, 35-36
[  150.056142][ T6687] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback.
[  150.151898][ T6687] ext4 filesystem being mounted at /44/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  150.273168][ T6673] XFS (loop5): Ending clean mount
[  150.353544][ T6673] XFS (loop5): Quotacheck needed: Please wait.
[  150.482119][ T6673] XFS (loop5): Quotacheck: Done.
[  151.012200][ T5627] XFS (loop5): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  151.085981][ T5633] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  151.372370][ T6699] loop0: detected capacity change from 0 to 4096
[  151.412416][ T6699] EXT4-fs (loop0): Test dummy encryption mode enabled
[  151.448997][ T6699] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c018, mo2=0103]
[  151.475425][ T6699] System zones: 0-5
[  151.486513][ T6699] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  151.623809][  T987] usb 2-1: USB disconnect, device number 7
[  151.706855][ T6699] fscrypt: AES-256-CBC-CTS using implementation "cts-cbc-aes-aesni"
[  151.716152][  T987] ldusb 2-1:0.55: LD USB Device #1 now disconnected
[  151.792692][ T6706] loop4: detected capacity change from 0 to 32768
[  151.846509][ T6706] XFS (loop4): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  151.957397][ T6706] XFS (loop4): Ending clean mount
[  151.973130][ T6706] XFS (loop4): Quotacheck needed: Please wait.
[  152.059797][ T5757] usb 4-1: USB disconnect, device number 4
[  152.061107][ T6721] overlayfs: failed lookup in lower (newroot/42, name='bus', err=-40): overlapping layers
[  152.109063][ T6706] XFS (loop4): Quotacheck: Done.
[  152.912183][   T30] audit: type=1800 audit(1778584940.101:8): pid=6727 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.223" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="loop4" ino=4429 res=0 errno=0
[  153.460643][ T5618] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  153.553165][ T5633] XFS (loop4): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  153.638996][ T6728] (syz.2.226,6728,1):ocfs2_fill_super:989 ERROR: superblock probe failed!
[  153.672586][ T6728] (syz.2.226,6728,0):ocfs2_fill_super:1177 ERROR: status = -22
[  153.936533][ T6730] evm: overlay not supported
[  153.975376][ T6736] loop4: detected capacity change from 0 to 256
[  154.082225][ T6736] FAT-fs (loop4): Directory bread(block 64) failed
[  154.106725][ T6736] FAT-fs (loop4): Directory bread(block 65) failed
[  154.122280][ T6736] FAT-fs (loop4): Directory bread(block 66) failed
[  154.140149][ T6736] FAT-fs (loop4): Directory bread(block 67) failed
[  154.166636][ T6736] FAT-fs (loop4): Directory bread(block 68) failed
[  154.185643][ T6736] FAT-fs (loop4): Directory bread(block 69) failed
[  154.207121][ T6736] FAT-fs (loop4): Directory bread(block 70) failed
[  154.220417][  T802] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  154.227584][ T6736] FAT-fs (loop4): Directory bread(block 71) failed
[  154.258036][ T6736] FAT-fs (loop4): Directory bread(block 72) failed
[  154.341205][ T6736] FAT-fs (loop4): Directory bread(block 73) failed
[  154.523908][  T802] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  154.818593][  T802] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  155.105969][  T802] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  155.157334][  T802] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  155.197978][  T802] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  155.259784][  T802] usb 1-1: config 0 descriptor??
[  155.647172][ T6761] loop2: detected capacity change from 0 to 128
[  156.221975][ T6763] loop3: detected capacity change from 0 to 32768
[  156.229484][ T6763] btrfs: Deprecated parameter 'usebackuproot'
[  156.235620][ T6763] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  156.245974][ T6763] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.241 (6763)
[  156.271481][ T6756] loop5: detected capacity change from 0 to 32768
[  156.411299][ T6756] XFS (loop5): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  156.436168][  T802] plantronics 0003:047F:FFFF.0008: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[  156.478221][ T6763] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  156.490126][ T6763] BTRFS info (device loop3): using crc32c checksum algorithm
[  156.625619][ T6756] XFS (loop5): Ending clean mount
[  156.629984][ T6053] BTRFS warning (device loop3): checksum verify failed on logical 5337088 mirror 1 wanted 0xe63dbdda found 0xc926492d level 0
[  156.657169][ T6763] BTRFS error (device loop3): failed to load root extent
[  156.664529][ T6763] BTRFS warning (device loop3): try to load backup roots slot 1
[  156.672571][ T6053] BTRFS warning (device loop3): checksum verify failed on logical 5324800 mirror 1 wanted 0x9f73850b found 0x80379423 level 0
[  156.711594][ T6763] BTRFS warning (device loop3): couldn't read tree root
[  156.718645][ T6763] BTRFS warning (device loop3): try to load backup roots slot 2
[  156.730067][  T802] usb 1-1: USB disconnect, device number 6
[  156.826158][ T5821] BTRFS error (device loop3): level verify failed on logical 5255168 mirror 1 wanted 0 found 1
[  156.960099][    T9] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  156.977455][ T6763] BTRFS warning (device loop3): couldn't read tree root
[  156.984761][ T6763] BTRFS warning (device loop3): try to load backup roots slot 3
[  157.072931][ T6763] BTRFS info (device loop3): rebuilding free space tree
[  157.139877][ T6763] BTRFS info (device loop3): checking UUID tree
[  157.153383][ T6763] BTRFS info (device loop3): enabling ssd optimizations
[  157.160445][ T6763] BTRFS info (device loop3): turning on async discard
[  157.167214][ T6763] BTRFS info (device loop3): enabling free space tree
[  157.174051][ T6763] BTRFS info (device loop3): force clearing of disk cache
[  157.181213][ T6763] BTRFS info (device loop3): trying to use backup root at mount time
[  157.189284][ T6763] BTRFS info (device loop3): force zlib compression, level 3
[  157.270323][    T9] usb 3-1: Using ep0 maxpacket: 32
[  157.335786][    T9] usb 3-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92
[  157.396794][    T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  157.507450][    T9] gspca_main: nw80x-2.14.0 probing 055f:d001
[  157.534284][ T5627] XFS (loop5): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  157.594319][ T5619] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  157.696852][  T802] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  157.721614][ T6838] orangefs_devreq_open: device cannot be opened in blocking mode
[  157.894051][  T802] usb 2-1: Using ep0 maxpacket: 32
[  157.920497][  T802] usb 2-1: config index 0 descriptor too short (expected 35577, got 27)
[  157.946424][  T802] usb 2-1: config 1 has too many interfaces: 92, using maximum allowed: 32
[  158.030138][  T802] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 92
[  158.081366][  T802] usb 2-1: config 1 has no interface number 0
[  158.151769][  T802] usb 2-1: config 1 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  158.227733][  T802] usb 2-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17
[  158.298437][  T802] usb 2-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8
[  158.351053][  T802] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  158.516109][  T802] snd_usb_pod 2-1:1.1: Line 6 Pocket POD found
[  158.540641][    T9] gspca_nw80x: reg_w err -71
[  158.561157][    T9] nw80x 3-1:3.0: probe with driver nw80x failed with error -71
[  158.641776][    T9] usb 3-1: USB disconnect, device number 4
[  158.704903][  T802] snd_usb_pod 2-1:1.1: Line 6 Pocket POD now attached
[  158.795814][ T6852] loop5: detected capacity change from 0 to 1024
[  158.836855][ T6852] hfsplus: failed to load extents file
[  159.112616][  T802] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  159.232590][    T9] usb 2-1: USB disconnect, device number 8
[  159.257586][    T9] snd_usb_pod 2-1:1.1: Line 6 Pocket POD now disconnected
[  159.300485][  T802] usb 4-1: Using ep0 maxpacket: 16
[  159.317371][  T802] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  159.346911][  T802] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  159.365711][  T802] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  159.383386][  T802] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  159.394130][ T6862] Illegal XDP return value 1344191872 on prog  (id 20) dev syz_tun, expect packet loss!
[  159.409627][  T802] usb 4-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  159.471442][  T802] usb 4-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  159.498218][  T802] usb 4-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  159.542569][  T802] usb 4-1: Manufacturer: syz
[  159.575148][  T802] usb 4-1: config 0 descriptor??
[  160.010339][  T802] rc_core: IR keymap rc-hauppauge not found
[  160.044949][  T802] Registered IR keymap rc-empty
[  160.073414][  T802] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  160.110354][  T802] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  160.168436][  T802] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0
[  160.244070][  T802] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0/input11
[  160.315555][  T802] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  160.352468][   T10] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  160.360483][  T802] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  160.410025][  T802] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  160.440341][  T802] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  160.483603][  T802] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  160.511140][ T6864] loop0: detected capacity change from 0 to 32768
[  160.524413][  T802] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  160.542189][ T6864] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.258 (6864)
[  160.563820][   T10] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  160.572608][  T802] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  160.585709][   T10] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  160.597531][ T5757] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  160.606406][  T802] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  160.619100][ T6864] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  160.632591][   T10] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66
[  160.646552][ T6864] BTRFS info (device loop0): using crc32c checksum algorithm
[  160.654107][  T802] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  160.661751][   T10] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  160.677253][   T10] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  160.692458][  T802] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  160.702756][   T10] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  160.712188][   T10] usb 6-1: Product: syz
[  160.716377][   T10] usb 6-1: Manufacturer: syz
[  160.723872][  T802] mceusb 4-1:0.0: Registered 424242424242 with mce emulator interface version 1
[  160.737050][  T802] mceusb 4-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  160.748187][   T10] cdc_wdm 6-1:1.0: skipping garbage
[  160.756033][   T10] cdc_wdm 6-1:1.0: skipping garbage
[  160.924649][ T6889] loop2: detected capacity change from 0 to 40427
[  160.945101][ T6889] F2FS-fs (loop2): invalid crc value
[  161.025808][ T6889] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[  161.036645][ T6889] F2FS-fs (loop2): Start checkpoint disabled!
[  161.046893][ T6889] F2FS-fs (loop2): f2fs_disable_checkpoint() finish, err:0
[  161.055973][ T6889] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[  161.064834][ T5757] usb 5-1: config 0 has an invalid interface number: 50 but max is 0
[  161.107431][  T802] usb 4-1: USB disconnect, device number 5
[  161.119521][ T5757] usb 5-1: config 0 has no interface number 0
[  161.131491][   T10] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device
[  161.180998][ T5757] usb 5-1: config 0 interface 50 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  161.200292][   T10] cdc_wdm 6-1:1.0: Unknown control protocol
[  161.210459][ T5757] usb 5-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=e6.fc
[  161.223310][ T5757] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  161.231735][ T5757] usb 5-1: Product: syz
[  161.235970][ T5757] usb 5-1: Manufacturer: syz
[  161.241114][ T5757] usb 5-1: SerialNumber: syz
[  161.284191][   T10] usb 6-1: USB disconnect, device number 6
[  161.338832][ T5757] usb 5-1: config 0 descriptor??
[  161.355235][ T6864] BTRFS info (device loop0): setting nodatasum
[  161.401562][ T6864] BTRFS info (device loop0): setting nodatacow
[  161.440047][ T6864] BTRFS info (device loop0): turning on async discard
[  161.449367][ T5757] yurex 5-1:0.50: USB YUREX device now attached to Yurex #1
[  161.476699][ T6864] BTRFS info (device loop0): enabling free space tree
[  161.505769][ T6889] syz.2.267: attempt to access beyond end of device
[  161.505769][ T6889] loop2: rw=2049, sector=77824, nr_sectors = 136 limit=40427
[  161.524366][ T6864] BTRFS info (device loop0): enabling auto defrag
[  161.577560][ T6864] BTRFS info (device loop0): trying to use backup root at mount time
[  161.616553][ T6864] BTRFS info (device loop0): max_inline set to 0
[  161.641484][  T151] kworker/u8:6: attempt to access beyond end of device
[  161.641484][  T151] loop2: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  161.678358][  T151] CPU: 1 UID: 0 PID: 151 Comm: kworker/u8:6 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  161.678398][  T151] Tainted: [L]=SOFTLOCKUP
[  161.678407][  T151] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  161.678422][  T151] Workqueue: writeback wb_workfn (flush-7:2)
[  161.678471][  T151] Call Trace:
[  161.678480][  T151]  <TASK>
[  161.678490][  T151]  dump_stack_lvl+0xe8/0x150
[  161.678520][  T151]  f2fs_stop_checkpoint+0x3c7/0x590
[  161.678554][  T151]  f2fs_write_end_io+0x1274/0x1740
[  161.678610][  T151]  __submit_merged_bio+0x256/0x6a0
[  161.678645][  T151]  __submit_merged_write_cond+0x3c9/0x4e0
[  161.678699][  T151]  ? __pfx___submit_merged_write_cond+0x10/0x10
[  161.678760][  T151]  ? srso_alias_return_thunk+0x5/0xfbef5
[  161.678801][  T151]  f2fs_write_data_pages+0x287e/0x34f0
[  161.678874][  T151]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  161.678985][  T151]  ? srso_alias_return_thunk+0x5/0xfbef5
[  161.679015][  T151]  ? __lock_acquire+0x6b5/0x2cf0
[  161.679073][  T151]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  161.679103][  T151]  do_writepages+0x32e/0x550
[  161.679135][  T151]  ? srso_alias_return_thunk+0x5/0xfbef5
[  161.679161][  T151]  ? reacquire_held_locks+0x104/0x190
[  161.679197][  T151]  ? writeback_sb_inodes+0x463/0x19d0
[  161.679230][  T151]  __writeback_single_inode+0x133/0x10e0
[  161.679256][  T151]  ? do_raw_spin_unlock+0xf5/0x210
[  161.679292][  T151]  writeback_sb_inodes+0x979/0x19d0
[  161.679317][  T151]  ? __lock_acquire+0x6b5/0x2cf0
[  161.679371][  T151]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  161.679397][  T151]  ? do_raw_spin_lock+0x12b/0x2f0
[  161.679470][  T151]  ? srso_alias_return_thunk+0x5/0xfbef5
[  161.679497][  T151]  ? rcu_is_watching+0x15/0xb0
[  161.679525][  T151]  ? srso_alias_return_thunk+0x5/0xfbef5
[  161.679557][  T151]  wb_writeback+0x445/0xb00
[  161.679586][  T151]  ? queue_io+0x261/0x470
[  161.679618][  T151]  ? __pfx_wb_writeback+0x10/0x10
[  161.679639][  T151]  ? do_raw_spin_lock+0x12b/0x2f0
[  161.679689][  T151]  wb_workfn+0x3f8/0xf10
[  161.679724][  T151]  ? srso_alias_return_thunk+0x5/0xfbef5
[  161.679749][  T151]  ? look_up_lock_class+0x57/0x110
[  161.679800][  T151]  ? __pfx_wb_workfn+0x10/0x10
[  161.679834][  T151]  ? srso_alias_return_thunk+0x5/0xfbef5
[  161.679861][  T151]  ? lock_acquire+0x106/0x350
[  161.679888][  T151]  ? srso_alias_return_thunk+0x5/0xfbef5
[  161.679914][  T151]  ? do_raw_spin_lock+0x12b/0x2f0
[  161.679946][  T151]  ? lock_acquire+0x106/0x350
[  161.679971][  T151]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  161.680005][  T151]  ? srso_alias_return_thunk+0x5/0xfbef5
[  161.680033][  T151]  ? srso_alias_return_thunk+0x5/0xfbef5
[  161.680065][  T151]  ? srso_alias_return_thunk+0x5/0xfbef5
[  161.680095][  T151]  ? process_scheduled_works+0xa70/0x1860
[  161.680119][  T151]  ? process_scheduled_works+0xa70/0x1860
[  161.680145][  T151]  process_scheduled_works+0xb5d/0x1860
[  161.680174][  T151]  ? srso_alias_return_thunk+0x5/0xfbef5
[  161.680232][  T151]  ? __pfx_process_scheduled_works+0x10/0x10
[  161.680260][  T151]  ? srso_alias_return_thunk+0x5/0xfbef5
[  161.680285][  T151]  ? assign_work+0x3d5/0x5e0
[  161.680313][  T151]  worker_thread+0xa53/0xfc0
[  161.680356][  T151]  ? srso_alias_return_thunk+0x5/0xfbef5
[  161.680393][  T151]  kthread+0x388/0x470
[  161.680426][  T151]  ? __pfx_worker_thread+0x10/0x10
[  161.680447][  T151]  ? __pfx_kthread+0x10/0x10
[  161.680479][  T151]  ret_from_fork+0x514/0xb70
[  161.680507][  T151]  ? __pfx_ret_from_fork+0x10/0x10
[  161.680533][  T151]  ? srso_alias_return_thunk+0x5/0xfbef5
[  161.680561][  T151]  ? __switch_to+0xc79/0x1410
[  161.680601][  T151]  ? __pfx_kthread+0x10/0x10
[  161.680635][  T151]  ret_from_fork_asm+0x1a/0x30
[  161.680683][  T151]  </TASK>
[  162.442886][ T5765] usb 5-1: USB disconnect, device number 11
[  162.471790][  T151] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  162.486325][  T151] CPU: 0 UID: 0 PID: 151 Comm: kworker/u8:6 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  162.486352][  T151] Tainted: [L]=SOFTLOCKUP
[  162.486359][  T151] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  162.486370][  T151] Workqueue: writeback wb_workfn (flush-7:2)
[  162.486407][  T151] Call Trace:
[  162.486414][  T151]  <TASK>
[  162.486421][  T151]  dump_stack_lvl+0xe8/0x150
[  162.486444][  T151]  f2fs_stop_checkpoint+0x3c7/0x590
[  162.486473][  T151]  f2fs_write_end_io+0x1274/0x1740
[  162.486515][  T151]  __submit_merged_bio+0x256/0x6a0
[  162.486541][  T151]  __submit_merged_write_cond+0x3c9/0x4e0
[  162.486580][  T151]  ? __pfx___submit_merged_write_cond+0x10/0x10
[  162.486623][  T151]  ? srso_alias_return_thunk+0x5/0xfbef5
[  162.486652][  T151]  f2fs_write_data_pages+0x287e/0x34f0
[  162.486706][  T151]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  162.486788][  T151]  ? srso_alias_return_thunk+0x5/0xfbef5
[  162.486809][  T151]  ? __lock_acquire+0x6b5/0x2cf0
[  162.486851][  T151]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  162.486875][  T151]  do_writepages+0x32e/0x550
[  162.486901][  T151]  ? srso_alias_return_thunk+0x5/0xfbef5
[  162.486922][  T151]  ? reacquire_held_locks+0x104/0x190
[  162.486945][  T151]  ? writeback_sb_inodes+0x463/0x19d0
[  162.486971][  T151]  __writeback_single_inode+0x133/0x10e0
[  162.486994][  T151]  ? do_raw_spin_unlock+0xf5/0x210
[  162.487026][  T151]  writeback_sb_inodes+0x979/0x19d0
[  162.487045][  T151]  ? __lock_acquire+0x6b5/0x2cf0
[  162.487089][  T151]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  162.487109][  T151]  ? do_raw_spin_lock+0x12b/0x2f0
[  162.487174][  T151]  ? srso_alias_return_thunk+0x5/0xfbef5
[  162.487195][  T151]  ? rcu_is_watching+0x15/0xb0
[  162.487218][  T151]  ? srso_alias_return_thunk+0x5/0xfbef5
[  162.487247][  T151]  wb_writeback+0x445/0xb00
[  162.487271][  T151]  ? queue_io+0x261/0x470
[  162.487298][  T151]  ? __pfx_wb_writeback+0x10/0x10
[  162.487316][  T151]  ? do_raw_spin_lock+0x12b/0x2f0
[  162.487358][  T151]  wb_workfn+0x3f8/0xf10
[  162.487383][  T151]  ? srso_alias_return_thunk+0x5/0xfbef5
[  162.487404][  T151]  ? look_up_lock_class+0x57/0x110
[  162.487447][  T151]  ? __pfx_wb_workfn+0x10/0x10
[  162.487472][  T151]  ? srso_alias_return_thunk+0x5/0xfbef5
[  162.487493][  T151]  ? lock_acquire+0x106/0x350
[  162.487515][  T151]  ? srso_alias_return_thunk+0x5/0xfbef5
[  162.487536][  T151]  ? do_raw_spin_lock+0x12b/0x2f0
[  162.487561][  T151]  ? lock_acquire+0x106/0x350
[  162.487582][  T151]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  162.487611][  T151]  ? srso_alias_return_thunk+0x5/0xfbef5
[  162.487635][  T151]  ? srso_alias_return_thunk+0x5/0xfbef5
[  162.487661][  T151]  ? srso_alias_return_thunk+0x5/0xfbef5
[  162.487685][  T151]  ? process_scheduled_works+0xa70/0x1860
[  162.487704][  T151]  ? process_scheduled_works+0xa70/0x1860
[  162.487726][  T151]  process_scheduled_works+0xb5d/0x1860
[  162.487745][  T151]  ? srso_alias_return_thunk+0x5/0xfbef5
[  162.487793][  T151]  ? __pfx_process_scheduled_works+0x10/0x10
[  162.487818][  T151]  ? srso_alias_return_thunk+0x5/0xfbef5
[  162.487839][  T151]  ? assign_work+0x3d5/0x5e0
[  162.487862][  T151]  worker_thread+0xa53/0xfc0
[  162.487898][  T151]  ? srso_alias_return_thunk+0x5/0xfbef5
[  162.487927][  T151]  kthread+0x388/0x470
[  162.487952][  T151]  ? __pfx_worker_thread+0x10/0x10
[  162.487970][  T151]  ? __pfx_kthread+0x10/0x10
[  162.487996][  T151]  ret_from_fork+0x514/0xb70
[  162.488019][  T151]  ? __pfx_ret_from_fork+0x10/0x10
[  162.488038][  T151]  ? srso_alias_return_thunk+0x5/0xfbef5
[  162.488059][  T151]  ? __switch_to+0xc79/0x1410
[  162.488090][  T151]  ? __pfx_kthread+0x10/0x10
[  162.488115][  T151]  ret_from_fork_asm+0x1a/0x30
[  162.488153][  T151]  </TASK>
[  162.846226][  T151] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  163.439948][ T5765] yurex 5-1:0.50: USB YUREX #1 now disconnected
[  163.509999][   T24] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  163.749096][ T6919] loop1: detected capacity change from 0 to 32768
[  163.765555][   T24] usb 6-1: Using ep0 maxpacket: 32
[  163.778995][ T6919] ocfs2: Slot 0 on device (7,1) was already allocated to this node!
[  163.785985][   T24] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  163.802455][ T6919] JBD2: Ignoring recovery information on journal
[  163.810301][   T24] usb 6-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  163.819515][   T24] usb 6-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  163.832904][  T802] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  163.839945][   T24] usb 6-1: Product: syz
[  163.846629][   T24] usb 6-1: Manufacturer: syz
[  163.859533][   T24] usb 6-1: SerialNumber: syz
[  163.880230][ T6919] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  163.912430][   T24] usb 6-1: config 0 descriptor??
[  163.942145][   T30] audit: type=1800 audit(1778584951.581:9): pid=6919 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.273" name="file1" dev="loop1" ino=17058 res=0 errno=0
[  163.948068][ T6912] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  164.020246][  T802] usb 4-1: Using ep0 maxpacket: 32
[  164.119555][  T802] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  164.134732][  T802] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  164.150213][  T802] usb 4-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=de.8e
[  164.237936][   T30] audit: type=1804 audit(1778584951.791:10): pid=6922 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.273" name="/newroot/41/file0/file1" dev="loop1" ino=17058 res=1 errno=0
[  164.260394][  T802] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  164.270726][  T802] usb 4-1: Product: syz
[  164.280331][  T802] usb 4-1: Manufacturer: syz
[  164.285539][  T802] usb 4-1: SerialNumber: syz
[  164.377069][ T5618] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  164.406670][  T802] usb 4-1: config 0 descriptor??
[  164.627901][ T6924] loop4: detected capacity change from 0 to 32768
[  164.635155][ T6924] btrfs: Deprecated parameter 'usebackuproot'
[  164.641265][ T6924] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  164.667653][ T6924] BTRFS info: device /dev/loop4 (7:4) using temp-fsid b70b60d4-f6a3-4a46-8dc5-9a2b8343547a
[  164.679273][ T6924] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.274 (6924)
[  164.770347][ T6924] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  164.780819][ T6924] BTRFS info (device loop4): using crc32c checksum algorithm
[  164.962802][   T24] usb 6-1: USB disconnect, device number 7
[  164.972159][   T12] BTRFS warning (device loop4): checksum verify failed on logical 5337088 mirror 1 wanted 0xe63dbdda found 0xc926492d level 0
[  165.112077][ T6924] BTRFS error (device loop4): failed to load root extent
[  165.119181][ T6924] BTRFS warning (device loop4): try to load backup roots slot 1
[  165.127450][   T12] BTRFS warning (device loop4): checksum verify failed on logical 5324800 mirror 1 wanted 0x9f73850b found 0x80379423 level 0
[  165.205613][ T6924] BTRFS warning (device loop4): couldn't read tree root
[  165.212695][ T6924] BTRFS warning (device loop4): try to load backup roots slot 2
[  165.228218][   T12] BTRFS error (device loop4): level verify failed on logical 5255168 mirror 1 wanted 0 found 1
[  165.275279][ T6924] BTRFS warning (device loop4): couldn't read tree root
[  165.282304][ T6924] BTRFS warning (device loop4): try to load backup roots slot 3
[  165.347992][ T6924] BTRFS info (device loop4): rebuilding free space tree
[  165.399388][ T6924] BTRFS info (device loop4): checking UUID tree
[  165.409358][ T6924] BTRFS info (device loop4): enabling ssd optimizations
[  165.416390][ T6924] BTRFS info (device loop4): turning on async discard
[  165.423258][ T6924] BTRFS info (device loop4): enabling free space tree
[  165.430225][ T6924] BTRFS info (device loop4): force clearing of disk cache
[  165.437342][ T6924] BTRFS info (device loop4): enabling auto defrag
[  165.443843][ T6924] BTRFS info (device loop4): trying to use backup root at mount time
[  165.451968][ T6924] BTRFS info (device loop4): use zstd compression, level 3
[  165.668079][ T5625] ocfs2: Unmounting device (7,1) on (node local)
[  166.038986][ T5633] BTRFS info (device loop4): last unmount of filesystem b70b60d4-f6a3-4a46-8dc5-9a2b8343547a
[  166.810968][ T5758] usb 1-1: new full-speed USB device number 7 using dummy_hcd
[  166.926111][   T10] usb 4-1: USB disconnect, device number 6
[  167.497127][ T5758] usb 1-1: unable to get BOS descriptor or descriptor too short
[  167.636703][ T5758] usb 1-1: not running at top speed; connect to a high speed hub
[  167.678184][ T5758] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  167.724879][ T5758] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  167.780064][ T5758] usb 1-1: string descriptor 0 read error: -22
[  167.800647][ T5758] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  168.008185][ T5758] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  168.024385][ T5758] usb 1-1: 0:2 : does not exist
[  168.192532][ T6983] loop1: detected capacity change from 0 to 256
[  168.892197][ T6983] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x52c1951d, utbl_chksum : 0xe619d30d)
[  169.739920][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  169.863537][ T6995] loop1: detected capacity change from 0 to 256
[  169.919725][ T6995] exfat: Deprecated parameter 'utf8'
[  169.950030][ T6995] exfat: Deprecated parameter 'namecase'
[  169.973887][ T6995] exfat: Deprecated parameter 'namecase'
[  169.995953][ T6995] exfat: Deprecated parameter 'utf8'
[  170.082944][ T6995] exFAT-fs (loop1): failed to load upcase table (idx : 0x00012153, chksum : 0xc9bffc20, utbl_chksum : 0xe619d30d)
[  170.141974][ T6995] exFAT-fs (loop1): failed to test first cluster bit of root dir(5)
[  170.760087][ T7003] netlink: 'syz.1.289': attribute type 15 has an invalid length.
[  171.310107][    T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!!
[  172.460188][    T0] NOHZ tick-stop error: local softirq work is pending, handler #100!!!
[  172.686824][ T5758] usb 1-1: 5:0: cannot get min/max values for control 3 (id 5)
[  172.700643][ T7001] loop3: detected capacity change from 0 to 512
[  172.943350][ T7001] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  172.978303][ T5758] usb 1-1: 5:0: failed to get current value for ch 1 (-22)
[  173.021431][ T7001] EXT4-fs error (device loop3): ext4_orphan_get:1423: comm syz.3.292: bad orphan inode 131083
[  173.032189][ T7001] loop3: lost filesystem error report for type 5 error -117
[  173.041003][ T7001] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  173.153100][ T7009] EXT4-fs error (device loop3): htree_dirblock_to_tree:1080: inode #2: block 13: comm syz.3.292: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0
[  173.302638][ T7001] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  173.372801][ T5758] usb 1-1: USB disconnect, device number 7
[  173.617961][ T5619] EXT4-fs error (device loop3): htree_dirblock_to_tree:1080: inode #2: block 13: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0
[  173.710355][ T5765] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  173.871297][ T5765] usb 5-1: Using ep0 maxpacket: 32
[  173.931466][ T5765] usb 5-1: New USB device found, idVendor=041e, idProduct=400b, bcdDevice=3e.e7
[  173.965360][ T5765] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  174.004598][ T5765] usb 5-1: config 0 descriptor??
[  174.070248][ T5765] gspca_main: sunplus-2.14.0 probing 041e:400b
[  174.372689][ T5619] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  175.268772][ T5920] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  175.653954][ T5920] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  175.880428][ T5765] gspca_sunplus: reg_w_riv err -71
[  175.885670][ T5765] sunplus 5-1:0.0: probe with driver sunplus failed with error -71
[  175.903716][ T5920] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  176.016618][ T5765] usb 5-1: USB disconnect, device number 12
[  177.660194][    T0] NOHZ tick-stop error: local softirq work is pending, handler #82!!!
[  177.760064][ T5632] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  177.787305][ T5632] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  177.805609][ T5632] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  177.819023][ T5632] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  177.831637][ T5632] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  179.961869][ T5632] Bluetooth: hci1: command tx timeout
[  180.287021][ T5920] bridge_slave_1: left allmulticast mode
[  180.312463][ T5920] bridge_slave_1: left promiscuous mode
[  180.357316][ T5920] bridge0: port 2(bridge_slave_1) entered disabled state
[  180.504737][ T5920] bridge_slave_0: left allmulticast mode
[  180.532477][ T5920] bridge_slave_0: left promiscuous mode
[  180.561533][ T5920] bridge0: port 1(bridge_slave_0) entered disabled state
[  181.947701][ T7079] loop5: detected capacity change from 0 to 32768
[  181.977424][ T7079] XFS (loop5): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  182.041594][ T5632] Bluetooth: hci1: command tx timeout
[  182.049763][ T7079] XFS (loop5): Ending clean mount
[  182.065412][ T7079] XFS (loop5): Quotacheck needed: Please wait.
[  182.225647][ T7079] XFS (loop5): Quotacheck: Done.
[  183.799743][ T5758] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  183.866845][ T5758] hid-generic 0000:0000:0000.0009: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  183.913933][ T7109] loop1: detected capacity change from 0 to 4096
[  183.954903][ T7109] EXT4-fs: Ignoring removed orlov option
[  183.997037][ T7109] EXT4-fs (loop1): Test dummy encryption mode enabled
[  184.025509][ T5627] XFS (loop5): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  184.033926][ T7109] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  184.068141][ T5920] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  184.089856][ T5920] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  184.112837][ T5920] bond0 (unregistering): Released all slaves
[  184.131098][ T5632] Bluetooth: hci1: command tx timeout
[  184.149832][ T5280] 8021q: adding VLAN 0 to HW filter on device eth1
[  184.579451][ T5625] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  185.145460][ T7124] loop4: detected capacity change from 0 to 32768
[  185.235369][ T7124] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  185.243977][ T7124] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  185.302860][ T7124] gfs2: fsid=syz:syz.0: journal 0 mapped with 3 extents in 0ms
[  185.316277][  T802] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  185.334596][  T802] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  185.446259][   T30] audit: type=1326 audit(1778584973.071:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7125 comm="syz.0.324" exe="/root/ci-upstream-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa00379cdd9 code=0x7ffc0000
[  186.200064][ T5632] Bluetooth: hci1: command tx timeout
[  186.303481][   T30] audit: type=1326 audit(1778584973.821:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7125 comm="syz.0.324" exe="/root/ci-upstream-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa00379cdd9 code=0x7ffc0000
[  186.436591][ T7136] loop5: detected capacity change from 0 to 164
[  186.470825][   T30] audit: type=1326 audit(1778584973.821:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7125 comm="syz.0.324" exe="/root/ci-upstream-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=293 compat=0 ip=0x7fa00379cdd9 code=0x7ffc0000
[  186.610443][   T30] audit: type=1326 audit(1778584973.821:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7125 comm="syz.0.324" exe="/root/ci-upstream-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa00379cdd9 code=0x7ffc0000
[  186.642448][  T802] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 1307ms
[  186.670803][  T802] gfs2: fsid=syz:syz.0: jid=0: Done
[  186.690710][ T7124] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  186.705576][   T30] audit: type=1326 audit(1778584973.821:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7125 comm="syz.0.324" exe="/root/ci-upstream-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa00379cdd9 code=0x7ffc0000
[  186.749413][   T30] audit: type=1326 audit(1778584973.841:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7125 comm="syz.0.324" exe="/root/ci-upstream-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7fa00379cdd9 code=0x7ffc0000
[  187.026241][ T7124] gfs2: fsid=syz:syz.0: found 1 quota changes
[  187.052519][ T7143] loop0: detected capacity change from 0 to 32768
[  187.064742][ T7143] sysfs: cannot create duplicate filename '/fs/gfs2/syz:syz'
[  187.072738][ T7143] CPU: 1 UID: 0 PID: 7143 Comm: syz.0.328 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  187.072770][ T7143] Tainted: [L]=SOFTLOCKUP
[  187.072778][ T7143] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  187.072790][ T7143] Call Trace:
[  187.072798][ T7143]  <TASK>
[  187.072807][ T7143]  dump_stack_lvl+0xe8/0x150
[  187.072837][ T7143]  sysfs_create_dir_ns+0x271/0x2a0
[  187.072866][ T7143]  ? srso_alias_return_thunk+0x5/0xfbef5
[  187.072896][ T7143]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  187.072927][ T7143]  ? do_raw_spin_unlock+0xf5/0x210
[  187.072966][ T7143]  kobject_add_internal+0x62b/0xd00
[  187.073000][ T7143]  kobject_init_and_add+0x12b/0x1a0
[  187.073044][ T7143]  ? __pfx_kobject_init_and_add+0x10/0x10
[  187.073087][ T7143]  ? srso_alias_return_thunk+0x5/0xfbef5
[  187.073123][ T7143]  ? __raw_spin_lock_init+0x45/0x100
[  187.073159][ T7143]  ? srso_alias_return_thunk+0x5/0xfbef5
[  187.073186][ T7143]  ? __init_swait_queue_head+0xa9/0x150
[  187.073220][ T7143]  gfs2_sys_fs_add+0x257/0x480
[  187.073245][ T7143]  ? srso_alias_return_thunk+0x5/0xfbef5
[  187.073271][ T7143]  ? is_dynamic_key+0x1ac/0x1c0
[  187.073297][ T7143]  ? __pfx_gfs2_sys_fs_add+0x10/0x10
[  187.073333][ T7143]  ? __pfx_alloc_workqueue_noprof+0x10/0x10
[  187.073379][ T7143]  gfs2_fill_super+0x13a7/0x21d0
[  187.073440][ T7143]  ? __pfx_gfs2_fill_super+0x10/0x10
[  187.073476][ T7143]  ? srso_alias_return_thunk+0x5/0xfbef5
[  187.073504][ T7143]  ? srso_alias_return_thunk+0x5/0xfbef5
[  187.073528][ T7143]  ? sb_set_blocksize+0x155/0x240
[  187.073561][ T7143]  ? srso_alias_return_thunk+0x5/0xfbef5
[  187.073584][ T7143]  ? setup_bdev_super+0x4c1/0x5b0
[  187.073621][ T7143]  get_tree_bdev_flags+0x431/0x4f0
[  187.073655][ T7143]  ? __pfx_gfs2_fill_super+0x10/0x10
[  187.073688][ T7143]  ? __pfx_get_tree_bdev_flags+0x10/0x10
[  187.073720][ T7143]  ? __pfx_vfs_parse_comma_sep+0x10/0x10
[  187.073755][ T7143]  ? srso_alias_return_thunk+0x5/0xfbef5
[  187.073789][ T7143]  gfs2_get_tree+0x51/0x1e0
[  187.073826][ T7143]  vfs_get_tree+0x92/0x2a0
[  187.073862][ T7143]  do_new_mount+0x341/0xd30
[  187.073886][ T7143]  ? apparmor_capable+0x126/0x170
[  187.073930][ T7143]  ? __pfx_do_new_mount+0x10/0x10
[  187.073956][ T7143]  ? srso_alias_return_thunk+0x5/0xfbef5
[  187.073981][ T7143]  ? ns_capable+0x89/0xe0
[  187.074004][ T7143]  ? srso_alias_return_thunk+0x5/0xfbef5
[  187.074031][ T7143]  ? srso_alias_return_thunk+0x5/0xfbef5
[  187.074060][ T7143]  ? srso_alias_return_thunk+0x5/0xfbef5
[  187.074086][ T7143]  ? user_path_at+0xd4/0x160
[  187.074117][ T7143]  __se_sys_mount+0x31d/0x420
[  187.074152][ T7143]  ? __pfx___se_sys_mount+0x10/0x10
[  187.074177][ T7143]  ? srso_alias_return_thunk+0x5/0xfbef5
[  187.074210][ T7143]  ? srso_alias_return_thunk+0x5/0xfbef5
[  187.074235][ T7143]  ? __x64_sys_mount+0x20/0xc0
[  187.074261][ T7143]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  187.074285][ T7143]  do_syscall_64+0x15f/0xf80
[  187.074317][ T7143]  ? trace_irq_disable+0x3b/0x140
[  187.074363][ T7143]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  187.074389][ T7143] RIP: 0033:0x7fa00379e04a
[  187.074418][ T7143] Code: 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  187.074439][ T7143] RSP: 002b:00007fa004684e58 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  187.074464][ T7143] RAX: ffffffffffffffda RBX: 00007fa004684ee0 RCX: 00007fa00379e04a
[  187.074482][ T7143] RDX: 0000200000037f40 RSI: 00002000000008c0 RDI: 00007fa004684ea0
[  187.074499][ T7143] RBP: 0000200000037f40 R08: 00007fa004684ee0 R09: 0000000001010084
[  187.074517][ T7143] R10: 0000000001010084 R11: 0000000000000246 R12: 00002000000008c0
[  187.074533][ T7143] R13: 00007fa004684ea0 R14: 0000000000037f14 R15: 0000200000000480
[  187.074572][ T7143]  </TASK>
[  187.074601][ T7143] kobject: kobject_add_internal failed for syz:syz with -EEXIST, don't try to register things with the same name in the same directory.
[  187.094404][   T30] audit: type=1326 audit(1778584973.841:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7125 comm="syz.0.324" exe="/root/ci-upstream-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa00379cdd9 code=0x7ffc0000
[  187.100067][ T7143] gfs2: fsid=syz:syz: error -17 adding sysfs files
[  187.109762][   T30] audit: type=1326 audit(1778584973.841:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7125 comm="syz.0.324" exe="/root/ci-upstream-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa00379cdd9 code=0x7ffc0000
[  187.121169][ T5758] usb 6-1: new full-speed USB device number 8 using dummy_hcd
[  187.140131][   T30] audit: type=1326 audit(1778584973.841:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7125 comm="syz.0.324" exe="/root/ci-upstream-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7fa00379cdd9 code=0x7ffc0000
[  187.428824][ T5758] usb 6-1: New USB device found, idVendor=1604, idProduct=8007, bcdDevice=af.a6
[  187.737208][   T30] audit: type=1326 audit(1778584973.841:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7125 comm="syz.0.324" exe="/root/ci-upstream-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa00379cdd9 code=0x7ffc0000
[  188.178713][ T5758] usb 6-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3
[  188.444226][ T5758] usb 6-1: Product: syz
[  188.490484][ T5758] usb 6-1: Manufacturer: syz
[  188.509463][ T5758] usb 6-1: SerialNumber: syz
[  188.564275][ T5758] usb 6-1: config 0 descriptor??
[  188.693026][ T7164] ref_ctr_offset mismatch. inode: 0x12c offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x1000000000
[  189.021869][ T5920] hsr_slave_0: left promiscuous mode
[  189.059418][ T5758] usb 6-1: USB disconnect, device number 8
[  189.081650][ T5920] hsr_slave_1: left promiscuous mode
[  189.256347][ T5920] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  189.270416][ T5920] batman_adv: batadv0: Removing interface: batadv_slave_0
[  189.296169][ T5920] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  189.329612][ T5920] batman_adv: batadv0: Removing interface: batadv_slave_1
[  189.404558][ T5882] udevd[5882]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  189.435491][ T5920] veth1_macvtap: left promiscuous mode
[  189.454690][ T5920] veth0_macvtap: left promiscuous mode
[  189.475485][ T5920] veth1_vlan: left promiscuous mode
[  189.499332][ T5920] veth0_vlan: left promiscuous mode
[  189.743585][ T7179] netlink: 36 bytes leftover after parsing attributes in process `syz.4.330'.
[  189.757673][ T7179] netlink: 16 bytes leftover after parsing attributes in process `syz.4.330'.
[  189.778883][ T7179] netlink: 36 bytes leftover after parsing attributes in process `syz.4.330'.
[  190.048492][ T7185] netlink: 164 bytes leftover after parsing attributes in process `syz.4.334'.
[  190.420023][ T5772] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  190.532872][ T5920] team0 (unregistering): Port device team_slave_1 removed
[  190.657274][ T5772] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  190.817386][ T5772] usb 2-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  190.851806][ T5772] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  191.140098][ T5772] usb 2-1: config 0 descriptor??
[  191.161199][ T5772] pwc: Askey VC010 type 2 USB webcam detected.
[  191.186510][ T5920] team0 (unregistering): Port device team_slave_0 removed
[  191.522315][    T0] NOHZ tick-stop error: local softirq work is pending, handler #100!!!
[  191.573907][ T5772] pwc: recv_control_msg error -32 req 02 val 2b00
[  191.585774][ T5772] pwc: recv_control_msg error -32 req 02 val 2700
[  191.606728][ T5772] pwc: recv_control_msg error -32 req 02 val 2c00
[  191.644621][ T5772] pwc: recv_control_msg error -32 req 04 val 1000
[  191.664649][ T5772] pwc: recv_control_msg error -32 req 04 val 1300
[  191.678273][ T7205] loop4: detected capacity change from 0 to 128
[  191.682998][ T5772] pwc: recv_control_msg error -32 req 04 val 1400
[  191.779334][ T5772] pwc: recv_control_msg error -32 req 02 val 2000
[  192.192481][ T5772] pwc: recv_control_msg error -32 req 02 val 2100
[  192.214164][ T5772] pwc: recv_control_msg error -32 req 04 val 1500
[  192.233782][ T7205] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[  192.262923][ T5772] pwc: recv_control_msg error -32 req 02 val 2500
[  192.293807][ T5772] pwc: recv_control_msg error -32 req 02 val 2400
[  192.305694][ T7205] hpfs: filesystem error: improperly stopped
[  192.322980][ T5772] pwc: recv_control_msg error -32 req 02 val 2600
[  192.340049][ T7205] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  192.374315][ T7205] hpfs: You really don't want any checks? You are crazy...
[  192.392072][ T7205] hpfs: hpfs_map_sector(): read error
[  192.433469][ T7205] hpfs: code page support is disabled
[  192.480608][ T7205] hpfs: hpfs_map_4sectors(): unaligned read
[  192.585939][ T5772] pwc: recv_control_msg error -71 req 02 val 2800
[  192.618960][ T7205] hpfs: hpfs_map_4sectors(): unaligned read
[  192.651671][ T5280] 8021q: adding VLAN 0 to HW filter on device eth2
[  192.659983][ T7205] hpfs: filesystem error: unable to find root dir
[  192.660246][ T5772] pwc: recv_control_msg error -71 req 04 val 1100
[  192.692381][ T5772] pwc: recv_control_msg error -71 req 04 val 1200
[  192.714736][ T5772] pwc: Registered as video103.
[  192.721095][ T7203] hpfs: hpfs_map_4sectors(): unaligned read
[  192.762334][ T5772] input: PWC snapshot button as /devices/platform/dummy_hcd.1/usb2/2-1/input/input12
[  192.804313][ T7203] hpfs: hpfs_map_sector(): read error
[  192.861951][ T5772] usb 2-1: USB disconnect, device number 9
[  193.033085][ T7043] bridge0: port 1(bridge_slave_0) entered blocking state
[  193.048440][ T7043] bridge0: port 1(bridge_slave_0) entered disabled state
[  193.063600][ T7043] bridge_slave_0: entered allmulticast mode
[  193.114650][ T7043] bridge_slave_0: entered promiscuous mode
[  193.215395][ T7043] bridge0: port 2(bridge_slave_1) entered blocking state
[  193.410092][ T7043] bridge0: port 2(bridge_slave_1) entered disabled state
[  193.433747][ T7043] bridge_slave_1: entered allmulticast mode
[  193.471215][ T7043] bridge_slave_1: entered promiscuous mode
[  193.473564][ T7225] loop2: detected capacity change from 0 to 128
[  193.617520][ T1308] ieee802154 phy0 wpan0: encryption failed: -22
[  193.632458][ T1308] ieee802154 phy1 wpan1: encryption failed: -22
[  194.224755][ T7225] vfat: Unknown parameter '18446744073709551615ÿÿÿÿÿÿÿÿÿÿ'
[  195.740472][ T7236] loop1: detected capacity change from 0 to 128
[  195.996227][ T7236] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  196.032912][ T7043] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  196.111176][ T7236] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  196.143229][ T7043] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  196.375877][ T5632] Bluetooth: hci0: SCO packet for unknown connection handle 3785
[  196.479487][ T7043] team0: Port device team_slave_0 added
[  196.567243][ T7043] team0: Port device team_slave_1 added
[  196.741860][ T7043] batman_adv: batadv0: Adding interface: batadv_slave_0
[  196.756615][ T7043] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  196.865309][ T7043] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  196.914372][ T7043] batman_adv: batadv0: Adding interface: batadv_slave_1
[  196.942714][ T7043] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  197.017120][ T7043] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  197.353034][ T7043] hsr_slave_0: entered promiscuous mode
[  197.362480][ T7043] hsr_slave_1: entered promiscuous mode
[  197.368393][ T7043] debugfs: 'hsr0' already exists in 'hsr'
[  197.368412][ T7043] Cannot create hsr debugfs directory
[  199.224093][ T5280] 8021q: adding VLAN 0 to HW filter on device eth3
[  199.240076][  T987] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  199.406767][  T987] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  199.457778][  T987] usb 1-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  199.480341][  T987] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  199.528810][  T987] usb 1-1: config 0 descriptor??
[  199.572523][  T987] pwc: Askey VC010 type 2 USB webcam detected.
[  199.806180][ T7043] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  199.837462][ T7043] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  199.858449][ T7043] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  199.886521][ T7043] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  199.914832][ T7043] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  199.969038][ T7043] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  199.975325][  T987] pwc: recv_control_msg error -32 req 02 val 2b00
[  200.000167][ T5772] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[  200.002453][  T987] pwc: recv_control_msg error -32 req 02 val 2700
[  200.013500][ T7043] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  200.038230][  T987] pwc: recv_control_msg error -32 req 02 val 2c00
[  200.053564][  T987] pwc: recv_control_msg error -32 req 04 val 1000
[  200.075711][ T7043] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  200.080143][  T987] pwc: recv_control_msg error -32 req 04 val 1300
[  200.124159][  T987] pwc: recv_control_msg error -32 req 04 val 1400
[  200.148750][  T987] pwc: recv_control_msg error -32 req 02 val 2000
[  200.171383][  T987] pwc: recv_control_msg error -32 req 02 val 2100
[  200.183020][ T5772] usb 6-1: Using ep0 maxpacket: 16
[  200.188705][  T987] pwc: recv_control_msg error -32 req 04 val 1500
[  200.203452][  T987] pwc: recv_control_msg error -32 req 02 val 2500
[  200.205240][ T5772] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  200.233798][  T987] pwc: recv_control_msg error -32 req 02 val 2400
[  200.254468][  T987] pwc: recv_control_msg error -32 req 02 val 2600
[  200.268993][ T5772] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  200.278889][  T987] pwc: recv_control_msg error -32 req 02 val 2900
[  200.332304][ T5772] usb 6-1: New USB device found, idVendor=056a, idProduct=0084, bcdDevice= 0.00
[  200.365353][ T5772] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  200.401448][ T5772] usb 6-1: config 0 descriptor??
[  200.486838][ T7043] 8021q: adding VLAN 0 to HW filter on device bond0
[  200.503253][ T5822] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  200.555533][ T7043] 8021q: adding VLAN 0 to HW filter on device team0
[  200.611169][ T5822] bridge0: port 1(bridge_slave_0) entered blocking state
[  200.618331][ T5822] bridge0: port 1(bridge_slave_0) entered forwarding state
[  200.682219][  T987] pwc: recv_control_msg error -71 req 04 val 1200
[  200.710748][ T5822] bridge0: port 2(bridge_slave_1) entered blocking state
[  200.717907][ T5822] bridge0: port 2(bridge_slave_1) entered forwarding state
[  200.734051][  T987] pwc: Registered as video103.
[  200.772215][  T987] input: PWC snapshot button as /devices/platform/dummy_hcd.0/usb1/1-1/input/input13
[  200.868337][  T987] usb 1-1: USB disconnect, device number 8
[  200.881134][ T7288] loop5: detected capacity change from 0 to 256
[  200.966738][   T30] kauditd_printk_skb: 6 callbacks suppressed
[  200.966757][   T30] audit: type=1800 audit(1778584988.601:27): pid=7288 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.359" name="file1" dev="loop5" ino=1048626 res=0 errno=0
[  201.046657][    C0] raw-gadget.1 gadget.5: ignoring, device is not running
[  201.055683][    C0] raw-gadget.1 gadget.5: ignoring, device is not running
[  201.063374][    C0] raw-gadget.1 gadget.5: ignoring, device is not running
[  201.071664][ T5772] usbhid 6-1:0.0: can't add hid device: -32
[  201.077673][ T5772] usbhid 6-1:0.0: probe with driver usbhid failed with error -32
[  201.134448][ T5772] usb 6-1: USB disconnect, device number 9
[  201.434957][ T7315] loop2: detected capacity change from 0 to 8
[  201.474602][ T5280] 8021q: adding VLAN 0 to HW filter on device eth4
[  201.695809][ T7315] SQUASHFS error: xz decompression failed, data probably corrupt
[  201.768875][ T7315] SQUASHFS error: Failed to read block 0x108: -5
[  201.874299][ T7315] SQUASHFS error: Unable to read metadata cache entry [106]
[  201.947732][ T7315] SQUASHFS error: Unable to read inode 0x11f
[  202.971381][ T7341] loop1: detected capacity change from 0 to 2048
[  204.771589][   T30] audit: type=1326 audit(1778584991.261:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7345 comm="syz.4.367" exe="/root/ci-upstream-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b6619cdd9 code=0x7ffc0000
[  204.802425][   T30] audit: type=1326 audit(1778584991.271:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7345 comm="syz.4.367" exe="/root/ci-upstream-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b6619cdd9 code=0x7ffc0000
[  204.832253][   T30] audit: type=1326 audit(1778584991.271:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7345 comm="syz.4.367" exe="/root/ci-upstream-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f3b6619cdd9 code=0x7ffc0000
[  204.858317][   T30] audit: type=1326 audit(1778584991.281:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7345 comm="syz.4.367" exe="/root/ci-upstream-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b6619cdd9 code=0x7ffc0000
[  204.885306][   T30] audit: type=1326 audit(1778584991.281:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7345 comm="syz.4.367" exe="/root/ci-upstream-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b6619cdd9 code=0x7ffc0000
[  204.914509][ T7349] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  204.950384][   T30] audit: type=1326 audit(1778584991.291:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7345 comm="syz.4.367" exe="/root/ci-upstream-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=40 compat=0 ip=0x7f3b6619cdd9 code=0x7ffc0000
[  205.009147][   T30] audit: type=1326 audit(1778584991.301:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7345 comm="syz.4.367" exe="/root/ci-upstream-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b6619cdd9 code=0x7ffc0000
[  205.036400][   T30] audit: type=1326 audit(1778584991.301:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7345 comm="syz.4.367" exe="/root/ci-upstream-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b6619cdd9 code=0x7ffc0000
[  205.065312][   T30] audit: type=1326 audit(1778584991.341:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7345 comm="syz.4.367" exe="/root/ci-upstream-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f3b6619cdd9 code=0x7ffc0000
[  206.076529][ T7043] 8021q: adding VLAN 0 to HW filter on device batadv0
[  207.967497][ T5632] Bluetooth: hci5: command 0x0406 tx timeout
[  207.973624][ T4936] Bluetooth: hci3: command 0x0406 tx timeout
[  207.973688][ T5642] Bluetooth: hci2: command 0x0406 tx timeout
[  207.989308][ T5626] Bluetooth: hci0: command 0x0406 tx timeout
[  208.552985][ T5772] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[  208.719450][ T7381] Cannot find add_set index 0 as target
[  209.157742][ T5772] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  209.249413][ T5772] usb 6-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  209.292940][ T5772] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  209.348855][ T5772] usb 6-1: config 0 descriptor??
[  209.404101][ T5772] pwc: Askey VC010 type 2 USB webcam detected.
[  209.457832][ T7043] veth0_vlan: entered promiscuous mode
[  209.523754][ T7043] veth1_vlan: entered promiscuous mode
[  209.581959][ T7384] loop0: detected capacity change from 0 to 512
[  209.589329][ T7384] EXT4-fs: Ignoring removed orlov option
[  209.628959][ T7384] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  209.697676][ T7043] veth0_macvtap: entered promiscuous mode
[  209.815031][ T5772] pwc: recv_control_msg error -32 req 02 val 2b00
[  209.824064][ T5772] pwc: recv_control_msg error -32 req 02 val 2700
[  209.845686][ T5772] pwc: recv_control_msg error -32 req 02 val 2c00
[  209.846535][ T7043] veth1_macvtap: entered promiscuous mode
[  209.885858][ T5772] pwc: recv_control_msg error -32 req 04 val 1000
[  209.924972][ T5772] pwc: recv_control_msg error -32 req 04 val 1300
[  209.957988][ T7043] batman_adv: batadv0: Interface activated: batadv_slave_0
[  209.982522][ T5772] pwc: recv_control_msg error -32 req 04 val 1400
[  210.034269][ T5772] pwc: recv_control_msg error -32 req 02 val 2000
[  210.038982][ T5618] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  210.065836][ T5772] pwc: recv_control_msg error -32 req 02 val 2100
[  210.077121][ T7043] batman_adv: batadv0: Interface activated: batadv_slave_1
[  210.095793][ T5772] pwc: recv_control_msg error -32 req 04 val 1500
[  210.151722][ T5772] pwc: recv_control_msg error -32 req 02 val 2500
[  210.164639][   T12] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  210.182750][ T5772] pwc: recv_control_msg error -32 req 02 val 2400
[  210.198643][   T12] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  210.204939][ T5772] pwc: recv_control_msg error -32 req 02 val 2600
[  210.238254][ T5772] pwc: recv_control_msg error -32 req 02 val 2900
[  210.255660][ T6818] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  210.289214][ T5772] pwc: recv_control_msg error -32 req 02 val 2800
[  210.297379][ T6818] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  210.324958][ T5772] pwc: recv_control_msg error -32 req 04 val 1100
[  210.420538][ T5772] pwc: Registered as video103.
[  210.486429][ T5772] input: PWC snapshot button as /devices/platform/dummy_hcd.5/usb6/6-1/input/input14
[  210.587836][ T5772] usb 6-1: USB disconnect, device number 10
[  212.616537][ T7406] loop0: detected capacity change from 0 to 32768
[  212.651984][ T7406] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  212.705079][ T7406] XFS (loop0): Ending clean mount
[  212.713284][ T7406] XFS (loop0): Quotacheck needed: Please wait.
[  212.879580][ T5920] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  212.933732][ T7406] XFS (loop0): Quotacheck: Done.
[  212.945069][ T5920] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  213.128477][ T7406] overlayfs: missing 'lowerdir'
[  213.190183][ T7424] warning: `syz.2.382' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  214.268609][ T5618] XFS (loop0): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  214.320987][ T7437] loop4: detected capacity change from 0 to 1024
[  214.458668][ T7437] EXT4-fs (loop4): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  214.471545][ T7437] ext4 filesystem being mounted at /70/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  214.505467][ T5814] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  214.681892][ T5814] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  214.992188][   T30] kauditd_printk_skb: 2 callbacks suppressed
[  214.992235][   T30] audit: type=1800 audit(1778585002.561:39): pid=7451 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.384" name="file1" dev="loop4" ino=15 res=0 errno=0
[  215.540305][ T5822] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm kworker/u8:10: bg 0: block 112: padding at end of block bitmap is not set
[  215.682951][ T5822] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 131075 with max blocks 1 with error 28
[  215.742388][ T5822] EXT4-fs (loop4): This should not happen!! Data will be lost
[  215.742388][ T5822] 
[  215.787002][ T5822] EXT4-fs (loop4): Total free blocks count 0
[  215.799347][ T5822] EXT4-fs (loop4): Free/Dirty block details
[  215.808090][ T5822] EXT4-fs (loop4): free_blocks=0
[  215.826531][ T5822] EXT4-fs (loop4): dirty_blocks=16
[  215.836408][ T5822] EXT4-fs (loop4): Block reservation details
[  215.860188][ T5822] EXT4-fs (loop4): i_reserved_data_blocks=1
[  216.068243][ T5633] EXT4-fs warning (device loop4): ext4_evict_inode:195: inode #15: comm syz-executor: data will be lost
[  216.103491][ T7455] netlink: 44 bytes leftover after parsing attributes in process `syz.5.388'.
[  216.232420][ T7462] loop0: detected capacity change from 0 to 256
[  216.424156][ T7462] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x52c1951d, utbl_chksum : 0xe619d30d)
[  216.748700][ T5633] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  216.870080][ T7464] netlink: 8 bytes leftover after parsing attributes in process `syz.6.305'.
[  217.235447][ T7471] loop0: detected capacity change from 0 to 32768
[  217.273760][ T7471] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.391 (7471)
[  217.357094][ T7471] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  217.367435][ T7471] BTRFS info (device loop0): using sha256 checksum algorithm
[  218.489775][ T7471] BTRFS info (device loop0): setting nodatasum
[  218.496054][ T7471] BTRFS info (device loop0): enabling ssd optimizations
[  218.503020][ T7471] BTRFS info (device loop0): turning on async discard
[  218.509778][ T7471] BTRFS info (device loop0): enabling free space tree
[  219.583240][ T5618] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  219.892975][ T7474] lo speed is unknown, defaulting to 1000
[  219.898879][ T7474] lo speed is unknown, defaulting to 1000
[  221.148807][ T7474] lo speed is unknown, defaulting to 1000
[  221.155936][ T7474] smbdirect: ib_dev[syz2]: added: RNIC max_fast_reg_page_list_len=256 device_cap_flags=0x200000 kernel_cap_flags=0x10 page_size_cap=0x1000
[  221.170720][ T7474] smbdirect: ib_dev[syz2]: num_ports=1 max_qp_rd_atom=128 max_qp_init_rd_atom=128 max_sgl_rd=0 max_sge_rd=1 max_cqe=3276800 max_qp_wr=32768 max_send_sge=6 max_recv_sge=6
[  221.187692][ T7474] smbdirect: ib_dev[syz2]PORT[1]: iwarp=1 ib=0 roce=0 v1=0 v2=0 core_cap_flags=0x400008
[  221.200350][ T7474] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  221.215984][ T7474] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  221.373663][ T7474] lo speed is unknown, defaulting to 1000
[  221.408790][ T7474] lo speed is unknown, defaulting to 1000
[  221.415983][ T7474] lo speed is unknown, defaulting to 1000
[  221.423183][ T7474] lo speed is unknown, defaulting to 1000
[  221.430915][ T7474] lo speed is unknown, defaulting to 1000
[  221.438121][ T7474] lo speed is unknown, defaulting to 1000
[  222.062457][ T7512] syzkaller0: entered promiscuous mode
[  222.068029][ T7512] syzkaller0: entered allmulticast mode
[  224.210407][    T0] NOHZ tick-stop error: local softirq work is pending, handler #48!!!
[  225.022162][  T987] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  225.199167][  T987] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  225.248675][  T987] usb 2-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  225.607970][  T987] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  225.781100][  T987] usb 2-1: config 0 descriptor??
[  225.891668][  T987] pwc: Askey VC010 type 2 USB webcam detected.
[  226.423121][  T987] pwc: recv_control_msg error -32 req 02 val 2700
[  226.444038][  T987] pwc: recv_control_msg error -32 req 02 val 2c00
[  226.465689][  T987] pwc: recv_control_msg error -32 req 04 val 1000
[  226.481684][  T987] pwc: recv_control_msg error -32 req 04 val 1300
[  226.497967][  T987] pwc: recv_control_msg error -32 req 04 val 1400
[  226.531927][  T987] pwc: recv_control_msg error -32 req 02 val 2000
[  226.553480][  T987] pwc: recv_control_msg error -32 req 02 val 2100
[  226.574490][  T987] pwc: recv_control_msg error -32 req 04 val 1500
[  226.590754][  T987] pwc: recv_control_msg error -32 req 02 val 2500
[  226.617655][  T987] pwc: recv_control_msg error -32 req 02 val 2400
[  226.641208][  T987] pwc: recv_control_msg error -32 req 02 val 2600
[  226.667350][  T987] pwc: recv_control_msg error -32 req 02 val 2900
[  227.061238][  T987] pwc: recv_control_msg error -32 req 04 val 1100
[  228.032572][  T987] pwc: Registered as video103.
[  228.222915][  T987] input: PWC snapshot button as /devices/platform/dummy_hcd.1/usb2/2-1/input/input15
[  228.348333][  T987] usb 2-1: USB disconnect, device number 10
[  233.432731][ T7593] netlink: 68 bytes leftover after parsing attributes in process `syz.0.413'.
[  234.302793][ T7598] loop1: detected capacity change from 0 to 4096
[  234.629785][ T7599] loop2: detected capacity change from 0 to 4096
[  235.456237][ T7612] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  235.883050][ T7611] loop5: detected capacity change from 0 to 2048
[  235.941578][   T30] audit: type=1800 audit(1778585023.571:40): pid=7615 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.414" name="bus" dev="loop1" ino=18 res=0 errno=0
[  236.518865][   T30] audit: type=1804 audit(1778585024.151:41): pid=7619 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.415" name="/newroot/71/bus/file0" dev="loop2" ino=34 res=1 errno=0
[  236.817312][ T7594] Falling back ldisc for ttyS3.
[  236.974314][ T7611] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  237.187917][ T7630] netlink: 8 bytes leftover after parsing attributes in process `syz.4.420'.
[  237.269460][ T6051] ntfs3(loop2): ino=5, mi_enum_attr
[  237.343213][ T7609] netlink: 8 bytes leftover after parsing attributes in process `syz.5.416'.
[  240.417010][ T7654] netlink: 4 bytes leftover after parsing attributes in process `syz.4.425'.
[  240.439266][ T7654] netlink: 4 bytes leftover after parsing attributes in process `syz.4.425'.
[  241.580461][    T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!!
[  242.272542][ T7663] loop1: detected capacity change from 0 to 2048
[  242.616253][ T7665] vivid-004: disconnect
[  242.628190][ T7665] vivid-004: reconnect
[  243.272091][ T7667] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  245.477765][  T802] IPVS: starting estimator thread 0...
[  245.904074][ T7676] IPVS: using max 25 ests per chain, 60000 per kthread
[  246.726557][ T7691] loop4: detected capacity change from 0 to 128
[  246.977817][ T7691] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256
[  247.027836][   T10] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  247.137602][ T7691] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=512, location=512
[  247.286461][ T7691] UDF-fs: warning (device loop4): udf_load_vrs: No anchor found
[  247.495609][ T7691] UDF-fs: Scanning with blocksize 512 failed
[  247.536727][   T10] usb 1-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00
[  247.635463][ T7691] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256
[  247.653220][   T10] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  247.703907][   T10] usb 1-1: Product: syz
[  247.721380][ T7691] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=512, location=512
[  247.742303][   T10] usb 1-1: Manufacturer: syz
[  247.778097][   T10] usb 1-1: SerialNumber: syz
[  247.807832][ T7691] UDF-fs: warning (device loop4): udf_load_vrs: No anchor found
[  247.876026][ T7691] UDF-fs: Scanning with blocksize 1024 failed
[  247.945618][ T7691] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256
[  248.191016][ T7691] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=512, location=512
[  248.215549][ T7693] loop0: detected capacity change from 0 to 256
[  248.229696][ T7706] overlayfs: missing 'lowerdir'
[  248.240102][ T7691] UDF-fs: warning (device loop4): udf_load_vrs: No anchor found
[  248.251088][ T7693] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  248.656469][ T7691] UDF-fs: Scanning with blocksize 2048 failed
[  248.666393][ T7693] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  248.693891][ T7691] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256
[  249.125524][ T7691] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=512, location=512
[  249.430211][ T7691] UDF-fs: warning (device loop4): udf_load_vrs: No anchor found
[  249.453057][ T7711] loop2: detected capacity change from 0 to 24
[  249.504857][ T7711] MTD: Attempt to mount non-MTD device "/dev/loop2"
[  249.548743][ T7691] UDF-fs: Scanning with blocksize 4096 failed
[  249.640189][ T7691] UDF-fs: warning (device loop4): udf_fill_super: No partition found (1)
[  249.827978][   T10] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -EPROTO
[  249.979844][ T7719] loop5: detected capacity change from 0 to 256
[  250.556829][ T7719] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x52c1951d, utbl_chksum : 0xe619d30d)
[  250.598659][ T7711] romfs: Mounting image 'rom 637cf1fa' through the block layer
[  250.607321][   T10] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): lan78xx_setup_irq_domain() failed : -71
[  250.629491][   T10] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED
[  250.686499][   T10] lan78xx 1-1:1.0: probe with driver lan78xx failed with error -71
[  251.819923][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  251.868954][   T10] usb 1-1: USB disconnect, device number 9
[  252.543863][   T30] audit: type=1800 audit(1778585039.711:42): pid=7728 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.442" name="file0" dev="overlay" ino=401 res=0 errno=0
[  252.834166][ T7733] netlink: 12 bytes leftover after parsing attributes in process `syz.4.444'.
[  255.007317][ T1308] ieee802154 phy0 wpan0: encryption failed: -22
[  255.032856][ T1308] ieee802154 phy1 wpan1: encryption failed: -22
[  256.530295][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  260.165970][ T7788] loop2: detected capacity change from 0 to 32768
[  262.328832][ T7801] netlink: 'syz.5.458': attribute type 1 has an invalid length.
[  262.853367][ T7807] loop6: detected capacity change from 0 to 64
[  264.030213][ T7801] 8021q: adding VLAN 0 to HW filter on device bond2
[  264.733245][ T7819] loop2: detected capacity change from 0 to 64
[  266.407479][ T7832] loop5: detected capacity change from 0 to 64
[  267.650706][ T7840] binder_alloc: 7838: binder_alloc_buf, no vma
[  267.669423][ T7839] loop0: detected capacity change from 0 to 64
[  268.880548][ T7847] loop6: detected capacity change from 0 to 32768
[  269.656136][ T7847] XFS (loop6): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  269.783383][ T7847] XFS (loop6): Ending clean mount
[  269.961965][ T7847] XFS (loop6): Quotacheck needed: Please wait.
[  271.312141][ T7847] XFS (loop6): Quotacheck: Done.
[  271.936904][ T7043] XFS (loop6): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  272.024440][ T7870] loop4: detected capacity change from 0 to 64
[  275.200363][ T7881] binder: BINDER_SET_CONTEXT_MGR already set
[  275.257934][ T7881] binder: 7879:7881 ioctl 4018620d 200000004a80 returned -16
[  275.611038][ T7885] loop0: detected capacity change from 0 to 32768
[  281.083629][ T7914] loop5: detected capacity change from 0 to 512
[  283.151446][ T7924] loop4: detected capacity change from 0 to 24
[  283.450623][ T7914] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0007-000000000000 r/w without journal. Quota mode: writeback.
[  284.576504][ T7914] ext4 filesystem being mounted at /75/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  284.857479][ T5627] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0007-000000000000.
[  285.125173][ T7951] loop2: detected capacity change from 0 to 64
[  286.320432][ T7962] loop2: detected capacity change from 0 to 64
[  290.425415][ T7987] loop0: detected capacity change from 0 to 64
[  290.830129][ T7994] binder: 7992:7994 ioctl 4018620d 0 returned -22
[  291.618165][ T8009] binder_alloc: 8008: binder_alloc_buf, no vma
[  291.842056][ T8015] overlayfs: failed to resolve './bus': -2
[  291.957659][   T30] audit: type=1400 audit(1778585079.581:43): apparmor="DENIED" operation="setprocattr" info="invalid" error=-22 profile="unconfined" pid=8001 comm="syz.6.503"
[  292.233199][  T802] IPVS: starting estimator thread 0...
[  292.589995][ T8016] IPVS: using max 28 ests per chain, 67200 per kthread
[  293.988007][ T8042] loop6: detected capacity change from 0 to 128
[  294.049490][ T8042] UDF-fs: error (device loop6): udf_read_tagged: read failed, block=256, location=256
[  300.004313][ T8097] binder: BINDER_SET_CONTEXT_MGR already set
[  300.037335][ T8097] binder: 8096:8097 ioctl 4018620d 200000004a80 returned -16
[  302.681176][ T8141] loop6: detected capacity change from 0 to 8
[  302.722630][ T8141] SQUASHFS error: xz decompression failed, data probably corrupt
[  302.730762][ T8141] SQUASHFS error: Failed to read block 0x108: -5
[  302.737149][ T8141] SQUASHFS error: Unable to read metadata cache entry [106]
[  302.746569][ T8141] SQUASHFS error: Unable to read inode 0x11f
[  303.080387][ T5624] Bluetooth: hci1: command 0x0406 tx timeout
[  305.451521][ T8172] loop4: detected capacity change from 0 to 64
[  308.265126][ T8210] loop4: detected capacity change from 0 to 8
[  308.887661][ T8210] SQUASHFS error: xz decompression failed, data probably corrupt
[  308.895510][ T8210] SQUASHFS error: Failed to read block 0x108: -5
[  308.901928][ T8210] SQUASHFS error: Unable to read metadata cache entry [106]
[  308.909214][ T8210] SQUASHFS error: Unable to read inode 0x11f
[  312.065131][ T8227] loop5: detected capacity change from 0 to 4096
[  312.218895][ T8241] loop1: detected capacity change from 0 to 2048
[  313.000995][ T8242] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  314.006427][ T8249] loop6: detected capacity change from 0 to 16
[  314.049735][ T8249] erofs (device loop6): mounted with root inode @ nid 36.
[  314.096517][ T8249] syz.6.555: attempt to access beyond end of device
[  314.096517][ T8249] loop6: rw=524288, sector=1056, nr_sectors = 16 limit=16
[  314.177349][ T8249] syz.6.555: attempt to access beyond end of device
[  314.177349][ T8249] loop6: rw=524288, sector=16, nr_sectors = 40 limit=16
[  314.217050][ T8249] erofs (device loop6): failed to decompress (lz4) corrupted compressed data @ pa 4096 size 4096 => 8192
[  314.230855][ T8249] erofs (device loop6): read error -117 @ 1 of nid 89
[  314.378959][   T30] audit: type=1800 audit(1778585101.871:44): pid=8249 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.6.555" name="file2" dev="loop6" ino=89 res=0 errno=0
[  314.623005][ T8227] ntfs3(loop5): Failed to read $AttrDef (-4).
[  314.651162][ T8249] syz.6.555 (8249) used greatest stack depth: 18720 bytes left
[  314.788858][ T8252] loop4: detected capacity change from 0 to 64
[  316.364589][ T1308] ieee802154 phy0 wpan0: encryption failed: -22
[  316.371031][ T1308] ieee802154 phy1 wpan1: encryption failed: -22
[  317.685324][ T8272] loop4: detected capacity change from 0 to 512
[  317.785405][ T8272] EXT4-fs (loop4): blocks per group (95) and clusters per group (32768) inconsistent
[  319.117072][ T8267] faux_driver regulatory: loading /lib/firmware/regulatory.db.p7s failed with error -4
[  319.730106][ T8267] faux_driver regulatory: Direct firmware load for regulatory.db.p7s failed with error -4
[  319.781203][ T8267] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db.p7s
[  320.852528][ T8300] loop2: detected capacity change from 0 to 8
[  320.897467][ T8300] SQUASHFS error: xz decompression failed, data probably corrupt
[  320.905533][ T8300] SQUASHFS error: Failed to read block 0x108: -5
[  320.912023][ T8300] SQUASHFS error: Unable to read metadata cache entry [106]
[  320.919360][ T8300] SQUASHFS error: Unable to read inode 0x11f
[  322.094796][ T8267] syz.5.557 (8267) used greatest stack depth: 17944 bytes left
[  322.326767][ T8314] loop4: detected capacity change from 0 to 64
[  324.370049][ T8331] loop4: detected capacity change from 0 to 8
[  324.493168][ T8331] SQUASHFS error: xz decompression failed, data probably corrupt
[  324.501195][ T8331] SQUASHFS error: Failed to read block 0x108: -5
[  324.508664][ T8331] SQUASHFS error: Unable to read metadata cache entry [106]
[  324.516055][ T8331] SQUASHFS error: Unable to read inode 0x11f
[  325.310448][ T8333] loop1: detected capacity change from 0 to 32768
[  325.317594][ T8333] jfs: Unknown parameter ''
[  328.226785][ T8356] loop4: detected capacity change from 0 to 8
[  328.323134][ T8356] SQUASHFS error: xz decompression failed, data probably corrupt
[  328.331153][ T8356] SQUASHFS error: Failed to read block 0x108: -5
[  328.337540][ T8356] SQUASHFS error: Unable to read metadata cache entry [106]
[  328.344910][ T8356] SQUASHFS error: Unable to read inode 0x11f
[  329.318019][ T8364] loop1: detected capacity change from 0 to 4096
[  331.037374][ T8362] binder: BINDER_SET_CONTEXT_MGR already set
[  331.564156][ T8362] binder: 8360:8362 ioctl 4018620d 200000004a80 returned -16
[  331.585835][ T6818] ntfs3(loop1): ino=5, mi_enum_attr
[  331.770223][ T8371] binder_alloc: 8369: binder_alloc_buf, no vma
[  332.447906][ T8379] loop2: detected capacity change from 0 to 32768
[  332.455134][ T8379] jfs: Unknown parameter ''
[  334.102481][ T8397] loop5: detected capacity change from 0 to 8
[  334.750699][ T8397] SQUASHFS error: xz decompression failed, data probably corrupt
[  334.758481][ T8397] SQUASHFS error: Failed to read block 0x108: -5
[  334.764923][ T8397] SQUASHFS error: Unable to read metadata cache entry [106]
[  334.772235][ T8397] SQUASHFS error: Unable to read inode 0x11f
[  336.186394][ T8408] loop2: detected capacity change from 0 to 8
[  336.234925][ T8408] SQUASHFS error: xz decompression failed, data probably corrupt
[  336.242961][ T8408] SQUASHFS error: Failed to read block 0x108: -5
[  336.249362][ T8408] SQUASHFS error: Unable to read metadata cache entry [106]
[  336.256753][ T8408] SQUASHFS error: Unable to read inode 0x11f
[  338.118368][ T8424] loop6: detected capacity change from 0 to 8
[  338.790564][ T8424] SQUASHFS error: xz decompression failed, data probably corrupt
[  338.798343][ T8424] SQUASHFS error: Failed to read block 0x108: -5
[  338.804728][ T8424] SQUASHFS error: Unable to read metadata cache entry [106]
[  338.812043][ T8424] SQUASHFS error: Unable to read inode 0x11f
[  339.314179][ T8434] loop6: detected capacity change from 0 to 8
[  339.359946][ T8434] SQUASHFS error: xz decompression failed, data probably corrupt
[  339.367948][ T8434] SQUASHFS error: Failed to read block 0x108: -5
[  339.374388][ T8434] SQUASHFS error: Unable to read metadata cache entry [106]
[  339.381774][ T8434] SQUASHFS error: Unable to read inode 0x11f
[  341.656705][ T8450] loop2: detected capacity change from 0 to 8
[  341.672275][ T8450] SQUASHFS error: xz decompression failed, data probably corrupt
[  341.680114][ T8450] SQUASHFS error: Failed to read block 0x108: -5
[  341.686451][ T8450] SQUASHFS error: Unable to read metadata cache entry [106]
[  341.693775][ T8450] SQUASHFS error: Unable to read inode 0x11f
[  343.497003][ T8463] loop5: detected capacity change from 0 to 64
[  343.662362][ T8470] loop1: detected capacity change from 0 to 8
[  343.709619][ T8470] SQUASHFS error: xz decompression failed, data probably corrupt
[  343.717691][ T8470] SQUASHFS error: Failed to read block 0x108: -5
[  343.724342][ T8470] SQUASHFS error: Unable to read metadata cache entry [106]
[  343.731721][ T8470] SQUASHFS error: Unable to read inode 0x11f
[  345.099613][ T8483] loop4: detected capacity change from 0 to 8
[  345.218464][ T8483] SQUASHFS error: xz decompression failed, data probably corrupt
[  345.226561][ T8483] SQUASHFS error: Failed to read block 0x108: -5
[  345.232982][ T8483] SQUASHFS error: Unable to read metadata cache entry [106]
[  345.240622][ T8483] SQUASHFS error: Unable to read inode 0x11f
[  345.961381][ T8486] loop5: detected capacity change from 0 to 64
[  346.163622][ T8488] loop4: detected capacity change from 0 to 2048
[  346.326639][ T8489] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  347.288995][ T8496] loop6: detected capacity change from 0 to 64
[  348.364869][ T8507] loop0: detected capacity change from 0 to 64
[  349.176068][ T8522] loop4: detected capacity change from 0 to 64
[  349.389201][ T8526] loop5: detected capacity change from 0 to 8
[  349.512534][ T8526] SQUASHFS error: xz decompression failed, data probably corrupt
[  349.559004][ T8526] SQUASHFS error: Failed to read block 0x108: -5
[  349.605434][ T8526] SQUASHFS error: Unable to read metadata cache entry [106]
[  349.656274][ T8526] SQUASHFS error: Unable to read inode 0x11f
[  349.679761][ T5618] BFS-fs: bfs_iget(): Bad inode number loop0:0000fe02
[  349.777586][ T8530] overlayfs: failed to resolve './bus': -2
[  349.951717][   T30] audit: type=1400 audit(1778585137.561:45): apparmor="DENIED" operation="setprocattr" info="invalid" error=-22 profile="unconfined" pid=8525 comm="syz.2.631"
[  350.285629][ T5618] BFS-fs: bfs_iget(): Bad inode number loop0:0000fe02
[  351.258136][ T8541] loop4: detected capacity change from 0 to 64
[  351.548009][ T8545] vivid-007: =================  START STATUS  =================
[  351.595286][ T8545] vivid-007: Enable Output Cropping: true grabbed
[  351.637661][ T8545] vivid-007: Enable Output Composing: true grabbed
[  351.721650][ T8545] vivid-007: Enable Output Scaler: true grabbed
[  351.781283][ T8545] vivid-007: Tx RGB Quantization Range: Automatic grabbed
[  351.817232][ T8545] vivid-007: Transmit Mode: HDMI grabbed
[  351.852880][ T8547] loop1: detected capacity change from 0 to 512
[  351.870929][ T8549] loop2: detected capacity change from 0 to 64
[  351.917402][ T8545] vivid-007: Hotplug Present: 0x00000000
[  351.944860][ T1107] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  351.996719][ T8547] EXT4-fs: Ignoring removed i_version option
[  352.136602][ T8553] loop4: detected capacity change from 0 to 8
[  352.153476][ T8545] vivid-007: RxSense Present: 0x00000000
[  352.775638][ T8553] SQUASHFS error: xz decompression failed, data probably corrupt
[  352.785193][ T8553] SQUASHFS error: Failed to read block 0x108: -5
[  352.791653][ T8553] SQUASHFS error: Unable to read metadata cache entry [106]
[  352.798934][ T8553] SQUASHFS error: Unable to read inode 0x11f
[  352.851249][ T8547] EXT4-fs: Ignoring removed bh option
[  352.919306][ T8545] vivid-007: EDID Present: 0x00000000
[  353.011707][ T8545] vivid-007: ==================  END STATUS  ==================
[  353.077963][ T8547] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  353.093397][ T8547] ext4 filesystem being mounted at /92/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  353.245875][ T1107] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  353.299764][ T8545] EXT4-fs error (device loop1): ext4_lookup:1785: inode #12: comm syz.1.638: iget: bad i_size value: 2533274857506816
[  353.419067][ T1107] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  353.640639][ T5750] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[  353.917871][ T5750] usb 2-1: Using ep0 maxpacket: 8
[  354.206715][ T5750] usb 2-1: config index 0 descriptor too short (expected 20772, got 36)
[  354.243701][ T1107] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  354.257589][ T5750] usb 2-1: config 6 has too many interfaces: 211, using maximum allowed: 32
[  354.289633][ T5750] usb 2-1: config 6 has 1 interface, different from the descriptor's value: 211
[  354.320135][ T5750] usb 2-1: config 6 has no interface number 0
[  354.328884][ T5750] usb 2-1: config 6 interface 2 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0
[  354.385417][ T5750] usb 2-1: config 6 interface 2 altsetting 0 endpoint 0x6 has invalid maxpacket 8261, setting to 1024
[  354.431802][ T5750] usb 2-1: config 6 interface 2 altsetting 0 bulk endpoint 0x6 has invalid maxpacket 1024
[  354.662929][ T5624] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  354.678407][ T5624] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  354.792628][ T8578] overlayfs: failed to resolve './bus': -2
[  354.824351][   T29] IPVS: starting estimator thread 0...
[  354.960763][ T5624] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  354.969426][   T30] audit: type=1400 audit(1778585142.581:46): apparmor="DENIED" operation="setprocattr" info="invalid" error=-22 profile="unconfined" pid=8574 comm="syz.5.648"
[  355.025345][ T5624] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  355.052330][ T5624] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  355.480044][ T8579] IPVS: using max 27 ests per chain, 64800 per kthread
[  355.568067][ T5750] usb 2-1: string descriptor 0 read error: -71
[  355.575787][ T8583] loop2: detected capacity change from 0 to 64
[  355.594047][ T5750] usb 2-1: New USB device found, idVendor=0af0, idProduct=7271, bcdDevice=82.06
[  355.626711][ T5750] usb 2-1: New USB device strings: Mfr=62, Product=2, SerialNumber=3
[  355.639531][ T8586] loop6: detected capacity change from 0 to 64
[  355.701263][ T5750] usb 2-1: can't set config #6, error -71
[  355.713296][ T5625] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  355.740090][ T5750] usb 2-1: USB disconnect, device number 11
[  355.881093][ T1107] bridge_slave_1: left allmulticast mode
[  355.893266][ T1107] bridge_slave_1: left promiscuous mode
[  355.905580][ T1107] bridge0: port 2(bridge_slave_1) entered disabled state
[  355.926608][ T1107] bridge_slave_0: left allmulticast mode
[  355.933576][ T1107] bridge_slave_0: left promiscuous mode
[  355.939557][ T1107] bridge0: port 1(bridge_slave_0) entered disabled state
[  356.305822][ T8601] loop2: detected capacity change from 0 to 8
[  356.339012][ T8601] SQUASHFS error: xz decompression failed, data probably corrupt
[  356.347084][ T8601] SQUASHFS error: Failed to read block 0x108: -5
[  356.353636][ T8601] SQUASHFS error: Unable to read metadata cache entry [106]
[  356.361380][ T8601] SQUASHFS error: Unable to read inode 0x11f
[  357.247377][ T8607] loop6: detected capacity change from 0 to 64
[  357.331060][ T5620] Bluetooth: hci0: command tx timeout
[  357.551636][ T1107] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  357.570284][ T1107] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  357.587576][ T1107] bond0 (unregistering): Released all slaves
[  358.093832][ T8620] loop6: detected capacity change from 0 to 64
[  358.141822][ T8623] loop1: detected capacity change from 0 to 64
[  358.238536][ T8625] loop4: detected capacity change from 0 to 8
[  358.475027][ T8625] SQUASHFS error: xz decompression failed, data probably corrupt
[  358.483084][ T8625] SQUASHFS error: Failed to read block 0x108: -5
[  358.489478][ T8625] SQUASHFS error: Unable to read metadata cache entry [106]
[  358.496879][ T8625] SQUASHFS error: Unable to read inode 0x11f
[  359.157007][ T8630] loop5: detected capacity change from 0 to 8
[  359.198272][ T8630] SQUASHFS error: xz decompression failed, data probably corrupt
[  359.206367][ T8630] SQUASHFS error: Failed to read block 0x108: -5
[  359.213021][ T8630] SQUASHFS error: Unable to read metadata cache entry [106]
[  359.220547][ T8630] SQUASHFS error: Unable to read inode 0x11f
[  359.400699][ T5620] Bluetooth: hci0: command tx timeout
[  360.045350][ T8637] vivid-007: =================  START STATUS  =================
[  360.113412][ T8637] vivid-007: Enable Output Cropping: true grabbed
[  360.148382][ T8637] vivid-007: Enable Output Composing: true grabbed
[  360.245741][ T8637] vivid-007: Enable Output Scaler: true grabbed
[  360.266315][ T8649] loop5: detected capacity change from 0 to 512
[  360.294658][ T8637] vivid-007: Tx RGB Quantization Range: Automatic grabbed
[  360.368694][ T8637] vivid-007: Transmit Mode: HDMI grabbed
[  360.411301][ T8649] EXT4-fs: Ignoring removed i_version option
[  360.463419][ T8637] vivid-007: Hotplug Present: 0x00000000
[  360.495825][ T8649] EXT4-fs: Ignoring removed bh option
[  360.514143][ T8637] vivid-007: RxSense Present: 0x00000000
[  360.536496][ T8653] loop2: detected capacity change from 0 to 64
[  360.544809][ T8637] vivid-007: EDID Present: 0x00000000
[  360.560966][ T1107] hsr_slave_0: left promiscuous mode
[  360.575534][ T8637] vivid-007: ==================  END STATUS  ==================
[  360.599675][ T1107] hsr_slave_1: left promiscuous mode
[  360.653409][ T1107] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  360.708829][ T1107] batman_adv: batadv0: Removing interface: batadv_slave_0
[  360.744041][ T8649] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  360.808303][ T8663] loop1: detected capacity change from 0 to 64
[  360.811214][ T1107] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  360.851934][ T8649] ext4 filesystem being mounted at /101/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  360.883704][ T1107] batman_adv: batadv0: Removing interface: batadv_slave_1
[  360.981617][ T1107] veth1_macvtap: left promiscuous mode
[  361.015577][ T1107] veth0_macvtap: left promiscuous mode
[  361.062264][ T1107] veth1_vlan: left promiscuous mode
[  361.096136][ T1107] veth0_vlan: left promiscuous mode
[  361.100567][ T8637] EXT4-fs error (device loop5): ext4_lookup:1785: inode #12: comm syz.5.664: iget: bad i_size value: 2533274857506816
[  361.480025][ T5620] Bluetooth: hci0: command tx timeout
[  361.592741][ T5750] usb 6-1: new high-speed USB device number 11 using dummy_hcd
[  361.900356][ T5750] usb 6-1: Using ep0 maxpacket: 8
[  362.122057][ T5750] usb 6-1: config index 0 descriptor too short (expected 20772, got 36)
[  362.135828][ T5750] usb 6-1: config 6 has too many interfaces: 211, using maximum allowed: 32
[  362.145004][ T5750] usb 6-1: config 6 has 1 interface, different from the descriptor's value: 211
[  362.155775][ T5750] usb 6-1: config 6 has no interface number 0
[  362.162519][ T5750] usb 6-1: config 6 interface 2 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0
[  362.174564][ T5750] usb 6-1: config 6 interface 2 altsetting 0 endpoint 0x6 has invalid maxpacket 8261, setting to 1024
[  362.186675][ T8681] loop4: detected capacity change from 0 to 64
[  362.193428][ T5750] usb 6-1: config 6 interface 2 altsetting 0 bulk endpoint 0x6 has invalid maxpacket 1024
[  362.228693][ T5750] usb 6-1: New USB device found, idVendor=0af0, idProduct=7271, bcdDevice=82.06
[  362.251323][ T5750] usb 6-1: New USB device strings: Mfr=62, Product=2, SerialNumber=3
[  362.293538][ T5750] usb 6-1: Product: syz
[  362.306684][ T5750] usb 6-1: Manufacturer: syz
[  362.328107][ T5750] usb 6-1: SerialNumber: syz
[  362.378231][ T8637] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  362.397720][ T5750] hso 6-1:6.2: Failed to find INT IN ep
[  362.627959][ T8683] loop1: detected capacity change from 0 to 32768
[  362.635209][ T8683] jfs: Unknown parameter ''
[  363.315037][ T8637] EXT4-fs error (device loop5): ext4_lookup:1785: inode #12: comm syz.5.664: iget: bad i_size value: 2533274857506816
[  363.363188][ T5765] usb 6-1: USB disconnect, device number 11
[  363.560580][ T5620] Bluetooth: hci0: command tx timeout
[  364.924995][ T8696] loop2: detected capacity change from 0 to 64
[  364.933362][ T5627] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  364.956357][ T1107] team0 (unregistering): Port device team_slave_1 removed
[  365.058857][ T1107] team0 (unregistering): Port device team_slave_0 removed
[  365.200007][ T8704] loop4: detected capacity change from 0 to 64
[  365.487376][ T8709] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000005: 0000 [#1] SMP KASAN NOPTI
[  365.499477][ T8709] KASAN: null-ptr-deref in range [0x0000000000000028-0x000000000000002f]
[  365.507887][ T8709] CPU: 1 UID: 0 PID: 8709 Comm: syz.4.678 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  365.518648][ T8709] Tainted: [L]=SOFTLOCKUP
[  365.522959][ T8709] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  365.533004][ T8709] RIP: 0010:bfs_get_block+0x589/0xae0
[  365.538373][ T8709] Code: f8 48 c1 e8 03 42 80 3c 20 00 74 05 e8 00 c2 86 ff 49 8b 5d 20 4d 8d 66 28 4c 89 e0 48 c1 e8 03 48 b9 00 00 00 00 00 fc ff df <80> 3c 08 00 48 8b 6c 24 18 74 08 4c 89 e7 e8 d4 c1 86 ff 4c 89 ef
[  365.557967][ T8709] RSP: 0018:ffffc90004c36418 EFLAGS: 00010216
[  365.564027][ T8709] RAX: 0000000000000005 RBX: 0000000000000200 RCX: dffffc0000000000
[  365.571983][ T8709] RDX: 0000000000000000 RSI: 0000000000000040 RDI: ffff88806a965590
[  365.579943][ T8709] RBP: ffff888023144328 R08: ffffea0001334cb7 R09: 1ffffd4000266996
[  365.587911][ T8709] R10: dffffc0000000000 R11: fffff94000266997 R12: 0000000000000028
[  365.595883][ T8709] R13: ffff88806a965570 R14: 0000000000000000 R15: 0000000000000012
[  365.603853][ T8709] FS:  00007f3b670ca6c0(0000) GS:ffff88812538d000(0000) knlGS:0000000000000000
[  365.612780][ T8709] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  365.619357][ T8709] CR2: 0000200000004000 CR3: 0000000029c5f000 CR4: 0000000000350ef0
[  365.627319][ T8709] Call Trace:
[  365.630583][ T8709]  <TASK>
[  365.633507][ T8709]  __block_write_begin_int+0x6c6/0x1910
[  365.639047][ T8709]  ? srso_alias_return_thunk+0x5/0xfbef5
[  365.644681][ T8709]  ? __pfx_bfs_get_block+0x10/0x10
[  365.649784][ T8709]  ? __pfx___block_write_begin_int+0x10/0x10
[  365.655751][ T8709]  ? ktime_get_coarse_real_ts64_mg+0x59/0x1e0
[  365.661811][ T8709]  ? __pfx_bfs_get_block+0x10/0x10
[  365.666907][ T8709]  block_write_begin+0x8d/0x120
[  365.671744][ T8709]  ? bfs_write_begin+0x1e/0xd0
[  365.676583][ T8709]  bfs_write_begin+0x35/0xd0
[  365.681163][ T8709]  generic_perform_write+0x2e2/0x8f0
[  365.686454][ T8709]  ? __pfx_generic_perform_write+0x10/0x10
[  365.692258][ T8709]  ? srso_alias_return_thunk+0x5/0xfbef5
[  365.697882][ T8709]  ? file_update_time_flags+0x219/0x4a0
[  365.703426][ T8709]  ? srso_alias_return_thunk+0x5/0xfbef5
[  365.709047][ T8709]  ? __generic_file_write_iter+0xf9/0x230
[  365.714764][ T8709]  ? generic_file_write_iter+0x136/0x680
[  365.720396][ T8709]  generic_file_write_iter+0x14a/0x680
[  365.725857][ T8709]  ? __pfx_generic_file_write_iter+0x10/0x10
[  365.731833][ T8709]  ? srso_alias_return_thunk+0x5/0xfbef5
[  365.737459][ T8709]  ? srso_alias_return_thunk+0x5/0xfbef5
[  365.743083][ T8709]  ? srso_alias_return_thunk+0x5/0xfbef5
[  365.748705][ T8709]  ? is_bpf_text_address+0x26/0x2b0
[  365.753895][ T8709]  ? srso_alias_return_thunk+0x5/0xfbef5
[  365.759518][ T8709]  ? is_bpf_text_address+0x292/0x2b0
[  365.764791][ T8709]  ? is_bpf_text_address+0x26/0x2b0
[  365.769983][ T8709]  ? srso_alias_return_thunk+0x5/0xfbef5
[  365.775611][ T8709]  ? kernel_text_address+0xa5/0xe0
[  365.780720][ T8709]  ? srso_alias_return_thunk+0x5/0xfbef5
[  365.786343][ T8709]  ? __kernel_text_address+0xd/0x30
[  365.791536][ T8709]  ? srso_alias_return_thunk+0x5/0xfbef5
[  365.797162][ T8709]  ? unwind_get_return_address+0x4d/0x90
[  365.802786][ T8709]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  365.808941][ T8709]  ? srso_alias_return_thunk+0x5/0xfbef5
[  365.814564][ T8709]  ? arch_stack_walk+0xfb/0x150
[  365.819413][ T8709]  __kernel_write_iter+0x41e/0x880
[  365.824524][ T8709]  ? __pfx___kernel_write_iter+0x10/0x10
[  365.830167][ T8709]  ? srso_alias_return_thunk+0x5/0xfbef5
[  365.835790][ T8709]  ? __asan_memset+0x22/0x50
[  365.840370][ T8709]  ? srso_alias_return_thunk+0x5/0xfbef5
[  365.845995][ T8709]  ? iov_iter_kvec+0xb8/0x180
[  365.850670][ T8709]  __kernel_write+0x106/0x170
[  365.855345][ T8709]  ? __pfx___kernel_write+0x10/0x10
[  365.860549][ T8709]  dump_emit+0x8e9/0xab0
[  365.864796][ T8709]  ? __pfx_dump_emit+0x10/0x10
[  365.869558][ T8709]  ? srso_alias_return_thunk+0x5/0xfbef5
[  365.875181][ T8709]  ? __kasan_kmalloc+0x93/0xb0
[  365.879942][ T8709]  ? __kmalloc_cache_noprof+0x31c/0x660
[  365.885489][ T8709]  elf_core_dump+0x2e5d/0x3ad0
[  365.890249][ T8709]  ? __pfx_elf_core_dump+0x10/0x10
[  365.895348][ T8709]  ? __kasan_kmalloc+0x93/0xb0
[  365.900105][ T8709]  ? __kvmalloc_node_noprof+0x528/0x8a0
[  365.905650][ T8709]  ? coredump_write+0x387/0x1910
[  365.910569][ T8709]  ? vfs_coredump+0x3807/0x4530
[  365.915440][ T8709]  ? get_signal+0x1107/0x1330
[  365.920105][ T8709]  ? arch_do_signal_or_restart+0xbc/0x840
[  365.925826][ T8709]  ? irqentry_exit+0x289/0x760
[  365.930588][ T8709]  ? asm_exc_page_fault+0x26/0x30
[  365.935601][ T8709]  ? srso_alias_return_thunk+0x5/0xfbef5
[  365.941224][ T8709]  ? mas_ascend+0x304/0x890
[  365.945743][ T8709]  ? srso_alias_return_thunk+0x5/0xfbef5
[  365.951371][ T8709]  ? srso_alias_return_thunk+0x5/0xfbef5
[  365.956997][ T8709]  coredump_write+0x1216/0x1910
[  365.961843][ T8709]  ? __pfx_coredump_write+0x10/0x10
[  365.967025][ T8709]  ? do_raw_spin_lock+0x12b/0x2f0
[  365.972048][ T8709]  ? srso_alias_return_thunk+0x5/0xfbef5
[  365.977673][ T8709]  ? put_files_struct+0x256/0x350
[  365.982687][ T8709]  ? srso_alias_return_thunk+0x5/0xfbef5
[  365.988309][ T8709]  ? do_raw_spin_unlock+0xf5/0x210
[  365.993424][ T8709]  ? srso_alias_return_thunk+0x5/0xfbef5
[  365.999050][ T8709]  ? unshare_files+0xfc/0x140
[  366.003721][ T8709]  vfs_coredump+0x3807/0x4530
[  366.008412][ T8709]  ? __pfx_vfs_coredump+0x10/0x10
[  366.013433][ T8709]  ? srso_alias_return_thunk+0x5/0xfbef5
[  366.019058][ T8709]  ? __lock_acquire+0x6b5/0x2cf0
[  366.023988][ T8709]  ? srso_alias_return_thunk+0x5/0xfbef5
[  366.029610][ T8709]  ? __lock_acquire+0x6b5/0x2cf0
[  366.034541][ T8709]  ? srso_alias_return_thunk+0x5/0xfbef5
[  366.040168][ T8709]  ? __lock_acquire+0x6b5/0x2cf0
[  366.045101][ T8709]  ? srso_alias_return_thunk+0x5/0xfbef5
[  366.050721][ T8709]  ? __lock_acquire+0x6b5/0x2cf0
[  366.055648][ T8709]  ? srso_alias_return_thunk+0x5/0xfbef5
[  366.061271][ T8709]  ? __lock_acquire+0x6b5/0x2cf0
[  366.066204][ T8709]  ? srso_alias_return_thunk+0x5/0xfbef5
[  366.071828][ T8709]  ? lock_acquire+0x106/0x350
[  366.076493][ T8709]  ? srso_alias_return_thunk+0x5/0xfbef5
[  366.082119][ T8709]  ? srso_alias_return_thunk+0x5/0xfbef5
[  366.087744][ T8709]  ? lock_acquire+0x106/0x350
[  366.092411][ T8709]  ? srso_alias_return_thunk+0x5/0xfbef5
[  366.098034][ T8709]  ? srso_alias_return_thunk+0x5/0xfbef5
[  366.103656][ T8709]  ? is_bpf_text_address+0x26/0x2b0
[  366.108844][ T8709]  ? srso_alias_return_thunk+0x5/0xfbef5
[  366.114465][ T8709]  ? is_bpf_text_address+0x292/0x2b0
[  366.119738][ T8709]  ? is_bpf_text_address+0x26/0x2b0
[  366.124923][ T8709]  ? srso_alias_return_thunk+0x5/0xfbef5
[  366.130548][ T8709]  ? kernel_text_address+0xa5/0xe0
[  366.135657][ T8709]  ? srso_alias_return_thunk+0x5/0xfbef5
[  366.141280][ T8709]  ? __kernel_text_address+0xd/0x30
[  366.146475][ T8709]  ? srso_alias_return_thunk+0x5/0xfbef5
[  366.152099][ T8709]  ? unwind_get_return_address+0x4d/0x90
[  366.157724][ T8709]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  366.163875][ T8709]  ? srso_alias_return_thunk+0x5/0xfbef5
[  366.169498][ T8709]  ? arch_stack_walk+0xfb/0x150
[  366.174348][ T8709]  ? srso_alias_return_thunk+0x5/0xfbef5
[  366.179975][ T8709]  ? stack_trace_save+0xa9/0x100
[  366.184913][ T8709]  ? __pfx_stack_trace_save+0x10/0x10
[  366.190282][ T8709]  ? srso_alias_return_thunk+0x5/0xfbef5
[  366.195902][ T8709]  ? stack_depot_save_flags+0x33/0x810
[  366.201357][ T8709]  ? srso_alias_return_thunk+0x5/0xfbef5
[  366.206979][ T8709]  ? kasan_save_track+0x4f/0x80
[  366.211821][ T8709]  ? kasan_save_track+0x3e/0x80
[  366.216663][ T8709]  ? kasan_save_free_info+0x46/0x50
[  366.221848][ T8709]  ? __kasan_slab_free+0x5c/0x80
[  366.226777][ T8709]  ? kmem_cache_free+0x182/0x650
[  366.231708][ T8709]  ? get_signal+0xa4a/0x1330
[  366.236283][ T8709]  ? arch_do_signal_or_restart+0xbc/0x840
[  366.241999][ T8709]  ? irqentry_exit+0x289/0x760
[  366.246757][ T8709]  ? asm_exc_page_fault+0x26/0x30
[  366.251797][ T8709]  ? _raw_spin_unlock_irq+0x23/0x50
[  366.256989][ T8709]  get_signal+0x1107/0x1330
[  366.261490][ T8709]  arch_do_signal_or_restart+0xbc/0x840
[  366.267033][ T8709]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  366.273193][ T8709]  irqentry_exit+0x289/0x760
[  366.277777][ T8709]  ? srso_alias_return_thunk+0x5/0xfbef5
[  366.283400][ T8709]  ? trace_irq_disable+0x3b/0x140
[  366.288513][ T8709]  asm_exc_page_fault+0x26/0x30
[  366.293352][ T8709] RIP: 0033:0x7f3b6619cde1
[  366.297753][ T8709] Code: 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 48 3d 01 f0 ff ff 73 01 <c3> 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f
[  366.317347][ T8709] RSP: 002b:00000000fffffeb0 EFLAGS: 00010217
[  366.323405][ T8709] RAX: 0000000000000000 RBX: 00007f3b66416090 RCX: 00007f3b6619cdd9
[  366.331363][ T8709] RDX: 0000000000000000 RSI: 00000000fffffeb0 RDI: 0000000002000400
[  366.339318][ T8709] RBP: 00007f3b66232d69 R08: 0000000000000000 R09: 0000000000000000
[  366.347272][ T8709] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  366.355228][ T8709] R13: 00007f3b66416128 R14: 00007f3b66416090 R15: 00007ffcb82556f8
[  366.363195][ T8709]  </TASK>
[  366.366196][ T8709] Modules linked in:
[  366.371114][ T8709] ---[ end trace 0000000000000000 ]---
[  366.395483][ T8709] RIP: 0010:bfs_get_block+0x589/0xae0
[  366.400935][ T8709] Code: f8 48 c1 e8 03 42 80 3c 20 00 74 05 e8 00 c2 86 ff 49 8b 5d 20 4d 8d 66 28 4c 89 e0 48 c1 e8 03 48 b9 00 00 00 00 00 fc ff df <80> 3c 08 00 48 8b 6c 24 18 74 08 4c 89 e7 e8 d4 c1 86 ff 4c 89 ef
[  366.447534][ T8713] loop2: detected capacity change from 0 to 64
[  366.455203][ T5280] 8021q: adding VLAN 0 to HW filter on device eth5
[  366.643786][ T8709] RSP: 0018:ffffc90004c36418 EFLAGS: 00010216
[  366.957521][ T8709] RAX: 0000000000000005 RBX: 0000000000000200 RCX: dffffc0000000000
[  366.988221][ T8709] RDX: 0000000000000000 RSI: 0000000000000040 RDI: ffff88806a965590
[  367.014066][ T8709] RBP: ffff888023144328 R08: ffffea0001334cb7 R09: 1ffffd4000266996
[  367.040282][ T8709] R10: dffffc0000000000 R11: fffff94000266997 R12: 0000000000000028
[  367.094613][ T8709] R13: ffff88806a965570 R14: 0000000000000000 R15: 0000000000000012
[  367.111245][ T8709] FS:  00007f3b670ca6c0(0000) GS:ffff88812528d000(0000) knlGS:0000000000000000
[  367.142624][ T8573] lo speed is unknown, defaulting to 1000
[  367.154404][ T8709] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  367.186750][ T8709] CR2: 00007f66aa197000 CR3: 0000000029c5f000 CR4: 0000000000350ef0
[  367.204594][ T8709] Kernel panic - not syncing: Fatal exception
[  367.210969][ T8709] Kernel Offset: disabled
[  367.215279][ T8709] Rebooting in 86400 seconds..