last executing test programs:

12.488629161s ago: executing program 3 (id=1162):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
dup3(0xffffffffffffffff, r0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r5}, 0x18)
socket$inet(0x2, 0x1, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)

12.439778792s ago: executing program 0 (id=1163):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1, 0x4, 0x7fe2, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'pim6reg1\x00', 0x2})
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000001280)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000300)='qdisc_create\x00', r2}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0, r3}, 0x18)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000000140)={'pim6reg1\x00', @broadcast})

12.108578297s ago: executing program 1 (id=1165):
socket$inet6(0xa, 0x2, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000400007b8af8ff00000000bfa200000000000007020000fcffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$inet6(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
sendto$inet6(r4, &(0x7f00000000c0)="900000001c001f4d154a817393278bff0a80a578020000000104740014000100ac1414bb0542d6401051a2d708f37ac8da1a297e0099c5ac0000c5b068d0bf46d323456536016466fcb78dcaaf6c3efed495a46215be0000760700c0c80cefd28581d158ba86c9d2896c6d3bca2d0000000b0015009e49a6560641263da4de1df32c1739d7fbee9aa241731ae9e0b390", 0x90, 0x0, 0x0, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, &(0x7f0000000200))
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bf"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)

11.593096464s ago: executing program 0 (id=1166):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, 0x0, 0x0, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000003c0)='sched_switch\x00', r3}, 0x10)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000480)='./file1\x00', 0x4, &(0x7f00000002c0)={[{@max_batch_time={'max_batch_time', 0x3d, 0x6}}, {@i_version}]}, 0x6, 0x5fd, &(0x7f0000000c00)="$eJzs3c9rHFUcAPDvzCYxaaNpRcQWxYCHFqRpUotVL7b1YA8FC/Yg4qGhSWro9gdNCrYWTMGDgoKIV5Fe/Ae8S+/eRFBvnoUqUlFQ6crszrabZDfdttmdNPP5wGTnvZnd9747eZn3dvJ2Aiit8exHGrEj4taJJGKsZdtoNDaO5/vd/OPKyWxJolZ78/ckkjyvuX+SP27NE8MR8f3hiMcrq8tduHT59HS11vBBxN7FM+f3Lly6vGf+zPSp2VOzZ6f2vbT/wOTLU/un1iXOrfnjkaNvPP3ph+++OPdDdU8SB+P44PszsSKO9TIe43ErD7E1fyAiDmQrbd6Xh80mCKHUKvnv42BEPBljUamnGsZi/pNCKwf0VK0SUQNKKtH+oaSa/YDm2L67cfDxHvdK+ufGocYAaHX8A43PRmK4PjbacjNpGRk1PtvYtg7lZ2X8d2Xnl9kSyz6H+Pv20RlYh3I6WboaEU+1iz+p121bPdIs/nTZWD+JiMmIGMrr99oD1CFpWe/F5zBruZf4W49DGhEH88cs//B9lj++It3v+AEop+uH8hP5Upa6c/7L+h7N/k+06f+Mtjl33Y+iz3+d+3/N8/1wvd+TruiHZX2WY+1fcnBlxi8fH/m8U/mt/b9sycpv9gX74cbViJ0r4v8oCzbv/2TxJ22Of7bLiYPdlfH6j78d6bSt6Phr1yJ2tR3/3OmVZmtrXJ/cOzdfnZ1s/GxbxrffvfN1p/KLjj87/ls6xN9y/NOVz8vek/NdlvHNsWtnOm0bvWv86a9DSWO8OZTnvDe9uHhhKmIoOZrv0pK/b+26NPdpvkYW/+7n2rf/Zb//V5e/zkjzT2YXzr91+manbfdz/FsuJt+qdVmHTrL4Z+5+/Fe1/yzvsy7L+Ovti8902rZW/CMPEhgAAAAAAACUUFq/BpukE7fX03RiojFf9onYklbPLSw+P3fu4tmZiN31/4ccTJtXusca6SRLT+X/D9tM71uRfiEitkfEF5WRenri5LnqTNHBAwAAAAAAAAAAAAAAAAAAwAaxNZ//37xP9Z+Vxvx/oCR6eYM5YGPT/qG86u1/1S2egDJw/ofy0v6hvLR/KC/tH8pL+4fy0v6hvLR/KC/tHwAAAAA2pe3PXv85iYilV0bqS2Yo32ZGEGxug0VXAChMpegKAIW5felfZx9Kp6v+/z/5lwP2vjpAAZJ2mfXOQW3txn+97TMBAAAAAAAAAAAAgB7YtaPz/H9zg2FzM+0PyusB5v/76gB4yPnqfygvY3zgbrP4hzttMP8fAAAAAAAAAAAAAPpmtL4k6UQ+F3g00nRiIuLRiNgWg8ncfHV2MiIei4ifKoOPZOmpoisNAAAAAAAAAAAAAAAAAAAAm8zCpcunp6vV2QutK/+uytncK827oPahrFfjHp8VSf/flpGIKPyg9GxloCUniVjKjvyGqNiFhdgY1aivFPyHCQAAAAAAAAAAAAAAAAAASqhl7nF7O7/qc40AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoP/u3P+/dytFxwgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPJz+DwAA///LLUAr")
syz_emit_ethernet(0x4a, &(0x7f0000000240)={@local, @empty, @void, {@ipv4={0x800, @icmp={{0x7, 0x4, 0x0, 0x0, 0x3c, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local, {[@cipso={0x86, 0x8, 0x2, [{0x0, 0x2}]}]}}, @time_exceeded={0x3, 0x0, 0x0, 0x3, 0x0, 0x0, {0x6, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x29, 0x0, @broadcast, @rand_addr, {[@rr={0x7, 0x3, 0xf7}]}}}}}}}, 0x0)
r4 = syz_open_dev$usbfs(&(0x7f0000003f00), 0x1ff, 0xa401)
ioctl$USBDEVFS_SUBMITURB(r4, 0x8038550a, &(0x7f0000000400)=@urb_type_interrupt={0x1, {0x1, 0x1}, 0x0, 0x60, 0x0, 0x0, 0xc, 0x0, 0x3f, 0x5, 0x5f8480, 0x0})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='kmem_cache_free\x00'}, 0x10)
bind$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x10000000004e20, 0x0, @mcast2, 0x6}, 0x1c)
setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, 0x0, 0x0)

11.293008108s ago: executing program 4 (id=1167):
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
fsopen(0x0, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmsg$TCPDIAG_GETSOCK(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000100)=ANY=[@ANYBLOB="54000000120001002abd7000fddbdf25150100024e214e2109000000020000000400000000000000c900", @ANYRES32=0x0, @ANYBLOB="00040000ffffff0000002d000000040001000400010000"], 0x54}, 0x1, 0x0, 0x0, 0x401}, 0x20008000)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
setsockopt$inet6_tcp_int(r4, 0x6, 0x1e, &(0x7f0000000180)=0x400000001, 0xc2)

10.575546609s ago: executing program 3 (id=1168):
r0 = syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000100)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0x21000e, &(0x7f0000000280), 0xfe, 0x52d, &(0x7f0000001500)="$eJzs3c1vHGcZAPBnxrvBaVzsAodSqR+iQUkF2Y1r2loc2iIQt0qgcg+WvbGsrLORd93GVgWO+AOQEIJKnDhxQeLGBQnlT0BIlcgdAQIhSOHAARg0s7Ops8wmtrIfqf37Se/uO+/szvO8G+/sOx+ZCeDUeiEi3oyIuYh4KSIWy/a0LHHQL/nrPrz73npe8ua3/5ZEUrZFFNV7zpVvm+8/Veru7V9ba7dbO+V0s7d9o9nd27+0tb222dpsXV9ZWX519bXVV1Yvj6Wfeb9e/9qffvT9n3399V9/8d3fX/nLxe/kSX+1nD/o1/gUn17cKR7r+WdxTy0idsYbbGbmyv7UZ50IAABHko9SPxURnyvG/4sxV4zmCsNDuvnpZwcAAACMQ/bGQvw7icgAAACAE+uNiFiIJG2U5wIsRJo2Gv1zeD8TT6TtTrf3haud3esb+byIpainV7farcvlObVLUU/y6eWi/tH0y0PTKxHxVET8cPFsMd1Y77Q3Zr3zAwAAAE6Jc0Pb//9c7G//AwAAACfM0qwTAAAAACZu1PZ/MuU8AAAAgMlx/B8AAABOtG+89VZessH9rzfe2du91nnn0kare62xvbveWO/s3GhsdjqbxTX7th+0rHpEtDudG1+K2L3Z7LW6vWZ3b//Kdmf3eu/KlvsHAgAAwKw89fztO0lEHHz5bFFyZ/KHuRFvcK4AnBjpcV78x8nlAUzfqJ/5IzgzzjyA6avNOgFgdg5mnQAwa/dd6qNiUHD45J379hn8ZnI5AQAA43Xhs7fvfLfi+H+tPJ8fOLmOdfwfOFEe4fg/8DHn+D+cXvVjjQBuTTATYFYedquPkRfvqDr+X3lmcJY9dFkAAMBELRTl+bRRHgtciDRtNCKeLP6rfz25utVuXY6IT0bE7xbrn8inl4t3Jm4PCAAAAAAAAAAAAAAAAAAAAAAAAABHlGVJZAAAAMCJFpH+OSnv/3Vh8fzC8P6BM8m/FqO8pde7P3n7xzfXer2d5bz97/fae++X7S/PYg8GAAAAnEa1B84dbKcPtuMBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYJw+vPve+qBMM+5fvxIRS1XxazFfPM9HPSKe+EcStUPvSyJibgzxD25FxNNV8ZM8rVgqsxiOn0bE2enEfzbLssr458YQH06z2/n6582q718aLxTP1d//Wlke1X3rvzO/PDQnvbf+mxux/nvyiDGe+eAXzZHxb0U8U6te/wziJyPiv1i1wIoP5dvf2t//v8b+wiP7acSFyt+f5L5Yzd72jWZ3b//S1vbaZmuzdX1lZfnV1ddWX1m93Ly61W6Vj1Uh4gfP/uq/Q9H/k/UV/Y8R8Zce0v/zeaV+qDEbDlMG++Dm3U/3q/WhRRTxL75Y/ff39APi538Tny9/B/L5Fwb1g379sOd+/tvnKhMr42+M6P/D/v0vjlrokJe++b0/HPGlAMAUdPf2r621262diVfez7JsWrGOXon0qC8uhotT/cSmWxmM7iYWYv5x6emUK+cfjzSOUxnHni0AAOBx89Ggf9aZAAAAAAAAAAAAAAAAAAAAwOnV3Yt00pcTG455MJuuAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA80P8CAAD//yOS2ac=")
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f0000000040)='./file0\x00', 0x1a8cc94, &(0x7f00000002c0)=ANY=[@ANYRES16=r0], 0x1, 0x1f7, &(0x7f0000000700)="$eJzs3cFuEk8cB/Af/Cks/3jozcTEZI0HPTXqE9SYmhhJTGo46M1ET3JqL9RL+xjGN/C9fADTExczBnfpIgISEna1fj6X/rbfGWZmFxYuDCkKX25+jCxrRfswDmPSiv1ox8xFAADXySSl+JoKTc8FAKjHBu//32qeEgCwYy9fvX7+eDA4Os7zLOLyYjwcD4u/Rf702eDoQf7DftXrcjwe/neVP8wXPztM8734v8wfFf3zq7gbEcNu3L9b5NPsyYtB/nP/Xrzd8doBAAAAAAAAAAAAAAAAAAAAAKAptyOfWbq/z8HBYt4v8+Jobn+ghf17OnGrUx5W2wOl8zoWBQAAAAAAAAAAAAAAAAAAAH+Z07MP79+MRu9OqqIXEfP/6Sxps7polQ+8UePmi3Zs171fLnOLQVvlKdrtAvvLL+4mRXT+lKuzbZHXMFZ/7elNaVosfxXMtsVY2b0bEetHv3e8Mvq0/qk1SSmNPt85OT2LtHaI6h7Rq/WOBAAAAAAAAAAAAAAAAAAA/665b33/ImtiQgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQgOr3/7coziPiRvy28WysvciaXSwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADX1vcAAAD//zhvIss=")
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN_UNNAMED(0x11, 0x0, 0x0)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='net/arp\x00')
preadv(r1, &(0x7f0000000380)=[{&(0x7f0000000180)=""/38, 0x26}], 0x1, 0xffff, 0xddd073cf)
r2 = bpf$ITER_CREATE(0x21, &(0x7f0000000200), 0x8)
syz_genetlink_get_family_id$team(&(0x7f0000000000), r2)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = socket$netlink(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
sendmsg$TIPC_CMD_GET_MAX_PORTS(r3, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000180)={0x1c}, 0x1c}}, 0x0)
r4 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r4, 0x29, 0x23, &(0x7f00000004c0)={{{@in=@local, @in, 0x0, 0x0, 0x0, 0x0, 0xa}, {0x0, 0x0, 0x0, 0xfffffffffffffffd}, {0x800, 0x0, 0x6, 0x20000000}, 0x0, 0x0, 0x0, 0x1}, {{@in=@multicast1, 0x0, 0x2b}, 0x0, @in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x0, 0x3}}, 0xe8)
syz_usb_control_io$printer(0xffffffffffffffff, 0x0, 0x0)
syz_usb_connect$printer(0x6, 0x2d, 0x0, 0x0)
r5 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
ioctl$EVIOCSFF(0xffffffffffffffff, 0x40304580, &(0x7f00000003c0)={0x0, 0x0, 0x6, {0x0, 0x1}, {0x45, 0x2}, @period={0x59, 0x200, 0x4, 0x7, 0x0, {0xffff, 0xf, 0x4, 0x5}, 0x0, 0x0}})
write$char_usb(r5, &(0x7f0000000040)="e2", 0x2250)

10.132880005s ago: executing program 2 (id=1169):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
mkdir(&(0x7f0000000400)='./file0\x00', 0x101)
pipe2$9p(&(0x7f00000000c0), 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000040)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000001a80)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sched_switch\x00'}, 0x10)
syz_genetlink_get_family_id$tipc(0x0, 0xffffffffffffffff)
mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000280), 0x0, 0x0)
setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000000040)=0x1, 0xfff0)
sched_setscheduler(0x0, 0x2, 0x0)
r4 = openat$uinput(0xffffffffffffff9c, &(0x7f0000001040), 0x0, 0x0)
ioctl$UI_DEV_SETUP(r4, 0x405c5503, &(0x7f0000000940)={{0xfffe}, 'syz0\x00'})
ioctl$UI_DEV_CREATE(r4, 0x5501)
r5 = syz_open_dev$tty1(0xc, 0x4, 0x2)
write$UHID_INPUT(r5, &(0x7f0000000000)={0x9, {"a2e3ad21ed0d09f90e3d090987f70e06d038e7ff7fc6e5539b0d5b0e8b099b3f36006e090890e0878f0e1ac6e7f89b334d959b4a9a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31070d074a0936cd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0a6193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000400000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617679314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec230911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918c91243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac5a4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4b333bd5bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3be3b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ce0700c7e658828163e2d25c4aa348561f927eff7f3aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f05004b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d486046b2c0e2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee6157eb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de225727aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d78749a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29c60acebdbe8ddbd75c2f998d8a57f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95ff80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8870b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513007000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae8489d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60299473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d946a2daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810300000000000000a12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf000000800000000007b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae0e797e8bd1f4108b7807fb36207685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ad50dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b9048017848416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b00f1000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de9c0587c2cb5fe36d7d3e5db21b013b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cf4b23329072e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06810002000000000000957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f3e90d5943dbc10360a1a49700d1dfbf66d69f6fbafe1e83cdde8bb0d872a02238926407a4eddd5d0fc5a752f900000000000000100", 0x1000}}, 0x1006)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, 0x0, 0x0)
r6 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000016c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000000c0)={r6}, 0x4)

9.297528377s ago: executing program 1 (id=1170):
ioctl$sock_inet_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f0000000040)={'bridge_slave_1\x00', {0x2, 0x4e22, @empty}})
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000005000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000180)={0x0, r1, 0x0, 0x1, &(0x7f0000000080)='\x00'}, 0x30)
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./file0\x00', 0x800, &(0x7f0000000b00)=ANY=[@ANYBLOB="696f636861727365743d61736369692c73686f72746e616d653d77696e39352c756e695f786c6174653d302c756e695f786c6174653d302c636f6465706167653d3836352c756e695f786c6174653d302c636865636b3d7374726963742c6e6f6e756d7461696c3d302c616c6c6f775f7574696d653d30303030303030303030303030303030303030303230312c696f636861727367743d69736f383835392d34d698c7ff5badee5dd4ac6ec12c726f6469722c756e695f786c6174653d312c00"], 0x41, 0x282, &(0x7f00000004c0)="$eJzs3bFqW1cYB/BPtlzJhiINBdNS6C1dOgnbxbtMcaFU0NKioZ1qYpsEyzHEYEgG25vJOySvkIxZAxlC1rxACAQnkCXO5CGgoFxZkRxJsZxIMuT3W/xxz/nrnnN8uBcPPvr/+82N1a3t9aOjw8jnM5EtRzmOM1GMiZiM1H50lel+GQC46I7r9XhVT417LADAaHj/A8CXp9/7P7PfuvbX6EcGAAzLJ/39PzGUIQEAQ/bPv//9sVSpLP+dJPmIzYOd6k41/Zm2L63HlajFWsxFId5E1FvS+rffK8tzScPzYuQ39ybS/N5OdbIzPx+FKHbPzyepqDZyJ/mpmGnmn8zEWixEIb7pnl/omv8qfv6p7f6lKMTjS7EVtViNRjbN5yJidz5Jfv2z0liApkY+964fAAAAAAAAAAAAAAAAAAAAAAAMQylpKXaen5Oe31Mq9WpP8+3nA033Ox+ovnfqfJ5sfJcd79wBAAAAAAAAAAAAAAAAAADgoti+fmNjpVZbu9avuProzoPDXBr4aOf+RaZ538FSB337TJ+eRT4iFiOib+rrH5/d6taUi9yZ1udkJudejalTI0yaH3j/h/Mv78iKh4eXv/1le3axranSvjci25662Zhqx+f02EjZs23IwYuXhYieffIDb8j24u5JUX79QZ9ca5NMj/sXN3u7vHJv9+mLs6b6PDTqk5/7MQQAAAAAAAAAAAAAAAAAAHT8f3vvPoujHBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAjMH77/8ftMhFx5V8z877454jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC8DQAA//8mbYtA")
chdir(&(0x7f00000003c0)='./file0\x00')
r2 = getpid()
sched_setaffinity(0x0, 0xffffffffffffffa8, &(0x7f0000000000)=0x1002)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f00000004c0)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00'}, 0x10)
ioctl$SNDRV_TIMER_IOCTL_SELECT(0xffffffffffffffff, 0x40345410, 0x0)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000280)={'syztnl2\x00', 0x0})
bpf$MAP_CREATE(0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="1e00000007000000090000000400000022000000", @ANYRES32, @ANYBLOB="ad000000000000000077c0d14a00000000006500", @ANYRES32, @ANYRES32=r4, @ANYBLOB="0400000003000000030000000300"/28], 0x50)
setsockopt$inet6_IPV6_RTHDRDSTOPTS(0xffffffffffffffff, 0x29, 0x37, 0x0, 0x8)
mkdirat(0xffffffffffffff9c, &(0x7f0000000740)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
rename(&(0x7f0000000900)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000100)='./file0\x00')
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x2000040, &(0x7f00000009c0)={[{@errors_remount}, {@nodiscard}, {@grpquota}, {@lazytime}, {@stripe={'stripe', 0x3d, 0x8000}}, {@resgid}, {@sysvgroups}, {@noauto_da_alloc}, {@usrquota}]}, 0x10, 0x4d6, &(0x7f0000001340)="$eJzs3dFrHFsZAPBvJtmbtjfX5KoP1wveFltJi3Y3aWwbfKgVxD4VrPW9xmQTQjbZkN20TSia4ruCiAo++eSL4B8gSP8EEQr6LlUU0VYffFBXdna2pnG3iXS705v8fjCZc+bszvcdws7OmTnsBHBsnYmI6xExEhEXImIi357my412+63O6549fbDQXpJotW7/JYkk39bdV5Kv346I3YgYi4iv3oj4RvK/cRvbO6vztVp1M69Xmmsblcb2zsWVtfnl6nJ1fXZ25src1bnLc9MD6edkRFz70h9+8N2ffvnaLz9773d3/nT+m+20xvP2vf0YpE7XS3Fiz7bRiNh8HcEKMJKvS33avzMyxGQAADhQ+xz/oxHxqez8fyJGsrNTAAAA4ChpfWE8/plEtAAAAIAjK83mwCZpOZ8LMB5pWi535vB+PE6ltXqj+Zml+tb6Ymeu7GSU0qWVWnU6nys8GaWkXZ/J59h265f21Wcj4t2I+P7EyaxeXqjXFou++AEAAADHxNv7xv9/n8jG/2NF5wUAAAAM2GTRCQAAAACvnfE/AAAAHH3G/wAAAHCkfeXmzfbS6j7/evHu9tZq/e7FxWpjtby2tVBeqG9ulJfr9eXsN/vWDtpfrV7f+Fysb92vNKuNZqWxvXNnrb613ryz8sIjsAEAAIAhevf0o98mEbH7+ZPZ0vZW0UkBQ5Ec0J49JORJXvn9EBIChmak6ASAwowWnQBQmFLRCQCFO+g6QN/JO78afC4AAMDrMfWJ/vf/XRuAoy0tOgEAYOjc/4fjq/TiDMDLxWUCFOUjB7S/+v3/Vuv/SggAABi48WxJ0nJ+L3A80rRcjngneyxAKVlaqVWn8/HBbyZKY+36TPbO5MA5wwAAAAAAAAAAAAAAAAAAAAAAAABAR6uVRAsAAAA40iLSPybZr/lHTE2cG99/feCt5B8T2Toi7v349g/vzzebmzPt7X99vr35o3z7pSKuYAAAAAD7dcfp3XE8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAzSs6cPFrrLMOP++YsRMdkz/ukT2epElCLi1N+SGN3zviQiRgYQf/dhRLzXK37STismo5NFr/gni4vf+lYrM4AM4Ph61D7+XO/1+UvjTLbu/fkfzZdX1f/4l0b3+DfS5/jzziFjvP/455W+8R9GvD/a+/jTjZ/0iX/2kPG//rWdnX5trZ9ETPX8/kleiFVprm1UGts7F1fW5pery9X12dmZK3NX5y7PTVeWVmrV/G/PGN/75C/+/bL+n+oTf/KA/p87ZP//9fj+0491iqVe8c+f7f39+16f+Gm+o0/n5Xb7VLe82ynv9cHPfv3By/q/2Kf/z///Pb5o2zHPH7L/F259+8khXwoADEFje2d1vlarbn4YC2kMes/pG9Gv41kYezPSUOgUij4yAQAAg/bfk/6iMwEAAAAAAAAAAAAAAAAAAIDjaxg/J7Y/5m4xXQUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeKn/BAAA///EhuBv")
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000000)={'ip6_vti0\x00', &(0x7f0000000080)={'syztnl2\x00', 0x0, 0x29, 0x7d, 0x9, 0x1, 0x51, @private2={0xfc, 0x2, '\x00', 0x1}, @loopback={0x0, 0x460c6}, 0x7, 0x0, 0x25a1, 0x40}})

9.290937297s ago: executing program 0 (id=1171):
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f00000002c0)='mm_page_alloc\x00', r0}, 0x10)
syz_emit_ethernet(0x76, &(0x7f0000000300)={@link_local, @dev, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "f53a04", 0x40, 0x3a, 0x0, @remote, @mcast2, {[], @param_prob={0x2, 0x0, 0x0, 0x500, {0x0, 0x6, "508359", 0xfffc, 0x0, 0x0, @private2, @mcast1, [@hopopts={0x3a}], "27a3e9a450d9b74e"}}}}}}}, 0x0)

8.943684132s ago: executing program 4 (id=1172):
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x208, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000021000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x18)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
r2 = getpid()
openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
openat$selinux_access(0xffffffffffffff9c, 0x0, 0x2, 0x0)
sched_setscheduler(r2, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x9, 0x4, 0x7fe2, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r5}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000740)='scsi_dispatch_cmd_start\x00'}, 0x10)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r6, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @loopback}, 0x1c)

8.832127534s ago: executing program 0 (id=1173):
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001780)=ANY=[@ANYBLOB="02000000040000000600000005000000"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x2000000}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r5 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r5, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="02030609100000000000004c9e00fb00020013000200000000004c00ff0800ed05000600200000000a0006000000000026b900000000000000001ffeff0001000003f1dc7f7c6e7c02000100000000000040fb020000000005000500000000000a"], 0x80}}, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='cgroup.controllers\x00', 0x275a, 0x0)
fsetxattr(r6, &(0x7f0000000000)=@known='security.selinux\x00', &(0x7f0000000500)='\xff\x8c\x1d\xdfD\xccz\x14=\xf0\x993\xc6\n0\x97\x1eOM\x16c\x05W\xf0/\xcd\x86\x92s`-FH\x81\xfeJM\xd2\xeb\x05\xaa\xc5\x8d\xca\xe3\xca\x9frM`y\x8d\x8as8_g\xdd\xd2ZP\x9b\x84\xe3ZF\xb3IW\x01\xaex\x1d(Z\x1bX<\xeb\xe6\x1d\x01T\x18\xbf\x1c\x11\xd6sT\xab\x00\xc5\xbc\xb7\x11o7\xd9r\r\xb8\x19\x15I\xa0]\"\xe8\x94\x03\xd28\xf9S2\x98\xf8\xdf\xe2\xdd\a~\xfa\xf4p\x904v\xc5\xb79\x91\xb7\x0e\xffS\xde\x9d\xf1\x97\x95N(\x82\xea^r\x82\x00s\xa5R%\xb4\xcb\x0e\x9eT8.\\\x04\xe7\x92P\x8a>v\xf2\x96\xf1\xff-\xebw\xdd;\xff\xc7I\xdb', 0xb6, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f00000000c0)='./file1\x00', 0x200000, &(0x7f0000000200), 0x3, 0x570, &(0x7f0000000680)="$eJzs3V1rHFUYAOB3Nkm/tSmUoiIS6IWV2k2T+FFBsF6KFgt6X5dkGmo23ZLdlCYW2l7YG2+kCCIWxB/gvZfFP+CvKGihSAl64U1kNrPtNtnN52q2zvPAtOfMzObM2TPv2Xd2dtkACmsk+6cU8WLcjK+TiMNt2wYj3ziyst/So+uT2ZLE8vInfySR5Ota+yf5/wfzygsR8cuXESdLa9utLyzOVKrVdC6vjzZmr4zWFxZPXZqtTKfT6eXxiYkzb06Mv/P2Wz3r62vn//ru43sfnPnq+NK3Pz04cieJs3Eo39bejx242V4ZiZH8ORmKs6t2HOtBY/0k2e0DYFsG8jgfimwOOBwDedQD/383ImIZKKhE/ENBtfKA1rV9j66DnxkP31+5AFrb/8GV90ZiX/Pa6MBS8tSVUXa9O9yD9rM2fv797p1siQ3eh7jRg/YAWm7eiojTg4Nr578kn/+273TzzeP1rW6jaK8/sJvuZfnP653yn9Lj/Cc65D8HO8Tudmwc/6UHPWimqyz/e7dj/vt46hoeyGvPNXO+oeTipWp6OiKej4gTMbQ3q693P+fM0v3lbtva879sydpv5YL5cTwY3Pv0Y6YqjcpO+tzu4a2Il57kv0msmf/3NXPd1eOfPR/nN9nGsfTuK922bdz/dr3PgJd/jHi14/g/uaOVrH9/crR5Poy2zoq1/rx97Ndu7W+t/72Xjf+B9fs/nLTfr61vvY0f9v2ddtu23fN/T/Jps7wnX3et0mjMjUXsST5au378yWNb9db+Wf9PHF9//ut0/u+PiM822f/bR2933bUfxn9qS+O/9cL9D7/4vlv7mxv/N5qlE/mazcx/mz3AnTx3AAAAAAAA0G9KEXEoklL5cblUKpdXPt9xNA6UqrV64+TF2vzlqWh+V3Y4hkqtO92H2z4PMZZ/HrZVH19Vn4iIIxHxzcD+Zr08WatO7XbnAQAAAAAAAAAAAAAAAAAAoE8c7PL9/8xvA7t9dMC/zk9+Q3FtGP+9+KUnoC95/Yfi6hL/pgUoAIEOxSX+objEPxSX+IfiEv9QXOIfAAAAAAAAAAAAAAAAAAAAAAAAAAAAeur8uXPZsrz06PpkVp+6ujA/U7t6aiqtz5Rn5yfLk7W5K+XpWm26mpYna7Mb/b1qrXZlbDzmr4020npjtL6weGG2Nn+5ceHSbGU6vZAO/Se9AgAAAAAAAAAAAAAAAAAAgGdLfWFxplKtpnMKXQvvxW4fxucv7+ThSedRTto6uGJbTQz2yzAp9LSwyxMTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALT5JwAA//821zOC")
fallocate(0xffffffffffffffff, 0x0, 0x0, 0x1001f0)
ioctl$EXT4_IOC_GET_ES_CACHE(0xffffffffffffffff, 0xc020662a, &(0x7f0000001440)={0x11, 0x9, 0x1, 0x3fc00, 0x39})
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x4, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0}, 0x18)

8.690236156s ago: executing program 2 (id=1174):
syz_mount_image$fuse(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
chdir(0x0)
unlink(0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDGKBDIACR(r3, 0x4b4a, 0x0)

8.222185702s ago: executing program 3 (id=1175):
ioctl$sock_inet_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f0000000040)={'bridge_slave_1\x00', {0x2, 0x4e22, @empty}})
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000005000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000180)={0x0, r1, 0x0, 0x1, &(0x7f0000000080)='\x00'}, 0x30)
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./file0\x00', 0x800, &(0x7f0000000b00)=ANY=[@ANYBLOB="696f636861727365743d61736369692c73686f72746e616d653d77696e39352c756e695f786c6174653d302c756e695f786c6174653d302c636f6465706167653d3836352c756e695f786c6174653d302c636865636b3d7374726963742c6e6f6e756d7461696c3d302c616c6c6f775f7574696d653d30303030303030303030303030303030303030303230312c696f636861727367743d69736f383835392d34d698c7ff5badee5dd4ac6ec12c726f6469722c756e695f786c6174653d312c00"], 0x41, 0x282, &(0x7f00000004c0)="$eJzs3bFqW1cYB/BPtlzJhiINBdNS6C1dOgnbxbtMcaFU0NKioZ1qYpsEyzHEYEgG25vJOySvkIxZAxlC1rxACAQnkCXO5CGgoFxZkRxJsZxIMuT3W/xxz/nrnnN8uBcPPvr/+82N1a3t9aOjw8jnM5EtRzmOM1GMiZiM1H50lel+GQC46I7r9XhVT417LADAaHj/A8CXp9/7P7PfuvbX6EcGAAzLJ/39PzGUIQEAQ/bPv//9sVSpLP+dJPmIzYOd6k41/Zm2L63HlajFWsxFId5E1FvS+rffK8tzScPzYuQ39ybS/N5OdbIzPx+FKHbPzyepqDZyJ/mpmGnmn8zEWixEIb7pnl/omv8qfv6p7f6lKMTjS7EVtViNRjbN5yJidz5Jfv2z0liApkY+964fAAAAAAAAAAAAAAAAAAAAAAAMQylpKXaen5Oe31Mq9WpP8+3nA033Ox+ovnfqfJ5sfJcd79wBAAAAAAAAAAAAAAAAAADgoti+fmNjpVZbu9avuProzoPDXBr4aOf+RaZ538FSB337TJ+eRT4iFiOib+rrH5/d6taUi9yZ1udkJudejalTI0yaH3j/h/Mv78iKh4eXv/1le3axranSvjci25662Zhqx+f02EjZs23IwYuXhYieffIDb8j24u5JUX79QZ9ca5NMj/sXN3u7vHJv9+mLs6b6PDTqk5/7MQQAAAAAAAAAAAAAAAAAAHT8f3vvPoujHBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAjMH77/8ftMhFx5V8z877454jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC8DQAA//8mbYtA")
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0xffffffffffffffa8, &(0x7f0000000000)=0x1002)
syz_open_dev$usbfs(0x0, 0x12, 0x80801)
r3 = dup(0xffffffffffffffff)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f00000004c0)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0x7, 0x0, &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r6}, 0x10)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r3, 0x40345410, 0x0)
connect$inet6(r3, 0x0, 0x0)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r3, 0x89f0, &(0x7f0000000280)={'syztnl2\x00', 0x0})
bpf$MAP_CREATE(0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="1e00000007000000090000000400000022000000", @ANYRES32=r3, @ANYBLOB="ad000000000000000077c0d14a00000000006500", @ANYRES32, @ANYRES32=r5, @ANYBLOB="0400000003000000030000000300"/28], 0x50)
setsockopt$inet6_IPV6_RTHDRDSTOPTS(0xffffffffffffffff, 0x29, 0x37, 0x0, 0x8)
mkdirat(0xffffffffffffff9c, &(0x7f0000000740)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
rename(&(0x7f0000000900)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000100)='./file0\x00')
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x2000040, &(0x7f00000009c0)={[{@errors_remount}, {@nodiscard}, {@grpquota}, {@lazytime}, {@stripe={'stripe', 0x3d, 0x8000}}, {@resgid}, {@sysvgroups}, {@noauto_da_alloc}, {@usrquota}]}, 0x10, 0x4d6, &(0x7f0000001340)="$eJzs3dFrHFsZAPBvJtmbtjfX5KoP1wveFltJi3Y3aWwbfKgVxD4VrPW9xmQTQjbZkN20TSia4ruCiAo++eSL4B8gSP8EEQr6LlUU0VYffFBXdna2pnG3iXS705v8fjCZc+bszvcdws7OmTnsBHBsnYmI6xExEhEXImIi357my412+63O6549fbDQXpJotW7/JYkk39bdV5Kv346I3YgYi4iv3oj4RvK/cRvbO6vztVp1M69Xmmsblcb2zsWVtfnl6nJ1fXZ25src1bnLc9MD6edkRFz70h9+8N2ffvnaLz9773d3/nT+m+20xvP2vf0YpE7XS3Fiz7bRiNh8HcEKMJKvS33avzMyxGQAADhQ+xz/oxHxqez8fyJGsrNTAAAA4ChpfWE8/plEtAAAAIAjK83mwCZpOZ8LMB5pWi535vB+PE6ltXqj+Zml+tb6Ymeu7GSU0qWVWnU6nys8GaWkXZ/J59h265f21Wcj4t2I+P7EyaxeXqjXFou++AEAAADHxNv7xv9/n8jG/2NF5wUAAAAM2GTRCQAAAACvnfE/AAAAHH3G/wAAAHCkfeXmzfbS6j7/evHu9tZq/e7FxWpjtby2tVBeqG9ulJfr9eXsN/vWDtpfrV7f+Fysb92vNKuNZqWxvXNnrb613ryz8sIjsAEAAIAhevf0o98mEbH7+ZPZ0vZW0UkBQ5Ec0J49JORJXvn9EBIChmak6ASAwowWnQBQmFLRCQCFO+g6QN/JO78afC4AAMDrMfWJ/vf/XRuAoy0tOgEAYOjc/4fjq/TiDMDLxWUCFOUjB7S/+v3/Vuv/SggAABi48WxJ0nJ+L3A80rRcjngneyxAKVlaqVWn8/HBbyZKY+36TPbO5MA5wwAAAAAAAAAAAAAAAAAAAAAAAABAR6uVRAsAAAA40iLSPybZr/lHTE2cG99/feCt5B8T2Toi7v349g/vzzebmzPt7X99vr35o3z7pSKuYAAAAAD7dcfp3XE8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAzSs6cPFrrLMOP++YsRMdkz/ukT2epElCLi1N+SGN3zviQiRgYQf/dhRLzXK37STismo5NFr/gni4vf+lYrM4AM4Ph61D7+XO/1+UvjTLbu/fkfzZdX1f/4l0b3+DfS5/jzziFjvP/455W+8R9GvD/a+/jTjZ/0iX/2kPG//rWdnX5trZ9ETPX8/kleiFVprm1UGts7F1fW5pery9X12dmZK3NX5y7PTVeWVmrV/G/PGN/75C/+/bL+n+oTf/KA/p87ZP//9fj+0491iqVe8c+f7f39+16f+Gm+o0/n5Xb7VLe82ynv9cHPfv3By/q/2Kf/z///Pb5o2zHPH7L/F259+8khXwoADEFje2d1vlarbn4YC2kMes/pG9Gv41kYezPSUOgUij4yAQAAg/bfk/6iMwEAAAAAAAAAAAAAAAAAAIDjaxg/J7Y/5m4xXQUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeKn/BAAA///EhuBv")
r7 = socket(0x10, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r7, 0x89f1, &(0x7f0000000000)={'ip6_vti0\x00', &(0x7f0000000080)={'syztnl2\x00', 0x0, 0x29, 0x7d, 0x9, 0x1, 0x51, @private2={0xfc, 0x2, '\x00', 0x1}, @loopback={0x0, 0x460c6}, 0x7, 0x0, 0x25a1, 0x40}})

7.427947033s ago: executing program 2 (id=1176):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_add_vcpu$x86(0x0, &(0x7f0000000040)={0x0, &(0x7f0000000bc0)=[@uexit={0x0, 0x18}, @code={0x1, 0x48, {"460f01ca410f01d10f070f22550f20d835200000000f22d8660ff548620f48dcb9b10000400f320fc71b440f20c03502000000440f22c0"}}, @uexit={0x0, 0x18, 0xffffffff}, @cpuid={0x2, 0x18, {0x13, 0xe0b5}}, @code={0x1, 0x62, {"2ef3470f32470fae1e2e66420f388197c3230000c4a361404e080766460f3880bf0a000000c4e3fd007f3d48b9800000c00f3235000100000f30410f01b82c1c0000c4e14f7d2d93700000c4630d42119e"}}, @cpuid={0x2, 0x18, {0x40, 0x6}}, @code={0x1, 0x55, {"4c0fc7ac0904000000f2f2deefdeffc46265b6cd660ff9f566baa10066ed0fc76bf748b80d000000000000000f23d80f21f835000000b00f23f8440f01c83e3ef30fa6d0"}}, @cpuid={0x2, 0x18, {0x1000, 0x3}}, @code={0x1, 0x5e, {"66baa00066edc4614175e966baf80cb8e0253589ef66bafc0cb000ee0fc731440f32b94f0a0000b845d40000ba000000000f303e36260f0766bad00466b8060066efc4a1fc10e8c4a36121db00"}}, @uexit={0x0, 0x18, 0x80000001}, @code={0x1, 0x5b, {"410f077c8f66ba2000ec64450f01c8c744240059000000c744240288070000ff1c24c4c2fd2390c9000000640fc75e07420fc7bb7427000066440f3a633517000000008fc8008e6b0000"}}, @uexit={0x0, 0x18}, @uexit={0x0, 0x18, 0x7fffffff}, @cpuid={0x2, 0x18, {0xaf, 0x4}}, @cpuid={0x2, 0x18, {0xffff, 0x6}}, @cpuid={0x2, 0x18, {0x7ff, 0x8}}, @code={0x1, 0x6b, {"48b800400000000000000f23d80f21f835800000100f23f83e0f78eb66430f08b8010000000f01d966baf80cb8746a4683ef66bafc0c66ed410f01c467440ff4d066bad10466b8671d66ef470f01f80f20e035000020000f22e0"}}, @code={0x1, 0x53, {"c4437502afa2200000c2460f5fbe0000010066baa000ed650f01cb66b804000f00d00fc77696660f38803f450fc7b84ce384bc460500000000a2e7c7918b62f26f7c"}}, @uexit={0x0, 0x18, 0x7}, @uexit={0x0, 0x18, 0xfffffffffffffffe}], 0x3ae})
r2 = dup(r1)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000b80)=[@text64={0x40, 0x0}], 0x1, 0x8, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@textreal={0x8, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000640)={0x0, 0xd000})
ioctl$KVM_NMI(r3, 0xae9a)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

7.110511318s ago: executing program 0 (id=1177):
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001780)=ANY=[@ANYBLOB="02000000040000000600000005000000"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x2000000}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='cgroup.controllers\x00', 0x275a, 0x0)
fsetxattr(r5, &(0x7f0000000000)=@known='security.selinux\x00', &(0x7f0000000500)='\xff\x8c\x1d\xdfD\xccz\x14=\xf0\x993\xc6\n0\x97\x1eOM\x16c\x05W\xf0/\xcd\x86\x92s`-FH\x81\xfeJM\xd2\xeb\x05\xaa\xc5\x8d\xca\xe3\xca\x9frM`y\x8d\x8as8_g\xdd\xd2ZP\x9b\x84\xe3ZF\xb3IW\x01\xaex\x1d(Z\x1bX<\xeb\xe6\x1d\x01T\x18\xbf\x1c\x11\xd6sT\xab\x00\xc5\xbc\xb7\x11o7\xd9r\r\xb8\x19\x15I\xa0]\"\xe8\x94\x03\xd28\xf9S2\x98\xf8\xdf\xe2\xdd\a~\xfa\xf4p\x904v\xc5\xb79\x91\xb7\x0e\xffS\xde\x9d\xf1\x97\x95N(\x82\xea^r\x82\x00s\xa5R%\xb4\xcb\x0e\x9eT8.\\\x04\xe7\x92P\x8a>v\xf2\x96\xf1\xff-\xebw\xdd;\xff\xc7I\xdb', 0xb6, 0x0)

7.109513968s ago: executing program 4 (id=1178):
socket$inet6(0xa, 0x3, 0x1)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001600), 0x0, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000005000000050000000900000001"], 0x48)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_buf(r5, 0x29, 0x20, &(0x7f00000000c0)="0bbb268dd6ffa80800000000000000000000210d0000aaa8fa017242ba9380d424000000000000002900000002000000", 0xfe60)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r4, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000009c0)={0x1f, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r4], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00'}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x10, &(0x7f00000001c0)=ANY=[@ANYBLOB="180000002c0000000000000006000000181100", @ANYRES32=r0, @ANYBLOB="00000000005f4f3727d227e157000000b7030000000000008500000083000000bf09000000000000550901000000000095000000000000001d950c0010000000bf91000000000000b70200000200"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x410c84, &(0x7f0000000340), 0x1, 0x784, &(0x7f0000001900)="$eJzs3c1rHOUfAPDvbN7aNL9fIghaTwFBA6UbU2Or6KHiQQQLBT3bLpttqNlkS3dTmhDQIoIXQcWDoJeefak3r75c9V/w5EEsVdNixYNEZrPTbJvdNEmTbHU/H5js88zM5pnvPDPzPLvzMBtA1xpN/+QiDkbEe0nEcGN+EhF99VRvxPHV9W4uLxXTKYmVlVd+S+rr3FheKkbTe1IHGpmHI+LbtyMO5daXW11YnCmUy6Xzjfx4bfbceHWhPyIK06Xp0tzRicnJI8eeOnZ052L944fFoavvv/j4F8f/euuhK+9+l8TxGGosa45jp4zGaGOf9KW78DYv7HRhHZZ0egPYlvTU7Fk9y+NgDEdPPQUA/Je9ERErAECXSbT/ANBlsu8BbiwvFbOps99I7K1rz0fEvtX4s/ubq0t6G/fs9tXvgw7eSG67M5JExMgOlD8aEZ989dpn6ZTmf3y2u/Y/0DlvXoqI0yOj66//yboxC1v1xAbL+huvo3fM77b2Bzrp67T/83Sr/l/uVv8nWvR/Blqcu9tx1/N//w4UsoG0//dc09i2m03xN4z0NHL/q/f5+pIzZ8ul9Nr2/4gYi76BND+xQRlj1/++3m5Zc//v9w9e/zQtP31dWyP3S+/A7e+ZKtQK9xJzs2uXIh7pbRV/cqv+kzb935ObLOOlZ975uN2yNP403mxaH380RiftjpXLEY+1rP+1EW3J2vjExcNnZ+8YnzhePxzGs4OihS9/+miwXfnN9Z9OafnZZ4G9kNb/4MbxjyTN4zWrWy/j+8vD37Rbdvf4Wx///cmr9XTWj7hYqNXOT0T0Jy+vn39k7b1ZPls/jX/s0dbn/0bHf/qZ8HSrgFrUdO/VXz/ffvy7K41/akv1v/XElZszPe3K31z9T9ZTY405m7n+bXYD72XfAQAAAAAAAAAAAAAAAAAAAAAAAMBm5SJiKJJc/lY6l8vnV3/D+8EYzJUr1dqhM5X5uamo/1b2SPTlskddDjc9D3Wi8Tz8LH/kjvyTEfFARHw4sD/JnqM41eHYAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACBzoM3v/6d+Huj01gEAu2ZfpzcAANhz2n8A6D7afwDoPtp/AOg+2n8A6D7afwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHbZyRMn0mnlz+WlYpqfurAwP1O5cHiqVJ3Jz84X88WhOJefrlSmy6V8sTJ7t/9XrlTOTcbc/MXxWqlaG68uLJ6arczP1U6dnS1Ml06V+vYkKgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADYmurC4kyhXC6dl9hGYuX+2IzOJ3oah9MuFJFEROcD3HAL74/N2OFEhy9MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP8S/wQAAP//iZYeGw==")
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r6, &(0x7f0000000240), 0x208e24b)

7.102735078s ago: executing program 2 (id=1179):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
socket$nl_sock_diag(0x10, 0x3, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000071000000180100002020752500000000002020207b1af8ff00000000bfa1000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
setsockopt$inet6_tcp_int(r4, 0x6, 0x1e, &(0x7f0000000180)=0x400000001, 0xc2)
io_setup(0x8a, &(0x7f0000000680)=<r5=>0x0)
io_submit(r5, 0x1, &(0x7f0000000040)=[&(0x7f0000000000)={0x180a, 0x3000, 0x3, 0x1, 0x80, r4, 0x0, 0x3000}])
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x1, 0xf8)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)

5.428887622s ago: executing program 3 (id=1180):
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x208, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000021000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x18)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
r2 = getpid()
openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
openat$selinux_access(0xffffffffffffff9c, 0x0, 0x2, 0x0)
sched_setscheduler(r2, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x9, 0x4, 0x7fe2, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r5}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000740)='scsi_dispatch_cmd_start\x00'}, 0x10)
socket$inet6_tcp(0xa, 0x1, 0x0)
syz_open_procfs(0x0, &(0x7f0000000180)='pagemap\x00')

5.271724275s ago: executing program 2 (id=1181):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000100)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0x21000e, &(0x7f0000000280), 0xfe, 0x52d, &(0x7f0000001500)="$eJzs3c1vHGcZAPBnxrvBaVzsAodSqR+iQUkF2Y1r2loc2iIQt0qgcg+WvbGsrLORd93GVgWO+AOQEIJKnDhxQeLGBQnlT0BIlcgdAQIhSOHAARg0s7Ops8wmtrIfqf37Se/uO+/szvO8G+/sOx+ZCeDUeiEi3oyIuYh4KSIWy/a0LHHQL/nrPrz73npe8ua3/5ZEUrZFFNV7zpVvm+8/Veru7V9ba7dbO+V0s7d9o9nd27+0tb222dpsXV9ZWX519bXVV1Yvj6Wfeb9e/9qffvT9n3399V9/8d3fX/nLxe/kSX+1nD/o1/gUn17cKR7r+WdxTy0idsYbbGbmyv7UZ50IAABHko9SPxURnyvG/4sxV4zmCsNDuvnpZwcAAACMQ/bGQvw7icgAAACAE+uNiFiIJG2U5wIsRJo2Gv1zeD8TT6TtTrf3haud3esb+byIpainV7farcvlObVLUU/y6eWi/tH0y0PTKxHxVET8cPFsMd1Y77Q3Zr3zAwAAAE6Jc0Pb//9c7G//AwAAACfM0qwTAAAAACZu1PZ/MuU8AAAAgMlx/B8AAABOtG+89VZessH9rzfe2du91nnn0kare62xvbveWO/s3GhsdjqbxTX7th+0rHpEtDudG1+K2L3Z7LW6vWZ3b//Kdmf3eu/KlvsHAgAAwKw89fztO0lEHHz5bFFyZ/KHuRFvcK4AnBjpcV78x8nlAUzfqJ/5IzgzzjyA6avNOgFgdg5mnQAwa/dd6qNiUHD45J379hn8ZnI5AQAA43Xhs7fvfLfi+H+tPJ8fOLmOdfwfOFEe4fg/8DHn+D+cXvVjjQBuTTATYFYedquPkRfvqDr+X3lmcJY9dFkAAMBELRTl+bRRHgtciDRtNCKeLP6rfz25utVuXY6IT0bE7xbrn8inl4t3Jm4PCAAAAAAAAAAAAAAAAAAAAAAAAABHlGVJZAAAAMCJFpH+OSnv/3Vh8fzC8P6BM8m/FqO8pde7P3n7xzfXer2d5bz97/fae++X7S/PYg8GAAAAnEa1B84dbKcPtuMBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYJw+vPve+qBMM+5fvxIRS1XxazFfPM9HPSKe+EcStUPvSyJibgzxD25FxNNV8ZM8rVgqsxiOn0bE2enEfzbLssr458YQH06z2/n6582q718aLxTP1d//Wlke1X3rvzO/PDQnvbf+mxux/nvyiDGe+eAXzZHxb0U8U6te/wziJyPiv1i1wIoP5dvf2t//v8b+wiP7acSFyt+f5L5Yzd72jWZ3b//S1vbaZmuzdX1lZfnV1ddWX1m93Ly61W6Vj1Uh4gfP/uq/Q9H/k/UV/Y8R8Zce0v/zeaV+qDEbDlMG++Dm3U/3q/WhRRTxL75Y/ff39APi538Tny9/B/L5Fwb1g379sOd+/tvnKhMr42+M6P/D/v0vjlrokJe++b0/HPGlAMAUdPf2r621262diVfez7JsWrGOXon0qC8uhotT/cSmWxmM7iYWYv5x6emUK+cfjzSOUxnHni0AAOBx89Ggf9aZAAAAAAAAAAAAAAAAAAAAwOnV3Yt00pcTG455MJuuAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA80P8CAAD//yOS2ac=")
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_usb_control_io$printer(0xffffffffffffffff, 0x0, 0x0)
syz_usb_connect$printer(0x6, 0x2d, 0x0, 0x0)
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
ioctl$EVIOCSFF(0xffffffffffffffff, 0x40304580, &(0x7f00000003c0)={0x0, 0x0, 0x6, {0x0, 0x1}, {0x45, 0x2}, @period={0x59, 0x200, 0x4, 0x7, 0x0, {0xffff, 0xf, 0x4, 0x5}, 0x0, 0x0}})
write$char_usb(r0, &(0x7f0000000040)="e2", 0x2250)

4.302746848s ago: executing program 4 (id=1182):
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
fsopen(0x0, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmsg$TCPDIAG_GETSOCK(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000100)=ANY=[@ANYBLOB="54000000120001002abd7000fddbdf25150100024e214e2109000000020000000400000000000000c900", @ANYRES32=0x0, @ANYBLOB="00040000ffffff0000002d000000040001000400010000"], 0x54}, 0x1, 0x0, 0x0, 0x401}, 0x20008000)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
setsockopt$inet6_tcp_int(r4, 0x6, 0x1e, &(0x7f0000000180)=0x400000001, 0xc2)

2.686903271s ago: executing program 1 (id=1183):
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x8, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/20, @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000780)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='br_fdb_add\x00', r1}, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'bridge0\x00', <r4=>0x0})
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="280000001c000100000000000000000007000000", @ANYRES32=r4, @ANYBLOB="4000aa000a0002"], 0x28}}, 0x0)

2.621645532s ago: executing program 3 (id=1184):
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x208, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000021000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x18)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
r2 = getpid()
openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
openat$selinux_access(0xffffffffffffff9c, 0x0, 0x2, 0x0)
sched_setscheduler(r2, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x9, 0x4, 0x7fe2, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r5}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x10)
socket$inet6_tcp(0xa, 0x1, 0x0)
syz_open_procfs(0x0, &(0x7f0000000180)='pagemap\x00')

2.576979763s ago: executing program 1 (id=1185):
mkdir(&(0x7f0000000100)='./file0\x00', 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x8, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0x8, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000e00000850000001b000000b700000000fa000095"], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000180)='kmem_cache_free\x00', r1}, 0x18)
pipe2$9p(&(0x7f0000000240)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r3, &(0x7f0000000180)=ANY=[@ANYBLOB], 0x15)
r4 = dup(r3)
write$FUSE_BMAP(r4, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_NOTIFY_RETRIEVE(r4, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000500)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r4}})

1.062327075s ago: executing program 0 (id=1186):
writev(0xffffffffffffffff, 0x0, 0x0)
sendmsg$IPVS_CMD_SET_INFO(0xffffffffffffffff, 0x0, 0x20000004)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, 0x0, 0x0)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r3}, 0x0, &(0x7f0000000040)}, 0x20)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
r5 = creat(&(0x7f0000000040)='./bus\x00', 0x21)
r6 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_MCAST_JOIN_GROUP(r6, 0x0, 0x2a, &(0x7f0000000180)={0x2, {{0x2, 0x0, @multicast2}}}, 0x88)
close_range(r5, 0xffffffffffffffff, 0x0)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000580)='./file1\x00', 0x8205, &(0x7f0000000480)={[{@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x8}}, {@data_err_abort}, {@minixdf}, {@errors_remount}, {@abort}, {@noblock_validity}, {@barrier}, {@journal_dev={'journal_dev', 0x3d, 0xf35}}]}, 0x1, 0x618, &(0x7f0000000640)="$eJzs3c9rXFsdAPDvvZPEpI2mFSm2KA24aEGaH7VYddV2YxcFC3Yh4qKhSWropA1NCrYWTMGFgoKIW5Fu/AfcS3HrTgR151qoj0ceb/Heo/O4d+a28zIzyTQvM3ea+/nAnZx77p0555s7J/ecOzlzA6is2ewhjTgdEbeTiJm2bdPR3Djb2m/n/ad3siWJRuOH7yWRtPKK/V+1fh7PHpKIyYj4x7WIL9c6y918/OTeUr3R9IuI+a31jfnNx08urK0v3V25u3J/8eJ3Ll1e+O7ipcVDibOI6/qNH3ztt7/86bdX/1m/kMSVuDX+8+XYFcdhmY3ZeNUKsT1/LCIuZ4kuv5d3TRFCUnI9OJha6/04HhGnYiZq+VrTTKz9ptTKAQPVqEU0gIpKtH+oqKIfUIztBzEOHmUvrzYHQJ3xjzWvjcRkPjY6tpO0jYya490Th1B+VsYnT8/8MVuix3WIsUMop5ftZxHx1W7xJ3ndTuRXcbL400jbnpelFyJiIiLO9j3+H+/Imd21Puz339vE334csvivtH5m+dcOWH7Z8QNQTS+utk7k29nam/Nf1jMs+j/Rpf8z3eXcdRBln/969/+K8/1kfo083dUPy/o7N7u/ZEcn57+/vv77XuW39/+yJSu/6AsOw8tnEWd2xf+rvKOXvD7+SZfjn+1yu88yvv+v/1/vta3s+BvPI851Hf+86dFmqfmt9Y0ib9fnk/Ora/WVheZj1zL++vef/LlX+WXHnx3/6DH+2+v4Z3kbfZbxl5vP13ttm943/vR/E8mtPDXRyvnZ0tbWw8WIieRGa5e2/It716XYp3iNLP7z3+je/rvF3yoqP9Dbn/lt9Lbxo3s7vfbr+/h3Dp0yrxp7h7uvLP7lHu///Y7/7/os48MfP/r6rqypIrFX/FOdL5Vsv3WEAAAAAAAAUB1p/hlsks69Tqfp3FxzDu9X4lhaf7C59c3VB4/uL0ecz/8fcjwtPumeaa4n2fpi6/9hi/WLu9a/FREnI+IPtal8fe7Og/py2cEDAAAAAAAAAAAAAAAAAADAiDjemv9f3Kf6g1pz/n9ftk4NuHbAwA3yBnPAaNP+obry9p+WXQugDM7/UF3aP1SX9g/Vpf1DdWn/UF3aP1SX9g/Vpf0DAAAAwJF08uyL/yQRsf29qXzJTLS2jZdaM2DQ3r6Nzw6kHsDw1Yb6NGCUvP7o3/R/qJy++v8ftb4ccPDVAUqQdMvMOweNvRv/i67PBAAAAAAAAAAAAAAG4Nxp8/+hqtL4W9lVAErSOZH/9E6fE/18BwC843z1P1TX5xrju0AAR8J+s/gne20w/x8AAAAAAAAAAAAAhmY6X5J0rnUL0OlI07m5iC9GxIkYT1bX6isLEfGliPh3bfwL2fpi2ZUGAAAAAAAAAAAAAAAAAACAI2bz8ZN7S/X6ysP2xMcdOUc7UdwFdVTq056IZPiFTkXEKMQ+mMRYW04SsZ0d+ZGo2MPNGIlqpHk1Sv7DBAAAAAAAAAAAAAAAAAAAFdQ297i7M38aco0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYPje3P//4Ilkn9cpO0YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4N30aQAAAP//4SE8Ww==")

1.061514675s ago: executing program 4 (id=1187):
creat(&(0x7f0000000000)='./file0\x00', 0x108)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000140), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x10, &(0x7f0000002140)=ANY=[@ANYBLOB='fd', @ANYRESHEX=r0, @ANYBLOB=',rootmode=000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f0000006340)={0x2020, 0x0, <r1=>0x0, <r2=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000000040)={0x50, 0x0, r1, {0x7, 0x1f, 0x1, 0xc18da8, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x10}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f00000021c0)="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000081000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000090000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003dc150f4000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f50000000000000000000000000000000000000000000000000000000000000000000000000000000000c6d90000000000001354c4b6000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f8000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001a00", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(r0, &(0x7f0000004200)="a28096c80abf3543ecde7564abff5085d2227ebcb0f164ae92706ad0b083a3f469a3efd15b4921e9c3063b98b3082068e7c31950dde842eac55df0f991453cad62a6956b0b6f7b8cf49b506a3060fe1127eca99663ade8efa89ee189acb5f3b92f6bc4c46621c803eed0d0bb5f32384870ed08f89d4f74445762fb99715e083c4c92a8878be19ffacc30d0f2da64f971cd40563163adc15670ecf25cd3ad96138967c4b53ad9d04b5193ab5fb674aa0030a9d703d1baf810ce897f969121f142161919e583c275671b999e7f363891dfdfdf3556d01b86ee29eca8fccbfeaf1771395148706cc6e6be7ce29fc9ffef061b5420950c1a525bf75ad06edec51538d1c5bbc77da72dc90fd9998936fffdda2427e5a68966c7e2208f76304680182ec73007e482f034195712af922db2726195d997708734db9e7825a864be00b2a4f800881fc0363f5e618398454f35b148b4ccb88d418269fac868a8ba4a2d5b4f06a1ac01b5ad158b842e05adca22c7372585bf4ce95560b6c1e021a3ed2ff7bd3b6b3c7734c3b66d7e4c460096312082f89b16baa6e73814aa60925780cd92cd65087e260ec046fc363264366a9df2c849c0644911303946adad544521ceb469a3e193ecc9a7876403fac461a4a70d6193b2451189a5c5120b3535e9edf619108af7f517b58abd3fa7fb1ab832213430d2e6901076fba9c9e1acc6c6f48ff0e419bbc45589745a176f52a7407ad5e3dd49acb31b47862806f47077dda04905e45a80a12cbcd4d2dd9fe66c2d1f99394fed8ec60961cd2dc7115a96ece432fac86d51bebb08b95f447a83792fe80291fca7b298c9043ef2c26f0f7e42798d3f54c84b94c24c76c555d83ecc53b99bb22d71845e5cf21a5ba7fbeffeb6306e1730db14561b950a3f24bcfd78d4ab0d97de8054bb1a6077ae7cca6e45d846d3df82298d07212922742cb0facac3b77edfbab90e9ee2d4f7b0ee9b17bb11ec5e5721340d84cb6bd93428167e69b47759172557acda313c3decdfc6fe9336bfade459f43b39d0f2289f9142db280f4ee668e650e12858c577e12e2b9a57ee66c834be97979bcbe94747fa5d8d0b7d3a9f8f218df1bf960f828429a1efe838616b18faf6629236ddbded43a093efae163228e5c38fd7714743c2fcca47e3382bcfb1ab893fd7377527b4ec43f3fa60ebd338161d8de7cad65b15579e4af258f5fe3a63c2637a15703207029b0899b5427767647baef11e291358e6e54f6f13d3d2ca7a5e7969e04d2733b3b9ab822c69a3cfac097384de5071a9b74a656136d55eb190df08747b509fd610ff62b4950ef71c934fe21a48a4931d3d9458b415f112cee65c660f5490e982341da1c58634b3967ca6f3596d20cc90f508382156e36f16539093240ef5f2aa6a2c0dff2a67df30dcf50bf6e0b82a3d49f2d532a8dde1b3ceefcf0837190b74186090d1c18b59917d7efce1adfb238ef4a7b1d22c4cef09320221de883e97e6882466508de06fcdabad3b741bdca2cff879d57ddda52f42b3dcb8a78cfc05826af7e4ff155960ff8491194f4d321ef195990abaeeefdcb852d1e1e3703f317385a9458b6c2dd9db830f757ec29c9939fc7313e639fe485bc1e41ddaaef3fbf1f7cc527c8fad0d21b8082482caad7bee440e5097665f636c3dfec82f8c98afb6243bc3944939675a594277d278ba4361461f7da52e224e4ce5dee4a467bf6ae9f67b61ac6eb0a440406abac2016eec907e241c57f5f44be47290fd0fef785ff04df3810ccd637b4d97a84bae8486a36f75d872e645fe46625969fc2d1f032c56ed44bd98ea27bd9b6ddc8eb2dc2ec9f90f2f1ca1bd20e37ac58b03c84c872f4ba47310654986641460dfdd531ac62a76ad87b89c103ac5c9c2e7e70c66447b3412d4a1e5cbc30e16939505116c04de33ae054ed366de8d1f971c2de439957a194e22a488f58d7efd46439177f3f3c45a1475927eecd846d3d2e6a2ab5c7f8addd99062c2fc6b272d1f51bb8f22f1b6f8bb3faf8aa85e5eb9abf7df5cf8f26267323808b0833a987989cbe59205e7ad06556e2d1b8a4873ca1cbcbc8d43abc145fd4eb832e7a58ab2c793d003ce7b1850ce45eb7480417a1e9eb9d39a1028a2a04a2aa649c098c4f8eee514db5f6021173bb254b8e22b150b2ca01dc7ff235db46ed78d07f43d1adab13b8445d1b32069eb45f9d389fcf5a3f7d3ebe243c5b1fe17b1f5a3d571b65f21b9e471e818172554dc956749b99cb7a5f303ec480d7194a2ba86e204f06aa1becdddc8c49082c527e7064ac2ad77dc05639d3d2a7778f6943ed6105ebf6f0b9e94fddbe05c236ec000f4d1d4e496b10068211ab68ada4c7f7ac61f5f5ba5f1810d5bbe87ff4f8356af0d3f682baedb0ad8f8488b277421f0a03fc5e3095ee34bc4472d8f17e3f7013cf2f79f5ff3ea4b6bae56d1365a33b09bfa9a496323f7da923b7e29dce4beb81035f13130004c96e56d7ef6ca6c101d20c27a218e623227c33c9e488b17e7ae9ac20da8240501f7b614a1730f164553fe479ef149866e4ea47296814284a3d3eb7cbb294289ffb996e0eb053b9c16e54cf267832e3d360eb196ed51305630223309ea97215628f01ec9d3ea48096418d5e962cac5063460f0a18772ec7ce66d14a1cce14b52c40bbbfafccbf1e76f09e57ff0718048e5b993157a6cf4718826b1e09430413a3596a15c4a620fa8c8e1d1663e5739f9f790ddbb3be0e00187d43717d659242467d8681ac10303346157f894d9037641417010e9654c6a5b22263e73a5a37128f50078a980c30930321aa5c5e7851d5d392ddce3a14a96916fa8421ae6728f37f5de7c3e98feb4babd4e1bd2315d595e209d52748f70adc2284fcdaa6ad880470d2a071f3490aaf3491fb64b4547419e8eccdc491a8921156cb4811ad1e66514a32b0b31b641438881f28c1e6461b4f451938999af671e8c6a5cd0c072a9fe4cdbefe24ca616f3d0a15ac97cca835b1a440e04fa28340c6044176c8ecc8ee0d033d47db8a0aacfa0eabdfa1c9509fc2604008f01cbafeb5bd2b503b809ed672340b9a576593f1ef388391b54b605e7a15bef7b1345627a34fca57738b0f8f4f19eea93c903495274a4425a1a1cc6c4c6e335b631df5185c95b485a4257867b5347a40e4e14dcc560f061fd4fd265137dc68afd548adde778f1330f769acb1ccf5da14ff6992c24e210ea6e6179421881b803393bc6974e37106c5b5b3b5d0b3469f8969bffb7e4ceb2c98e928e74366492d27235ae4c74a2f48511aeeaa53a2beafa7a331b50e454c507af1b63350a5cef35668a5b9325014192277e509561008b3601088f79d42eaa8b1e4ae2000b31749e2b8094312ddb7f3c1cd625ef885c11fa22a66e374b52b3425e0b8016154e1fd8471339e32e7373d63ab646d893fbe09ae07b06074c01401ea76b3c382a9d32f24f93c789964e16bc4206ecd75c10917ab84ffd8d6cdf4cd28fd90375ff28518f8c1a3befc538e1b9e427fb671988d29f2fb2fcd039f4d341c84eb4d7cf600ddaba88bb094e4d87a1419180149f491368e648b69985b05ac39a4ecdd3c5135f3a5c8ad7792dacb6470144bb9e67805a211efb3ec9ccaf8e0901345fb19e4da579e1fbe86a1207f4f13c3436009c2c640b7cf3f8b77ca7bd994bf93308027359c6dd1b7db1e153fc0821968ef36c003b6c73fe890f4de24f5c6458dbaaf3819edeaa91783c3cfc7e773689236248195c7bbd60113f2476fa3687621d668d1728ee433d2f8f4db707345d30f1e52ab87a2a0afd547c6bb06500f59f17facde48f693490e22494b75d11df1a143b85068d143ef6a9bb5937a9df380c8948f1a01e9675e18409edb0f6b9605b68e34632fcce472dc50b90b0f6dcd57931f78e1e8861a0fb62e72b0baad6f9d23c1cfb0f19b25013c8d9fcd786a2f6f79768b5fb398f7b2baa31ce8156d1fc4a46c1c463fdf30360d42aeed2ef11611d0b7f654bb51052fd4dc39328f8ec4c58bbda05e6f1b3c8f6d8adca0268f2410e9a4a7d63b6616006d0e02f6edacc10e5c54fd85f15a8bd7648a293f23d6a699bd9a675250475a73a96d7475e4fabb89fb5e7de5d7a3479aa485c0befc60d0ac4fd5ac6dbecceb06cad86e219fc0ce4720758917811a3215f8d13e413bfb64fc065fc421aede0b56691797dac428c7e463479fa591b9072c309b7533e427c5cc11a1f6cf9a5b995d328d796d874c5b55dfc12a5039b413ce319cf5ba1f355c4e0717d32650b43e18010f37f048731931c52c4f36eb969dda702afe96c2a5241350a67ba2d026946189c5e281293c9a8e2cff3784776f1de78b917101b54e5ab00c045ea15f28a0e3f509962cf8bd3385d85250737eae5c34ece86b86669c13b00308a3b13c0ac3c83ff26fb52a4aa83c1233a9490cb9ca917a056908931751bddb88a62379a713395f0764e4a393faf253a4026d0472270e6036287d56850df1751543484d65b3062155b6300e0024241c59a862ae769c1a9232a2d9fb24705177a09cceb3eefbf9f106f67e01be14cdeb4d2fc7d8661df3e75de5ccd09a7e559f028fb9837c621ea0045b4d1b679067f246339c974631aa7134d4e910efb28d3c48929cef1df7e6c73668762d55086b6c59c36ac90154135fd7ca4e4047dd0aa161fa982d8edf9c0cb9666477e096c55718f6e4742415fefd4f696d1f1ccd6322bc19496ddebd36282a7c707d5b44113e30678e6e33ab7d34be04a59ac614d6a54134490998be02636fa91633d6294781c2b9a54c611c0045cfcfe81f49aa21b29d835cd2047c854486fd8e65a2ebf629f7ced602b9dd107bfde483e5c9b5cbba4a08cdce09920bda9978b7fc2b4a89bf1573a26389e52090fdf5dccf22111dc8c42fd3c8c477092895398086cc22cca665269e193fc650742a361a44b857d258429f701f22e9b7615bc3dab78c1479a41cf8575cdb17169470b347adfc03e03daea3e269725cfc72df5664b9df36d2f2b55013b71133e0b80577a47182511ebb308b6248d457bd2af7b28e77182c305241178c4124ab102771fd5a8c3dacb8775de881301d71587c76bcf0a97a72ad244d0c42fd71aceec32dd48bb5c9a95b391166c832ac5bac8c7cae4d18b3f7d9f2e4782fdf97732e3d51f67bbb57f989ee0d7589dbd0c2a5c63840e914b9d7d720fa120acbffebf816b588b2ccc052e7fa78992e0ea39dd21a122add41195f8e2e1acd777c1a4e8ef4362fef441feb4d9252c6bfbd2742152300a32027776e3341620d3c8d9365e10e81adcca7d87a0e555c98a0353c692557d90ee9be3fbaab766abf93e2462149fd99c92a5fc58d899ee75535cd1fe1386c5ab0b157c2102039d6015258f59cef3f15b951893a30ae839f740402a30b34e7be73796286403c5beb0853d856d83f1b00b48328f56dcb32e1faab08a3435b1482bf18b21c95aefeaafa7fd761c7f28d416fcde06bf7aee5c6e9eb50e55874253ba3f1d0ce2505b4fc7c3fc996bfbb8446bafe84f5bea94bfd7ca5aeaf237fe793b66e5c521d4092e4e1f9bde1dfcfe53fa55005d21cfa833a338fd9792614129336060e10d1911862070761aa20c2902eb7c5a355eff4cf6253d7102a2ca1fead4c53b57d576d104c081310d92797e4e2e8c269d19910d0d4cedf30fa28ba680c00137f83de940624229b6a125ce5233c6cf4a3640b74f58f288dad8451fbe37641c5559a5f3caf1299c8bfb230723652278fe378efd8e459b9da26cffeb58468a6301dbc06d713ba2d8d43d9038f5f2dc8b831ba58a88eeb5b1786b21e398aeeeb7c1f3d6f01d82b3947862fb9e7cbd7da5d04c5fcd34da28d53e2246e3ac1e3a619ad174efa6435eaa0fc94d610799ce0158421dce046306eb5042143daa336d52206b12610ea6389cdda49bf5af1d4ee42ac090a94ae7b7612073f3a5c36a2245eda887f41478f7d20f18667f941f71eebcfa76c1ab28f2a49a3bd56bd3f4e6bd079ab3fe2d94782236e83585a03e52907abaef7456a95d5d3f3d37efdc035dbfd7c41b8ba0af2df8adf1cf24f7ff0beccd3d26bc91caf42314ef7e466f74e19ae0df2e2298fc2f694a7ec134632035585d530e7e19f65c256f001d75382d9825ef741bc213af186377d9ca10d3722354e1897ca5c23ac6a52c9ad0e6b686e1776f7ec65df033e8f4d5db80c1bc354093b319cb70df93d610667675816328c99322f14e636b95f04e6497f139d508b453f53ddb5c289d849fd5407c9bdcefd1642abd46e28cb4e94371bdc606eeb67c9fe17747c68f2d50e82711da4d3edb0eda06f41b7f93fa8fb4d83cf21c79da67000bac2275508217ade1659fa8d24e5f8efb9f4bd21073ebef3d06368eb03fa3cf0d638448bd055ed20d292033ffdba538559c8ff9a2a5c8f83b5c393643d6585d1df994c3be43e72b8f3f53114d2a5f6bcedb573842b23b6a3eb7fca8495bf03bd03fde7b19bd39a16cec49e01f38e671af33cae082d9788e3202799bc466babec2080528d0609c0b731964719093735b4c1e73bd0705637c47516922197c552baeaf3516b5e3bbc2cd1afa3ef8215196ed580d9561092f620b897e98e786a0c7cbb0eedda8063292ba6482497f5f6bb62fb5ab4c97cb7658dc6579718eb97b547fcf47ced1426561af93a15fb4dc6d3d93b868644943c2c94b23b0570bbb81df2666c24f5abccfcdd71e209f3bb43c01d17f9bc8b9af2c26762fc6a741a150b7d1186e4f35175f3c315243e1c11e92c43a1fc492eef5a13c77a81fcf514ebfd0f8e645dae15a07e86b2f01fda065db4505a5eea83cb616f744f6bee731be191c65449c02603556d5a51422cf9c2f19f8d6843e0c1091e0708aa271e91f71c8602b9fa72189e036b7cb6af1569f21269283de94a6d7fe5849fd433d5b719c80419873db0587fc29786cc598d896fb16360bddd2ce12e54d05418f4f5e5f2d7aafe9fcd6268cbe2e9e6329ffb6c67fab8f3ce673028cc06aaa6b857556bba3b44d3fab5b6e875e70a2f3ad4b2ff76f31ead3462d3801ba373b3c2f545e94f57021575e2947f81f53283fc0a5137fd44fa3d074c92de54a0a3465c858f5a7ef08313faddbc3663e4e0167f3cba39612057a7518fbfb031f5ad0f9f75831973ebd733b82e554bf3fdec84e51f65dab6028c6c51366d9d4700fdf255e4c7bd70766e7f2281b3f2a5363f85ce49f9135904d14bcb117ad754c2594dcdca2d30e40ff265b5accfb116f64ed99aad570c4c5a91efdbb984ac651d8721405a0342cf77f448c17a152eabf29e88950558a86d0074e1cefab1eb7c366682f686ee1338737e675ea58eb8b4c86b9f28a6f6e96459f29e3b4dc59ff044c61a0dcc5c31d803e6e98420e446229ccdec3d0f705e92ffe016bb3696373eadab7f35ccf65ab4d9be09a085ce21bbd7c0555376e4d7fe68b5e7a64f48b5127825fb2be598d991f9c1a54bf52713417dcc599e812d85513a537e6eafa738edc972b67e065595d11678449bce6cd3d69800a649b560d0e057c502ca3e72e97820829ecfea801192c3f4e2c8763c095a43ee6fe45fe8730130937668df1d4ee577ada28238be03286481f2d2a004cc4d48856e71fbd64f1a0043a4520ecbbf1b3abdc96b87a27be8495a20542967aa4cd3a44a11502419a083d84e97abfde0901b66dde48388649a0ed6d93b9f20c530e990c7c52370a114d800d6ab3f6687d6bbc105b63738fe05fa6cac98ad6663936bb18cb923264e44312c24c2ce8e642bb73c921012b68a26a70977446b8f15f9d62467d8b356560c183a6bd6cd76ec868c3bd94a595cd7bf996755a508a814980c5e588b275200c45afd900c8c2de329ec2484b0e3ecd7b0960e5e3425881d1ff7f8bd8b20f5cc98ffc3acb77f5e88775a4bd3ab9f9eb027e27d3af55ebdf4eebab48ea911128d668d00fc3f5b5480aa0d9a4af563ba577384448e5425157133d59e1cef3c722f33700bd372825046b1fa5824e405154a3af1440bc2b75acfbd07cf92e8c162587e74b5ab66b1c6aeab3ad5fa3ee91da4900ef30ad04baea326df912517dd96e1696b4a91faa66675978a375e81f25464a1073dc6737af08d7e25956bb31d438548a7da38662d49db812a8cf1d6cc65f5c63879fd9ee7fd2a66ca3fc1a768cb239aab88c87206470b4c60592afeb6d69ed97a8f990155862ba4e22b64804142c131a23792937aa8a8696e165c24d7692a04bb4471b0f0d2507fe7c8618421428fc7a0acc984ca5cc6bacb772e8a717bbaa646f9643275910a6037afaf5a80678d18edda138a4e13d06d04a5d06431eab48738225cf1567e960e765728dc12e91b91c6f2b33dfb6e033aa68c1c2334d24335abc4a7a1df5636dec29091da54d5f5a1fff41e4a35a0c2f04f968f7d78e2f51c73577e2192bb20f289aaba5a175c2ed533855bd9ed9a842ad482136dd5e0cf45eb5e2d31ff62a3be1cf8a94a58316e74f4ab9fc54f3a0bb83beef0f355993bdea2c83e61cdc796bf2564ae51fae616799e8711998cd88d35cd9824452fdd65226174b46792cb87f4dd282e4e6f67eb66da413ad877ed6ce775f7e19bc93f48bb9e5ec04009de3c042aeacf7f4b25ad6b30e017303f64fe07ac79e8744aab6926d117f13513d0469cef335fe1d0d787c2d0b2c031a9521786ac10e9f8b768271680337f2c3262abdccb5d3107c632bf1f74c83ee91f49988222fb080cc8faa9b1a02526d8b6087e0b2354173d29016b3309587c16f057dd812aa63c3169150de81f3af97d082a8f8da4ce4f909ff649821d7f96d97613552e8cc4902e046ecfa329b1d980ff5ece69b8f1615fdff5244f41cec0af924624ae1641ecae5fa26c5fb9006e57100ee71377ced7c255ae17a0845e2ee0287c62c1852f93877f9f86157ca9675d383fff5cd6f2b001ec0136c07cf37f5ace1853122c2baa1092d418e2a490c4a5c8f56b828ce1bafeef4e77f095d6b4ed99d56f66812cb19be540ebe5d52e7eff2d69cbb8477e11514f7e3604bf9999f78c2f1ca6f60a2216b87fa0f25269c425b7d50709b200912b3b7899c95e12d6e9c4dacc19e327721860e0477a53e6793fbb7fb9704a848f395f48c24a6e79b9e1358cc3497251de88b8d3a7b22c6d8af1a7fab81530d9f0cc98f62debb222b54780d89794238532717b447d71b46a60ed481c21db85b590b31720009695ecffd4ef029964e5d5149622233ac013e960a005c924f73ea82c318455546c53d74aa3f7e2ff26aa074c40a55aba8b08027fc19b596eec6c4f89bae39e74b9aad88344f7cc5ad3eefa5095f2ab47222e9a357ecd71c6700ac576025201490d9e446603dfd4bda7617dd500981b2d2ab8c43882a5208494cb3f8ebc720bca8a7cf6c80bd7aaaf89507bb3412ea490a78973f12cc30413e9df1458917ea3d68b438d424c1314bc8d01939c5a5a842438281e62d0c800dee704b2a6cd3e1e4b885a6b26b894a98765fa3308c9e4b87f93625faecdb17c29a27cd243bf6030a67874ec9f2443cf8154261ac2a834c01cbe1f314ee7aa3ca552e1648cf8b42a63f249e3538026e09e44d69dc259adb0d1a0cbccb5a5dd5d0dccc90d023da79d5634188ff060f7e35a5f9d7ad99546824d63975d4452de876093f4e997dc46eedcd80a9eebf5e4f077fbb10c7d9e19a3419e7b845972a3b62613c5404a209b16fa88e0ff49d7b4f21fecc1f773c5b4be61021e0cab8602c6e8257649303aaeafcbb178e7a460ff07f219c46eb6fe5bf8113723e454003bd707767c107daf4255751daaf8decf35262640058924eb6587868b2c08230b317e97396ebc928ba8d274ca0eed0bfcb637676003c64e8c1e1a0420b6c96a44226061ced41b8448382abd2f3d0c472afcde231fbc9ee90c2f1132f8e2391246f95ad93354c7460e20de996ad0f61b13b27646887a637cede90b94b7d8c3130f0fe060e8d955c711a2700b302a75bdeb32a0a6802ea795cb114f5f82a1a381a86bbff88b299e47728b746dff964c94c52b661b9429376b1320b46081426b7c340206dc0da151bf84be2a49e78b6b5938753d2b1be8d9e67c43c5d70e72519f5f90d0500e84ee38f82b191ac4d968b0a37901fd923cb289d585693ac3c3f8a94fca6df45e694e199a9cd0b1bc1fa7394bcc96aae670dca6605a998793b7e067ac410ba631057b8b76fcbe9524df820c02efef1608b743cd2aa6d60d3d8e476fa12d3acc329f8272b087d89471177ed531fec1f9c24a975ca2fcd8c246a33e291a3f00b7f234052067a0059c86762475256bb5e7dac6f121a0925506b18933c6e314915d4b3b2130aafc2483ef22ff8bb7b887565b1bd22fabca22037d8fc9437f675c5313526266f60bb7c7c47f30c7d567ed142ea5ec367c4298328d20e5344f01c0c90cf8a6302f4d84b6ba7495fba314a05ba29b63bb6d458fdb05a4411136958309f418fb178e19aa09ff9e62b29732fb2986c96e738f7a688cb2122dbb8f2ad9a5f28bc49ec0c462413552afee8e403259b55ad6dc334dde7f2d306929dd01f2aa6036cafd41874522689301b81c9e50e86828894140356db0a3317b081ed9d8148c41e77e6bda6287762532b86eb91f5480915680deb8a91fb8656b7f0109064865d2b846af0861f67d3f720d6e306540cd7b68f095ef3690b88ea93fb6a402ff5697597cda83171f159e85307d1a8c01611189bd4eb4f0453ab88d43ae181a562a76902a67c687514079d6f4304d9a7c0fa24b6e86074ea0a9fd8187c120312078f5ebfa674adc0303734bf8f6b5585943706594192ad64c9f7d9794fb83758924f862855ddd50bff58b522c43d73c03289baec628cd693cab93101b1e473b76532510e10f03e86812fea6f2d6f5467dcf29e6d7cf8524f383a0ded3f0951c3ffb171a6b8a6d97b5fa8899a19f1a3d0e934a1d4741076e4394ba225158f697bf7d5651717c6950229a0be22e8120d76a414edbcd03d505264b7ede8272ccbd6dbdcebaf11daf6a652f6f9eb74ba7a3ecc942892891388005ae5d971e4e79d696564906dffd44845b704a9abc2fa5ba1bb69a548423a08044ad6d0e365db7e6bea0f3844a452759716cb98dcf326001ec90c1c343174098cdf47ea2e13341058ca014d2a30e9ba3c526de72a6e387181bf76a278c9cbc518d8c374a3f1d9802a39464a100903dbec16f8f095f5d82d9d09507281e4f7fe0ce4fbeced193902a5f658af2a4c1d0952dabdc6ae5830b6b5a2c3f5b8d33a73665990822e5f4a7ce5366755a1615543bdf78299c71e890e0bedb6ec277b10a389d6a3ba9c037221421279e51ab50fb115de2076cc99444202e88ebd9d0fbe4e60234b7b761495ac6c9e615ddac8176164a88fb6d6cc2b52672c8949afe3efc1e87a598896bc93e421423844fcaafe65af898a015b3bcaf623ebeef9a57155af5278ceb52b995f7ca466d9e18b05e86380679e0257cff6d0c6750078462f2ee4701d6d8289ed848b877cf5918625b7937060d667c11119881c30809056892352c6c53c01e395af6866ea350e6f21fa3db772c1177c759999973b51e11ffc5908", 0x2000, &(0x7f0000000c80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x78, 0x0, 0x0, {0x0, 0x2, 0x0, {0x0, 0x4000000, 0x0, 0x100, 0x0, 0x0, 0x8000000, 0x8000, 0x200, 0x8000, 0x0, r2}}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r3 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0xa4901, 0x0)
lstat(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180))
write$tcp_congestion(r3, &(0x7f00000000c0)='lp\x00', 0xfffffdef)

1.015422196s ago: executing program 2 (id=1188):
socket$inet6(0xa, 0x3, 0x1)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001600), 0x0, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000005000000050000000900000001"], 0x48)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_buf(r5, 0x29, 0x20, &(0x7f00000000c0)="0bbb268dd6ffa80800000000000000000000210d0000aaa8fa017242ba9380d424000000000000002900000002000000", 0xfe60)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r4, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000009c0)={0x1f, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r4], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00'}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x10, &(0x7f00000001c0)=ANY=[@ANYBLOB="180000002c0000000000000006000000181100", @ANYRES32=r0, @ANYBLOB="00000000005f4f3727d227e157000000b7030000000000008500000083000000bf09000000000000550901000000000095000000000000001d950c0010000000bf91000000000000b70200000200"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x410c84, &(0x7f0000000340), 0x1, 0x784, &(0x7f0000001900)="$eJzs3c1rHOUfAPDvbN7aNL9fIghaTwFBA6UbU2Or6KHiQQQLBT3bLpttqNlkS3dTmhDQIoIXQcWDoJeefak3r75c9V/w5EEsVdNixYNEZrPTbJvdNEmTbHU/H5js88zM5pnvPDPzPLvzMBtA1xpN/+QiDkbEe0nEcGN+EhF99VRvxPHV9W4uLxXTKYmVlVd+S+rr3FheKkbTe1IHGpmHI+LbtyMO5daXW11YnCmUy6Xzjfx4bfbceHWhPyIK06Xp0tzRicnJI8eeOnZ052L944fFoavvv/j4F8f/euuhK+9+l8TxGGosa45jp4zGaGOf9KW78DYv7HRhHZZ0egPYlvTU7Fk9y+NgDEdPPQUA/Je9ERErAECXSbT/ANBlsu8BbiwvFbOps99I7K1rz0fEvtX4s/ubq0t6G/fs9tXvgw7eSG67M5JExMgOlD8aEZ989dpn6ZTmf3y2u/Y/0DlvXoqI0yOj66//yboxC1v1xAbL+huvo3fM77b2Bzrp67T/83Sr/l/uVv8nWvR/Blqcu9tx1/N//w4UsoG0//dc09i2m03xN4z0NHL/q/f5+pIzZ8ul9Nr2/4gYi76BND+xQRlj1/++3m5Zc//v9w9e/zQtP31dWyP3S+/A7e+ZKtQK9xJzs2uXIh7pbRV/cqv+kzb935ObLOOlZ975uN2yNP403mxaH380RiftjpXLEY+1rP+1EW3J2vjExcNnZ+8YnzhePxzGs4OihS9/+miwXfnN9Z9OafnZZ4G9kNb/4MbxjyTN4zWrWy/j+8vD37Rbdvf4Wx///cmr9XTWj7hYqNXOT0T0Jy+vn39k7b1ZPls/jX/s0dbn/0bHf/qZ8HSrgFrUdO/VXz/ffvy7K41/akv1v/XElZszPe3K31z9T9ZTY405m7n+bXYD72XfAQAAAAAAAAAAAAAAAAAAAAAAAMBm5SJiKJJc/lY6l8vnV3/D+8EYzJUr1dqhM5X5uamo/1b2SPTlskddDjc9D3Wi8Tz8LH/kjvyTEfFARHw4sD/JnqM41eHYAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACBzoM3v/6d+Huj01gEAu2ZfpzcAANhz2n8A6D7afwDoPtp/AOg+2n8A6D7afwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHbZyRMn0mnlz+WlYpqfurAwP1O5cHiqVJ3Jz84X88WhOJefrlSmy6V8sTJ7t/9XrlTOTcbc/MXxWqlaG68uLJ6arczP1U6dnS1Ml06V+vYkKgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADYmurC4kyhXC6dl9hGYuX+2IzOJ3oah9MuFJFEROcD3HAL74/N2OFEhy9MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP8S/wQAAP//iZYeGw==")
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r6, &(0x7f0000000240), 0x208e24b)

1.014609776s ago: executing program 1 (id=1189):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000200)='sched_switch\x00', r0}, 0x18)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x0, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdir(&(0x7f00000003c0)='./file0\x00', 0x21)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x0)
mount(0x0, &(0x7f0000000400)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0x1214040, 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000300)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
mkdir(&(0x7f0000000200)='./bus\x00', 0x10)
mount$overlay(0x0, &(0x7f0000000280)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})

979.094106ms ago: executing program 4 (id=1190):
pipe2$watch_queue(0x0, 0x80)
pipe(&(0x7f0000000380)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = syz_usb_connect(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000014da2108ab1204000000000000010902240001b30000040904410c17ff5d810009050f1f05e13f000009058303"], 0x0)
syz_usb_ep_read(r1, 0xf, 0xffffffffffffffd2, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2043, 0x0)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
mkdir(0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r3}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r4}, 0x10)
setsockopt$inet_tcp_int(r2, 0x6, 0x10000000013, &(0x7f0000000180)=0x1, 0x4)
setsockopt$inet_tcp_int(r2, 0x6, 0x14, &(0x7f00000000c0)=0x100000001, 0x4)
connect$inet(r2, &(0x7f0000000300)={0x2, 0x0, @remote}, 0x10)
sendto$inet(r2, &(0x7f0000000200)="e1", 0xfea8, 0x0, 0x0, 0x0)
splice(r2, 0x0, r0, 0x0, 0xfea8, 0xa)

305.236956ms ago: executing program 3 (id=1191):
r0 = socket$inet6(0xa, 0x80002, 0x88)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000000000400000000dfffff1918120000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000003c0)='sched_switch\x00', r5}, 0x10)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000480)='./file1\x00', 0x4, &(0x7f00000002c0)={[{@max_batch_time={'max_batch_time', 0x3d, 0x6}}, {@i_version}]}, 0x6, 0x5fd, &(0x7f0000000c00)="$eJzs3c9rHFUcAPDvzCYxaaNpRcQWxYCHFqRpUotVL7b1YA8FC/Yg4qGhSWro9gdNCrYWTMGDgoKIV5Fe/Ae8S+/eRFBvnoUqUlFQ6crszrabZDfdttmdNPP5wGTnvZnd9747eZn3dvJ2Aiit8exHGrEj4taJJGKsZdtoNDaO5/vd/OPKyWxJolZ78/ckkjyvuX+SP27NE8MR8f3hiMcrq8tduHT59HS11vBBxN7FM+f3Lly6vGf+zPSp2VOzZ6f2vbT/wOTLU/un1iXOrfnjkaNvPP3ph+++OPdDdU8SB+P44PszsSKO9TIe43ErD7E1fyAiDmQrbd6Xh80mCKHUKvnv42BEPBljUamnGsZi/pNCKwf0VK0SUQNKKtH+oaSa/YDm2L67cfDxHvdK+ufGocYAaHX8A43PRmK4PjbacjNpGRk1PtvYtg7lZ2X8d2Xnl9kSyz6H+Pv20RlYh3I6WboaEU+1iz+p121bPdIs/nTZWD+JiMmIGMrr99oD1CFpWe/F5zBruZf4W49DGhEH88cs//B9lj++It3v+AEop+uH8hP5Upa6c/7L+h7N/k+06f+Mtjl33Y+iz3+d+3/N8/1wvd+TruiHZX2WY+1fcnBlxi8fH/m8U/mt/b9sycpv9gX74cbViJ0r4v8oCzbv/2TxJ22Of7bLiYPdlfH6j78d6bSt6Phr1yJ2tR3/3OmVZmtrXJ/cOzdfnZ1s/GxbxrffvfN1p/KLjj87/ls6xN9y/NOVz8vek/NdlvHNsWtnOm0bvWv86a9DSWO8OZTnvDe9uHhhKmIoOZrv0pK/b+26NPdpvkYW/+7n2rf/Zb//V5e/zkjzT2YXzr91+manbfdz/FsuJt+qdVmHTrL4Z+5+/Fe1/yzvsy7L+Ovti8902rZW/CMPEhgAAAAAAACUUFq/BpukE7fX03RiojFf9onYklbPLSw+P3fu4tmZiN31/4ccTJtXusca6SRLT+X/D9tM71uRfiEitkfEF5WRenri5LnqTNHBAwAAAAAAAAAAAAAAAAAAwAaxNZ//37xP9Z+Vxvx/oCR6eYM5YGPT/qG86u1/1S2egDJw/ofy0v6hvLR/KC/tH8pL+4fy0v6hvLR/KC/tHwAAAAA2pe3PXv85iYilV0bqS2Yo32ZGEGxug0VXAChMpegKAIW5felfZx9Kp6v+/z/5lwP2vjpAAZJ2mfXOQW3txn+97TMBAAAAAAAAAAAAgB7YtaPz/H9zg2FzM+0PyusB5v/76gB4yPnqfygvY3zgbrP4hzttMP8fAAAAAAAAAAAAAPpmtL4k6UQ+F3g00nRiIuLRiNgWg8ncfHV2MiIei4ifKoOPZOmpoisNAAAAAAAAAAAAAAAAAAAAm8zCpcunp6vV2QutK/+uytncK827oPahrFfjHp8VSf/flpGIKPyg9GxloCUniVjKjvyGqNiFhdgY1aivFPyHCQAAAAAAAAAAAAAAAAAASqhl7nF7O7/qc40AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoP/u3P+/dytFxwgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPJz+DwAA///LLUAr")
syz_emit_ethernet(0x4a, &(0x7f0000000240)={@local, @empty, @void, {@ipv4={0x800, @icmp={{0x7, 0x4, 0x0, 0x0, 0x3c, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local, {[@cipso={0x86, 0x8, 0x2, [{0x0, 0x2}]}]}}, @time_exceeded={0x3, 0x0, 0x0, 0x3, 0x0, 0x0, {0x6, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x29, 0x0, @broadcast, @rand_addr, {[@rr={0x7, 0x3, 0xf7}]}}}}}}}, 0x0)
r6 = syz_open_dev$usbfs(&(0x7f0000003f00), 0x1ff, 0xa401)
ioctl$USBDEVFS_SUBMITURB(r6, 0x8038550a, &(0x7f0000000400)=@urb_type_interrupt={0x1, {0x1, 0x1}, 0x0, 0x60, 0x0, 0x0, 0xc, 0x0, 0x3f, 0x5, 0x5f8480, 0x0})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='kmem_cache_free\x00'}, 0x10)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x10000000004e20, 0x0, @mcast2, 0x6}, 0x1c)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, 0x0, 0x0)

0s ago: executing program 1 (id=1192):
socket$netlink(0x10, 0x3, 0x0)
r0 = openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
dup3(0xffffffffffffffff, r0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r5}, 0x18)
socket$inet(0x2, 0x1, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)

kernel console output (not intermixed with test programs):

 auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3265 comm="syz.2.839" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7f2ed4c60969 code=0x7ffc0000
[  298.945866][ T3264] loop3: detected capacity change from 0 to 40427
[  298.965618][ T3264] F2FS-fs (loop3): invalid crc value
[  298.982839][   T30] audit: type=1326 audit(1748386020.935:676): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3265 comm="syz.2.839" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ed4c60969 code=0x7ffc0000
[  299.440083][ T3275] input: syz0 as /devices/virtual/input/input41
[  299.449893][   T30] audit: type=1326 audit(1748386020.935:677): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3265 comm="syz.2.839" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ed4c60969 code=0x7ffc0000
[  299.481754][   T30] audit: type=1326 audit(1748386020.955:678): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3265 comm="syz.2.839" exe="/root/syz-executor" sig=0 arch=c000003e syscall=206 compat=0 ip=0x7f2ed4c60969 code=0x7ffc0000
[  299.482547][ T3264] F2FS-fs (loop3): Found nat_bits in checkpoint
[  300.386923][   T30] kauditd_printk_skb: 17 callbacks suppressed
[  300.386940][   T30] audit: type=1326 audit(1748386022.725:696): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3274 comm="syz.1.842" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f034ac17969 code=0x7ffc0000
[  300.419286][ T3264] F2FS-fs (loop3): Cannot turn on quotas: -2 on 2
[  300.430387][   T30] audit: type=1326 audit(1748386022.725:697): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3274 comm="syz.1.842" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f034ac17969 code=0x7ffc0000
[  300.555812][ T3264] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  303.252380][ T3305] netlink: 20 bytes leftover after parsing attributes in process `syz.3.838'.
[  303.760037][   T30] audit: type=1326 audit(1748386022.725:698): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3274 comm="syz.1.842" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f034ac17969 code=0x7ffc0000
[  303.783523][   T30] audit: type=1326 audit(1748386022.725:699): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3274 comm="syz.1.842" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f034ac17969 code=0x7ffc0000
[  303.806793][   T30] audit: type=1326 audit(1748386022.725:700): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3274 comm="syz.1.842" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f034ac17969 code=0x7ffc0000
[  303.874960][   T30] audit: type=1326 audit(1748386026.255:701): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3314 comm="syz.4.855" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1f8cfe969 code=0x7ffc0000
[  304.007769][ T3317] loop1: detected capacity change from 0 to 2048
[  304.094951][ T3318] overlayfs: overlapping lowerdir path
[  304.489970][ T3317] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  306.027867][ T3333] binfmt_misc: register: failed to install interpreter file ./file0
[  306.046126][   T30] audit: type=1326 audit(1748386026.535:702): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3314 comm="syz.4.855" exe="/root/syz-executor" sig=0 arch=c000003e syscall=448 compat=0 ip=0x7ff1f8cfe969 code=0x7ffc0000
[  306.146029][   T30] audit: type=1326 audit(1748386026.545:703): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3314 comm="syz.4.855" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1f8cfe969 code=0x7ffc0000
[  306.254210][ T3339] loop3: detected capacity change from 0 to 1024
[  306.345906][ T3331] loop4: detected capacity change from 0 to 1024
[  306.354177][ T3339] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:476: comm syz.3.856: Invalid block bitmap block 0 in block_group 0
[  306.367907][ T3339] Quota error (device loop3): write_blk: dquota write failed
[  306.375313][ T3339] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota
[  306.385284][ T3339] EXT4-fs error (device loop3): ext4_acquire_dquot:6195: comm syz.3.856: Failed to acquire dquot type 0
[  306.390340][ T3337] loop0: detected capacity change from 0 to 1024
[  306.397265][ T3339] EXT4-fs error (device loop3): ext4_free_blocks:6223: comm syz.3.856: Freeing blocks not in datazone - block = 0, count = 4096
[  306.417562][ T3339] EXT4-fs error (device loop3): ext4_read_inode_bitmap:140: comm syz.3.856: Invalid inode bitmap blk 0 in block_group 0
[  306.430705][ T3339] EXT4-fs error (device loop3) in ext4_free_inode:362: Corrupt filesystem
[  306.439436][ T3339] EXT4-fs (loop3): 1 orphan inode deleted
[  306.443632][   T45] Quota error (device loop3): remove_tree: Getting block too big (0 >= 9)
[  306.445165][ T3339] EXT4-fs (loop3): mounted filesystem without journal. Opts: ��; max_batch_time=0x0000000000000006,i_version,,errors=continue. Quota mode: writeback.
[  306.462513][ T3337] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  306.472576][   T45] EXT4-fs error (device loop3): ext4_release_dquot:6231: comm kworker/u4:2: Failed to release dquot type 0
[  306.489301][ T3337] EXT4-fs (loop0): orphan cleanup on readonly fs
[  306.497144][ T3339] usb usb1: usbfs: process 3339 (syz.3.856) did not claim interface 0 before use
[  306.507177][ T3331] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  306.515947][ T3331] EXT4-fs (loop4): orphan cleanup on readonly fs
[  306.517354][ T3337] EXT4-fs error (device loop0): ext4_map_blocks:630: inode #3: block 2: comm syz.0.860: lblock 7 mapped to illegal pblock 2 (length 1)
[  306.538282][ T3337] EXT4-fs (loop0): Remounting filesystem read-only
[  306.545095][ T3331] EXT4-fs error (device loop4): ext4_map_blocks:630: inode #3: block 2: comm syz.4.858: lblock 7 mapped to illegal pblock 2 (length 1)
[  306.561084][ T3329] overlayfs: failed to resolve './file1': -2
[  306.570380][ T3337] Quota error (device loop0): write_blk: dquota write failed
[  306.579054][ T3331] EXT4-fs (loop4): Remounting filesystem read-only
[  306.585768][ T3337] EXT4-fs error (device loop0): ext4_map_blocks:630: inode #3: block 1: comm syz.0.860: lblock 6 mapped to illegal pblock 1 (length 1)
[  306.600049][ T3331] Quota error (device loop4): write_blk: dquota write failed
[  306.607713][ T3331] EXT4-fs error (device loop4): ext4_map_blocks:630: inode #3: block 1: comm syz.4.858: lblock 6 mapped to illegal pblock 1 (length 1)
[  306.622690][ T3337] EXT4-fs (loop0): Remounting filesystem read-only
[  306.629486][ T3337] Quota error (device loop0): write_blk: dquota write failed
[  306.637440][ T3331] EXT4-fs (loop4): Remounting filesystem read-only
[  306.644103][ T3337] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota
[  306.654566][ T3331] Quota error (device loop4): write_blk: dquota write failed
[  306.662228][ T3331] EXT4-fs error (device loop4): ext4_map_blocks:630: inode #3: block 48: comm syz.4.858: lblock 0 mapped to illegal pblock 48 (length 1)
[  306.673337][ T3347] loop1: detected capacity change from 0 to 40427
[  306.676693][ T3337] EXT4-fs error (device loop0): ext4_map_blocks:630: inode #3: block 48: comm syz.0.860: lblock 0 mapped to illegal pblock 48 (length 1)
[  306.683732][ T3331] EXT4-fs (loop4): Remounting filesystem read-only
[  306.697349][ T3337] EXT4-fs (loop0): Remounting filesystem read-only
[  306.703282][ T3331] EXT4-fs error (device loop4): ext4_acquire_dquot:6195: comm syz.4.858: Failed to acquire dquot type 0
[  306.710227][ T3337] EXT4-fs error (device loop0): ext4_acquire_dquot:6195: comm syz.0.860: Failed to acquire dquot type 0
[  306.721674][ T3331] EXT4-fs (loop4): Remounting filesystem read-only
[  306.734757][ T3347] F2FS-fs (loop1): fault_injection options not supported
[  306.738789][ T3331] EXT4-fs error (device loop4): ext4_map_blocks:630: inode #3: block 49: comm syz.4.858: lblock 1 mapped to illegal pblock 49 (length 1)
[  306.753128][ T3337] EXT4-fs (loop0): Remounting filesystem read-only
[  306.762277][ T3347] F2FS-fs (loop1): invalid crc value
[  306.766399][ T3337] EXT4-fs error (device loop0): ext4_map_blocks:630: inode #3: block 49: comm syz.0.860: lblock 1 mapped to illegal pblock 49 (length 1)
[  306.771719][ T3331] EXT4-fs (loop4): Remounting filesystem read-only
[  306.786307][ T3337] EXT4-fs (loop0): Remounting filesystem read-only
[  306.804754][ T3337] EXT4-fs error (device loop0): ext4_acquire_dquot:6195: comm syz.0.860: Failed to acquire dquot type 0
[  306.816841][ T3337] EXT4-fs (loop0): Remounting filesystem read-only
[  306.822466][ T3331] EXT4-fs error (device loop4): ext4_acquire_dquot:6195: comm syz.4.858: Failed to acquire dquot type 0
[  306.823451][ T3337] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5866: Corrupt filesystem
[  306.844339][ T3331] EXT4-fs (loop4): Remounting filesystem read-only
[  306.844904][ T3337] EXT4-fs (loop0): Remounting filesystem read-only
[  306.857934][ T3337] EXT4-fs error (device loop0): ext4_evict_inode:283: inode #15: comm syz.0.860: mark_inode_dirty error
[  306.869328][ T3347] F2FS-fs (loop1): Found nat_bits in checkpoint
[  306.869569][ T3337] EXT4-fs (loop0): Remounting filesystem read-only
[  306.883765][ T3337] EXT4-fs warning (device loop0): ext4_evict_inode:286: couldn't mark inode dirty (err -117)
[  306.889420][ T3331] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5866: Corrupt filesystem
[  306.899359][ T3337] EXT4-fs (loop0): 1 orphan inode deleted
[  306.918955][ T3337] EXT4-fs (loop0): mounted filesystem without journal. Opts: max_dir_size_kb=0x0000000000000008,data_err=abort,minixdf,errors=remount-ro,abort,noblock_validity,barrier,journal_dev=0x0000000000000f35,. Quota mode: none.
[  306.941343][ T3331] EXT4-fs (loop4): Remounting filesystem read-only
[  306.957001][ T3331] EXT4-fs error (device loop4): ext4_evict_inode:283: inode #15: comm syz.4.858: mark_inode_dirty error
[  306.971119][ T3331] EXT4-fs (loop4): Remounting filesystem read-only
[  306.978213][ T3331] EXT4-fs warning (device loop4): ext4_evict_inode:286: couldn't mark inode dirty (err -117)
[  306.988578][ T3347] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  306.997296][ T3331] EXT4-fs (loop4): 1 orphan inode deleted
[  307.011695][ T3331] EXT4-fs (loop4): mounted filesystem without journal. Opts: max_dir_size_kb=0x0000000000000008,data_err=abort,minixdf,errors=remount-ro,abort,noblock_validity,barrier,journal_dev=0x0000000000000f35,. Quota mode: none.
[  307.107607][  T281] attempt to access beyond end of device
[  307.107607][  T281] loop1: rw=2049, want=45104, limit=40427
[  307.252191][ T3362] syz.0.868[3362] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  307.252267][ T3362] syz.0.868[3362] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  308.511317][ T3356] loop2: detected capacity change from 0 to 40427
[  308.578980][ T3370] loop0: detected capacity change from 0 to 256
[  308.613489][ T3356] F2FS-fs (loop2): fault_injection options not supported
[  308.653545][ T3356] F2FS-fs (loop2): invalid crc value
[  308.660468][ T3356] F2FS-fs (loop2): Found nat_bits in checkpoint
[  308.711340][ T3370] FAT-fs (loop0): Directory bread(block 64) failed
[  308.882123][ T3370] FAT-fs (loop0): Directory bread(block 65) failed
[  308.907907][ T3370] FAT-fs (loop0): Directory bread(block 66) failed
[  308.954568][ T3370] FAT-fs (loop0): Directory bread(block 67) failed
[  308.967556][ T3356] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  308.979420][ T3370] FAT-fs (loop0): Directory bread(block 68) failed
[  308.985974][ T3370] FAT-fs (loop0): Directory bread(block 69) failed
[  308.995745][ T3370] FAT-fs (loop0): Directory bread(block 70) failed
[  309.002529][ T3370] FAT-fs (loop0): Directory bread(block 71) failed
[  309.009308][ T3370] FAT-fs (loop0): Directory bread(block 72) failed
[  309.015857][ T3370] FAT-fs (loop0): Directory bread(block 73) failed
[  309.046804][  T347] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  309.070416][ T3356] attempt to access beyond end of device
[  309.070416][ T3356] loop2: rw=2049, want=45104, limit=40427
[  309.090694][  T285] attempt to access beyond end of device
[  309.090694][  T285] loop2: rw=2049, want=45112, limit=40427
[  309.576753][  T347] usb 2-1: Using ep0 maxpacket: 8
[  309.973673][ T3400] input: syz0 as /devices/virtual/input/input42
[  310.234945][ T3399] loop2: detected capacity change from 0 to 2048
[  310.288003][  T347] usb 2-1: config 179 has an invalid interface number: 65 but max is 0
[  310.296352][  T347] usb 2-1: config 179 has no interface number 0
[  310.303650][  T347] usb 2-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 63, changing to 9
[  310.315383][  T347] usb 2-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 57605, setting to 1024
[  310.329670][  T347] usb 2-1: config 179 interface 65 altsetting 12 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  310.341454][  T347] usb 2-1: config 179 interface 65 altsetting 12 endpoint 0x83 has invalid wMaxPacketSize 0
[  310.378453][  T310] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  310.503908][  T347] usb 2-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  310.567694][ T3399] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  310.956861][  T310] usb 5-1: Using ep0 maxpacket: 8
[  311.437975][  T347] usb 2-1: config 179 interface 65 has no altsetting 0
[  311.452564][  T347] usb 2-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00
[  311.462859][  T347] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  311.786877][  T310] usb 5-1: config 179 has an invalid interface number: 65 but max is 0
[  311.832513][  T347] usb 2-1: can't set config #179, error -71
[  311.839561][  T310] usb 5-1: config 179 has no interface number 0
[  311.845883][  T310] usb 5-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 63, changing to 9
[  311.857520][  T347] usb 2-1: USB disconnect, device number 9
[  311.864253][  T310] usb 5-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 57605, setting to 1024
[  311.876281][  T310] usb 5-1: config 179 interface 65 altsetting 12 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  311.941584][  T310] usb 5-1: config 179 interface 65 altsetting 12 endpoint 0x83 has invalid wMaxPacketSize 0
[  311.951913][  T310] usb 5-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  311.965572][  T310] usb 5-1: config 179 interface 65 has no altsetting 0
[  311.972619][  T310] usb 5-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00
[  312.867102][  T310] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  312.895470][ T3417] loop4: detected capacity change from 0 to 256
[  312.911184][  T310] usb 5-1: can't set config #179, error -71
[  312.919965][  T310] usb 5-1: USB disconnect, device number 11
[  312.938077][ T3417] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d)
[  314.677185][ T3424] loop3: detected capacity change from 0 to 2048
[  314.720567][ T3421] overlayfs: overlapping lowerdir path
[  314.915107][ T3429] loop2: detected capacity change from 0 to 256
[  314.928981][ T3424] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  315.885333][ T3429] FAT-fs (loop2): Directory bread(block 64) failed
[  315.896223][ T3429] FAT-fs (loop2): Directory bread(block 65) failed
[  315.902956][ T3429] FAT-fs (loop2): Directory bread(block 66) failed
[  315.909839][ T3429] FAT-fs (loop2): Directory bread(block 67) failed
[  315.916650][ T3429] FAT-fs (loop2): Directory bread(block 68) failed
[  315.939200][ T3429] FAT-fs (loop2): Directory bread(block 69) failed
[  315.950513][ T3429] FAT-fs (loop2): Directory bread(block 70) failed
[  315.957390][ T3429] FAT-fs (loop2): Directory bread(block 71) failed
[  315.964171][ T3429] FAT-fs (loop2): Directory bread(block 72) failed
[  315.977442][ T3429] FAT-fs (loop2): Directory bread(block 73) failed
[  315.997858][ T3439] loop0: detected capacity change from 0 to 256
[  316.021587][ T3441] loop3: detected capacity change from 0 to 1024
[  316.047603][ T3439] FAT-fs (loop0): Unrecognized mount option "iocharsgt=iso8859-4֘��[��]Ԭn�" or missing value
[  317.622754][ T3458] input: syz0 as /devices/virtual/input/input44
[  317.902316][ T3457] loop2: detected capacity change from 0 to 2048
[  317.929567][  T347] usb 4-1: new high-speed USB device number 17 using dummy_hcd
[  318.952153][ T3457] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  319.525102][ T3460] loop0: detected capacity change from 0 to 512
[  319.556842][  T347] usb 4-1: Using ep0 maxpacket: 8
[  319.932485][ T3466] loop4: detected capacity change from 0 to 256
[  320.054023][ T3466] netlink: 4 bytes leftover after parsing attributes in process `syz.4.894'.
[  320.117054][  T347] usb 4-1: config 179 has an invalid interface number: 65 but max is 0
[  320.130153][ T3460] EXT4-fs (loop0): failed to open journal device unknown-block(0,0) -6
[  320.145464][  T347] usb 4-1: config 179 has no interface number 0
[  320.601755][  T347] usb 4-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 63, changing to 9
[  320.808610][  T347] usb 4-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 57605, setting to 1024
[  320.857248][ T3473] bridge: RTM_NEWNEIGH with invalid ether address
[  320.884526][  T347] usb 4-1: config 179 interface 65 altsetting 12 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  320.896211][  T347] usb 4-1: config 179 interface 65 altsetting 12 endpoint 0x83 has invalid wMaxPacketSize 0
[  321.036948][   T30] kauditd_printk_skb: 7 callbacks suppressed
[  321.036972][   T30] audit: type=1326 audit(1748386043.355:704): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3468 comm="syz.2.895" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ed4c60969 code=0x7ffc0000
[  321.194492][  T347] usb 4-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  321.207918][  T347] usb 4-1: config 179 interface 65 has no altsetting 0
[  321.214813][  T347] usb 4-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00
[  321.223896][  T347] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  321.256836][  T347] usb 4-1: can't set config #179, error -71
[  321.262873][   T30] audit: type=1326 audit(1748386043.355:705): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3468 comm="syz.2.895" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ed4c60969 code=0x7ffc0000
[  321.303948][  T347] usb 4-1: USB disconnect, device number 17
[  321.348824][   T30] audit: type=1326 audit(1748386043.365:706): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3468 comm="syz.2.895" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f2ed4c60969 code=0x7ffc0000
[  321.372260][   T30] audit: type=1326 audit(1748386043.365:707): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3468 comm="syz.2.895" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ed4c60969 code=0x7ffc0000
[  321.395869][   T30] audit: type=1326 audit(1748386043.365:708): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3468 comm="syz.2.895" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ed4c60969 code=0x7ffc0000
[  321.876857][ T3488] loop2: detected capacity change from 0 to 1024
[  322.016128][ T3472] loop3: detected capacity change from 0 to 40427
[  322.366328][ T3472] F2FS-fs (loop3): invalid crc value
[  322.397646][ T3493] binder: 3491:3493 ioctl 4018620d 0 returned -22
[  322.409219][ T3472] F2FS-fs (loop3): Found nat_bits in checkpoint
[  322.477739][ T3472] F2FS-fs (loop3): Cannot turn on quotas: -2 on 2
[  322.484828][ T3472] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  322.885236][ T3498] loop2: detected capacity change from 0 to 256
[  322.966472][ T3498] FAT-fs (loop2): Directory bread(block 64) failed
[  322.978215][ T3498] FAT-fs (loop2): Directory bread(block 65) failed
[  322.985342][ T3498] FAT-fs (loop2): Directory bread(block 66) failed
[  322.991964][ T3498] FAT-fs (loop2): Directory bread(block 67) failed
[  322.998557][ T3498] FAT-fs (loop2): Directory bread(block 68) failed
[  323.005124][ T3498] FAT-fs (loop2): Directory bread(block 69) failed
[  323.011711][ T3498] FAT-fs (loop2): Directory bread(block 70) failed
[  323.016759][  T347] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  323.018247][ T3498] FAT-fs (loop2): Directory bread(block 71) failed
[  323.032567][ T3498] FAT-fs (loop2): Directory bread(block 72) failed
[  323.039383][ T3498] FAT-fs (loop2): Directory bread(block 73) failed
[  323.080721][ T3500] netlink: 20 bytes leftover after parsing attributes in process `syz.3.896'.
[  324.576284][   T30] audit: type=1326 audit(1748386046.825:709): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3509 comm="syz.2.907" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ed4c60969 code=0x7ffc0000
[  324.676607][   T30] audit: type=1326 audit(1748386046.855:710): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3509 comm="syz.2.907" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ed4c60969 code=0x7ffc0000
[  324.721989][   T30] audit: type=1326 audit(1748386046.915:711): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3509 comm="syz.2.907" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f2ed4c60969 code=0x7ffc0000
[  324.769129][   T30] audit: type=1326 audit(1748386046.925:712): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3509 comm="syz.2.907" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ed4c60969 code=0x7ffc0000
[  325.226509][   T30] audit: type=1326 audit(1748386046.925:713): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3509 comm="syz.2.907" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ed4c60969 code=0x7ffc0000
[  325.500874][ T3528] loop1: detected capacity change from 0 to 1024
[  325.781611][ T3530] loop0: detected capacity change from 0 to 256
[  325.813839][  T347] usb 2-1: unable to read config index 0 descriptor/start: -71
[  325.907526][ T3530] FAT-fs (loop0): Unrecognized mount option "iocharsgt=iso8859-4֘��[��]Ԭn�" or missing value
[  325.955504][  T347] usb 2-1: can't read configurations, error -71
[  326.007655][ T3534] loop4: detected capacity change from 0 to 512
[  326.074884][ T3534] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  326.452727][ T3542] loop1: detected capacity change from 0 to 256
[  326.471485][ T3534] EXT4-fs (loop4): warning: checktime reached, running e2fsck is recommended
[  326.487415][ T3534] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a842c01c, mo2=0002]
[  326.495646][ T3534] System zones: 0-2, 18-18, 34-34
[  326.511572][ T3534] EXT4-fs warning (device loop4): ext4_update_dynamic_rev:1054: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  326.531595][ T3542] FAT-fs (loop1): Directory bread(block 64) failed
[  326.538339][ T3542] FAT-fs (loop1): Directory bread(block 65) failed
[  326.544955][ T3534] EXT4-fs (loop4): 1 truncate cleaned up
[  326.544964][ T3542] FAT-fs (loop1): Directory bread(block 66) failed
[  326.544988][ T3542] FAT-fs (loop1): Directory bread(block 67) failed
[  326.557817][ T3534] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  326.563727][ T3542] FAT-fs (loop1): Directory bread(block 68) failed
[  326.580829][ T3542] FAT-fs (loop1): Directory bread(block 69) failed
[  326.587434][ T3542] FAT-fs (loop1): Directory bread(block 70) failed
[  326.593969][ T3542] FAT-fs (loop1): Directory bread(block 71) failed
[  326.600566][ T3542] FAT-fs (loop1): Directory bread(block 72) failed
[  326.607114][ T3542] FAT-fs (loop1): Directory bread(block 73) failed
[  326.768472][ T3547] loop0: detected capacity change from 0 to 512
[  327.113799][ T3547] EXT4-fs (loop0): failed to open journal device unknown-block(0,0) -6
[  328.621893][ T3562] loop1: detected capacity change from 0 to 256
[  328.995714][ T3563] loop3: detected capacity change from 0 to 512
[  333.002994][ T3563] EXT4-fs warning (device loop3): ext4_multi_mount_protect:403: Unable to create kmmpd thread for loop3.
[  334.493861][ T3574] loop0: detected capacity change from 0 to 2048
[  334.686824][ T3574] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  334.773664][ T3581] loop3: detected capacity change from 0 to 512
[  334.906478][ T3582] loop1: detected capacity change from 0 to 1024
[  334.986854][ T3581] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  335.046643][ T3581] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00ec019, mo2=0002]
[  335.055410][ T3581] System zones: 1-12
[  335.061295][ T3581] EXT4-fs (loop3): 1 truncate cleaned up
[  335.073119][ T3581] EXT4-fs (loop3): mounted filesystem without journal. Opts: nogrpid,jqfmt=vfsv0,debug_want_extra_isize=0x0000000000000068,debug,nombcache,quota,nolazytime,,errors=continue. Quota mode: writeback.
[  335.149965][   T30] audit: type=1326 audit(1748386057.535:714): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3583 comm="syz.2.928" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ed4c60969 code=0x7ffc0000
[  335.175566][   T30] audit: type=1326 audit(1748386057.535:715): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3583 comm="syz.2.928" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ed4c60969 code=0x7ffc0000
[  335.286494][   T30] audit: type=1326 audit(1748386057.535:716): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3583 comm="syz.2.928" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f2ed4c60969 code=0x7ffc0000
[  335.312205][   T30] audit: type=1326 audit(1748386057.535:717): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3583 comm="syz.2.928" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ed4c60969 code=0x7ffc0000
[  335.607460][   T30] audit: type=1326 audit(1748386057.535:718): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3583 comm="syz.2.928" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ed4c60969 code=0x7ffc0000
[  335.659690][   T30] audit: type=1326 audit(1748386057.535:719): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3583 comm="syz.2.928" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7f2ed4c60969 code=0x7ffc0000
[  335.684432][   T30] audit: type=1326 audit(1748386057.535:720): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3583 comm="syz.2.928" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ed4c60969 code=0x7ffc0000
[  335.726774][   T30] audit: type=1326 audit(1748386057.535:721): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3583 comm="syz.2.928" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ed4c60969 code=0x7ffc0000
[  335.752157][ T3601] loop0: detected capacity change from 0 to 256
[  335.780380][   T30] audit: type=1326 audit(1748386057.535:722): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3583 comm="syz.2.928" exe="/root/syz-executor" sig=0 arch=c000003e syscall=206 compat=0 ip=0x7f2ed4c60969 code=0x7ffc0000
[  335.896759][   T30] audit: type=1326 audit(1748386057.535:723): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3583 comm="syz.2.928" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ed4c60969 code=0x7ffc0000
[  335.971965][ T3601] FAT-fs (loop0): Directory bread(block 64) failed
[  335.986950][ T3601] FAT-fs (loop0): Directory bread(block 65) failed
[  335.997220][ T3601] FAT-fs (loop0): Directory bread(block 66) failed
[  336.011310][ T3601] FAT-fs (loop0): Directory bread(block 67) failed
[  336.043268][ T3601] FAT-fs (loop0): Directory bread(block 68) failed
[  336.070574][ T3608] usb usb1: usbfs: process 3608 (syz.2.932) did not claim interface 0 before use
[  336.101312][ T3601] FAT-fs (loop0): Directory bread(block 69) failed
[  336.133885][ T3601] FAT-fs (loop0): Directory bread(block 70) failed
[  336.210657][ T3601] FAT-fs (loop0): Directory bread(block 71) failed
[  336.240066][ T3599] loop1: detected capacity change from 0 to 1024
[  336.259815][ T3601] FAT-fs (loop0): Directory bread(block 72) failed
[  336.333504][ T3599] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  336.343545][ T3601] FAT-fs (loop0): Directory bread(block 73) failed
[  336.378589][ T3599] EXT4-fs (loop1): orphan cleanup on readonly fs
[  336.495252][ T3599] EXT4-fs error (device loop1): ext4_map_blocks:630: inode #3: block 2: comm syz.1.931: lblock 7 mapped to illegal pblock 2 (length 1)
[  337.567951][ T3599] EXT4-fs (loop1): Remounting filesystem read-only
[  337.587668][ T3599] EXT4-fs error (device loop1): ext4_map_blocks:630: inode #3: block 1: comm syz.1.931: lblock 6 mapped to illegal pblock 1 (length 1)
[  337.612074][ T3599] EXT4-fs (loop1): Remounting filesystem read-only
[  337.626838][ T3599] EXT4-fs error (device loop1): ext4_map_blocks:630: inode #3: block 48: comm syz.1.931: lblock 0 mapped to illegal pblock 48 (length 1)
[  337.661426][ T3599] EXT4-fs (loop1): Remounting filesystem read-only
[  337.676995][ T3599] EXT4-fs error (device loop1): ext4_acquire_dquot:6195: comm syz.1.931: Failed to acquire dquot type 0
[  337.706960][ T3599] EXT4-fs (loop1): Remounting filesystem read-only
[  337.720056][ T3599] EXT4-fs error (device loop1): ext4_map_blocks:630: inode #3: block 49: comm syz.1.931: lblock 1 mapped to illegal pblock 49 (length 1)
[  337.754614][ T3599] EXT4-fs (loop1): Remounting filesystem read-only
[  337.766972][ T3599] EXT4-fs error (device loop1): ext4_acquire_dquot:6195: comm syz.1.931: Failed to acquire dquot type 0
[  337.796943][ T3599] EXT4-fs (loop1): Remounting filesystem read-only
[  337.803578][ T3599] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5866: Corrupt filesystem
[  337.823951][ T3599] EXT4-fs (loop1): Remounting filesystem read-only
[  337.836798][ T3599] EXT4-fs error (device loop1): ext4_evict_inode:283: inode #15: comm syz.1.931: mark_inode_dirty error
[  337.865495][ T3599] EXT4-fs (loop1): Remounting filesystem read-only
[  337.873927][ T3599] EXT4-fs warning (device loop1): ext4_evict_inode:286: couldn't mark inode dirty (err -117)
[  337.884580][ T3599] EXT4-fs (loop1): 1 orphan inode deleted
[  337.890799][ T3599] EXT4-fs (loop1): mounted filesystem without journal. Opts: max_dir_size_kb=0x0000000000000008,data_err=abort,minixdf,errors=remount-ro,abort,noblock_validity,barrier,journal_dev=0x0000000000000f35,. Quota mode: none.
[  337.926799][  T533] usb 1-1: new high-speed USB device number 14 using dummy_hcd
[  338.075606][ T3620] loop2: detected capacity change from 0 to 2048
[  338.293479][ T3620] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  339.591093][ T1510] usb 4-1: new high-speed USB device number 18 using dummy_hcd
[  339.984393][ T3613] netlink: 12 bytes leftover after parsing attributes in process `syz.0.934'.
[  340.187499][ T1510] usb 4-1: Using ep0 maxpacket: 8
[  340.480681][  T533] usb 1-1: unable to get BOS descriptor or descriptor too short
[  341.726873][ T1510] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  341.756750][ T1510] usb 4-1: New USB device found, idVendor=0eef, idProduct=72c4, bcdDevice= 0.00
[  341.780208][ T1510] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  341.810922][ T1510] usb 4-1: config 0 descriptor??
[  342.031836][  T533] usb 1-1: unable to read config index 0 descriptor/start: -71
[  342.039794][  T533] usb 1-1: can't read configurations, error -71
[  342.082857][ T3646] loop4: detected capacity change from 0 to 40427
[  342.114477][ T3648] loop1: detected capacity change from 0 to 40427
[  342.173833][ T3646] F2FS-fs (loop4): fault_injection options not supported
[  342.203105][   T30] kauditd_printk_skb: 24 callbacks suppressed
[  342.203141][   T30] audit: type=1326 audit(1748386064.575:742): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3651 comm="syz.2.946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ed4c60969 code=0x7ffc0000
[  342.243871][ T3648] F2FS-fs (loop1): fault_injection options not supported
[  342.295313][ T3650] loop0: detected capacity change from 0 to 1024
[  342.383213][   T30] audit: type=1326 audit(1748386064.575:743): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3651 comm="syz.2.946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ed4c60969 code=0x7ffc0000
[  342.408290][ T1510] hid-multitouch 0003:0EEF:72C4.000A: unknown main item tag 0x0
[  342.416287][ T3646] F2FS-fs (loop4): invalid crc value
[  342.418639][ T1510] hid-multitouch 0003:0EEF:72C4.000A: hidraw0: USB HID v0.03 Device [HID 0eef:72c4] on usb-dummy_hcd.3-1/input0
[  342.434406][ T3648] F2FS-fs (loop1): invalid crc value
[  342.438452][   T30] audit: type=1326 audit(1748386064.585:744): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3651 comm="syz.2.946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f2ed4c60969 code=0x7ffc0000
[  342.461533][ T3650] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  342.468527][   T30] audit: type=1326 audit(1748386064.585:745): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3651 comm="syz.2.946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ed4c60969 code=0x7ffc0000
[  342.472068][ T3648] F2FS-fs (loop1): Found nat_bits in checkpoint
[  342.494789][ T3650] EXT4-fs (loop0): orphan cleanup on readonly fs
[  342.507560][ T3646] F2FS-fs (loop4): Found nat_bits in checkpoint
[  342.531202][ T3650] EXT4-fs error (device loop0): ext4_map_blocks:630: inode #3: block 2: comm syz.0.945: lblock 7 mapped to illegal pblock 2 (length 1)
[  342.558713][   T30] audit: type=1326 audit(1748386064.585:746): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3651 comm="syz.2.946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ed4c60969 code=0x7ffc0000
[  342.565738][ T3650] EXT4-fs (loop0): Remounting filesystem read-only
[  342.590672][ T3650] Quota error (device loop0): write_blk: dquota write failed
[  342.590790][ T3648] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  342.601229][ T3650] EXT4-fs error (device loop0): ext4_map_blocks:630: inode #3: block 1: comm syz.0.945: lblock 6 mapped to illegal pblock 1 (length 1)
[  342.621527][ T3650] EXT4-fs (loop0): Remounting filesystem read-only
[  342.628127][ T3650] Quota error (device loop0): write_blk: dquota write failed
[  342.631357][ T3646] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  342.636790][ T3650] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota
[  342.676783][ T3650] EXT4-fs error (device loop0): ext4_map_blocks:630: inode #3: block 48: comm syz.0.945: lblock 0 mapped to illegal pblock 48 (length 1)
[  342.715573][ T3650] EXT4-fs (loop0): Remounting filesystem read-only
[  342.726378][ T3648] attempt to access beyond end of device
[  342.726378][ T3648] loop1: rw=2049, want=45104, limit=40427
[  342.728360][ T3650] Quota error (device loop0): v2_write_file_info: Can't write info structure
[  342.747732][  T281] attempt to access beyond end of device
[  342.747732][  T281] loop1: rw=2049, want=45112, limit=40427
[  342.748126][ T3646] attempt to access beyond end of device
[  342.748126][ T3646] loop4: rw=2049, want=45104, limit=40427
[  342.759820][ T3650] EXT4-fs error (device loop0): ext4_acquire_dquot:6195: comm syz.0.945: Failed to acquire dquot type 0
[  342.808669][ T3650] EXT4-fs (loop0): Remounting filesystem read-only
[  342.815343][ T3650] EXT4-fs error (device loop0): ext4_map_blocks:630: inode #3: block 49: comm syz.0.945: lblock 1 mapped to illegal pblock 49 (length 1)
[  342.831143][  T282] attempt to access beyond end of device
[  342.831143][  T282] loop4: rw=2049, want=45112, limit=40427
[  342.873046][ T3650] EXT4-fs (loop0): Remounting filesystem read-only
[  342.891792][ T3650] Quota error (device loop0): do_insert_tree: Can't read tree quota block 1
[  342.900675][ T3650] EXT4-fs error (device loop0): ext4_acquire_dquot:6195: comm syz.0.945: Failed to acquire dquot type 0
[  342.922276][ T3650] EXT4-fs (loop0): Remounting filesystem read-only
[  342.956808][ T3650] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5866: Corrupt filesystem
[  342.987021][ T3650] EXT4-fs (loop0): Remounting filesystem read-only
[  343.006653][ T3650] EXT4-fs error (device loop0): ext4_evict_inode:283: inode #15: comm syz.0.945: mark_inode_dirty error
[  343.060570][ T3650] EXT4-fs (loop0): Remounting filesystem read-only
[  343.083487][ T3650] EXT4-fs warning (device loop0): ext4_evict_inode:286: couldn't mark inode dirty (err -117)
[  343.150424][ T3650] EXT4-fs (loop0): 1 orphan inode deleted
[  343.167290][ T3650] EXT4-fs (loop0): mounted filesystem without journal. Opts: max_dir_size_kb=0x0000000000000008,data_err=abort,minixdf,errors=remount-ro,abort,noblock_validity,barrier,journal_dev=0x0000000000000f35,. Quota mode: none.
[  344.665170][  T310] usb 4-1: USB disconnect, device number 18
[  344.804888][ T3683] loop2: detected capacity change from 0 to 1024
[  345.862910][ T3691] loop4: detected capacity change from 0 to 2048
[  345.977344][ T1510] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[  346.015189][ T3683] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:476: comm syz.2.953: Invalid block bitmap block 0 in block_group 0
[  346.030349][ T3683] EXT4-fs error (device loop2): ext4_acquire_dquot:6195: comm syz.2.953: Failed to acquire dquot type 0
[  346.043586][ T3683] EXT4-fs error (device loop2): ext4_free_blocks:6223: comm syz.2.953: Freeing blocks not in datazone - block = 0, count = 4096
[  346.058676][ T3683] EXT4-fs error (device loop2): ext4_read_inode_bitmap:140: comm syz.2.953: Invalid inode bitmap blk 0 in block_group 0
[  346.072737][ T3683] EXT4-fs error (device loop2) in ext4_free_inode:362: Corrupt filesystem
[  346.082357][ T3683] EXT4-fs (loop2): 1 orphan inode deleted
[  346.088160][ T3683] EXT4-fs (loop2): mounted filesystem without journal. Opts: ��; max_batch_time=0x0000000000000006,i_version,,errors=continue. Quota mode: writeback.
[  346.147274][   T10] EXT4-fs error (device loop2): ext4_release_dquot:6231: comm kworker/u4:1: Failed to release dquot type 0
[  346.166173][ T3691] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  346.325817][ T3683] syz.2.953 (3683) used greatest stack depth: 20376 bytes left
[  346.979671][ T3699] loop0: detected capacity change from 0 to 256
[  347.046755][ T1510] usb 2-1: Using ep0 maxpacket: 8
[  347.186969][ T1510] usb 2-1: config 179 has an invalid interface number: 65 but max is 0
[  347.195703][ T1510] usb 2-1: config 179 has no interface number 0
[  347.203199][ T1510] usb 2-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 63, changing to 9
[  347.215512][ T1510] usb 2-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 57605, setting to 1024
[  347.227990][ T1510] usb 2-1: config 179 interface 65 altsetting 12 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  347.240215][ T1510] usb 2-1: config 179 interface 65 altsetting 12 endpoint 0x83 has invalid wMaxPacketSize 0
[  347.251221][ T1510] usb 2-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  347.265515][ T1510] usb 2-1: config 179 interface 65 has no altsetting 0
[  347.273157][ T1510] usb 2-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00
[  347.283682][ T1510] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  347.386840][ T1510] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:179.65/input/input46
[  347.759367][  T533] usb 2-1: USB disconnect, device number 12
[  347.776772][  T533] xpad 2-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19
[  347.951160][ T3706] netlink: 96 bytes leftover after parsing attributes in process `syz.3.959'.
[  348.072076][ T3708] loop2: detected capacity change from 0 to 2048
[  348.649428][   T30] kauditd_printk_skb: 4 callbacks suppressed
[  348.658111][   T30] audit: type=1326 audit(1748386070.765:747): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3709 comm="syz.0.960" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03c14b1969 code=0x7ffc0000
[  348.859666][   T30] audit: type=1326 audit(1748386070.765:748): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3709 comm="syz.0.960" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03c14b1969 code=0x7ffc0000
[  349.226158][ T3708] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  349.777023][   T30] audit: type=1326 audit(1748386070.805:749): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3709 comm="syz.0.960" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f03c14b1969 code=0x7ffc0000
[  349.808299][ T3719] loop1: detected capacity change from 0 to 1024
[  349.817240][   T30] audit: type=1326 audit(1748386070.805:750): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3709 comm="syz.0.960" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03c14b1969 code=0x7ffc0000
[  349.840784][   T30] audit: type=1326 audit(1748386070.805:751): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3709 comm="syz.0.960" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03c14b1969 code=0x7ffc0000
[  349.871138][   T30] audit: type=1326 audit(1748386070.825:752): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3709 comm="syz.0.960" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7f03c14b1969 code=0x7ffc0000
[  349.894374][   T30] audit: type=1326 audit(1748386070.825:753): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3709 comm="syz.0.960" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03c14b1969 code=0x7ffc0000
[  349.917895][   T30] audit: type=1326 audit(1748386070.825:754): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3709 comm="syz.0.960" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03c14b1969 code=0x7ffc0000
[  349.941183][   T30] audit: type=1326 audit(1748386070.865:755): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3709 comm="syz.0.960" exe="/root/syz-executor" sig=0 arch=c000003e syscall=206 compat=0 ip=0x7f03c14b1969 code=0x7ffc0000
[  349.970025][ T3719] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:476: comm syz.1.961: Invalid block bitmap block 0 in block_group 0
[  349.983885][ T3719] Quota error (device loop1): write_blk: dquota write failed
[  349.991439][ T3719] EXT4-fs error (device loop1): ext4_acquire_dquot:6195: comm syz.1.961: Failed to acquire dquot type 0
[  350.003189][ T3719] EXT4-fs error (device loop1): ext4_free_blocks:6223: comm syz.1.961: Freeing blocks not in datazone - block = 0, count = 4096
[  350.017442][ T3719] EXT4-fs error (device loop1): ext4_read_inode_bitmap:140: comm syz.1.961: Invalid inode bitmap blk 0 in block_group 0
[  350.030713][   T45] EXT4-fs error (device loop1): ext4_release_dquot:6231: comm kworker/u4:2: Failed to release dquot type 0
[  350.042538][ T3719] EXT4-fs error (device loop1) in ext4_free_inode:362: Corrupt filesystem
[  350.051374][ T3719] EXT4-fs (loop1): 1 orphan inode deleted
[  350.094942][ T3719] EXT4-fs (loop1): mounted filesystem without journal. Opts: ��; max_batch_time=0x0000000000000006,i_version,,errors=continue. Quota mode: writeback.
[  350.119180][ T3719] usb usb1: usbfs: process 3719 (syz.1.961) did not claim interface 0 before use
[  351.039797][ T3725] loop4: detected capacity change from 0 to 40427
[  351.055422][ T3725] F2FS-fs (loop4): invalid crc value
[  351.068891][ T3725] F2FS-fs (loop4): Found nat_bits in checkpoint
[  351.104342][ T3725] F2FS-fs (loop4): Cannot turn on quotas: -2 on 2
[  351.111550][ T3725] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  351.991473][ T3746] netlink: 20 bytes leftover after parsing attributes in process `syz.4.965'.
[  352.148501][ T3745] loop1: detected capacity change from 0 to 1024
[  352.168194][ T3745] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  352.177140][ T3745] EXT4-fs (loop1): orphan cleanup on readonly fs
[  352.185707][ T3745] EXT4-fs error (device loop1): ext4_map_blocks:630: inode #3: block 2: comm syz.1.970: lblock 7 mapped to illegal pblock 2 (length 1)
[  352.200506][ T3745] EXT4-fs (loop1): Remounting filesystem read-only
[  352.207991][ T3745] EXT4-fs error (device loop1): ext4_map_blocks:630: inode #3: block 1: comm syz.1.970: lblock 6 mapped to illegal pblock 1 (length 1)
[  352.222722][ T3745] EXT4-fs (loop1): Remounting filesystem read-only
[  352.347099][ T3745] EXT4-fs error (device loop1): ext4_map_blocks:630: inode #3: block 48: comm syz.1.970: lblock 0 mapped to illegal pblock 48 (length 1)
[  352.398691][ T3745] EXT4-fs (loop1): Remounting filesystem read-only
[  352.418980][ T1510] usb 4-1: new high-speed USB device number 19 using dummy_hcd
[  352.426969][ T3745] EXT4-fs error (device loop1): ext4_acquire_dquot:6195: comm syz.1.970: Failed to acquire dquot type 0
[  352.438528][ T3745] EXT4-fs (loop1): Remounting filesystem read-only
[  352.445160][ T3745] EXT4-fs error (device loop1): ext4_map_blocks:630: inode #3: block 49: comm syz.1.970: lblock 1 mapped to illegal pblock 49 (length 1)
[  352.465729][ T3745] EXT4-fs (loop1): Remounting filesystem read-only
[  352.472645][ T3745] EXT4-fs error (device loop1): ext4_acquire_dquot:6195: comm syz.1.970: Failed to acquire dquot type 0
[  352.484262][ T3745] EXT4-fs (loop1): Remounting filesystem read-only
[  352.491016][ T3745] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5866: Corrupt filesystem
[  352.500902][ T3745] EXT4-fs (loop1): Remounting filesystem read-only
[  352.507887][ T3745] EXT4-fs error (device loop1): ext4_evict_inode:283: inode #15: comm syz.1.970: mark_inode_dirty error
[  352.519552][ T3745] EXT4-fs (loop1): Remounting filesystem read-only
[  352.526158][ T3745] EXT4-fs warning (device loop1): ext4_evict_inode:286: couldn't mark inode dirty (err -117)
[  352.536472][ T3745] EXT4-fs (loop1): 1 orphan inode deleted
[  352.542489][ T3745] EXT4-fs (loop1): mounted filesystem without journal. Opts: max_dir_size_kb=0x0000000000000008,data_err=abort,minixdf,errors=remount-ro,abort,noblock_validity,barrier,journal_dev=0x0000000000000f35,. Quota mode: none.
[  352.666438][ T3760] netlink: 96 bytes leftover after parsing attributes in process `syz.4.974'.
[  352.857003][ T1510] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  352.873720][ T1510] usb 4-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024
[  353.156953][ T1510] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  353.173886][ T1510] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  353.413257][ T1510] usb 4-1: Product: syz
[  353.417750][ T3774] netlink: 96 bytes leftover after parsing attributes in process `syz.0.978'.
[  353.417805][ T1510] usb 4-1: Manufacturer: syz
[  353.431783][ T1510] usb 4-1: SerialNumber: syz
[  353.434876][ T3773] loop2: detected capacity change from 0 to 256
[  353.446985][ T3776] binder: 3775:3776 ioctl c0306201 0 returned -14
[  353.469515][ T3773] FAT-fs (loop2): Directory bread(block 64) failed
[  353.476282][ T3773] FAT-fs (loop2): Directory bread(block 65) failed
[  353.483626][ T1510] cdc_mbim 4-1:1.0: skipping garbage
[  353.492745][ T3773] FAT-fs (loop2): Directory bread(block 66) failed
[  353.499593][ T3773] FAT-fs (loop2): Directory bread(block 67) failed
[  353.506242][ T3773] FAT-fs (loop2): Directory bread(block 68) failed
[  353.527034][ T3773] FAT-fs (loop2): Directory bread(block 69) failed
[  353.541354][ T3773] FAT-fs (loop2): Directory bread(block 70) failed
[  353.556821][ T3773] FAT-fs (loop2): Directory bread(block 71) failed
[  353.563486][ T3773] FAT-fs (loop2): Directory bread(block 72) failed
[  353.570376][ T3773] FAT-fs (loop2): Directory bread(block 73) failed
[  353.897136][ T3783] loop3: detected capacity change from 0 to 1024
[  353.903672][ T1510] cdc_mbim 4-1:1.0: bind() failure
[  353.908429][ T3782] loop1: detected capacity change from 0 to 256
[  353.911023][ T1510] cdc_ncm 4-1:1.1: CDC Union missing and no IAD found
[  353.922113][ T1510] cdc_ncm 4-1:1.1: bind() failure
[  353.928659][ T1510] usb 4-1: USB disconnect, device number 19
[  353.950004][ T3783] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:476: comm syz.3.982: Invalid block bitmap block 0 in block_group 0
[  353.963809][ T3783] __quota_error: 45 callbacks suppressed
[  353.963827][ T3783] Quota error (device loop3): write_blk: dquota write failed
[  353.977159][ T3783] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota
[  353.987153][ T3783] EXT4-fs error (device loop3): ext4_acquire_dquot:6195: comm syz.3.982: Failed to acquire dquot type 0
[  353.992097][ T3782] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d)
[  354.017010][ T3783] EXT4-fs error (device loop3): ext4_free_blocks:6223: comm syz.3.982: Freeing blocks not in datazone - block = 0, count = 4096
[  354.030751][ T3783] EXT4-fs error (device loop3): ext4_read_inode_bitmap:140: comm syz.3.982: Invalid inode bitmap blk 0 in block_group 0
[  354.043768][ T3783] EXT4-fs error (device loop3) in ext4_free_inode:362: Corrupt filesystem
[  354.053000][ T3783] EXT4-fs (loop3): 1 orphan inode deleted
[  354.058813][ T3783] EXT4-fs (loop3): mounted filesystem without journal. Opts: ��; max_batch_time=0x0000000000000006,i_version,,errors=continue. Quota mode: writeback.
[  355.076374][ T1109] Quota error (device loop3): remove_tree: Getting block too big (0 >= 9)
[  355.091288][ T1109] EXT4-fs error (device loop3): ext4_release_dquot:6231: comm kworker/u4:5: Failed to release dquot type 0
[  355.102907][ T3783] usb usb1: usbfs: process 3783 (syz.3.982) did not claim interface 0 before use
[  355.457783][ T3800] loop2: detected capacity change from 0 to 512
[  356.703926][ T3800] EXT4-fs (loop2): 1 orphan inode deleted
[  356.709861][ T3800] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  356.721442][ T3800] ext4 filesystem being mounted at /192/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  356.795529][ T3811] loop1: detected capacity change from 0 to 1024
[  356.966408][ T3811] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:476: comm syz.1.988: Invalid block bitmap block 0 in block_group 0
[  356.980025][ T3811] Quota error (device loop1): write_blk: dquota write failed
[  356.987455][ T3811] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota
[  356.997421][ T3811] EXT4-fs error (device loop1): ext4_acquire_dquot:6195: comm syz.1.988: Failed to acquire dquot type 0
[  357.009054][ T3811] EXT4-fs error (device loop1): ext4_free_blocks:6223: comm syz.1.988: Freeing blocks not in datazone - block = 0, count = 4096
[  357.022530][ T3811] EXT4-fs error (device loop1): ext4_read_inode_bitmap:140: comm syz.1.988: Invalid inode bitmap blk 0 in block_group 0
[  357.035732][ T3811] EXT4-fs error (device loop1) in ext4_free_inode:362: Corrupt filesystem
[  357.044517][ T3811] EXT4-fs (loop1): 1 orphan inode deleted
[  357.050342][ T3811] EXT4-fs (loop1): mounted filesystem without journal. Opts: ��; max_batch_time=0x0000000000000006,i_version,,errors=continue. Quota mode: writeback.
[  357.075274][ T3811] usb usb1: usbfs: process 3811 (syz.1.988) did not claim interface 0 before use
[  357.086420][   T10] Quota error (device loop1): remove_tree: Getting block too big (0 >= 9)
[  357.104402][   T10] EXT4-fs error (device loop1): ext4_release_dquot:6231: comm kworker/u4:1: Failed to release dquot type 0
[  357.180371][ T3791] loop4: detected capacity change from 0 to 40427
[  357.248835][ T3791] F2FS-fs (loop4): fault_injection options not supported
[  357.275148][ T3791] F2FS-fs (loop4): invalid crc value
[  357.281951][ T3791] F2FS-fs (loop4): Found nat_bits in checkpoint
[  357.297667][ T3806] loop0: detected capacity change from 0 to 40427
[  357.309482][ T3806] F2FS-fs (loop0): fault_injection options not supported
[  357.337332][ T3806] F2FS-fs (loop0): invalid crc value
[  357.443531][ T3823] netlink: 96 bytes leftover after parsing attributes in process `syz.2.991'.
[  357.463283][ T3806] F2FS-fs (loop0): Found nat_bits in checkpoint
[  357.504193][ T3791] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  357.516821][ T1108] usb 4-1: new high-speed USB device number 20 using dummy_hcd
[  357.633027][ T3806] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  358.116786][ T3829] loop1: detected capacity change from 0 to 512
[  358.336881][ T1108] usb 4-1: unable to get BOS descriptor or descriptor too short
[  358.374425][ T3829] EXT4-fs (loop1): 1 orphan inode deleted
[  358.380343][ T3829] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  358.391889][ T3829] ext4 filesystem being mounted at /199/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  358.547063][ T1108] usb 4-1: unable to read config index 0 descriptor/start: -71
[  359.105166][ T1108] usb 4-1: can't read configurations, error -71
[  359.257104][ T3835] loop1: detected capacity change from 0 to 1024
[  359.277711][ T3833] loop2: detected capacity change from 0 to 40427
[  359.313982][ T3839] loop0: detected capacity change from 0 to 256
[  359.314877][ T3838] loop3: detected capacity change from 0 to 256
[  359.337800][ T3833] F2FS-fs (loop2): fault_injection options not supported
[  359.346018][ T3835] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:476: comm syz.1.997: Invalid block bitmap block 0 in block_group 0
[  359.367230][ T3835] Quota error (device loop1): write_blk: dquota write failed
[  359.374666][ T3835] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota
[  359.384914][ T3835] EXT4-fs error (device loop1): ext4_acquire_dquot:6195: comm syz.1.997: Failed to acquire dquot type 0
[  359.396927][ T3838] FAT-fs (loop3): Unrecognized mount option "iocharsgt=iso8859-4֘��[��]Ԭn�" or missing value
[  359.412372][ T3833] F2FS-fs (loop2): invalid crc value
[  359.439054][ T3839] FAT-fs (loop0): Directory bread(block 64) failed
[  359.444375][ T3835] EXT4-fs error (device loop1): ext4_free_blocks:6223: comm syz.1.997: Freeing blocks not in datazone - block = 0, count = 4096
[  359.450379][ T3839] FAT-fs (loop0): Directory bread(block 65) failed
[  359.460006][ T3835] EXT4-fs error (device loop1): ext4_read_inode_bitmap:140: comm syz.1.997: Invalid inode bitmap blk 0 in block_group 0
[  359.465446][ T3839] FAT-fs (loop0): Directory bread(block 66) failed
[  359.478423][   T10] Quota error (device loop1): remove_tree: Getting block too big (0 >= 9)
[  359.485751][ T3833] F2FS-fs (loop2): Found nat_bits in checkpoint
[  359.493213][ T3835] EXT4-fs error (device loop1) in ext4_free_inode:362: Corrupt filesystem
[  359.499565][ T3839] FAT-fs (loop0): Directory bread(block 67) failed
[  359.507872][ T3843] netlink: 96 bytes leftover after parsing attributes in process `syz.4.995'.
[  359.517390][   T10] EXT4-fs error (device loop1): ext4_release_dquot:6231: comm kworker/u4:1: Failed to release dquot type 0
[  359.524884][ T3835] EXT4-fs (loop1): 1 orphan inode deleted
[  359.540335][ T3835] EXT4-fs (loop1): mounted filesystem without journal. Opts: ��; max_batch_time=0x0000000000000006,i_version,,errors=continue. Quota mode: writeback.
[  359.555824][ T3839] FAT-fs (loop0): Directory bread(block 68) failed
[  359.569947][ T3839] FAT-fs (loop0): Directory bread(block 69) failed
[  359.584034][ T3839] FAT-fs (loop0): Directory bread(block 70) failed
[  359.590811][ T3839] FAT-fs (loop0): Directory bread(block 71) failed
[  359.597436][ T3839] FAT-fs (loop0): Directory bread(block 72) failed
[  359.604060][ T3839] FAT-fs (loop0): Directory bread(block 73) failed
[  359.643268][ T3833] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  360.094663][ T3850] loop3: detected capacity change from 0 to 512
[  360.244612][ T3850] EXT4-fs (loop3): failed to open journal device unknown-block(0,0) -6
[  360.258616][ T3833] attempt to access beyond end of device
[  360.258616][ T3833] loop2: rw=2049, want=80792, limit=40427
[  360.280699][ T3833] attempt to access beyond end of device
[  360.280699][ T3833] loop2: rw=2049, want=81920, limit=40427
[  360.311983][ T3833] attempt to access beyond end of device
[  360.311983][ T3833] loop2: rw=2049, want=51368, limit=40427
[  360.342165][ T3833] attempt to access beyond end of device
[  360.342165][ T3833] loop2: rw=2049, want=53248, limit=40427
[  360.359740][ T3833] attempt to access beyond end of device
[  360.359740][ T3833] loop2: rw=2049, want=59448, limit=40427
[  360.645563][ T3860] input: syz0 as /devices/virtual/input/input47
[  360.735534][ T3833] attempt to access beyond end of device
[  360.735534][ T3833] loop2: rw=2049, want=64208, limit=40427
[  360.760934][ T3849] loop1: detected capacity change from 0 to 40427
[  360.788087][ T3849] F2FS-fs (loop1): invalid crc value
[  360.789185][ T3833] attempt to access beyond end of device
[  360.789185][ T3833] loop2: rw=2049, want=68752, limit=40427
[  360.795801][ T3849] F2FS-fs (loop1): Found nat_bits in checkpoint
[  360.818201][ T3833] attempt to access beyond end of device
[  360.818201][ T3833] loop2: rw=2049, want=73152, limit=40427
[  360.841728][ T3833] attempt to access beyond end of device
[  360.841728][ T3833] loop2: rw=2049, want=76720, limit=40427
[  360.847441][ T3849] F2FS-fs (loop1): Cannot turn on quotas: -2 on 2
[  360.858581][ T3833] attempt to access beyond end of device
[  360.858581][ T3833] loop2: rw=2049, want=77824, limit=40427
[  360.859985][ T3849] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  362.548056][ T3867] netlink: 20 bytes leftover after parsing attributes in process `syz.1.999'.
[  364.095785][ T3875] loop0: detected capacity change from 0 to 256
[  364.736804][   T30] audit: type=1400 audit(1748386087.055:793): avc:  denied  { ioctl } for  pid=3876 comm="syz.4.1007" path="socket:[26441]" dev="sockfs" ino=26441 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  364.850608][   T30] audit: type=1400 audit(1748386087.055:794): avc:  denied  { write } for  pid=3876 comm="syz.4.1007" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  365.110594][ T3889] loop2: detected capacity change from 0 to 512
[  365.262219][ T3890] usb usb1: usbfs: process 3890 (syz.1.1006) did not claim interface 0 before use
[  368.325823][ T3894] loop0: detected capacity change from 0 to 256
[  368.357764][ T3889] EXT4-fs (loop2): 1 orphan inode deleted
[  368.363580][ T3889] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  368.374632][ T3889] ext4 filesystem being mounted at /195/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  368.522930][ T3900] netlink: 96 bytes leftover after parsing attributes in process `syz.4.1011'.
[  368.609924][ T3894] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d)
[  369.820097][   T30] audit: type=1326 audit(1748386091.115:795): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3899 comm="syz.3.1012" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4cd0650969 code=0x7ffc0000
[  369.873544][   T30] audit: type=1326 audit(1748386091.115:796): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3899 comm="syz.3.1012" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4cd0650969 code=0x7ffc0000
[  369.933319][   T30] audit: type=1326 audit(1748386091.155:797): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3899 comm="syz.3.1012" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f4cd0650969 code=0x7ffc0000
[  369.962331][ T3906] loop4: detected capacity change from 0 to 256
[  369.967166][   T30] audit: type=1326 audit(1748386091.155:798): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3899 comm="syz.3.1012" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4cd0650969 code=0x7ffc0000
[  369.995377][   T30] audit: type=1326 audit(1748386091.155:799): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3899 comm="syz.3.1012" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4cd0650969 code=0x7ffc0000
[  370.030942][ T3906] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xf6dff195, utbl_chksum : 0xe619d30d)
[  370.045144][ T3908] input: syz0 as /devices/virtual/input/input48
[  370.132771][ T3906] incfs: Backing dir is not set, filesystem can't be mounted.
[  370.146941][ T3906] incfs: mount failed -2
[  371.129905][ T3925] loop4: detected capacity change from 0 to 512
[  371.139746][ T3925] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  371.271865][ T3925] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00ec019, mo2=0002]
[  371.282791][ T3925] System zones: 1-12
[  371.292687][ T3925] EXT4-fs (loop4): 1 truncate cleaned up
[  371.304946][ T3925] EXT4-fs (loop4): mounted filesystem without journal. Opts: nogrpid,jqfmt=vfsv0,debug_want_extra_isize=0x0000000000000068,debug,nombcache,quota,nolazytime,,errors=continue. Quota mode: writeback.
[  371.590451][ T3934] SELinux:  Context ���D�z=�3�
[  371.590451][ T3934] 0�OMcW�/͆�s`-FH��JM���ō��ʟrM`y��s8_g��ZP���ZF�IW
�x(ZX<��
T��sT� is not valid (left unmapped).
[  371.851828][ T3934] loop1: detected capacity change from 0 to 1024
[  372.001921][   T30] audit: type=1326 audit(1748386093.895:800): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3930 comm="syz.1.1022" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f034ac17969 code=0x7ffc0000
[  372.099527][ T3934] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  372.123329][ T3938] binfmt_misc: register: failed to install interpreter file ./file0
[  372.131773][   T30] audit: type=1326 audit(1748386093.905:801): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3930 comm="syz.1.1022" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f034ac17969 code=0x7ffc0000
[  372.208964][   T30] audit: type=1326 audit(1748386093.935:802): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3930 comm="syz.1.1022" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f034ac17969 code=0x7ffc0000
[  372.233738][   T30] audit: type=1326 audit(1748386093.935:803): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3930 comm="syz.1.1022" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f034ac17969 code=0x7ffc0000
[  372.349227][   T30] audit: type=1326 audit(1748386093.935:804): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3930 comm="syz.1.1022" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f034ac17969 code=0x7ffc0000
[  372.700435][  T514] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  372.893237][ T3949] input: syz0 as /devices/virtual/input/input49
[  373.084713][  T514] usb 3-1: Using ep0 maxpacket: 8
[  373.174510][ T3945] loop3: detected capacity change from 0 to 40427
[  373.216771][  T514] usb 3-1: unable to read config index 0 descriptor/start: -71
[  373.227942][  T514] usb 3-1: can't read configurations, error -71
[  373.245674][ T3958] netlink: 96 bytes leftover after parsing attributes in process `syz.0.1030'.
[  373.272593][ T3960] loop0: detected capacity change from 0 to 256
[  373.285896][ T3945] F2FS-fs (loop3): invalid crc value
[  373.306382][ T3945] F2FS-fs (loop3): Found nat_bits in checkpoint
[  373.358715][ T3960] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d)
[  373.376895][ T3945] F2FS-fs (loop3): Cannot turn on quotas: -2 on 2
[  373.402082][ T3945] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  374.184039][ T3967] loop1: detected capacity change from 0 to 40427
[  374.251505][ T3967] F2FS-fs (loop1): fault_injection options not supported
[  374.272817][ T3967] F2FS-fs (loop1): invalid crc value
[  374.317077][ T3967] F2FS-fs (loop1): Found nat_bits in checkpoint
[  374.484025][ T3977] loop0: detected capacity change from 0 to 2048
[  374.654992][ T3967] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  374.670418][ T3977] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  375.715793][ T3967] handle_bad_sector: 3 callbacks suppressed
[  375.715815][ T3967] attempt to access beyond end of device
[  375.715815][ T3967] loop1: rw=2049, want=45104, limit=40427
[  375.741327][  T281] attempt to access beyond end of device
[  375.741327][  T281] loop1: rw=2049, want=45112, limit=40427
[  375.763458][ T3988] loop2: detected capacity change from 0 to 1024
[  375.793639][ T3985] loop3: detected capacity change from 0 to 1024
[  375.871313][ T3988] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:476: comm syz.2.1037: Invalid block bitmap block 0 in block_group 0
[  375.884950][ T3988] __quota_error: 27 callbacks suppressed
[  375.884966][ T3988] Quota error (device loop2): write_blk: dquota write failed
[  375.898068][ T3988] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota
[  375.901667][ T3985] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  375.908027][ T3988] EXT4-fs error (device loop2): ext4_acquire_dquot:6195: comm syz.2.1037: Failed to acquire dquot type 0
[  375.928215][ T3988] EXT4-fs error (device loop2): ext4_free_blocks:6223: comm syz.2.1037: Freeing blocks not in datazone - block = 0, count = 4096
[  375.943410][ T3988] EXT4-fs error (device loop2): ext4_read_inode_bitmap:140: comm syz.2.1037: Invalid inode bitmap blk 0 in block_group 0
[  375.956749][ T3988] EXT4-fs error (device loop2) in ext4_free_inode:362: Corrupt filesystem
[  375.965951][ T3988] EXT4-fs (loop2): 1 orphan inode deleted
[  375.971802][ T3988] EXT4-fs (loop2): mounted filesystem without journal. Opts: ��; max_batch_time=0x0000000000000006,i_version,,errors=continue. Quota mode: writeback.
[  376.086715][ T3988] usb usb1: usbfs: process 3988 (syz.2.1037) did not claim interface 0 before use
[  376.117708][ T1109] Quota error (device loop2): remove_tree: Getting block too big (0 >= 9)
[  376.133515][ T1109] EXT4-fs error (device loop2): ext4_release_dquot:6231: comm kworker/u4:5: Failed to release dquot type 0
[  376.147749][ T3985] EXT4-fs (loop3): orphan cleanup on readonly fs
[  376.187049][ T3985] EXT4-fs error (device loop3): ext4_map_blocks:630: inode #3: block 2: comm syz.3.1034: lblock 7 mapped to illegal pblock 2 (length 1)
[  376.201358][ T3985] EXT4-fs (loop3): Remounting filesystem read-only
[  376.208296][ T3985] Quota error (device loop3): write_blk: dquota write failed
[  376.215763][ T3985] EXT4-fs error (device loop3): ext4_map_blocks:630: inode #3: block 1: comm syz.3.1034: lblock 6 mapped to illegal pblock 1 (length 1)
[  376.230057][ T3985] EXT4-fs (loop3): Remounting filesystem read-only
[  376.236661][ T3985] Quota error (device loop3): write_blk: dquota write failed
[  376.244899][ T3985] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota
[  376.255385][ T3985] EXT4-fs error (device loop3): ext4_map_blocks:630: inode #3: block 48: comm syz.3.1034: lblock 0 mapped to illegal pblock 48 (length 1)
[  376.271053][ T3985] EXT4-fs (loop3): Remounting filesystem read-only
[  376.277875][ T3985] Quota error (device loop3): v2_write_file_info: Can't write info structure
[  376.287463][ T3985] EXT4-fs error (device loop3): ext4_acquire_dquot:6195: comm syz.3.1034: Failed to acquire dquot type 0
[  376.302359][ T3985] EXT4-fs (loop3): Remounting filesystem read-only
[  376.309483][ T3985] EXT4-fs error (device loop3): ext4_map_blocks:630: inode #3: block 49: comm syz.3.1034: lblock 1 mapped to illegal pblock 49 (length 1)
[  376.325310][ T3985] EXT4-fs (loop3): Remounting filesystem read-only
[  376.336889][ T3985] Quota error (device loop3): do_insert_tree: Can't read tree quota block 1
[  376.362588][ T3985] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota
[  376.379003][ T3985] EXT4-fs error (device loop3): ext4_acquire_dquot:6195: comm syz.3.1034: Failed to acquire dquot type 0
[  376.406179][ T3985] EXT4-fs (loop3): Remounting filesystem read-only
[  376.417273][ T3985] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5866: Corrupt filesystem
[  376.430218][ T3985] EXT4-fs (loop3): Remounting filesystem read-only
[  376.438780][ T3985] EXT4-fs error (device loop3): ext4_evict_inode:283: inode #15: comm syz.3.1034: mark_inode_dirty error
[  376.460517][ T3985] EXT4-fs (loop3): Remounting filesystem read-only
[  376.468160][ T3985] EXT4-fs warning (device loop3): ext4_evict_inode:286: couldn't mark inode dirty (err -117)
[  376.479471][ T3985] EXT4-fs (loop3): 1 orphan inode deleted
[  376.490554][ T3985] EXT4-fs (loop3): mounted filesystem without journal. Opts: max_dir_size_kb=0x0000000000000008,data_err=abort,minixdf,errors=remount-ro,abort,noblock_validity,barrier,journal_dev=0x0000000000000f35,. Quota mode: none.
[  377.726778][   T30] audit: type=1326 audit(1748386099.535:832): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3999 comm="syz.1.1038" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f034ac17969 code=0x7ffc0000
[  378.207850][ T4016] loop0: detected capacity change from 0 to 1024
[  378.216231][ T2762] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[  378.358103][ T4016] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:476: comm syz.0.1043: Invalid block bitmap block 0 in block_group 0
[  378.373251][ T4016] EXT4-fs error (device loop0): ext4_acquire_dquot:6195: comm syz.0.1043: Failed to acquire dquot type 0
[  378.387089][ T4016] EXT4-fs error (device loop0): ext4_free_blocks:6223: comm syz.0.1043: Freeing blocks not in datazone - block = 0, count = 4096
[  378.402806][ T4016] EXT4-fs error (device loop0): ext4_read_inode_bitmap:140: comm syz.0.1043: Invalid inode bitmap blk 0 in block_group 0
[  378.416366][    T8] EXT4-fs error (device loop0): ext4_release_dquot:6231: comm kworker/u4:0: Failed to release dquot type 0
[  378.428860][ T4016] EXT4-fs error (device loop0) in ext4_free_inode:362: Corrupt filesystem
[  378.438750][ T4016] EXT4-fs (loop0): 1 orphan inode deleted
[  378.444542][ T4016] EXT4-fs (loop0): mounted filesystem without journal. Opts: ��; max_batch_time=0x0000000000000006,i_version,,errors=continue. Quota mode: writeback.
[  378.613416][ T4016] usb usb1: usbfs: process 4016 (syz.0.1043) did not claim interface 0 before use
[  378.910505][ T4015] loop4: detected capacity change from 0 to 40427
[  378.960738][ T4015] F2FS-fs (loop4): invalid crc value
[  378.969984][ T4015] F2FS-fs (loop4): Found nat_bits in checkpoint
[  378.991797][ T2762] usb 2-1: unable to get BOS descriptor or descriptor too short
[  379.036027][ T4025] overlayfs: missing 'lowerdir'
[  379.042064][ T4015] F2FS-fs (loop4): Cannot turn on quotas: -2 on 2
[  379.051589][ T4015] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  379.066848][ T2762] usb 2-1: unable to read config index 0 descriptor/start: -71
[  379.074456][ T2762] usb 2-1: can't read configurations, error -71
[  379.097536][ T4030] loop0: detected capacity change from 0 to 256
[  379.161236][ T4033] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4033 comm=syz.3.1049
[  379.172788][ T4030] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d)
[  379.643430][ T4027] loop2: detected capacity change from 0 to 40427
[  379.665951][ T4027] F2FS-fs (loop2): fault_injection options not supported
[  381.089031][ T4047] loop1: detected capacity change from 0 to 2048
[  381.095592][   T30] kauditd_printk_skb: 7 callbacks suppressed
[  381.146936][   T30] audit: type=1326 audit(1748386102.265:837): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4041 comm="syz.0.1054" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03c14b1969 code=0x7ffc0000
[  381.261971][ T4027] F2FS-fs (loop2): invalid crc value
[  381.337671][ T4047] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  381.757352][   T30] audit: type=1326 audit(1748386102.265:838): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4041 comm="syz.0.1054" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03c14b1969 code=0x7ffc0000
[  381.780724][   T30] audit: type=1326 audit(1748386102.275:839): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4041 comm="syz.0.1054" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f03c14b1969 code=0x7ffc0000
[  382.092522][ T4053] input: syz0 as /devices/virtual/input/input50
[  382.477159][ T4027] F2FS-fs (loop2): Failed to start F2FS issue_checkpoint_thread (-12)
[  382.520969][   T30] audit: type=1326 audit(1748386102.275:840): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4041 comm="syz.0.1054" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03c14b1969 code=0x7ffc0000
[  382.634849][   T30] audit: type=1326 audit(1748386102.275:841): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4041 comm="syz.0.1054" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03c14b1969 code=0x7ffc0000
[  382.685570][   T30] audit: type=1326 audit(1748386105.065:842): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4064 comm="syz.1.1059" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f034ac17969 code=0x7ffc0000
[  382.685978][ T4063] loop4: detected capacity change from 0 to 256
[  382.732674][   T30] audit: type=1326 audit(1748386105.095:843): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4064 comm="syz.1.1059" exe="/root/syz-executor" sig=0 arch=c000003e syscall=448 compat=0 ip=0x7f034ac17969 code=0x7ffc0000
[  382.835178][ T4070] loop2: detected capacity change from 0 to 512
[  382.843093][   T30] audit: type=1326 audit(1748386105.095:844): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4064 comm="syz.1.1059" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f034ac17969 code=0x7ffc0000
[  382.877203][ T4063] FAT-fs (loop4): Unrecognized mount option "iocharsgt=iso8859-4֘��[��]Ԭn�" or missing value
[  382.892552][ T4070] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[  383.406011][   T30] audit: type=1326 audit(1748386105.545:845): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4066 comm="syz.1.1061" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f034ac17969 code=0x7ffc0000
[  383.437011][   T30] audit: type=1326 audit(1748386105.545:846): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4066 comm="syz.1.1061" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f034ac17969 code=0x7ffc0000
[  383.532678][ T4070] EXT4-fs (loop2): warning: checktime reached, running e2fsck is recommended
[  383.566909][ T4070] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a842c01c, mo2=0002]
[  383.575187][ T4070] System zones: 0-2, 18-18, 34-34
[  383.617478][ T4070] EXT4-fs warning (device loop2): ext4_update_dynamic_rev:1054: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  383.647307][ T4070] EXT4-fs (loop2): 1 truncate cleaned up
[  383.652992][ T4070] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  383.679593][ T4070] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4070 comm=syz.2.1060
[  383.802768][ T4082] overlayfs: overlapping lowerdir path
[  383.918591][ T4081] loop4: detected capacity change from 0 to 512
[  383.989190][ T4081] EXT4-fs (loop4): failed to open journal device unknown-block(0,0) -6
[  384.086750][  T876] usb 2-1: new high-speed USB device number 15 using dummy_hcd
[  384.499581][  T876] usb 2-1: unable to get BOS descriptor or descriptor too short
[  384.622917][ T4093] input: syz0 as /devices/virtual/input/input51
[  384.856762][  T876] usb 2-1: unable to read config index 0 descriptor/start: -71
[  384.864372][  T876] usb 2-1: can't read configurations, error -71
[  384.978746][ T4089] loop2: detected capacity change from 0 to 40427
[  385.081149][ T4089] F2FS-fs (loop2): invalid crc value
[  385.095721][ T4089] F2FS-fs (loop2): Found nat_bits in checkpoint
[  385.126546][ T4097] loop3: detected capacity change from 0 to 512
[  385.137551][ T4098] binfmt_misc: register: failed to install interpreter file ./file0
[  385.172624][ T4100] device pim6reg1 entered promiscuous mode
[  385.182428][ T4089] F2FS-fs (loop2): Cannot turn on quotas: -2 on 2
[  385.190285][ T4089] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  385.208530][ T4097] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[  385.317711][ T4104] syz.0.1071[4104] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  385.317790][ T4104] syz.0.1071[4104] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  385.334205][ T4097] EXT4-fs (loop3): warning: checktime reached, running e2fsck is recommended
[  385.380231][ T4097] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a842c01c, mo2=0002]
[  385.433550][ T4097] System zones: 0-2, 18-18, 34-34
[  385.457661][ T4097] EXT4-fs warning (device loop3): ext4_update_dynamic_rev:1054: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  385.517235][ T4097] EXT4-fs (loop3): 1 truncate cleaned up
[  385.531917][ T4097] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  386.074926][ T4112] loop0: detected capacity change from 0 to 2048
[  386.146733][  T876] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[  386.264190][ T4112] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  386.576868][  T876] usb 2-1: Using ep0 maxpacket: 8
[  386.640934][ T4118] loop3: detected capacity change from 0 to 512
[  386.774961][ T4118] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[  386.809985][ T4123] bridge: RTM_NEWNEIGH with invalid ether address
[  386.816912][ T4118] EXT4-fs (loop3): warning: checktime reached, running e2fsck is recommended
[  386.824281][  T876] usb 2-1: config 179 has an invalid interface number: 65 but max is 0
[  387.052410][ T4118] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a842c01c, mo2=0002]
[  387.096366][ T4118] System zones: 0-2, 18-18, 34-34
[  387.114895][  T876] usb 2-1: config 179 has no interface number 0
[  387.121238][  T876] usb 2-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 63, changing to 9
[  387.134259][ T4118] EXT4-fs warning (device loop3): ext4_update_dynamic_rev:1054: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  387.136169][  T876] usb 2-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 57605, setting to 1024
[  387.151461][ T4118] EXT4-fs (loop3): 1 truncate cleaned up
[  387.161690][  T876] usb 2-1: config 179 interface 65 altsetting 12 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  387.165907][ T4118] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  387.177450][  T876] usb 2-1: config 179 interface 65 altsetting 12 endpoint 0x83 has invalid wMaxPacketSize 0
[  387.198413][  T876] usb 2-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  387.219085][  T876] usb 2-1: config 179 interface 65 has no altsetting 0
[  387.226257][  T876] usb 2-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00
[  387.240651][ T4118] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4118 comm=syz.3.1076
[  387.254425][  T876] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  387.330136][  T876] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:179.65/input/input53
[  388.471611][   T30] kauditd_printk_skb: 6 callbacks suppressed
[  388.471629][   T30] audit: type=1326 audit(1748386109.845:853): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4126 comm="syz.4.1079" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1f8cfe969 code=0x7ffc0000
[  388.509043][ T1108] usb 2-1: USB disconnect, device number 16
[  388.526742][    C0] xpad 2-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[  388.535120][ T1108] xpad 2-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19
[  388.677084][ T4137] loop0: detected capacity change from 0 to 512
[  389.148213][   T30] audit: type=1326 audit(1748386109.845:854): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4126 comm="syz.4.1079" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1f8cfe969 code=0x7ffc0000
[  389.326291][   T30] audit: type=1326 audit(1748386109.975:855): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4126 comm="syz.4.1079" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7ff1f8cfe969 code=0x7ffc0000
[  390.150612][   T30] audit: type=1326 audit(1748386109.975:856): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4126 comm="syz.4.1079" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1f8cfe969 code=0x7ffc0000
[  390.189861][   T30] audit: type=1326 audit(1748386109.975:857): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4126 comm="syz.4.1079" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1f8cfe969 code=0x7ffc0000
[  390.233758][   T30] audit: type=1326 audit(1748386110.085:858): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4126 comm="syz.4.1079" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7ff1f8cfe969 code=0x7ffc0000
[  391.897112][ T4137] EXT4-fs: error -4 creating inode table initialization thread
[  391.904846][ T4137] EXT4-fs (loop0): mount failed
[  391.939659][   T30] audit: type=1326 audit(1748386110.095:859): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4126 comm="syz.4.1079" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1f8cfe969 code=0x7ffc0000
[  391.997526][   T30] audit: type=1326 audit(1748386110.095:860): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4126 comm="syz.4.1079" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1f8cfe969 code=0x7ffc0000
[  392.012540][ T4151] loop1: detected capacity change from 0 to 512
[  392.029815][   T30] audit: type=1326 audit(1748386110.125:861): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4126 comm="syz.4.1079" exe="/root/syz-executor" sig=0 arch=c000003e syscall=206 compat=0 ip=0x7ff1f8cfe969 code=0x7ffc0000
[  392.123460][   T30] audit: type=1326 audit(1748386110.125:862): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4126 comm="syz.4.1079" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1f8cfe969 code=0x7ffc0000
[  392.158673][ T4149] loop2: detected capacity change from 0 to 40427
[  392.231587][ T4151] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  392.300837][ T4159] loop3: detected capacity change from 0 to 2048
[  392.320545][ T4149] F2FS-fs (loop2): invalid crc value
[  392.441878][ T4159] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  392.811102][ T4149] F2FS-fs (loop2): Found nat_bits in checkpoint
[  392.849219][ T4151] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00ec019, mo2=0002]
[  393.370689][ T4151] System zones: 1-12
[  393.436988][ T4151] EXT4-fs (loop1): 1 truncate cleaned up
[  393.475994][ T4151] EXT4-fs (loop1): mounted filesystem without journal. Opts: nogrpid,jqfmt=vfsv0,debug_want_extra_isize=0x0000000000000068,debug,nombcache,quota,nolazytime,,errors=continue. Quota mode: writeback.
[  393.507592][ T4149] F2FS-fs (loop2): Cannot turn on quotas: -2 on 2
[  393.547179][ T4149] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  393.599157][ T4157] loop0: detected capacity change from 0 to 40427
[  393.647321][ T4157] F2FS-fs (loop0): fault_injection options not supported
[  393.656111][ T4157] F2FS-fs (loop0): invalid crc value
[  393.685770][ T4157] F2FS-fs (loop0): Found nat_bits in checkpoint
[  394.813922][   T30] kauditd_printk_skb: 10 callbacks suppressed
[  394.813943][   T30] audit: type=1326 audit(1748386116.275:873): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4169 comm="syz.3.1089" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4cd0650969 code=0x7ffc0000
[  394.861795][   T30] audit: type=1326 audit(1748386116.275:874): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4169 comm="syz.3.1089" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4cd0650969 code=0x7ffc0000
[  394.874285][ T4157] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  395.493535][ T4179] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1084'.
[  397.272305][ T4181] loop4: detected capacity change from 0 to 256
[  397.613830][ T4181] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1090'.
[  398.161000][   T30] audit: type=1326 audit(1748386116.305:875): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4169 comm="syz.3.1089" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f4cd0650969 code=0x7ffc0000
[  398.187542][   T30] audit: type=1326 audit(1748386116.305:876): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4169 comm="syz.3.1089" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4cd0650969 code=0x7ffc0000
[  398.235234][   T30] audit: type=1326 audit(1748386116.305:877): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4169 comm="syz.3.1089" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4cd0650969 code=0x7ffc0000
[  398.306974][   T30] audit: type=1326 audit(1748386116.325:878): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4169 comm="syz.3.1089" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7f4cd0650969 code=0x7ffc0000
[  398.390954][   T30] audit: type=1326 audit(1748386116.325:879): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4169 comm="syz.3.1089" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4cd0650969 code=0x7ffc0000
[  398.416783][  T347] usb 4-1: new high-speed USB device number 22 using dummy_hcd
[  398.483705][   T30] audit: type=1326 audit(1748386116.335:880): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4169 comm="syz.3.1089" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4cd0650969 code=0x7ffc0000
[  398.520805][   T30] audit: type=1326 audit(1748386116.365:881): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4169 comm="syz.3.1089" exe="/root/syz-executor" sig=0 arch=c000003e syscall=206 compat=0 ip=0x7f4cd0650969 code=0x7ffc0000
[  398.544718][   T30] audit: type=1326 audit(1748386116.365:882): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4169 comm="syz.3.1089" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4cd0650969 code=0x7ffc0000
[  398.713177][  T347] usb 4-1: Using ep0 maxpacket: 32
[  398.997266][  T347] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  399.307408][  T347] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  399.336908][  T347] usb 4-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  399.806894][  T347] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  399.847790][  T347] usb 4-1: config 0 descriptor??
[  399.887293][  T347] hub 4-1:0.0: USB hub found
[  399.904572][ T4192] loop0: detected capacity change from 0 to 1024
[  399.915645][ T4186] loop2: detected capacity change from 0 to 1024
[  399.944578][ T4192] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  399.963014][ T4186] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  399.974351][ T4192] EXT4-fs (loop0): orphan cleanup on readonly fs
[  399.986916][ T4186] EXT4-fs (loop2): orphan cleanup on readonly fs
[  399.994923][ T4192] EXT4-fs error (device loop0): ext4_map_blocks:630: inode #3: block 2: comm syz.0.1096: lblock 7 mapped to illegal pblock 2 (length 1)
[  400.010819][ T4186] EXT4-fs error (device loop2): ext4_map_blocks:630: inode #3: block 2: comm syz.2.1091: lblock 7 mapped to illegal pblock 2 (length 1)
[  400.025339][ T4192] EXT4-fs (loop0): Remounting filesystem read-only
[  400.032248][ T4186] EXT4-fs (loop2): Remounting filesystem read-only
[  400.039147][ T4192] __quota_error: 21 callbacks suppressed
[  400.039162][ T4192] Quota error (device loop0): write_blk: dquota write failed
[  400.052818][ T4186] Quota error (device loop2): write_blk: dquota write failed
[  400.060549][ T4186] EXT4-fs error (device loop2): ext4_map_blocks:630: inode #3: block 1: comm syz.2.1091: lblock 6 mapped to illegal pblock 1 (length 1)
[  400.074957][ T4192] EXT4-fs error (device loop0): ext4_map_blocks:630: inode #3: block 1: comm syz.0.1096: lblock 6 mapped to illegal pblock 1 (length 1)
[  400.090549][ T4186] EXT4-fs (loop2): Remounting filesystem read-only
[  400.097580][ T4192] EXT4-fs (loop0): Remounting filesystem read-only
[  400.104342][ T4186] Quota error (device loop2): write_blk: dquota write failed
[  400.111960][  T347] hub 4-1:0.0: 1 port detected
[  400.117255][ T4192] Quota error (device loop0): write_blk: dquota write failed
[  400.124842][ T4186] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota
[  400.135255][ T4192] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota
[  400.145989][ T4186] EXT4-fs error (device loop2): ext4_map_blocks:630: inode #3: block 48: comm syz.2.1091: lblock 0 mapped to illegal pblock 48 (length 1)
[  400.160570][ T4192] EXT4-fs error (device loop0): ext4_map_blocks:630: inode #3: block 48: comm syz.0.1096: lblock 0 mapped to illegal pblock 48 (length 1)
[  400.175286][ T4186] EXT4-fs (loop2): Remounting filesystem read-only
[  400.182232][ T4186] Quota error (device loop2): v2_write_file_info: Can't write info structure
[  400.191085][ T4192] EXT4-fs (loop0): Remounting filesystem read-only
[  400.197876][ T4192] Quota error (device loop0): v2_write_file_info: Can't write info structure
[  400.206891][ T4186] EXT4-fs error (device loop2): ext4_acquire_dquot:6195: comm syz.2.1091: Failed to acquire dquot type 0
[  400.218331][ T4192] EXT4-fs error (device loop0): ext4_acquire_dquot:6195: comm syz.0.1096: Failed to acquire dquot type 0
[  400.229875][ T4192] EXT4-fs (loop0): Remounting filesystem read-only
[  400.236704][ T4186] EXT4-fs (loop2): Remounting filesystem read-only
[  400.236915][ T4192] EXT4-fs error (device loop0): ext4_map_blocks:630: inode #3: block 49: comm syz.0.1096: lblock 1 mapped to illegal pblock 49 (length 1)
[  400.253396][ T4186] EXT4-fs error (device loop2): ext4_map_blocks:630: inode #3: block 49: comm syz.2.1091: lblock 1 mapped to illegal pblock 49 (length 1)
[  400.258048][ T4192] EXT4-fs (loop0): Remounting filesystem read-only
[  400.278291][ T4192] Quota error (device loop0): do_insert_tree: Can't read tree quota block 1
[  400.287274][ T4186] EXT4-fs (loop2): Remounting filesystem read-only
[  400.287396][ T4192] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota
[  400.303962][ T4186] EXT4-fs error (device loop2): ext4_acquire_dquot:6195: comm syz.2.1091: Failed to acquire dquot type 0
[  400.304267][ T4192] EXT4-fs error (device loop0): ext4_acquire_dquot:6195: comm syz.0.1096: Failed to acquire dquot type 0
[  400.327176][ T4186] EXT4-fs (loop2): Remounting filesystem read-only
[  400.327220][ T4192] EXT4-fs (loop0): Remounting filesystem read-only
[  400.333707][ T4186] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5866: Corrupt filesystem
[  400.340669][ T4192] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5866: Corrupt filesystem
[  400.359904][ T4192] EXT4-fs (loop0): Remounting filesystem read-only
[  400.366608][ T4192] EXT4-fs error (device loop0): ext4_evict_inode:283: inode #15: comm syz.0.1096: mark_inode_dirty error
[  400.378244][ T4186] EXT4-fs (loop2): Remounting filesystem read-only
[  400.378504][ T4192] EXT4-fs (loop0): Remounting filesystem read-only
[  400.391622][ T4192] EXT4-fs warning (device loop0): ext4_evict_inode:286: couldn't mark inode dirty (err -117)
[  400.395006][ T4186] EXT4-fs error (device loop2): ext4_evict_inode:283: inode #15: comm syz.2.1091: mark_inode_dirty error
[  400.402634][ T4192] EXT4-fs (loop0): 1 orphan inode deleted
[  400.419277][ T4192] EXT4-fs (loop0): mounted filesystem without journal. Opts: max_dir_size_kb=0x0000000000000008,data_err=abort,minixdf,errors=remount-ro,abort,noblock_validity,barrier,journal_dev=0x0000000000000f35,. Quota mode: none.
[  400.440891][ T4186] EXT4-fs (loop2): Remounting filesystem read-only
[  400.451335][ T4210] loop1: detected capacity change from 0 to 40427
[  400.457916][ T4186] EXT4-fs warning (device loop2): ext4_evict_inode:286: couldn't mark inode dirty (err -117)
[  400.473213][ T4186] EXT4-fs (loop2): 1 orphan inode deleted
[  400.479927][ T4210] F2FS-fs (loop1): fault_injection options not supported
[  400.487591][ T4186] EXT4-fs (loop2): mounted filesystem without journal. Opts: max_dir_size_kb=0x0000000000000008,data_err=abort,minixdf,errors=remount-ro,abort,noblock_validity,barrier,journal_dev=0x0000000000000f35,. Quota mode: none.
[  400.516439][ T4210] F2FS-fs (loop1): invalid crc value
[  400.544507][ T4210] F2FS-fs (loop1): Found nat_bits in checkpoint
[  400.589899][ T4210] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  400.622719][  T347] usb 4-1: USB disconnect, device number 22
[  400.673403][  T281] attempt to access beyond end of device
[  400.673403][  T281] loop1: rw=2049, want=45104, limit=40427
[  400.765663][ T4221] loop2: detected capacity change from 0 to 1024
[  401.215048][ T4223] loop0: detected capacity change from 0 to 1024
[  401.431186][ T4221] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:476: comm syz.2.1102: Invalid block bitmap block 0 in block_group 0
[  401.455437][ T4221] EXT4-fs error (device loop2): ext4_acquire_dquot:6195: comm syz.2.1102: Failed to acquire dquot type 0
[  401.497540][ T4221] EXT4-fs error (device loop2): ext4_free_blocks:6223: comm syz.2.1102: Freeing blocks not in datazone - block = 0, count = 4096
[  401.512261][ T4221] EXT4-fs error (device loop2): ext4_read_inode_bitmap:140: comm syz.2.1102: Invalid inode bitmap blk 0 in block_group 0
[  401.600667][ T4226] loop4: detected capacity change from 0 to 512
[  401.616331][ T4221] EXT4-fs error (device loop2) in ext4_free_inode:362: Corrupt filesystem
[  401.626294][ T4221] EXT4-fs (loop2): 1 orphan inode deleted
[  401.632167][ T4221] EXT4-fs (loop2): mounted filesystem without journal. Opts: ��; max_batch_time=0x0000000000000006,i_version,,errors=continue. Quota mode: writeback.
[  401.758344][ T4221] usb usb1: usbfs: process 4221 (syz.2.1102) did not claim interface 0 before use
[  401.779542][  T302] EXT4-fs error (device loop2): ext4_release_dquot:6231: comm kworker/u4:3: Failed to release dquot type 0
[  401.971979][ T4223] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  402.091406][ T4226] EXT4-fs (loop4): 1 orphan inode deleted
[  402.097388][ T4226] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  402.109042][ T4226] ext4 filesystem being mounted at /242/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  402.478561][ T4234] loop1: detected capacity change from 0 to 256
[  402.537321][ T4234] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d)
[  402.659627][ T4240] loop3: detected capacity change from 0 to 1024
[  402.748391][ T4243] loop0: detected capacity change from 0 to 512
[  402.919374][ T4243] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  403.085295][ T4243] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00ec019, mo2=0002]
[  403.086347][ T4240] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:476: comm syz.3.1107: Invalid block bitmap block 0 in block_group 0
[  403.129947][ T4240] EXT4-fs error (device loop3): ext4_acquire_dquot:6195: comm syz.3.1107: Failed to acquire dquot type 0
[  403.162366][ T4243] System zones: 1-12
[  403.244415][ T4243] EXT4-fs (loop0): 1 truncate cleaned up
[  403.266770][ T4243] EXT4-fs (loop0): mounted filesystem without journal. Opts: nogrpid,jqfmt=vfsv0,debug_want_extra_isize=0x0000000000000068,debug,nombcache,quota,nolazytime,,errors=continue. Quota mode: writeback.
[  403.271678][ T4250] loop4: detected capacity change from 0 to 256
[  403.314625][ T4236] loop2: detected capacity change from 0 to 40427
[  403.334043][ T4236] F2FS-fs (loop2): fault_injection options not supported
[  403.341759][ T4250] FAT-fs (loop4): Unrecognized mount option "iocharsgt=iso8859-4֘��[��]Ԭn�" or missing value
[  403.341999][ T4240] EXT4-fs error (device loop3): ext4_free_blocks:6223: comm syz.3.1107: Freeing blocks not in datazone - block = 0, count = 4096
[  403.447256][ T4236] F2FS-fs (loop2): invalid crc value
[  403.452783][ T4240] EXT4-fs error (device loop3): ext4_read_inode_bitmap:140: comm syz.3.1107: Invalid inode bitmap blk 0 in block_group 0
[  403.466755][  T302] EXT4-fs error (device loop3): ext4_release_dquot:6231: comm kworker/u4:3: Failed to release dquot type 0
[  403.488842][ T4240] EXT4-fs error (device loop3) in ext4_free_inode:362: Corrupt filesystem
[  403.504749][ T4236] F2FS-fs (loop2): Found nat_bits in checkpoint
[  403.511487][ T4240] EXT4-fs (loop3): 1 orphan inode deleted
[  403.557116][ T4240] EXT4-fs (loop3): mounted filesystem without journal. Opts: ��; max_batch_time=0x0000000000000006,i_version,,errors=continue. Quota mode: writeback.
[  403.617656][ T4259] loop4: detected capacity change from 0 to 512
[  403.763757][ T4259] EXT4-fs (loop4): failed to open journal device unknown-block(0,0) -6
[  403.809985][ T4236] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  404.463799][ T4240] usb usb1: usbfs: process 4240 (syz.3.1107) did not claim interface 0 before use
[  404.786722][   T20] usb 2-1: new high-speed USB device number 17 using dummy_hcd
[  404.853761][ T4236] attempt to access beyond end of device
[  404.853761][ T4236] loop2: rw=2049, want=45104, limit=40427
[  404.886160][  T285] attempt to access beyond end of device
[  404.886160][  T285] loop2: rw=2049, want=45112, limit=40427
[  405.026709][   T20] usb 2-1: Using ep0 maxpacket: 32
[  405.146842][   T20] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  405.163292][   T20] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  405.207810][   T20] usb 2-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  405.265722][ T4272] loop2: detected capacity change from 0 to 2048
[  405.320969][   T20] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  405.463663][   T20] usb 2-1: config 0 descriptor??
[  405.483114][ T4272] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  405.893169][   T20] hub 2-1:0.0: USB hub found
[  406.466818][   T20] hub 2-1:0.0: 1 port detected
[  406.616754][ T1108] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  406.799165][ T4278] loop2: detected capacity change from 0 to 512
[  406.977305][ T1108] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  407.063660][ T4278] EXT4-fs (loop2): 1 orphan inode deleted
[  407.069506][ T4278] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  407.081106][ T4278] ext4 filesystem being mounted at /216/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  407.199506][ T1108] usb 5-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024
[  407.769883][   T20] usb 2-1: USB disconnect, device number 17
[  407.846951][ T1108] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  407.876320][ T1108] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  407.906620][ T1108] usb 5-1: Product: syz
[  407.924126][ T1108] usb 5-1: Manufacturer: syz
[  407.928956][ T1108] usb 5-1: SerialNumber: syz
[  408.006770][ T1108] usb 5-1: can't set config #1, error -71
[  408.016143][ T1108] usb 5-1: USB disconnect, device number 12
[  408.044843][   T30] kauditd_printk_skb: 38 callbacks suppressed
[  408.044895][   T30] audit: type=1326 audit(1748386130.425:934): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4289 comm="syz.4.1119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1f8cfe969 code=0x7ffc0000
[  408.124136][   T30] audit: type=1326 audit(1748386130.425:935): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4289 comm="syz.4.1119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1f8cfe969 code=0x7ffc0000
[  408.167862][ T4295] overlayfs: overlapping lowerdir path
[  408.178430][ T4280] loop0: detected capacity change from 0 to 40427
[  408.184989][   T30] audit: type=1326 audit(1748386130.425:936): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4289 comm="syz.4.1119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=448 compat=0 ip=0x7ff1f8cfe969 code=0x7ffc0000
[  408.218241][ T4280] F2FS-fs (loop0): invalid crc value
[  408.224781][ T4280] F2FS-fs (loop0): Found nat_bits in checkpoint
[  408.232827][   T30] audit: type=1326 audit(1748386130.425:937): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4289 comm="syz.4.1119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1f8cfe969 code=0x7ffc0000
[  408.286006][   T30] audit: type=1326 audit(1748386130.425:938): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4289 comm="syz.4.1119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1f8cfe969 code=0x7ffc0000
[  408.309530][ T4287] loop2: detected capacity change from 0 to 1024
[  408.319186][ T4280] F2FS-fs (loop0): Cannot turn on quotas: -2 on 2
[  408.335847][ T4280] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  408.379078][ T4287] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  408.390830][ T4287] EXT4-fs (loop2): orphan cleanup on readonly fs
[  408.405538][ T4287] EXT4-fs error (device loop2): ext4_map_blocks:630: inode #3: block 2: comm syz.2.1118: lblock 7 mapped to illegal pblock 2 (length 1)
[  408.436154][ T4287] EXT4-fs (loop2): Remounting filesystem read-only
[  408.456740][ T4287] Quota error (device loop2): write_blk: dquota write failed
[  408.477606][ T4287] EXT4-fs error (device loop2): ext4_map_blocks:630: inode #3: block 1: comm syz.2.1118: lblock 6 mapped to illegal pblock 1 (length 1)
[  408.498732][ T4292] loop3: detected capacity change from 0 to 40427
[  408.531162][ T4287] EXT4-fs (loop2): Remounting filesystem read-only
[  408.537920][ T4287] Quota error (device loop2): write_blk: dquota write failed
[  408.545465][ T4287] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota
[  408.555745][ T4287] EXT4-fs error (device loop2): ext4_map_blocks:630: inode #3: block 48: comm syz.2.1118: lblock 0 mapped to illegal pblock 48 (length 1)
[  408.556786][ T1108] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  408.576921][ T4287] EXT4-fs (loop2): Remounting filesystem read-only
[  408.596892][ T4287] Quota error (device loop2): v2_write_file_info: Can't write info structure
[  408.605857][ T4287] EXT4-fs error (device loop2): ext4_acquire_dquot:6195: comm syz.2.1118: Failed to acquire dquot type 0
[  408.775119][ T4301] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1116'.
[  408.795843][ T4287] EXT4-fs (loop2): Remounting filesystem read-only
[  408.821532][ T4292] F2FS-fs (loop3): invalid crc value
[  409.487838][ T4292] F2FS-fs (loop3): Found nat_bits in checkpoint
[  409.501805][ T4287] EXT4-fs error (device loop2): ext4_map_blocks:630: inode #3: block 49: comm syz.2.1118: lblock 1 mapped to illegal pblock 49 (length 1)
[  409.558881][ T4287] EXT4-fs (loop2): Remounting filesystem read-only
[  409.565438][ T4287] Quota error (device loop2): do_insert_tree: Can't read tree quota block 1
[  409.586747][ T1108] usb 5-1: Using ep0 maxpacket: 8
[  409.609472][ T4287] EXT4-fs error (device loop2): ext4_acquire_dquot:6195: comm syz.2.1118: Failed to acquire dquot type 0
[  409.624510][ T4292] F2FS-fs (loop3): Cannot turn on quotas: -2 on 2
[  409.641920][ T4287] EXT4-fs (loop2): Remounting filesystem read-only
[  409.659190][ T4292] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  409.687146][ T4287] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5866: Corrupt filesystem
[  409.698014][ T4287] EXT4-fs (loop2): Remounting filesystem read-only
[  409.704589][ T4287] EXT4-fs error (device loop2): ext4_evict_inode:283: inode #15: comm syz.2.1118: mark_inode_dirty error
[  409.716604][ T1108] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  409.722535][ T4287] EXT4-fs (loop2): Remounting filesystem read-only
[  409.733108][ T4287] EXT4-fs warning (device loop2): ext4_evict_inode:286: couldn't mark inode dirty (err -117)
[  409.743950][ T4287] EXT4-fs (loop2): 1 orphan inode deleted
[  409.751798][ T1108] usb 5-1: New USB device found, idVendor=0eef, idProduct=72c4, bcdDevice= 0.00
[  409.762044][ T1108] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  409.774216][ T4287] EXT4-fs (loop2): mounted filesystem without journal. Opts: max_dir_size_kb=0x0000000000000008,data_err=abort,minixdf,errors=remount-ro,abort,noblock_validity,barrier,journal_dev=0x0000000000000f35,. Quota mode: none.
[  409.796424][ T4306] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1120'.
[  409.816102][ T1108] usb 5-1: config 0 descriptor??
[  409.906256][ T4309] input: syz0 as /devices/virtual/input/input54
[  410.209457][ T4317] loop2: detected capacity change from 0 to 256
[  410.444998][ T1108] hid-multitouch 0003:0EEF:72C4.000B: unknown main item tag 0x0
[  410.459799][ T4317] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d)
[  410.502879][  T759] usb 1-1: new high-speed USB device number 16 using dummy_hcd
[  410.502890][ T1108] hid-multitouch 0003:0EEF:72C4.000B: hidraw0: USB HID v0.03 Device [HID 0eef:72c4] on usb-dummy_hcd.4-1/input0
[  410.804771][ T4328] input: syz0 as /devices/virtual/input/input56
[  411.096783][  T759] usb 1-1: Using ep0 maxpacket: 32
[  411.232796][ T4338] loop2: detected capacity change from 0 to 256
[  411.240122][  T759] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  411.263467][  T759] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  411.275179][  T759] usb 1-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  411.285763][  T759] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  411.327642][ T4337] loop3: detected capacity change from 0 to 1024
[  411.394148][ T4338] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1132'.
[  411.498483][  T759] usb 1-1: config 0 descriptor??
[  411.670291][  T759] hub 1-1:0.0: USB hub found
[  412.876787][  T759] hub 1-1:0.0: 1 port detected
[  412.893777][   T20] usb 5-1: USB disconnect, device number 13
[  412.923479][ T4337] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:476: comm syz.3.1130: Invalid block bitmap block 0 in block_group 0
[  412.945183][ T4346] loop1: detected capacity change from 0 to 256
[  413.087012][ T4337] __quota_error: 2 callbacks suppressed
[  413.087033][ T4337] Quota error (device loop3): write_blk: dquota write failed
[  413.621075][ T4350] loop4: detected capacity change from 0 to 512
[  415.029746][ T4346] FAT-fs (loop1): Unrecognized mount option "iocharsgt=iso8859-4֘��[��]Ԭn�" or missing value
[  415.092143][ T4337] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota
[  415.142184][ T4350] EXT4-fs (loop4): 1 orphan inode deleted
[  415.148179][ T4350] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  415.160900][ T4350] ext4 filesystem being mounted at /249/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  415.697024][ T4337] EXT4-fs error (device loop3): ext4_acquire_dquot:6195: comm syz.3.1130: Failed to acquire dquot type 0
[  415.735579][ T4337] EXT4-fs error (device loop3): ext4_free_blocks:6223: comm syz.3.1130: Freeing blocks not in datazone - block = 0, count = 4096
[  415.781818][  T759] usb 1-1: USB disconnect, device number 16
[  415.876571][ T4337] EXT4-fs error (device loop3): ext4_read_inode_bitmap:140: comm syz.3.1130: Invalid inode bitmap blk 0 in block_group 0
[  415.887221][    T8] Quota error (device loop3): remove_tree: Getting block too big (0 >= 9)
[  415.913505][ T4337] EXT4-fs error (device loop3) in ext4_free_inode:362: Corrupt filesystem
[  416.019154][ T4359] loop1: detected capacity change from 0 to 512
[  416.304094][ T4360] loop0: detected capacity change from 0 to 256
[  416.417760][    T8] EXT4-fs error (device loop3): ext4_release_dquot:6231: comm kworker/u4:0: Failed to release dquot type 0
[  416.826639][ T4360] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1137'.
[  416.963489][ T4337] EXT4-fs (loop3): 1 orphan inode deleted
[  419.136345][ T4337] EXT4-fs (loop3): mounted filesystem without journal. Opts: ��; max_batch_time=0x0000000000000006,i_version,,errors=continue. Quota mode: writeback.
[  419.151782][ T4359] EXT4-fs (loop1): failed to open journal device unknown-block(0,0) -6
[  419.548462][ T4367] loop2: detected capacity change from 0 to 2048
[  419.750144][ T4367] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  421.038610][   T30] audit: type=1326 audit(1748386142.915:940): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4369 comm="syz.1.1140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f034ac17969 code=0x7ffc0000
[  421.216887][   T30] audit: type=1326 audit(1748386142.925:941): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4369 comm="syz.1.1140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f034ac17969 code=0x7ffc0000
[  421.290406][   T30] audit: type=1326 audit(1748386142.985:942): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4369 comm="syz.1.1140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f034ac17969 code=0x7ffc0000
[  421.978128][ T4380] input: syz0 as /devices/virtual/input/input57
[  421.986544][   T30] audit: type=1326 audit(1748386142.985:943): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4369 comm="syz.1.1140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f034ac17969 code=0x7ffc0000
[  422.131219][   T30] audit: type=1326 audit(1748386142.985:944): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4369 comm="syz.1.1140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f034ac17969 code=0x7ffc0000
[  422.345884][   T30] audit: type=1326 audit(1748386143.005:945): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4369 comm="syz.1.1140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7f034ac17969 code=0x7ffc0000
[  422.374341][ T4391] loop2: detected capacity change from 0 to 1024
[  422.382090][   T30] audit: type=1326 audit(1748386143.015:946): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4369 comm="syz.1.1140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f034ac17969 code=0x7ffc0000
[  422.407203][   T30] audit: type=1326 audit(1748386143.015:947): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4369 comm="syz.1.1140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f034ac17969 code=0x7ffc0000
[  422.431062][   T30] audit: type=1326 audit(1748386143.075:948): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4369 comm="syz.1.1140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=206 compat=0 ip=0x7f034ac17969 code=0x7ffc0000
[  422.455295][   T30] audit: type=1326 audit(1748386143.075:949): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4369 comm="syz.1.1140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f034ac17969 code=0x7ffc0000
[  422.487277][ T4391] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:476: comm syz.2.1145: Invalid block bitmap block 0 in block_group 0
[  423.430473][ T4397] loop4: detected capacity change from 0 to 2048
[  423.487764][ T4391] EXT4-fs error (device loop2): ext4_acquire_dquot:6195: comm syz.2.1145: Failed to acquire dquot type 0
[  423.500367][ T4391] EXT4-fs error (device loop2): ext4_free_blocks:6223: comm syz.2.1145: Freeing blocks not in datazone - block = 0, count = 4096
[  423.517821][ T4391] EXT4-fs error (device loop2): ext4_read_inode_bitmap:140: comm syz.2.1145: Invalid inode bitmap blk 0 in block_group 0
[  423.531472][ T4391] EXT4-fs error (device loop2) in ext4_free_inode:362: Corrupt filesystem
[  423.540650][ T4391] EXT4-fs (loop2): 1 orphan inode deleted
[  423.546478][ T4391] EXT4-fs (loop2): mounted filesystem without journal. Opts: ��; max_batch_time=0x0000000000000006,i_version,,errors=continue. Quota mode: writeback.
[  423.662606][ T2762] usb 1-1: new high-speed USB device number 17 using dummy_hcd
[  423.767971][ T4231] EXT4-fs error (device loop2): ext4_release_dquot:6231: comm kworker/u4:7: Failed to release dquot type 0
[  423.830055][ T4397] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  424.371133][ T4407] syz.4.1149[4407] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  424.371330][ T4407] syz.4.1149[4407] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  424.372387][ T4408] netlink: 96 bytes leftover after parsing attributes in process `syz.1.1147'.
[  424.485385][ T4413] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4413 comm=syz.4.1151
[  424.601110][ T4418] device syzkaller0 entered promiscuous mode
[  425.043247][ T2762] usb 1-1: device descriptor read/64, error -71
[  425.098650][ T4421] loop4: detected capacity change from 0 to 512
[  425.148348][ T4421] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  425.159401][ T4421] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00ec019, mo2=0002]
[  425.167502][ T4421] System zones: 1-12
[  425.173054][ T4421] EXT4-fs (loop4): 1 truncate cleaned up
[  425.179200][ T4421] EXT4-fs (loop4): mounted filesystem without journal. Opts: nogrpid,jqfmt=vfsv0,debug_want_extra_isize=0x0000000000000068,debug,nombcache,quota,nolazytime,,errors=continue. Quota mode: writeback.
[  425.566850][ T2762] usb 1-1: Using ep0 maxpacket: 8
[  425.687078][ T2762] usb 1-1: config 179 has an invalid interface number: 65 but max is 0
[  425.709767][ T2762] usb 1-1: config 179 has no interface number 0
[  425.738056][ T2762] usb 1-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 63, changing to 9
[  425.804866][ T2762] usb 1-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 57605, setting to 1024
[  425.895286][ T2762] usb 1-1: config 179 interface 65 altsetting 12 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  426.606719][ T2762] usb 1-1: config 179 interface 65 altsetting 12 endpoint 0x83 has invalid wMaxPacketSize 0
[  426.621872][ T2762] usb 1-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  426.645538][ T2762] usb 1-1: config 179 interface 65 has no altsetting 0
[  426.652684][ T2762] usb 1-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00
[  426.666736][ T2762] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  426.718424][ T2762] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:179.65/input/input58
[  428.431393][ T4429] loop3: detected capacity change from 0 to 40427
[  428.467126][  T292] usb 1-1: USB disconnect, device number 17
[  428.476710][    C0] xpad 1-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[  428.496537][ T4429] F2FS-fs (loop3): fault_injection options not supported
[  428.504562][  T292] xpad 1-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19
[  429.654298][ T4446] loop1: detected capacity change from 0 to 2048
[  429.684427][ T4429] F2FS-fs (loop3): invalid crc value
[  429.957661][ T4429] F2FS-fs (loop3): Failed to start F2FS issue_checkpoint_thread (-12)
[  430.354689][ T4453] syz.2.1161[4453] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  430.355955][ T4453] syz.2.1161[4453] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  430.493482][ T4446] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  430.754747][ T4456] device pim6reg1 entered promiscuous mode
[  430.956080][ T4461] loop2: detected capacity change from 0 to 2048
[  431.109451][ T4461] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  432.465375][ T4473] loop0: detected capacity change from 0 to 1024
[  432.483365][ T4475] loop3: detected capacity change from 0 to 512
[  432.564098][ T4476] netlink: 96 bytes leftover after parsing attributes in process `syz.1.1165'.
[  432.849952][ T4475] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[  432.875923][ T4475] EXT4-fs (loop3): warning: checktime reached, running e2fsck is recommended
[  432.887541][ T4473] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:476: comm syz.0.1166: Invalid block bitmap block 0 in block_group 0
[  432.902309][ T4473] __quota_error: 13 callbacks suppressed
[  432.902327][ T4473] Quota error (device loop0): write_blk: dquota write failed
[  432.915485][ T4473] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota
[  432.925534][ T4473] EXT4-fs error (device loop0): ext4_acquire_dquot:6195: comm syz.0.1166: Failed to acquire dquot type 0
[  432.936975][ T4473] EXT4-fs error (device loop0): ext4_free_blocks:6223: comm syz.0.1166: Freeing blocks not in datazone - block = 0, count = 4096
[  432.950772][ T4473] EXT4-fs error (device loop0): ext4_read_inode_bitmap:140: comm syz.0.1166: Invalid inode bitmap blk 0 in block_group 0
[  432.963783][ T4473] EXT4-fs error (device loop0) in ext4_free_inode:362: Corrupt filesystem
[  432.969946][ T4475] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a842c01c, mo2=0002]
[  432.973369][ T4473] EXT4-fs (loop0): 1 orphan inode deleted
[  432.986115][ T4473] EXT4-fs (loop0): mounted filesystem without journal. Opts: ��; max_batch_time=0x0000000000000006,i_version,,errors=continue. Quota mode: writeback.
[  433.016032][ T4473] usb usb1: usbfs: process 4473 (syz.0.1166) did not claim interface 0 before use
[  433.028167][ T4475] System zones: 0-2, 18-18, 34-34
[  433.034678][ T1109] Quota error (device loop0): remove_tree: Getting block too big (0 >= 9)
[  433.045616][ T1109] EXT4-fs error (device loop0): ext4_release_dquot:6231: comm kworker/u4:5: Failed to release dquot type 0
[  433.057361][ T4475] EXT4-fs warning (device loop3): ext4_update_dynamic_rev:1054: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  433.072509][ T4475] EXT4-fs (loop3): 1 truncate cleaned up
[  433.078565][ T4475] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  433.098690][ T4475] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4475 comm=syz.3.1168
[  433.733081][   T30] audit: type=1326 audit(1748386155.995:960): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4479 comm="syz.4.1167" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1f8cfe969 code=0x7ffc0000
[  433.764241][ T4486] loop1: detected capacity change from 0 to 256
[  433.766767][   T30] audit: type=1326 audit(1748386155.995:961): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4479 comm="syz.4.1167" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1f8cfe969 code=0x7ffc0000
[  433.775727][ T4486] FAT-fs (loop1): Unrecognized mount option "iocharsgt=iso8859-4֘��[��]Ԭn�" or missing value
[  433.793955][   T30] audit: type=1326 audit(1748386156.085:962): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4479 comm="syz.4.1167" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7ff1f8cfe969 code=0x7ffc0000
[  433.793989][   T30] audit: type=1326 audit(1748386156.085:963): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4479 comm="syz.4.1167" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1f8cfe969 code=0x7ffc0000
[  433.901827][ T4488] input: syz0 as /devices/virtual/input/input59
[  433.909008][   T30] audit: type=1326 audit(1748386156.085:964): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4479 comm="syz.4.1167" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1f8cfe969 code=0x7ffc0000
[  435.568831][ T4501] loop0: detected capacity change from 0 to 1024
[  435.647778][   T30] audit: type=1326 audit(1748386157.695:965): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4497 comm="syz.0.1173" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03c14b1969 code=0x7ffc0000
[  435.689595][ T4507] loop3: detected capacity change from 0 to 256
[  435.713421][ T4501] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  435.779180][   T30] audit: type=1326 audit(1748386157.695:966): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4497 comm="syz.0.1173" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03c14b1969 code=0x7ffc0000
[  435.803374][ T4507] FAT-fs (loop3): Unrecognized mount option "iocharsgt=iso8859-4֘��[��]Ԭn�" or missing value
[  436.075878][ T4518] loop4: detected capacity change from 0 to 2048
[  437.832200][ T4518] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  438.751101][ T4529] loop2: detected capacity change from 0 to 512
[  438.770714][ T4529] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[  440.344986][ T4529] EXT4-fs (loop2): warning: checktime reached, running e2fsck is recommended
[  440.434719][ T4529] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a842c01c, mo2=0002]
[  440.443756][ T4529] System zones: 0-2, 18-18, 34-34
[  440.453458][ T4540] bridge: RTM_NEWNEIGH with invalid ether address
[  440.459970][ T4529] EXT4-fs warning (device loop2): ext4_update_dynamic_rev:1054: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  440.477328][ T4529] EXT4-fs (loop2): 1 truncate cleaned up
[  440.833795][ T4529] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  441.949757][   T30] kauditd_printk_skb: 3 callbacks suppressed
[  441.949777][   T30] audit: type=1326 audit(1748386163.755:970): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4541 comm="syz.4.1182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1f8cfe969 code=0x7ffc0000
[  442.005912][ T4553] fuse: Unknown parameter 'fd0x0000000000000004'
[  442.170892][   T30] audit: type=1326 audit(1748386163.755:971): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4541 comm="syz.4.1182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1f8cfe969 code=0x7ffc0000
[  442.575133][   T30] audit: type=1326 audit(1748386163.775:972): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4541 comm="syz.4.1182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7ff1f8cfe969 code=0x7ffc0000
[  442.605851][   T30] audit: type=1326 audit(1748386163.775:973): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4541 comm="syz.4.1182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1f8cfe969 code=0x7ffc0000
[  442.654011][   T30] audit: type=1326 audit(1748386163.775:974): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4541 comm="syz.4.1182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1f8cfe969 code=0x7ffc0000
[  442.696736][  T361] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[  442.747582][ T4561] loop0: detected capacity change from 0 to 1024
[  442.853945][ T4561] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  442.896252][ T4566] loop3: detected capacity change from 0 to 1024
[  443.119105][ T4566] ==================================================================
[  443.127210][ T4566] BUG: KASAN: use-after-free in __ext4_iget+0x2b5/0x3cb0
[  443.134248][ T4566] Read of size 8 at addr ffff88811225ec18 by task syz.3.1191/4566
[  443.142047][ T4566] 
[  443.144374][ T4566] CPU: 0 PID: 4566 Comm: syz.3.1191 Not tainted 5.15.184-syzkaller-00129-g4032a894ccb2 #0
[  443.154256][ T4566] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  443.164315][ T4566] Call Trace:
[  443.167587][ T4566]  <TASK>
[  443.170690][ T4566]  __dump_stack+0x21/0x30
[  443.175021][ T4566]  dump_stack_lvl+0xee/0x150
[  443.179610][ T4566]  ? show_regs_print_info+0x20/0x20
[  443.184804][ T4566]  ? load_image+0x3a0/0x3a0
[  443.189304][ T4566]  print_address_description+0x7f/0x2c0
[  443.194849][ T4566]  ? __ext4_iget+0x2b5/0x3cb0
[  443.199522][ T4566]  kasan_report+0xf1/0x140
[  443.203933][ T4566]  ? __ext4_iget+0x2b5/0x3cb0
[  443.208636][ T4566]  __asan_report_load8_noabort+0x14/0x20
[  443.214264][ T4566]  __ext4_iget+0x2b5/0x3cb0
[  443.218771][ T4566]  ? __kasan_check_write+0x14/0x20
[  443.223892][ T4566]  ? _raw_write_lock+0x8e/0xe0
[  443.228652][ T4566]  ? _raw_write_trylock+0x140/0x140
[  443.233954][ T4566]  ? ext4_get_projid+0x140/0x140
[  443.238909][ T4566]  ? _raw_write_unlock+0x2b/0x60
[  443.243845][ T4566]  ? ext4_orphan_file_block_trigger+0x400/0x400
[  443.250082][ T4566]  ext4_enable_quotas+0x33b/0x6d0
[  443.255105][ T4566]  ext4_fill_super+0x8761/0x9030
[  443.260042][ T4566]  ? ext4_mount+0x40/0x40
[  443.264366][ T4566]  ? set_blocksize+0x1fc/0x380
[  443.269139][ T4566]  ? sb_set_blocksize+0xaa/0xf0
[  443.273990][ T4566]  ? ext4_mount+0x40/0x40
[  443.278352][ T4566]  mount_bdev+0x2ae/0x3e0
[  443.282685][ T4566]  ? ext4_mount+0x40/0x40
[  443.287008][ T4566]  ext4_mount+0x34/0x40
[  443.291158][ T4566]  legacy_get_tree+0xed/0x190
[  443.295829][ T4566]  ? ext4_errno_to_code+0x160/0x160
[  443.301026][ T4566]  vfs_get_tree+0x89/0x260
[  443.305440][ T4566]  do_new_mount+0x25a/0xa20
[  443.309947][ T4566]  path_mount+0x675/0x1020
[  443.314359][ T4566]  ? user_path_at_empty+0x161/0x1c0
[  443.319555][ T4566]  __se_sys_mount+0x318/0x380
[  443.324230][ T4566]  ? __x64_sys_mount+0xd0/0xd0
[  443.328990][ T4566]  __x64_sys_mount+0xbf/0xd0
[  443.333582][ T4566]  x64_sys_call+0x6bf/0x9a0
[  443.338105][ T4566]  do_syscall_64+0x4c/0xa0
[  443.342698][ T4566]  ? clear_bhb_loop+0x50/0xa0
[  443.347372][ T4566]  ? clear_bhb_loop+0x50/0xa0
[  443.352045][ T4566]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  443.357949][ T4566] RIP: 0033:0x7f4cd065210a
[  443.362361][ T4566] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  443.381973][ T4566] RSP: 002b:00007f4ccec76e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  443.390387][ T4566] RAX: ffffffffffffffda RBX: 00007f4ccec76ef0 RCX: 00007f4cd065210a
[  443.398362][ T4566] RDX: 0000200000000140 RSI: 0000200000000480 RDI: 00007f4ccec76eb0
[  443.406328][ T4566] RBP: 0000200000000140 R08: 00007f4ccec76ef0 R09: 0000000000000004
[  443.414298][ T4566] R10: 0000000000000004 R11: 0000000000000246 R12: 0000200000000480
[  443.422267][ T4566] R13: 00007f4ccec76eb0 R14: 00000000000005fd R15: 00002000000002c0
[  443.430240][ T4566]  </TASK>
[  443.433255][ T4566] 
[  443.435568][ T4566] Allocated by task 3945:
[  443.439887][ T4566]  __kasan_slab_alloc+0xbd/0xf0
[  443.444748][ T4566]  slab_post_alloc_hook+0x4f/0x2b0
[  443.449866][ T4566]  kmem_cache_alloc+0xf7/0x260
[  443.454634][ T4566]  f2fs_alloc_inode+0x26/0x330
[  443.459399][ T4566]  iget_locked+0x16c/0x7e0
[  443.463813][ T4566]  f2fs_iget+0x55/0x5130
[  443.468071][ T4566]  f2fs_fill_super+0x45c7/0x6d10
[  443.473099][ T4566]  mount_bdev+0x2ae/0x3e0
[  443.477423][ T4566]  f2fs_mount+0x34/0x40
[  443.481571][ T4566]  legacy_get_tree+0xed/0x190
[  443.486243][ T4566]  vfs_get_tree+0x89/0x260
[  443.490655][ T4566]  do_new_mount+0x25a/0xa20
[  443.495157][ T4566]  path_mount+0x675/0x1020
[  443.499572][ T4566]  __se_sys_mount+0x318/0x380
[  443.504241][ T4566]  __x64_sys_mount+0xbf/0xd0
[  443.508824][ T4566]  x64_sys_call+0x6bf/0x9a0
[  443.513322][ T4566]  do_syscall_64+0x4c/0xa0
[  443.517735][ T4566]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  443.523632][ T4566] 
[  443.525945][ T4566] Last potentially related work creation:
[  443.531649][ T4566]  kasan_save_stack+0x3a/0x60
[  443.536339][ T4566]  __kasan_record_aux_stack+0xd2/0x100
[  443.541805][ T4566]  kasan_record_aux_stack_noalloc+0xb/0x10
[  443.547610][ T4566]  call_rcu+0xf6/0xf60
[  443.551687][ T4566]  evict+0x7da/0x870
[  443.555708][ T4566]  iput+0x635/0x7c0
[  443.559509][ T4566]  f2fs_put_super+0x643/0xc00
[  443.564183][ T4566]  generic_shutdown_super+0x151/0x330
[  443.569556][ T4566]  kill_block_super+0x7f/0xf0
[  443.574354][ T4566]  kill_f2fs_super+0x2e7/0x390
[  443.579124][ T4566]  deactivate_locked_super+0xa0/0x100
[  443.584497][ T4566]  deactivate_super+0xaf/0xe0
[  443.589196][ T4566]  cleanup_mnt+0x446/0x500
[  443.593621][ T4566]  __cleanup_mnt+0x19/0x20
[  443.598058][ T4566]  task_work_run+0x127/0x190
[  443.602729][ T4566]  exit_to_user_mode_loop+0xd0/0xe0
[  443.607922][ T4566]  exit_to_user_mode_prepare+0x5a/0xa0
[  443.613375][ T4566]  syscall_exit_to_user_mode+0x1a/0x30
[  443.618827][ T4566]  do_syscall_64+0x58/0xa0
[  443.623240][ T4566]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  443.629133][ T4566] 
[  443.631450][ T4566] Second to last potentially related work creation:
[  443.638029][ T4566]  kasan_save_stack+0x3a/0x60
[  443.642709][ T4566]  __kasan_record_aux_stack+0xd2/0x100
[  443.648162][ T4566]  kasan_record_aux_stack_noalloc+0xb/0x10
[  443.653963][ T4566]  call_rcu+0xf6/0xf60
[  443.658023][ T4566]  evict+0x7da/0x870
[  443.661914][ T4566]  iput+0x635/0x7c0
[  443.665731][ T4566]  f2fs_put_super+0x684/0xc00
[  443.670409][ T4566]  generic_shutdown_super+0x151/0x330
[  443.675777][ T4566]  kill_block_super+0x7f/0xf0
[  443.680449][ T4566]  kill_f2fs_super+0x2e7/0x390
[  443.685207][ T4566]  deactivate_locked_super+0xa0/0x100
[  443.690573][ T4566]  deactivate_super+0xaf/0xe0
[  443.695241][ T4566]  cleanup_mnt+0x446/0x500
[  443.699651][ T4566]  __cleanup_mnt+0x19/0x20
[  443.704062][ T4566]  task_work_run+0x127/0x190
[  443.708642][ T4566]  exit_to_user_mode_loop+0xd0/0xe0
[  443.713837][ T4566]  exit_to_user_mode_prepare+0x5a/0xa0
[  443.719292][ T4566]  syscall_exit_to_user_mode+0x1a/0x30
[  443.724744][ T4566]  do_syscall_64+0x58/0xa0
[  443.729159][ T4566]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  443.735050][ T4566] 
[  443.737364][ T4566] The buggy address belongs to the object at ffff88811225e710
[  443.737364][ T4566]  which belongs to the cache f2fs_inode_cache of size 1424
[  443.751932][ T4566] The buggy address is located 1288 bytes inside of
[  443.751932][ T4566]  1424-byte region [ffff88811225e710, ffff88811225eca0)
[  443.765406][ T4566] The buggy address belongs to the page:
[  443.771028][ T4566] page:ffffea0004489600 refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff88811225f940 pfn:0x112258
[  443.782561][ T4566] head:ffffea0004489600 order:3 compound_mapcount:0 compound_pincount:0
[  443.790877][ T4566] flags: 0x4000000000010200(slab|head|zone=1)
[  443.796956][ T4566] raw: 4000000000010200 0000000000000000 0000000100000001 ffff8881003e9b00
[  443.805530][ T4566] raw: ffff88811225f940 000000008015000a 00000001ffffffff 0000000000000000
[  443.814099][ T4566] page dumped because: kasan: bad access detected
[  443.820610][ T4566] page_owner tracks the page as allocated
[  443.826317][ T4566] page last allocated via order 3, migratetype Reclaimable, gfp_mask 0x1d2050(__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL|__GFP_RECLAIMABLE), pid 714, ts 59910853053, free_ts 0
[  443.846797][ T4566]  post_alloc_hook+0x192/0x1b0
[  443.851565][ T4566]  prep_new_page+0x1c/0x110
[  443.856072][ T4566]  get_page_from_freelist+0x2cc5/0x2d50
[  443.861608][ T4566]  __alloc_pages+0x18f/0x440
[  443.866199][ T4566]  new_slab+0xa1/0x4d0
[  443.870262][ T4566]  ___slab_alloc+0x381/0x810
[  443.874944][ T4566]  __slab_alloc+0x49/0x90
[  443.879266][ T4566]  kmem_cache_alloc+0x138/0x260
[  443.884107][ T4566]  f2fs_alloc_inode+0x26/0x330
[  443.888880][ T4566]  iget_locked+0x16c/0x7e0
[  443.893289][ T4566]  f2fs_iget+0x55/0x5130
[  443.897519][ T4566]  f2fs_fill_super+0x3a20/0x6d10
[  443.902450][ T4566]  mount_bdev+0x2ae/0x3e0
[  443.906771][ T4566]  f2fs_mount+0x34/0x40
[  443.910918][ T4566]  legacy_get_tree+0xed/0x190
[  443.915598][ T4566]  vfs_get_tree+0x89/0x260
[  443.920011][ T4566] page_owner free stack trace missing
[  443.925363][ T4566] 
[  443.927678][ T4566] Memory state around the buggy address:
[  443.933317][ T4566]  ffff88811225eb00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  443.941662][ T4566]  ffff88811225eb80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  443.949725][ T4566] >ffff88811225ec00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  443.957772][ T4566]                             ^
[  443.962636][ T4566]  ffff88811225ec80: fb fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc
[  443.970688][ T4566]  ffff88811225ed00: fc fc fc fc 00 00 00 00 00 00 00 00 00 00 00 00
[  443.978735][ T4566] ==================================================================
[  443.986780][ T4566] Disabling lock debugging due to kernel taint
[  443.993168][ T4566] EXT4-fs error (device loop3): ext4_quota_enable:6403: inode #3: comm syz.3.1191: unexpected EA_INODE flag
[  444.006874][ T4566] EXT4-fs error (device loop3): ext4_quota_enable:6406: comm syz.3.1191: Bad quota inode: 3, type: 0
[  444.018763][ T4566] EXT4-fs warning (device loop3): ext4_enable_quotas:6447: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[  444.035930][ T4566] EXT4-fs (loop3): mount failed
[  444.119332][ T4561] EXT4-fs (loop0): orphan cleanup on readonly fs
[  444.130420][ T4561] EXT4-fs error (device loop0): ext4_map_blocks:630: inode #3: block 2: comm syz.0.1186: lblock 7 mapped to illegal pblock 2 (length 1)
[  444.144727][   T30] audit: type=1400 audit(1748386166.475:975): avc:  denied  { read } for  pid=83 comm="syslogd" name="log" dev="sda1" ino=2010 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1
[  444.167020][ T4561] EXT4-fs (loop0): Remounting filesystem read-only
[  444.174010][ T4561] Quota error (device loop0): write_blk: dquota write failed
[  444.182181][ T4561] EXT4-fs error (device loop0): ext4_map_blocks:630: inode #3: block 1: comm syz.0.1186: lblock 6 mapped to illegal pblock 1 (length 1)
[  444.196431][   T30] audit: type=1400 audit(1748386166.475:976): avc:  denied  { search } for  pid=83 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  444.218248][ T4561] EXT4-fs (loop0): Remounting filesystem read-only
[  444.225315][ T4561] Quota error (device loop0): write_blk: dquota write failed
[  444.233088][   T30] audit: type=1400 audit(1748386166.475:977): avc:  denied  { write } for  pid=83 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  444.254636][ T4561] EXT4-fs error (device loop0): ext4_map_blocks:630: inode #3: block 48: comm syz.0.1186: lblock 0 mapped to illegal pblock 48 (length 1)
[  444.269248][ T4561] EXT4-fs (loop0): Remounting filesystem read-only
[  444.282369][ T4561] EXT4-fs error (device loop0): ext4_acquire_dquot:6195: comm syz.0.1186: Failed to acquire dquot type 0
[  444.299062][ T4561] EXT4-fs (loop0): Remounting filesystem read-only
[  444.305898][ T4561] EXT4-fs error (device loop0): ext4_map_blocks:630: inode #3: block 49: comm syz.0.1186: lblock 1 mapped to illegal pblock 49 (length 1)
[  444.320586][ T4561] EXT4-fs (loop0): Remounting filesystem read-only
[  444.327343][ T4561] EXT4-fs error (device loop0): ext4_acquire_dquot:6195: comm syz.0.1186: Failed to acquire dquot type 0
[  444.339049][ T4561] EXT4-fs (loop0): Remounting filesystem read-only
[  444.345626][ T4561] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5866: Corrupt filesystem
[  444.355548][ T4561] EXT4-fs (loop0): Remounting filesystem read-only
[  444.362328][ T4561] EXT4-fs error (device loop0): ext4_evict_inode:283: inode #15: comm syz.0.1186: mark_inode_dirty error
[  444.374017][ T4561] EXT4-fs (loop0): Remounting filesystem read-only
[  444.380825][ T4561] EXT4-fs warning (device loop0): ext4_evict_inode:286: couldn't mark inode dirty (err -117)
[  444.391327][ T4561] EXT4-fs (loop0): 1 orphan inode deleted
[  444.397308][ T4561] EXT4-fs (loop0): mounted filesystem without journal. Opts: max_dir_size_kb=0x0000000000000008,data_err=abort,minixdf,errors=remount-ro,abort,noblock_validity,barrier,journal_dev=0x0000000000000f35,. Quota mode: none.
[  444.656701][  T361] usb 5-1: Using ep0 maxpacket: 8
[  444.776759][  T361] usb 5-1: config 179 has an invalid interface number: 65 but max is 0
[  444.785159][  T361] usb 5-1: config 179 has no interface number 0
[  444.796158][  T361] usb 5-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 63, changing to 9
[  444.807418][  T361] usb 5-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 57605, setting to 1024
[  444.818822][  T361] usb 5-1: config 179 interface 65 altsetting 12 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  444.830056][  T361] usb 5-1: config 179 interface 65 altsetting 12 endpoint 0x83 has invalid wMaxPacketSize 0
[  444.840159][  T361] usb 5-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  444.853508][  T361] usb 5-1: config 179 interface 65 has no altsetting 0
[  444.860439][  T361] usb 5-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00
[  444.869533][  T361] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  444.903393][ T4576] loop2: detected capacity change from 0 to 2048
[  444.966575][ T4565] usb usb1: usbfs: process 4565 (syz.3.1191) did not claim interface 0 before use
[  444.968061][  T361] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:179.65/input/input60
[  444.992929][ T4576] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  445.220908][  T361] usb 5-1: USB disconnect, device number 14
[  445.226903][    C1] xpad 5-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[  445.237255][  T361] xpad 5-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19