last executing test programs:

8m5.053612692s ago: executing program 1 (id=742):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000003900), 0x34aa945a513d639, 0x0)
recvmmsg(r1, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
syz_mount_image$vfat(&(0x7f0000000100), &(0x7f0000000000)='./file0\x00', 0x2000014, &(0x7f0000000480)=ANY=[@ANYBLOB="6e6f6e756d7461696c2c6e66732c73686f72746e616d653d6c6f7765722c757466383d312c64656275672c696f636861727365743d757466382c73686f72746e616d653d6d697865642c757466383d312c004845160000000000", @ANYRESOCT=0x0, @ANYRESDEC, @ANYRESDEC, @ANYRESDEC, @ANYBLOB="0ea1a3ed758749a35b0cf19e7301710a8a7c5e7fe9b7c49589266bd5045f15f1817fcc4ea04eeac3f0df37b8beaeafc22a5a08a1a70024", @ANYBLOB="97b61e88553572fd2efdef5bcdc603f5cf17a49bf1d8457078ace3df30c7c941b1103b86953f4b1b43816a58622af5d511ff04c37a8893dc5ea494888e218c88326783f69ee710da511f74fe812d33a93825fb7eb8eca7196d483f5689286f28bf447eca9c6676aad40948ce1a2154e82ce6ecb85f76965d75d05e46"], 0xfe, 0x2dd, &(0x7f0000000bc0)="$eJzs3c9rE1sUwPHTpK9JU9rkweOBgnrRjW6GNv4BGqQFMaDURtSFMLUTDRmTMhMiEbHZiFv/juLSnaD+A92IG/fuiiC46UIcycwknaRJM7VpktrvB9o598fh3jZpORPIzfbd10+KeVvL6xWJxJVEROqyI5JqRL4J/xpx4ykJqsulmR9fzty+d/9GJptdXFZqKbNyOa2Umjv3/unzN+c/VmbuvJ17F5Ot1IPt7+mvW1Nbp7Z/rTwu2Kpgq1K5onS1Wi5X9FXTUGsFu6gpdcs0dNtQhZJtWG3jebO8vl5TemltNrFuGbat9FJNFY2aqpRVxaop/ZFeKClN09RsQk62yRBzcpvLy3qm57ATHeiOcOSmu3VaVqbefTC3OYQ9AQCAMbN//e/V+r3q/93q8CD1///963+RYP0f9xeh/h+AelurT/2P42mjvWlZGT3h//22o/4HAAAAAAAAAAAAAAAAAAAAAOA42HGcpOM4ycbV73LbMRGJe28Bd9sj3iaOSPDxdwJfrcffb3ekXRnRdjFggTfuxUXMV9VcNeddvfFMXgpiiiHzkpSf7vPB58VL17OL88qVkg/mRjVXjYo0rlGJNfObUt3yz/674OUrPz/n5f8jieD6aUnKf93XT3fNn5KLFwL5miTl00Mpiylr7vN6N//FglLXbmY78qfdeQAAAAAA/A001ZJqv//1TvfR3Alx2Tvu5QdeH3AcZ6PxrXVAUMfrAx3315NyOswRlQAAAAAA4NDs2rOibpqGFSqQSLAnJiL9s5yJAy1xmMBxRIa1Vu8gKqNcvVdwVUTGYBvDCuIi4vWoP0n/1koPleWEmDPpfwLHePx++gej/s8EAAAAYNAC9/bhfX55hDsCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAODkCXseWHP+nqHmwH6nBu6KDv0HBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMbI7wAAAP//MtkN0w==")
ioprio_get$pid(0x3, r0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x1, &(0x7f0000000200)=[{0x6, 0x1, 0x7, 0x7fffffff}]})
open(&(0x7f0000000580)='./file1\x00', 0x80242, 0x1df2a23c5997fa5f)

8m0.199349613s ago: executing program 1 (id=748):
openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi1\x00', 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x10000000000002)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, 0x0, 0x0, 0x2, 0x0)
syz_usbip_server_init(0x6)

7m57.462464857s ago: executing program 1 (id=755):
sendmmsg$inet(0xffffffffffffffff, 0x0, 0x0, 0x20004840)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
r1 = dup(0xffffffffffffffff)
write$UHID_INPUT(r1, &(0x7f0000001040)={0xfc, {"a2e3ad09edfc09f91b44090987f70e06d038e7ff7fc6e5539b0d3d0e8b089b0732306c090890e0879b0a0ac6e70a9b3361959b4b9a240d5b0af3988f7ef319520100ffe8d178708c523c921b1b5b31070d07710936cd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb000000002f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d6ced5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed700129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb21fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006)
bpf$MAP_CREATE(0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1e00000001800000b1ce0000ae06544951d68518", @ANYRES32, @ANYBLOB="0100"/20, @ANYRES32=0x0, @ANYRES32=r1, @ANYBLOB], 0x50)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000040)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x407, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xc}, 0x50)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x700, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="020d000014000000f0ffffff0000000005000600000000000a0080ff00000000fc0100000000000000ffffffff000000000000000000000005000500000000000a00000000000000000000000000000000000000000008000000000000000000080012000200"], 0xa0}}, 0x0)
r4 = syz_open_procfs(0x0, &(0x7f0000000200)='net/protocols\x00')
pread64(r4, &(0x7f0000000000)=""/153, 0x99, 0x19a55d1a)

7m56.254266609s ago: executing program 1 (id=760):
r0 = socket$netlink(0x10, 0x3, 0x0)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000080), r0)
sendmsg$nl_generic(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=ANY=[@ANYBLOB="1400000042000501"], 0x14}}, 0x40004)

7m56.019561266s ago: executing program 1 (id=761):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000008c0)={'bridge_slave_1\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYBLOB="300000001c00010029bd7000fedbdf2507100000", @ANYRES32=r1, @ANYBLOB="80007e0a0a000200aaaaaaaaaa1c"], 0x30}, 0x1, 0x0, 0x0, 0x1}, 0x24008000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
syz_open_dev$dri(&(0x7f0000000080), 0x1ff, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000b00)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000b40)=@newtaction={0x1ec0, 0x30, 0x1, 0x1070bd2b, 0x25dfdbde, {}, [{0x1eac, 0x1, [@m_bpf={0x58, 0x1, 0x0, 0x0, {{0x8}, {0x30, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_FD={0x8, 0x5, r2}, @TCA_ACT_BPF_PARMS={0x18, 0x2, {0x7, 0xef, 0x1, 0x8000, 0x2}}, @TCA_ACT_BPF_OPS={0xc, 0x4, [{0x16, 0xf2, 0x3, 0x7}]}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}, @m_pedit={0x1e50, 0x1a, 0x0, 0x0, {{0xa}, {0x1d78, 0x2, 0x0, 0x1, [@TCA_PEDIT_KEYS_EX={0x74, 0x5, 0x0, 0x1, [{0x4}, {0x1c, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_CMD={0x6}, @TCA_PEDIT_KEY_EX_CMD={0x6}, @TCA_PEDIT_KEY_EX_CMD={0x6}]}, {0x2c, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_HTYPE={0x6}, @TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x1}, @TCA_PEDIT_KEY_EX_CMD={0x6, 0x2, 0x1}, @TCA_PEDIT_KEY_EX_CMD={0x6, 0x2, 0x1}, @TCA_PEDIT_KEY_EX_CMD={0x6, 0x2, 0x1}]}, {0x24, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_HTYPE={0x6}, @TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x1}, @TCA_PEDIT_KEY_EX_CMD={0x6, 0x2, 0x1}, @TCA_PEDIT_KEY_EX_CMD={0x6, 0x2, 0x1}]}]}, @TCA_PEDIT_PARMS={0xec8, 0x2, {{{0x4532b05a, 0x80000001, 0x3, 0x9, 0x800}, 0x4, 0x1, [{0xff06, 0xea, 0x80000001, 0x7c, 0x95a6, 0xffffffff}, {0x2, 0xfffff001, 0x6, 0x200, 0x10000, 0x1}, {0x6, 0x10001, 0x2, 0x8, 0x9, 0x8}, {0x0, 0x5, 0xc1, 0x4, 0x6, 0xa}, {0x1ff, 0xb, 0x200, 0x5a5, 0x4, 0x7f}, {0x56, 0x2, 0xfffff801, 0x9, 0xd, 0xfffffff4}, {0x80000000, 0x0, 0xd, 0x9, 0xffffffff}]}, [{0xe, 0xf, 0xb, 0xc3, 0xffffff4b, 0x1}, {0x9, 0x7, 0x2, 0x9, 0x80, 0x5}, {0x3, 0x277, 0x0, 0x800008, 0x5, 0x80000001}, {0x8, 0x4, 0x8, 0xcc, 0x3a, 0xb}, {0xb, 0x8001, 0x8, 0x40, 0x7f}, {0x0, 0x6, 0x7f, 0x0, 0x37e1, 0xc5}, {0x9, 0x0, 0x0, 0x7, 0x1, 0x7}, {0x4, 0xa18, 0x2, 0xbbae, 0x2, 0x6}, {0xffffc72a, 0x3, 0xfffffff3, 0x68be5e74, 0x6, 0x7ff}, {0x7f, 0x9, 0x4, 0x10, 0xff, 0x1ff}, {0x2, 0x101, 0x800, 0x0, 0x1000, 0x8}, {0x3, 0x1, 0x800, 0x0, 0xdf, 0x1}, {0x1ff, 0x1c400000, 0x10001, 0x8, 0x5, 0xfffffffd}, {0x81, 0x1, 0x3, 0x4, 0x7, 0x5}, {0x4, 0x3f5, 0x2, 0x1, 0x3, 0x4}, {0x6, 0x6, 0x2226, 0x4, 0xe, 0xfffffffb}, {0xfffffff8, 0x7f, 0x200, 0x4, 0x1, 0x4}, {0x4, 0xde2, 0x1, 0x2, 0x0, 0x5}, {0xffffffff, 0x2, 0x2, 0x8000, 0x101, 0x1}, {0x3, 0x0, 0x7, 0x1, 0x2, 0x5}, {0x401, 0x4, 0xffff, 0x9, 0x0, 0xffff}, {0x101, 0x6, 0xd7cd, 0xfff, 0x6, 0x5}, {0x3, 0x7, 0x80000000, 0x6, 0x2, 0x37}, {0x800, 0x4, 0x3, 0x9, 0x7fffffff, 0x2}, {0x6, 0x3, 0xd, 0x75c, 0x8, 0xa}, {0x8001, 0x9, 0x6, 0xf6, 0x9, 0x8}, {0x6, 0x6, 0x5, 0x9, 0x2, 0x9b}, {0x4, 0x9, 0x100, 0x0, 0x10, 0x10001}, {0x8, 0x6, 0x2, 0xfffffffb, 0x1, 0xdb}, {0x3, 0x9, 0x80000000, 0x6, 0x3, 0x7}, {0x4384, 0xffffff55, 0x6, 0x7, 0x10, 0x22}, {0x6002dc86, 0x48e, 0x7, 0x3ff, 0x8000, 0x1ff}, {0x5, 0x7ff, 0x311ed267, 0x2, 0x7}, {0xfffffffd, 0x80, 0x4, 0x1000, 0x1, 0x40}, {0x7, 0x7fffffff, 0x8000, 0x0, 0x2, 0xb}, {0x6, 0x3ff, 0xfff00000, 0x6d, 0x6, 0x7fff}, {0x8, 0x80000000, 0x0, 0x5, 0xa, 0x1}, {0x4, 0x7, 0x3, 0x7fff, 0x0, 0xff}, {0x52, 0xb9, 0x7, 0x4, 0x0, 0xfffffc01}, {0x9, 0x6, 0x8, 0x1, 0xe0000, 0x8}, {0x9, 0x24, 0x3a, 0x200, 0x9, 0x1}, {0x0, 0x200, 0xc7, 0x9, 0x3ff, 0x400}, {0x8001, 0x9, 0x9, 0xc9, 0x8, 0x8}, {0x5, 0x8, 0x3, 0x3ff, 0x80000001, 0x4}, {0x3673, 0x40, 0x607, 0x10, 0x7f2, 0x3}, {0x7fff, 0x7fffffff, 0x2, 0x8000, 0x7ff, 0xffffffff}, {0x1, 0x7, 0xd993, 0xffff5457, 0xfffffff8}, {0x1, 0x4, 0xb, 0x5, 0x41a4, 0x9}, {0x7fff, 0x9, 0xfd, 0x0, 0xffff}, {0x91, 0xea0a, 0x4, 0x9, 0x3}, {0x4c, 0x6, 0x48f, 0x0, 0x7}, {0x3, 0x8a, 0x9, 0xe, 0x7, 0xfffffffc}, {0x4, 0x0, 0x7fffffff, 0x6, 0x8001, 0x7fffffff}, {0x200, 0x2748, 0x1, 0x401, 0xb, 0x8}, {0x90, 0x1ff, 0x9, 0x800, 0xc1f4, 0xbe9}, {0xf, 0x7f, 0xfffff801, 0x6, 0x2, 0xe}, {0x4, 0x7, 0x4, 0x9, 0x8001, 0x4}, {0x9, 0x9, 0x800, 0x800, 0x2, 0x1f}, {0xfffffffe, 0x5, 0x3, 0xf, 0xfff, 0x3}, {0x500, 0x4, 0x7fff, 0x10, 0x5, 0x100}, {0xe49e, 0xfffffffa, 0x7, 0x1, 0x100, 0x7}, {0x3, 0x4, 0x3, 0x80000001, 0x6d, 0x7f}, {0x5, 0x306e, 0x4, 0x7, 0xffffffff, 0xc42}, {0x5, 0x8, 0x6000000, 0x9, 0x3ff, 0x81}, {0xcf, 0x7a3f, 0x2, 0x10, 0x7a, 0x5}, {0x81, 0x7, 0x0, 0x5, 0x7ff, 0xbac2}, {0x2, 0x2, 0x9e65, 0xc6f, 0x169c, 0x2c}, {0x311a, 0x9, 0x10, 0xf, 0x6, 0x3}, {0x80, 0x10001, 0xcbab, 0x3, 0x7, 0x4}, {0x100, 0x3ffc000, 0x7eb2, 0xfff, 0x4, 0x1}, {0x7, 0x9, 0x3, 0x0, 0x101, 0x3}, {0x5, 0x3, 0x4, 0x1, 0x4, 0x7}, {0x7, 0x4, 0x7ff, 0x13, 0x0, 0x3b}, {0x401, 0x5, 0xffff, 0x9, 0x3, 0xffffff72}, {0x3, 0x7fffffff, 0x5, 0xffff786e, 0x3}, {0x4, 0x8b3, 0x17, 0x2, 0x1, 0x7}, {0x7, 0xdf0e, 0x6, 0x6, 0x6, 0x200}, {0x800, 0x5, 0x0, 0x200, 0x9137}, {0x5, 0x4, 0x0, 0x0, 0xa, 0x9a28}, {0x10000, 0xe1, 0x5, 0x9, 0xffffffff, 0x1}, {0x7, 0x6, 0x4, 0x98, 0x34, 0xfffffffd}, {0x3618, 0x6, 0xaec, 0x9, 0x4, 0xfffffffc}, {0xa, 0x101, 0x40, 0x3, 0x2, 0x80000001}, {0x400, 0x1, 0x1, 0x4, 0x101, 0x7}, {0x9, 0x7f, 0xff, 0x1, 0x2, 0xbd}, {0xa827, 0x1e5, 0xccc, 0xffffffff, 0x5c, 0xf}, {0xb, 0x1, 0x8, 0x5, 0x4, 0x27}, {0x1a23, 0x8, 0x6, 0x4, 0xffff7fff, 0xba9}, {0x4, 0x3, 0x8, 0x8, 0x0, 0x9}, {0xff, 0x9, 0x7, 0x10001, 0x2, 0x40000}, {0x0, 0xa2, 0x4, 0x8, 0x80, 0x80000000}, {0x7fff, 0xa, 0x3, 0x8, 0x401, 0x54}, {0x9, 0x4, 0x81, 0x80, 0x2a, 0x7}, {0x6, 0x7fffffff, 0xff, 0x5a8, 0x38e6, 0xf7}, {0x1, 0x8, 0x3, 0x7, 0x6, 0x8}, {0x2, 0xb, 0xecbc, 0x1, 0x3, 0x7}, {0x9, 0x1, 0x2, 0x2, 0x5, 0x1}, {0x2, 0x5, 0x2, 0x3, 0x3, 0x10001}, {0x1ae, 0x3, 0x5b739eed, 0x7, 0x6f9, 0x7fff}, {0x3, 0xecd, 0x4ab1, 0x1, 0x7fffffff, 0x5}, {0x3, 0x10001, 0x9, 0x4, 0x2, 0x3}, {0x80000000, 0x0, 0x2, 0xfffffff2, 0x5, 0x9}, {0x1, 0xffffffff, 0x1, 0x1, 0x840, 0x2}, {0x57, 0x10001, 0x0, 0x5, 0xa8, 0x8}, {0x0, 0x9, 0x5, 0x7, 0xfffffff8, 0x80000000}, {0x2, 0x9, 0x6, 0x3, 0x6, 0x7800}, {0x514c, 0x3, 0x2, 0x3, 0xf, 0x7}, {0x3ff, 0x0, 0x1, 0x5, 0x5, 0x6}, {0x329b, 0x223, 0x3, 0x9, 0x5, 0xf}, {0x2, 0xa, 0x3, 0x8, 0x1, 0xfffffff8}, {0x5, 0x8001, 0x1, 0x4, 0x3, 0xffff}, {0x8, 0x5, 0x372, 0x9, 0x7f, 0x9}, {0x1, 0x9, 0x4, 0x5, 0x9, 0x96be}, {0x4, 0x9f, 0x6, 0x4, 0x2, 0x4}, {0x3, 0x2, 0x5, 0xf, 0x6b17}, {0x8001, 0x40, 0x2, 0x9, 0xffff8000, 0xf}, {0x5, 0x8, 0x1, 0xa00, 0x80, 0x6}, {0x10001, 0x0, 0x1000, 0xfffffff9, 0x3ff, 0x1000}, {0x4, 0x6, 0x4, 0x6, 0x0, 0x9}, {0xfffffffb, 0x7, 0x9, 0x5, 0x2, 0x8}, {0x9, 0x4, 0x7fff, 0x8, 0x8, 0x81}, {0x7, 0x5, 0x10, 0x4, 0xc4da, 0x8001}, {0x2, 0x2, 0xf49, 0x7ff, 0x3, 0x6000000}, {0x8, 0x9, 0x7ff, 0x7233, 0x1000}, {0x200, 0x8bd, 0x1, 0x8, 0x200, 0x9}, {0x100, 0x9407, 0x5, 0x8, 0x0, 0x6}, {0x5, 0x5, 0x2, 0xe6, 0x3, 0x5}, {0x3, 0x3, 0xc0000000, 0xd, 0x7, 0x9}], [{0x2}, {0x1, 0x1}, {0x1, 0x1}, {0x5, 0x1}, {0x5, 0x1}, {0x4, 0x1}, {0x2, 0x1}, {0x1}, {0x4, 0x1}, {0x0, 0x1}, {0x5}, {0x1}, {0x0, 0x1}, {0x3}, {0x1, 0x1}, {0x0, 0x1}, {0x1}, {0x3, 0x1}, {0x4}, {0x0, 0x1}, {0x0, 0x1}, {0x2, 0x1}, {0x1, 0x1}, {0x0, 0x1}, {0x3, 0x1}, {0x2, 0x1}, {0x5}, {0x4}, {0x2}, {0x5, 0x1}, {0x2, 0x1}, {0x5}, {0x3, 0x1}, {0x1, 0x1}, {0x1}, {0x3, 0x3}, {0x0, 0x1}, {0x5, 0x1}, {0x0, 0x28e1bf8e76b2579d}, {0x2, 0x1}, {0x0, 0x1}, {0x4, 0x1}, {0x5}, {0x0, 0x1}, {}, {0x0, 0x1}, {0x2}, {0x3}, {}, {0x1}, {0x4, 0x1}, {0x5, 0x1}, {0x0, 0x1}, {0x2}, {0x4}, {0x0, 0x1}, {}, {}, {0x3}, {0x2, 0x1}, {}, {0x5, 0x1}, {0x5, 0x1}, {0x1}, {0x5}, {0x237c0e8f9fe9ab90, 0x1}, {0x3}, {0x5}, {0x2, 0x1}, {0x4, 0x1}, {0x0, 0x1}, {0x1, 0x1}, {0x4, 0x1}, {0x1}, {0x4, 0x1}, {0x3, 0x1}, {0x8, 0x1}, {0x4, 0x1}, {0x2, 0x1}, {0x0, 0x1}, {0x5}, {0x4}, {0x3, 0x1}, {0x3, 0x1}, {}, {0x1}, {0x4, 0x1}, {0x2}, {0x5, 0x1}, {0x4}, {0x1}, {0x5, 0x1}, {}, {0x3}, {0x2}, {0x5, 0x1}, {0x1}, {0x5}, {0x2}, {0x0, 0x1}, {0x1, 0x1}, {0x1}, {0x5, 0x1}, {0x3, 0xbb37bf05cb3b7a1e}, {0x5, 0x1}, {0x2}, {0x1, 0x1}, {0x2}, {0x2, 0x1}, {0x4}, {0x5}, {}, {0x1}, {0x2, 0x1}, {0x1}, {}, {0x3, 0x1}, {0x0, 0x1}, {0x1, 0x1}, {0x3}, {0x5}, {0x3}, {0x2}, {0x5}, {}, {0x3}, {0x1}, {0x6, 0x1}]}}, @TCA_PEDIT_PARMS_EX={0xe38, 0x4, {{{0x5, 0x0, 0x8, 0x10}, 0x6, 0xb, [{0xb, 0x2, 0x1, 0x6, 0x3}]}, [{0x8, 0x9, 0x5, 0x7ff, 0x7, 0x4c1e}, {0x4, 0x8, 0x0, 0x1}, {0x3, 0x4, 0x1, 0x7, 0x80, 0x100}, {0x1, 0x9, 0x200, 0x0, 0x1}, {0x6, 0xfffffffa, 0x3, 0xffffffed, 0x40, 0x3}, {0x87, 0x0, 0x1, 0x2, 0xc8, 0xe000000}, {0x7, 0xa0, 0x3ff, 0x4, 0x200, 0x1}, {0x1, 0x4, 0xd, 0x5, 0x0, 0xdd2}, {0x2, 0x1, 0xc0000000, 0x64, 0x2, 0x8}, {0x5, 0x3, 0x0, 0xe00, 0xb28, 0x7ff}, {0x1, 0x9, 0x80000000, 0x1, 0x5}, {0x4, 0x1000, 0x5, 0x9, 0x0, 0xa}, {0x0, 0x1, 0x81, 0x2, 0x2, 0x8001}, {0x2, 0x7fffffff, 0x2, 0x2, 0x9d, 0x93b3}, {0xb2, 0xffffffff, 0x7, 0xfff, 0x2, 0xb}, {0x3, 0x6, 0x2, 0x3, 0x6, 0x2}, {0x0, 0x10, 0x1a87, 0x8, 0x7, 0x800}, {0xbc0, 0x2, 0x0, 0x80, 0x1, 0x2}, {0x6, 0x2, 0x5, 0x7ff, 0x6, 0x8}, {0x40db, 0x0, 0x3ffd, 0x4, 0x8d44, 0x5}, {0x0, 0x9, 0x3, 0x100, 0x9, 0x2e4}, {0xbe5, 0x6, 0x4, 0x2b, 0x2, 0x2}, {0x1, 0x80000000, 0x10, 0x9, 0x2, 0x5}, {0x9299, 0x661b, 0x9, 0x2, 0x90000000, 0x3}, {0xffffffff, 0x7, 0x9, 0xb759, 0xcf4a, 0x3}, {0x7, 0x4, 0xf1f51af, 0x1e, 0x0, 0x7ff}, {0xe, 0x0, 0x8, 0x0, 0x0, 0x2}, {0x4, 0x6, 0x62, 0x44, 0x9, 0x9}, {0x8a1, 0xb2b, 0x40, 0xffff, 0x6, 0x7}, {0xde73, 0x2, 0x1, 0x3, 0x7, 0x7}, {0x0, 0x0, 0x1, 0x2543fe95, 0xf, 0x2}, {0x3, 0x8, 0x6, 0x6, 0x5, 0x101}, {0xfffff800, 0xfffffff7, 0x984, 0x80, 0xff}, {0x8, 0x3c1d9059, 0xe, 0xff, 0x7fff, 0xc}, {0x7, 0xfffffffa, 0x4, 0x5, 0xddc5, 0x6}, {0x0, 0x5, 0xfffffff7, 0xfffffffc, 0x5, 0x7}, {0x5, 0x3, 0x5, 0x7, 0x101, 0xf}, {0x0, 0xc, 0x1, 0xff, 0xbcbe, 0x35fb936b}, {0xfffffff8, 0x5, 0xee1, 0x8000, 0x7, 0x80}, {0x73, 0xc8, 0xd, 0x0, 0xa, 0x81}, {0x3af, 0xf, 0xd, 0x5, 0xffff, 0xae}, {0x92, 0x9, 0x3, 0x3, 0x400, 0x6}, {0x4, 0x0, 0x776, 0x7f, 0x4, 0x2}, {0x8, 0x7, 0x10001, 0xf7, 0x3, 0xe18}, {0x2a52, 0x888, 0xceb4, 0xff, 0x7, 0x6}, {0x7, 0x1, 0xffffffff, 0xb, 0x1c20000, 0x46}, {0x3, 0x7f, 0x2, 0x5, 0x2, 0x2}, {0x0, 0x200, 0x5, 0x0, 0x7ff, 0x4}, {0xb0, 0x4e54, 0x0, 0x2, 0x6, 0x8}, {0xffffff99, 0xa, 0x0, 0xff, 0x8001, 0x4}, {0x1, 0x6, 0x0, 0x1000, 0x7f, 0x5}, {0xc08, 0x6, 0x503, 0xa, 0xa, 0x5b43b3e2}, {0x2, 0x1, 0x7604, 0xf5a, 0x100, 0xff}, {0x6, 0x8, 0xa94, 0xe, 0x200}, {0xfffffffd, 0x9d5, 0x80, 0x8, 0x9, 0x8000}, {0x3ff, 0x1, 0x7fffffff, 0x157, 0x2, 0x4}, {0xffffffff, 0x75, 0x2, 0xb29, 0x3, 0x2}, {0x9, 0x5, 0x8, 0x3, 0x1, 0xe61}, {0x1, 0x7, 0x400, 0x7, 0x0, 0xedb3}, {0x4, 0x446ccfb4, 0xb35, 0xffff, 0x5, 0x1}, {0x0, 0x9976, 0x400, 0x4, 0x6, 0x7}, {0x66, 0x1000, 0x7, 0x3ff, 0x4, 0x5}, {0x7, 0x1, 0xf, 0x40, 0x8000, 0x10}, {0x1, 0x94, 0x0, 0x3, 0x40, 0xa23}, {0x4, 0x96, 0x6, 0x3ff, 0x9, 0x9}, {0x9, 0x4, 0x1, 0x8, 0x5, 0x7}, {0xffffffff, 0x6, 0x3ed, 0x9, 0x1, 0x2801}, {0xb82, 0x2, 0x5, 0x0, 0xc58d, 0x1}, {0x3bd4, 0x9, 0x401, 0x8, 0x9, 0x3}, {0x52ef, 0x8, 0x4, 0x6, 0xbc, 0x3}, {0x63, 0x1, 0x1, 0xffffffff, 0xbf6, 0x6}, {0x7, 0x7, 0xca9, 0x4, 0x8000, 0xfffffffc}, {0x100, 0x2, 0x6, 0x4, 0x8000, 0x20c}, {0x6, 0x6, 0x13, 0x5, 0x0, 0x7fff}, {0xb, 0x2, 0x8f8a, 0x401, 0xfffffffd}, {0x74b, 0x4, 0x2, 0x7f, 0xff}, {0x84d, 0x7, 0x8, 0x1, 0x3, 0x7f}, {0x9, 0x2, 0x6, 0x4, 0x2, 0xe}, {0xc, 0x5, 0x45, 0x8, 0x7, 0x9}, {0x10000, 0x2, 0x1, 0x6, 0x2fc1ea3, 0x9}, {0x0, 0x1, 0xa0, 0x6, 0x6, 0x5}, {0x6, 0x4, 0x9, 0x5, 0xfff, 0x606}, {0xa, 0x9, 0x9, 0x0, 0x6, 0x6}, {0xc, 0x5, 0x0, 0x1ff}, {0xbe, 0x800, 0x43, 0x3, 0xffff57f3, 0x3}, {0x3, 0x6, 0xbf9, 0x0, 0x100, 0x3}, {0xc, 0x6, 0x5, 0xfff, 0x10001, 0x9}, {0x3, 0x80000000, 0x6, 0x201b, 0x6, 0x80000001}, {0x224, 0x3, 0x4, 0xe, 0x8, 0x72c}, {0x86, 0x9, 0x2, 0xff, 0x6, 0x5}, {0x4, 0x2, 0x1000, 0x2, 0x9, 0xffffffff}, {0x8, 0x9, 0x9, 0x5, 0x9db0, 0x7}, {0x2c00, 0x1, 0x9, 0x5, 0xcd95, 0x3ff}, {0x7, 0x8, 0x9, 0x0, 0x200, 0xcaf}, {0x7d26, 0xffffffff, 0x5, 0xd, 0x6, 0x1000}, {0x2000000, 0x80000001, 0x6, 0x9, 0x4, 0x81}, {0x8ca, 0x6, 0x0, 0x9, 0xffffffff, 0xf9a4}, {0x2, 0x3df, 0xfffffffd, 0x28a, 0xa0, 0x6}, {0x80000001, 0x8, 0x8, 0x5000000, 0xfff, 0x4}, {0x3ff, 0x5, 0x0, 0x9, 0x2, 0x2}, {0x4e, 0x1, 0xed3e, 0x0, 0x0, 0x3ff}, {0x4, 0xaa8, 0x4, 0xfbb, 0x12, 0x5}, {0xffffff81, 0x6, 0xffff, 0x4, 0x5, 0x1}, {0x40, 0x6, 0x3, 0x8, 0xfff, 0x4}, {0x6, 0xc, 0x1, 0xaef, 0x5, 0x3}, {0x7, 0x4b, 0xdfce, 0x0, 0x3, 0x5}, {0xbf8, 0xfff, 0x22a, 0x0, 0xcf}, {0x7, 0x8, 0x22, 0x6, 0x2, 0x5deefeec}, {0x5, 0x71, 0x9, 0x0, 0xcb24, 0x7}, {0x12f, 0x100, 0x7, 0xfffffff7, 0x10001}, {0x7, 0x400, 0x4, 0x6, 0x3, 0x6}, {0x5, 0x517, 0x400, 0x3, 0xfffffffe, 0x4}, {0xc, 0x7, 0x8, 0x100, 0xb, 0x3}, {0x9, 0x1, 0x4, 0x6, 0x5c75, 0x6}, {0x8, 0x9, 0x2cb, 0xe, 0x2, 0x9}, {0xfffffffb, 0x9, 0x2, 0x1e, 0x3, 0x3}, {0x0, 0x7fffffff, 0x400080, 0x2, 0xe, 0x6}, {0x5, 0x5, 0x6, 0x80000000, 0x0, 0x80000001}, {0x6, 0xd27, 0x200, 0x9, 0x2, 0x800}, {0x1, 0x3, 0x1, 0x1, 0x0, 0x29}, {0xb3d7, 0x7, 0x7e9c, 0x100, 0x7fffffff, 0xfffffffc}, {0x7, 0x188, 0x20000000, 0x7, 0x400}, {0x9, 0x6, 0xc06, 0x0, 0x9, 0x6}, {0x3, 0x7, 0x4, 0x0, 0xd, 0x2}, {0x9, 0x2, 0x8, 0x9}, {0x1, 0xffffffc0, 0x2, 0x3, 0x8, 0x5}, {0x3f12, 0x9, 0x5, 0x8, 0xf}, {0x60, 0x6, 0xfffff548, 0x8, 0x10, 0x2}], [{0x1}, {0x4}, {0x5, 0x1}, {0x3}, {0x1, 0x1}, {0x2, 0x1}, {0x4, 0x1}, {0x2, 0x1}, {0x1}, {0x3, 0x1}, {0x5}, {0x5, 0x1}, {0x3}, {0x3}, {0x4}, {0x2}, {}, {0x0, 0x1}, {0x4}, {0x1}, {0x5, 0x1}, {0x1}, {0x4}, {0x2, 0x1}, {0x4}, {}, {0x4}, {0x1}, {0x1, 0x1}, {}, {0x0, 0x1}, {0x5, 0x1}, {0x7, 0x1}, {0x4}, {0x2}, {0x1}, {0x3}, {0x0, 0x1}, {0x6}, {0x1}, {0x3, 0x1}, {0x1}, {0x5, 0x1}, {0x4, 0x1}, {}, {0x5, 0x1}, {0x5, 0x1}, {0x5}, {0x2, 0x1}, {}, {0x1, 0x1}, {0x1, 0x1}, {0x5}, {0x1, 0x1}, {0x3, 0x1}, {0x1, 0x1}, {0x5, 0x1}, {0x4}, {0x5, 0x1}, {0x0, 0x1}, {0x23c014049601dbd9, 0x1}, {0x0, 0x1}, {0x4}, {0x3, 0x1}, {}, {0x5}, {0x2, 0x1}, {0x1, 0x1}, {0x3, 0x1}, {0x7}, {0x3}, {0x5, 0x1}, {0x1}, {0x1, 0x1}, {0x2, 0x1}, {0x4, 0x1}, {0x2, 0x1}, {0x0, 0x1}, {0x5}, {0x5}, {0x5, 0x1}, {0x0, 0x1}, {0x1}, {0x5, 0x1}, {0x796fd6896b29d8b3}, {0x1, 0x1}, {0x3}, {0x2, 0x1}, {0x7, 0x1}, {0x3, 0x1}, {0x0, 0x1}, {0x0, 0x1}, {0x5}, {0x2}, {0x4, 0x1}, {0x5}, {0x3}, {0x3}, {0x4, 0x1}, {0x3, 0x1}, {0x4, 0x1}, {0x5}, {0x4}, {0x1, 0x1}, {0x4, 0x1}, {0x4, 0x1}, {0x3, 0x1}, {0x0, 0x1}, {0x2}, {0x2}, {0x5, 0x1}, {0x2}, {}, {0x1, 0x1}, {}, {0x3, 0x1}, {0x2, 0x1}, {0x0, 0x1}, {0x1}, {0x0, 0x1}, {0x2, 0x1}, {0x6}, {0x3}, {0x7}, {}, {}, {0x3}]}}]}, {0xae, 0x6, "14abd646d3a7f45551eef3735fb648e4e15e90dd979174e1f11ea0035960002dc3be7e179bea10e353c3c1755b499a336bf54fdbcc0cb8672818d8d2d36f733e39000662833ad852aba16d1123fd427bc844b0016032e989690d5525e592d3cb0fd21d9ef8a24a20b556715c37b3e83e0dfe67241d5f9ebd2f5f6a554d8f781b247873895c01091e5b01b20d95fa78fda22abbd8e58e340674dac1732ab6e42b1609c609f9f3552b8bc7"}, {0xc, 0x7, {0x0, 0x1}}, {0xc}}}]}]}, 0x1ec0}, 0x1, 0x0, 0x0, 0xc044}, 0x4000814)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x1, &(0x7f00000000c0)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6701c000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
r6 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r6, 0x1, 0xffffffffffffffff, &(0x7f0000000140)={0x20000010})
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
openat$drirender128(0xffffffffffffff9c, &(0x7f0000000040), 0x40, 0x0)
mprotect(&(0x7f0000002000/0x4000)=nil, 0x4000, 0x0)
r7 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r7, 0x3b81, &(0x7f00000000c0)={0xc, 0x0, <r8=>0x0})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r7, 0x3ba0, &(0x7f0000000740)={0x48, 0x2, r8})
socket$packet(0x11, 0x3, 0x300)
ioctl$IOMMU_IOAS_MAP$PAGES(r7, 0x3b85, &(0x7f00000007c0)={0x28, 0x3, r8, 0x0, &(0x7f0000000000/0x800000)=nil, 0x800000, 0x1004000})
ioctl$DRM_IOCTL_RES_CTX(0xffffffffffffffff, 0xc0106426, 0x0)

7m54.944956495s ago: executing program 1 (id=765):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000003900), 0x34aa945a513d639, 0x0)
recvmmsg(r1, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
syz_mount_image$vfat(&(0x7f0000000100), &(0x7f0000000000)='./file0\x00', 0x2000014, &(0x7f0000000480)=ANY=[@ANYBLOB="6e6f6e756d7461696c2c6e66732c73686f72746e616d653d6c6f7765722c757466383d312c64656275672c696f636861727365743d757466382c73686f72746e616d653d6d697865642c757466383d312c004845160000000000", @ANYRESOCT=0x0, @ANYRESDEC, @ANYRESDEC, @ANYRESDEC, @ANYBLOB="0ea1a3ed758749a35b0cf19e7301710a8a7c5e7fe9b7c49589266bd5045f15f1817fcc4ea04eeac3f0df37b8beaeafc22a5a08a1a70024", @ANYBLOB="97b61e88553572fd2efdef5bcdc603f5cf17a49bf1d8457078ace3df30c7c941b1103b86953f4b1b43816a58622af5d511ff04c37a8893dc5ea494888e218c88326783f69ee710da511f74fe812d33a93825fb7eb8eca7196d483f5689286f28bf447eca9c6676aad40948ce1a2154e82ce6ecb85f76965d75d05e46"], 0xfe, 0x2dd, &(0x7f0000000bc0)="$eJzs3c9rE1sUwPHTpK9JU9rkweOBgnrRjW6GNv4BGqQFMaDURtSFMLUTDRmTMhMiEbHZiFv/juLSnaD+A92IG/fuiiC46UIcycwknaRJM7VpktrvB9o598fh3jZpORPIzfbd10+KeVvL6xWJxJVEROqyI5JqRL4J/xpx4ykJqsulmR9fzty+d/9GJptdXFZqKbNyOa2Umjv3/unzN+c/VmbuvJ17F5Ot1IPt7+mvW1Nbp7Z/rTwu2Kpgq1K5onS1Wi5X9FXTUGsFu6gpdcs0dNtQhZJtWG3jebO8vl5TemltNrFuGbat9FJNFY2aqpRVxaop/ZFeKClN09RsQk62yRBzcpvLy3qm57ATHeiOcOSmu3VaVqbefTC3OYQ9AQCAMbN//e/V+r3q/93q8CD1///963+RYP0f9xeh/h+AelurT/2P42mjvWlZGT3h//22o/4HAAAAAAAAAAAAAAAAAAAAAOA42HGcpOM4ycbV73LbMRGJe28Bd9sj3iaOSPDxdwJfrcffb3ekXRnRdjFggTfuxUXMV9VcNeddvfFMXgpiiiHzkpSf7vPB58VL17OL88qVkg/mRjVXjYo0rlGJNfObUt3yz/674OUrPz/n5f8jieD6aUnKf93XT3fNn5KLFwL5miTl00Mpiylr7vN6N//FglLXbmY78qfdeQAAAAAA/A001ZJqv//1TvfR3Alx2Tvu5QdeH3AcZ6PxrXVAUMfrAx3315NyOswRlQAAAAAA4NDs2rOibpqGFSqQSLAnJiL9s5yJAy1xmMBxRIa1Vu8gKqNcvVdwVUTGYBvDCuIi4vWoP0n/1koPleWEmDPpfwLHePx++gej/s8EAAAAYNAC9/bhfX55hDsCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAODkCXseWHP+nqHmwH6nBu6KDv0HBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMbI7wAAAP//MtkN0w==")
ioprio_get$pid(0x3, r0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x0, 0x0})
r3 = open(&(0x7f0000000580)='./file1\x00', 0x80242, 0x1df2a23c5997fa5f)
write$FUSE_CREATE_OPEN(r3, &(0x7f0000000180)={0xa0, 0xffffffffffffffda, 0x0, {{0x3, 0x7, 0x8000000000007, 0x282b, 0x20103, 0x80001, {0x200004, 0x10005c62, 0x203, 0x0, 0x83, 0xd612, 0x10000006, 0x6, 0x0, 0x4000, 0x0, 0xee00, 0xee00, 0xd31, 0x1}}, {0x0, 0xa}}}, 0xa0)
sendfile(r3, r3, &(0x7f0000000100)=0x4, 0x80000000)

7m38.78014322s ago: executing program 32 (id=765):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000003900), 0x34aa945a513d639, 0x0)
recvmmsg(r1, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
syz_mount_image$vfat(&(0x7f0000000100), &(0x7f0000000000)='./file0\x00', 0x2000014, &(0x7f0000000480)=ANY=[@ANYBLOB="6e6f6e756d7461696c2c6e66732c73686f72746e616d653d6c6f7765722c757466383d312c64656275672c696f636861727365743d757466382c73686f72746e616d653d6d697865642c757466383d312c004845160000000000", @ANYRESOCT=0x0, @ANYRESDEC, @ANYRESDEC, @ANYRESDEC, @ANYBLOB="0ea1a3ed758749a35b0cf19e7301710a8a7c5e7fe9b7c49589266bd5045f15f1817fcc4ea04eeac3f0df37b8beaeafc22a5a08a1a70024", @ANYBLOB="97b61e88553572fd2efdef5bcdc603f5cf17a49bf1d8457078ace3df30c7c941b1103b86953f4b1b43816a58622af5d511ff04c37a8893dc5ea494888e218c88326783f69ee710da511f74fe812d33a93825fb7eb8eca7196d483f5689286f28bf447eca9c6676aad40948ce1a2154e82ce6ecb85f76965d75d05e46"], 0xfe, 0x2dd, &(0x7f0000000bc0)="$eJzs3c9rE1sUwPHTpK9JU9rkweOBgnrRjW6GNv4BGqQFMaDURtSFMLUTDRmTMhMiEbHZiFv/juLSnaD+A92IG/fuiiC46UIcycwknaRJM7VpktrvB9o598fh3jZpORPIzfbd10+KeVvL6xWJxJVEROqyI5JqRL4J/xpx4ykJqsulmR9fzty+d/9GJptdXFZqKbNyOa2Umjv3/unzN+c/VmbuvJ17F5Ot1IPt7+mvW1Nbp7Z/rTwu2Kpgq1K5onS1Wi5X9FXTUGsFu6gpdcs0dNtQhZJtWG3jebO8vl5TemltNrFuGbat9FJNFY2aqpRVxaop/ZFeKClN09RsQk62yRBzcpvLy3qm57ATHeiOcOSmu3VaVqbefTC3OYQ9AQCAMbN//e/V+r3q/93q8CD1///963+RYP0f9xeh/h+AelurT/2P42mjvWlZGT3h//22o/4HAAAAAAAAAAAAAAAAAAAAAOA42HGcpOM4ycbV73LbMRGJe28Bd9sj3iaOSPDxdwJfrcffb3ekXRnRdjFggTfuxUXMV9VcNeddvfFMXgpiiiHzkpSf7vPB58VL17OL88qVkg/mRjVXjYo0rlGJNfObUt3yz/674OUrPz/n5f8jieD6aUnKf93XT3fNn5KLFwL5miTl00Mpiylr7vN6N//FglLXbmY78qfdeQAAAAAA/A001ZJqv//1TvfR3Alx2Tvu5QdeH3AcZ6PxrXVAUMfrAx3315NyOswRlQAAAAAA4NDs2rOibpqGFSqQSLAnJiL9s5yJAy1xmMBxRIa1Vu8gKqNcvVdwVUTGYBvDCuIi4vWoP0n/1koPleWEmDPpfwLHePx++gej/s8EAAAAYNAC9/bhfX55hDsCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAODkCXseWHP+nqHmwH6nBu6KDv0HBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMbI7wAAAP//MtkN0w==")
ioprio_get$pid(0x3, r0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x0, 0x0})
r3 = open(&(0x7f0000000580)='./file1\x00', 0x80242, 0x1df2a23c5997fa5f)
write$FUSE_CREATE_OPEN(r3, &(0x7f0000000180)={0xa0, 0xffffffffffffffda, 0x0, {{0x3, 0x7, 0x8000000000007, 0x282b, 0x20103, 0x80001, {0x200004, 0x10005c62, 0x203, 0x0, 0x83, 0xd612, 0x10000006, 0x6, 0x0, 0x4000, 0x0, 0xee00, 0xee00, 0xd31, 0x1}}, {0x0, 0xa}}}, 0xa0)
sendfile(r3, r3, &(0x7f0000000100)=0x4, 0x80000000)

6m35.088091887s ago: executing program 4 (id=963):
r0 = open(&(0x7f0000000240)='./file1\x00', 0x14d142, 0x88)
sendfile(r0, r0, 0x0, 0x80000001)

6m34.98591022s ago: executing program 4 (id=965):
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0xe, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000800000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="05000000040000000c0000000b"], 0x50)
close(0x3)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000f4751f2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000018110000", @ANYRES32=r0], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000380)={r1}, 0xc)

6m34.823711015s ago: executing program 4 (id=967):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e22, @empty}, 0xf)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000000000002}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
r4 = socket$inet6(0xa, 0x1, 0x0)
r5 = dup2(r4, r4)
ioctl$sock_inet6_SIOCDELRT(r5, 0x890c, &(0x7f0000000640)={@remote, @loopback, @private1={0xfc, 0x1, '\x00', 0x1}, 0xffffffff, 0x40, 0x93, 0x100, 0x2, 0xbb002f})
r6 = syz_open_dev$vim2m(&(0x7f0000000000), 0x47b, 0x2)
r7 = syz_io_uring_setup(0x23c, &(0x7f0000000200)={0x0, 0x8d08, 0x800}, &(0x7f0000000180), &(0x7f0000000340), &(0x7f0000000000))
io_uring_enter(r7, 0x2def, 0x0, 0x0, 0x0, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r5, 0x40045010, &(0x7f0000000300)=0xafc)
r8 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_STAT_GET(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=ANY=[@ANYBLOB="2800000011146ff900000500000000"], 0x28}}, 0x0)
ioctl$vim2m_VIDIOC_S_CTRL(r6, 0xc008561c, &(0x7f0000000040)={0xf0f02a, 0x5})
socket$inet_sctp(0x2, 0x5, 0x84)
syz_mount_image$msdos(&(0x7f00000002c0), &(0x7f00000003c0)='./file0\x00', 0x200084c, &(0x7f0000000300)={[{@fat=@time_offset={'time_offset', 0x3d, 0x4f7}}, {@fat=@sys_immutable}, {@dots}, {@fat=@nfs_nostale_ro}, {@dots}, {@dots}, {@dots}, {@dots}, {@dots}, {@dots}, {@fat=@allow_utime={'allow_utime', 0x3d, 0x9}}, {@nodots}, {@fat=@showexec}, {@dots}, {@fat=@dos1xfloppy}, {@fat=@check_strict}]}, 0x1, 0x254, &(0x7f0000000b80)="$eJzs3UFr02AYB/BnW7d2Q3Bn8RDw4knUb1CkghgQKjnoycD0sonQXaIX+zH8DH4UP4IfY6fdIjbBbqlMkKxZl98PSh7eP0mft4emhfdt393/eHz06fRD+fNbjEZJDCLmcR5xGNuxE5Wt+ri9qPfionkAAJtmOs3HXfdAi7ZWRvYjIt+NiOFKlH1fU1cAAAAAAAAAAAC0zPp/AOgf6/9vv9lsnB/Un98us/4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6M55Wd4tr3h03R8A0D73fwDon3/f/+903SIA0DLf/wGgf16/eftynKaTaZKMIs7mRVZk1bHKn79IJ4+ThcPlWWdFke3WdTp5UuVJMz+oz3/613wvHj6o8t/Zs1dpIx/G0XVPHgAAAAAAAAAAAAAAAAAAAG6IR8kfjf39O4uq/FqNrOZVdeH3ARr79wdxb7CeOQAAAAAAAAAAAAAAAAAAAMCmO/385Tg/OXk/U2xc8aPFC8alkf34j+uM4ma8LIpWiq7fmQAAAAAAAAAAAAAAAAAAoH+Wm3677gQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAurP8///rK654+uEapwoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADccr8CAAD//4mskPc=")
name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', &(0x7f00000000c0)=ANY=[@ANYBLOB="14"], &(0x7f0000000700), 0x0)

6m33.674022285s ago: executing program 4 (id=970):
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100419, 0x0)
mount$9p_unix(&(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='./cgroup\x00', 0x0, 0x10101d, 0x0)
mount$9p_unix(&(0x7f0000000000)='./cgroup\x00', &(0x7f0000000100)='./cgroup\x00', 0x0, 0x2001015, 0x0)
mount(0x0, &(0x7f0000000200)='./cgroup\x00', 0x0, 0x80002, 0x0)
umount2(&(0x7f0000000100)='./file0\x00', 0xa)

6m33.515942319s ago: executing program 4 (id=971):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000000)={0x0, &(0x7f0000000200)})
memfd_create(&(0x7f00000000c0)=',\xea\xc9t\x8b\xb7\x04\x1d^s^\t5\xa1i\x01\x00\xd4\xd7\x02\x8dmbs\x0f3\x92\'\x94N\b\xe0m\xa4\x01\x00\xe5\x00\x00\x00\x00\x00-\xb3\x8d\xa1v\xe5\x8a0\x05\x00\xa4\xed\x94 \x15Y\x1f\xccY\xff\xb4\xa2\xa62:\xfa\xf9\xb7\x05q\xa4d\xda0y\xd3\xd6\x98\x9f\x11\n\xf44Q\xff\xff)\xb3|\x04\x00\x00\x80FD\xb8\xc2\x8a\x99Y\xf6:\xfeT\xa1', 0x0)
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x28100, 0x0)
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000)={@multicast1, @local}, 0xc)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x24, &(0x7f0000000140)={@rand_addr, @initdev}, &(0x7f00000001c0)=0xc)
syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='fdinfo/3\x00')
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_NMI(r2, 0xae9a)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000180)={@loopback={0x200000000000000}, 0x800, 0x0, 0x1, 0x1, 0x2}, 0x20)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000440)={[0x0, 0x100000000, 0x0, 0x7f, 0x100000, 0x0, 0x2004c8, 0x8000000, 0x0, 0x0, 0x7, 0x0, 0x5, 0x8, 0x2, 0xffffffffffffffff], 0x0, 0x200})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x101, 0xaec4, 0x6, 0x4004, 0x2, 0x4, 0xefffffffffffffff, 0x0, 0x0, 0x2000000, 0x20000, 0x1c, 0x0, 0x5, 0x1], 0x0, 0x41981})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

6m33.080024281s ago: executing program 4 (id=977):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$inet6(0xffffffffffffffff, 0x0, 0x40080)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x41, 0x0)
epoll_create(0x7)
keyctl$clear(0x3, 0xfffffffffffffffd)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r3, &(0x7f00000001c0)={0xb0000009})
syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0)
ioctl$TIOCSERGETLSR(r3, 0x5459, &(0x7f0000000200))
syz_emit_ethernet(0xf5, 0x0, 0x0)
syz_open_dev$usbfs(&(0x7f0000000100), 0x205, 0x8401)
ioctl$USBDEVFS_SUBMITURB(0xffffffffffffffff, 0x8038550a, 0x0)
utime(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)={0x2, 0xa08b})
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r5 = openat$cgroup_procs(r4, &(0x7f0000000280)='tasks\x00', 0x2, 0x0)
write$cgroup_pid(r5, &(0x7f0000000300)=r0, 0x12)

6m32.797201419s ago: executing program 33 (id=977):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$inet6(0xffffffffffffffff, 0x0, 0x40080)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x41, 0x0)
epoll_create(0x7)
keyctl$clear(0x3, 0xfffffffffffffffd)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r3, &(0x7f00000001c0)={0xb0000009})
syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0)
ioctl$TIOCSERGETLSR(r3, 0x5459, &(0x7f0000000200))
syz_emit_ethernet(0xf5, 0x0, 0x0)
syz_open_dev$usbfs(&(0x7f0000000100), 0x205, 0x8401)
ioctl$USBDEVFS_SUBMITURB(0xffffffffffffffff, 0x8038550a, 0x0)
utime(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)={0x2, 0xa08b})
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r5 = openat$cgroup_procs(r4, &(0x7f0000000280)='tasks\x00', 0x2, 0x0)
write$cgroup_pid(r5, &(0x7f0000000300)=r0, 0x12)

6m10.14828344s ago: executing program 5 (id=1040):
r0 = socket(0x1e, 0x4, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000000)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r4 = socket$inet6(0xa, 0x2, 0x3a)
connect$inet6(r4, &(0x7f0000000180)={0xa, 0x4e24, 0xb, @mcast2, 0x9}, 0x1c)
sendto$inet6(r4, &(0x7f0000000040)="800037bbfa9ba1ce", 0xffe9, 0x0, 0x0, 0x0)
read(r4, &(0x7f0000002400)=""/4062, 0xfde)
setsockopt$packet_tx_ring(r0, 0x10f, 0x87, 0x0, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x4)
writev(r5, &(0x7f0000000300)=[{&(0x7f00000005c0)="580000001400192340834b80040d8c561e117436c379000000000000000058000b4824ca945f6400d40f6a03", 0x2c}], 0x1)

6m9.00890732s ago: executing program 5 (id=1042):
sendmmsg$sock(0xffffffffffffffff, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f00000009c0)=[{&(0x7f0000000380)="82f294054d05973abfac6a6f31050418457d017c5fd68b034cf51b9f6a6d71daa5c776bca90037bc7c3d88b151fbf856f69ebd05e750f13f02af646b284953b6640a08c827c6f2ff4ad8e84077f9f03f94792aa17c4743cba3f355bb9c5b04b91ed70d253db68e17cdd561fab50447", 0x6f}, {0x0}, {0x0}, {&(0x7f00000000c0)}], 0x4}}], 0x1, 0x20000044)
openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3be", 0x6)
r1 = accept4(r0, 0x0, 0x0, 0x800)
sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0x10}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0x4d}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46", 0xb5}], 0x3, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r2 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000080)=ANY=[@ANYBLOB="1201000041436120410e5150e8d5000000010902f98a5c01000000090401001186eee2000905821704"], 0x0)
syz_usb_control_io$cdc_ecm(r2, 0x0, 0x0)
syz_usb_ep_write$ath9k_ep1(r2, 0x82, 0xfffffffffffffea8, &(0x7f0000000140)=ANY=[])

6m5.495427785s ago: executing program 5 (id=1049):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="05000000040000000c0000000b"], 0x50)
close(0x3)
bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0b00000008000000010001000900000001000000", @ANYRES32, @ANYBLOB="000000000000000000670000004f00fbffff1200", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/24], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000f4751f2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000018110000", @ANYRES32=r0], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000380)={r1}, 0xc)

6m5.123996765s ago: executing program 5 (id=1052):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0xe, &(0x7f0000000080)={[{@quota}, {@quota}, {@barrier_val={'barrier', 0x3d, 0x3}}, {@orlov}, {@test_dummy_encryption_v1}, {@jqfmt_vfsv1}]}, 0x3, 0x448, &(0x7f0000000440)="$eJzs3M1vG0UbAPBnN3H6tmnfhFI++gEECiLiI2nSAr2CQOIAEhIcyjEkaVXqNqgJEq0qKAiVI6rEHXFE4i/gBBcEnJC4wh1VqlAvLZwWrb3bOK6d1q5dF/z7SZvM7I4183h37JmdbAIYWlP5jyRie0T8FhET9ezGAlP1X9eunFv868q5xSSy7M0/k1q5q1fOLZZFy9eNF5npNCL9NIm9LepdPXP2xEK1uny6yM+unXxvdvXM2WePn1w4tnxs+dT84cOHDs698Pz8cz2JM2/T1T0fruzb/erbF19fPHLxnZ++Scr4m+LokanNDj6RZT2ubrB2NKST0QE2hI6MRER+uiq1/j8RI7F+8ibilU8G2jigr7Isy8bbHz6fAf9hSQy6BcBglF/0+fy33O7Q0OOucPnF+gQoj/tasdWPjEZalKk0zW97aSoijpz/+8t8i/7chwAA2OC7fPzzTKvxXxr3N5T7f7E2NBkR90TEzoi4NyJ2RcR9EbWyD0TEgx3W37xIcuP4J73UVWC3KB//jaf1ta2N479y9BeTI0VuRy3+SnL0eHX5QPGeTEdlS56f26SO71/+9fN2xxrHf/mW11+OBYt2XBrdsvE1SwtrC7cTc6PLH0fsGW0Vf3J9JSCJiN0RsafLOo4/9fW+dsduHv8merDOlH0V8WR9bfN8NMVfSjZfn5z9X1SXD8yWV8WNfv7lwhvt6r+t+HsgP//bovX5L0wmjeu1q53XceH3z9rOabq9/seSt2rpsWLfBwtra6fnIsaS1+qNbtw/v/7aMl+Wz+Of3t+6/++M9Xdib0TkF/FDEfFwRDxStP3RiHgsIvZvEv+PLz3+bvfx91ce/1JH5389MRbNe1onRk788O2GSic7iT8//4dqqeliz618/t1Ku7q7mgEAAODfJ42I7ZGkM9fTaTozU/97+V2xLa2urK49fXTl/VNL9WcEJqOSlne6Jhruh84V0/oyP9+UP1jcN/5iZGstP7O4Ul0adPAw5Mbb9P/cHyODbh3Qd57XguGl/8Pw0v9heOn/MLxa9P+tg2gHcOe1+v7/aADtAO68pv5v2Q+GiPk/DC/9H4aX/g9DaXVr3Pwh+YEnyg+ou6U9XSSyLKLfdVU6+McHt52I9C54VyX6lhjwBxMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAECP/BMAAP//qlXhwA==")
syz_mount_image$tmpfs(&(0x7f0000000040), &(0x7f0000000100)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x206420, 0x0, 0x7, 0x0, &(0x7f0000006380))
ioctl$BTRFS_IOC_GET_FEATURES(0xffffffffffffffff, 0x80189439, 0x0)
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x301c48a, &(0x7f0000000380)=ANY=[@ANYBLOB="757466383d302c73686f72746e616d653d77696e39352c696f636861727365743d63703836392c757466383d302c696f636861727365743d63703836362c696f636861727365743d63703733372c756e695f786c6174653d302c73686f72746e616d653d6d697865642c756e695f786c6174653d302c636f6465706167653d3836312c756e695f786c6174653d312c757466383d302c73686f72746e616d653d77696e39352c726f6469722c696f636861727365743d6d61637475726b6973682c6572726f72733d636f6e74696e75652c756e695f786c6174653d312c00e1d625f10b9ee0a39b75b922489840691b55fdd962d869c07e5720a738d425cd66a3c97ccd3f631568b5d6c3"], 0x6, 0x2d5, &(0x7f0000000680)="$eJzs3T+LHGUcB/Df7O3tTrTYLaxEcEALq5BLa7OHJCBeZdhCLfQwCcjtIiRw4B+cTWUl2FhY+AoEwRdi4zsQbAU7IwRGZnYmM5vbXPbk9sTc59PcM8883+f5zdxwO1fccx+9Mj+6ncXdB1/+FmmaRG8Sk3iYxDh60VgUS/nycPJtAAD/Zw+LIv6sP9/PkksiIt1eWQDAFm32+d9vmz9fSFkAwBbdeu/9d/YPDm68m2Vp3Jx/fTwtf7Mvvy7P79+NT2IWd+JajOJRRPWisBvV20LZvFkURd7PSuN4fZ4fT8vk/MNf6vn3/4io8nsxinHV9fhto8q/fXBjL1vq5POyjhfq9Sdl/nqM4qXH4ZX89TX5mA7ijdc69V+NUfz6cXwas7hdFdHmv9rLsreK7/764oOyvDKf5MfTYTWuVex0j65czLcHAAAAAAAAAAAAAAAAAAAAAIDn1NV675xhVPv3lF31/js7j8qD3cga49X9eZb5pJmouz9QURR5ET80++tcy7KsqAe2+X683O9uLAgAAAAAAAAAAAAAAAAAAACX1/3PPj86nM3u3DuXRrMbQD8i/r4V8W/nmXR6Xo3TBw/rNQ9ns17dXB3T7/bETjMmiTi1jPIizum2PKtx5UTNdePHnzaaJ4lY1D3psxfdXb/WeTaap+voMFl/D4fR9KT1Q/L9IKIdM4inLbFY7Rk8rYwizvL4DdaeGm0W/6a+2nKeF6uevDm1OJmK5InCkqQz5s3fl3PVPcmTVzGo7uq6MiJtGm18dUy60fMc6TJ+8mdFYrcOAAAAAAAAAAAAAAAAAADYqvavf9ecfHBqtFcMt1YWAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFyo9v//n6GR1+ENBg/i3v3/+BIBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4BP4JAAD//47KXt4=")
mount$cgroup(0x0, 0x0, 0x0, 0x2, &(0x7f0000000180)={[{@name={'name', 0x3d, '.{/!}@'}}]})
syz_mount_image$vfat(&(0x7f0000000300), &(0x7f0000000280)='./bus\x00', 0x3c9c9b, 0x0, 0x0, 0x0, &(0x7f0000000140))
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0xc, &(0x7f0000000240)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
mount$bind(&(0x7f0000000280)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
chroot(&(0x7f0000000580)='./file0/../file0\x00')
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f00000008c0)='./file0\x00', 0x0, 0x2a05004, 0x0)
pivot_root(&(0x7f0000000600)='./file0\x00', &(0x7f00000001c0)='./file0/../file0\x00')

6m1.721210577s ago: executing program 5 (id=1060):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="05000000040000000c0000000b"], 0x50)
close(0x3)
bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0b00000008000000010001000900000001000000", @ANYRES32, @ANYBLOB="000000000000000000670000004f00fbffff1200", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/24], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000f4751f2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000018110000", @ANYRES32=r0], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000380)={r1}, 0xc)

6m1.177233022s ago: executing program 5 (id=1062):
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f00000009c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2800000, &(0x7f0000000000)={[{@usrjquota}, {@delalloc}, {@bsdgroups}, {@auto_da_alloc}, {@errors_continue}, {}, {@noauto_da_alloc}, {@noblock_validity}, {@jqfmt_vfsv0}, {@sysvgroups}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x4}}]}, 0x1, 0xbdf, &(0x7f0000000ac0)="$eJzs3M9rHNcdAPDvjFa/bLkrl2LqXqxSig2la9lFpjaF2sWllx4K7bVgIa+M0PoHkoorWdBV+w+UJOdALoEkJsGH+OxLArnmkjjXmBwCJihWAiEkCrM/JFnalSxrpVHkzwee5r15M/O+X4208x7sbgAvrKHsRxpxPCKuJBHFxv40Inpqtb6Iav24pcX5sa8X58eSWF7++xdJJBHxZHF+rHmtpLE93Gj0RcSHf0rip//bOO707NzkaKVSnmq0T89cv3V6enbutxPXR6+Vr5VvnDn3+5GzI+eGz490LNdvPr14/6tf/uWz6rdvfnf3y5dfT+JiDDT61ubRyHrHhmJo5XeyRn8HLr1vdEVEYc29zySFLU5KdzkoAADaStfM4Y5FMbpidfJWjPc+yjU4AAAAoCOWuyKWAQAAgAMusf4HAACAA675PoAni/NjzZLvOxL21uNLETFYz3+pUeo9hajWtn3RHRGHniSx9mOtSf20HRuKiEefnH8nK9Hic8i7rboQET9vdf+TWv6DjU9Cr88/jYjhDow/tK79Y8r/YgfGzzt/AF5MDy7VH2Qbn3/pyvwnWjz/Ci2eXc8j7+dfc/63tGH+t5p/V5v539+ecYw7b7x6u11flv8f7v/57WbJxs+2O0pqGx4vRPyi0Cr/ZCX/pE3+V7a4dhL1SxS/v11ud0ze+S+/FnEyWufflGz+/USnxycq5eH6z5ZjLHww8la78fPOP7v/h9rkv8n978v23XrqSu2/1Oefly/fa9e3Zf5d6ec9yT9q1Z7Grn+PzsxMnYnoSf66cf/ZzfNtHtO8Rpb/qV9t/v/f6u8/e02oNv42sswXGtus/d91Y/7x7p13N8s/W/vlef+vbv/+1/b9/xnH+PX7L51q17d2/ZuVbPxHSX0tDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABNaUQMRJKWIiKp1dO0VIo4HBE/i0Np5eb0zG/Gb/7rxtWsL2IwutPxiUq5EBHFejvJ2mdq9dX22XXt30XE0Yh4pdhfa5fGblau5p08AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKw5HxEAkaSki0ohYKqZpqZR3VAAAAEDHDeYdAAAAALDrrP8BAADg4NvG+v/YbsYBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAgXX0xIOHSURUL/TXSqan0deda2TAbkvzDgDITVfeAQC5KeQdAJCbba7xTRfgAEq26O9r29Pb8VgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2L9OHn/wMImI6oX+Wsn0NPq6W55xYg+jA3ZTmncAQG66Nuss7F0cwN577n/xI52NA9h7rdf4wIsk2aK/b/WY6tM9vbsWEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD7z0CtJGkpItJaPU1LpYgjETEY3cn4RKU8HBE/iYiPi929Wbs376ABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADouOnZucnRSqU89TyVZGenq6i0q/xnf4Sxt5Vkf4RRr+T9ygQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQB6mZ+cmRyuV8tT0+p7ufAICAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcjM9Ozc5WqmUp1pV0sZBjT33Nj24fSXnFAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAyNEPAQAA//8w+gn+")
getgroups(0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x800, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, &(0x7f0000000180)="420fc7bc4898580000640f01c50f01c566baf80cb864c95782ef66bafc0cec67670f1b0166b8fb008ec046d9c3c442b90a2c81c442812852fcc744240012000000c74424020b000000ff1c24", 0x4c}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
pwritev(0xffffffffffffffff, 0x0, 0x0, 0x4, 0x20000006)
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r4, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, 0x0, 0x4b}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000200)="f7790066baa00066b86b4266ef66ba420066b8e20066ef0f29902cbb0000c4e2b1ba8c88d9000000666666440f38826b410f7842280f07b8010000000f01d9c4033921820f47a753fd", 0x49}], 0x1, 0x43, 0x0, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r5, 0x4400ae8f, &(0x7f0000000140)=@x86={0x40, 0x1, 0xc, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x80, 0x9, 0x0, 0x0, 0x0, 0xfffffff8, 0x0, 0xff, 0xff})
ioctl$KVM_RUN(r5, 0xae80, 0x0)

5m59.853427257s ago: executing program 34 (id=1062):
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f00000009c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2800000, &(0x7f0000000000)={[{@usrjquota}, {@delalloc}, {@bsdgroups}, {@auto_da_alloc}, {@errors_continue}, {}, {@noauto_da_alloc}, {@noblock_validity}, {@jqfmt_vfsv0}, {@sysvgroups}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x4}}]}, 0x1, 0xbdf, &(0x7f0000000ac0)="$eJzs3M9rHNcdAPDvjFa/bLkrl2LqXqxSig2la9lFpjaF2sWllx4K7bVgIa+M0PoHkoorWdBV+w+UJOdALoEkJsGH+OxLArnmkjjXmBwCJihWAiEkCrM/JFnalSxrpVHkzwee5r15M/O+X4208x7sbgAvrKHsRxpxPCKuJBHFxv40Inpqtb6Iav24pcX5sa8X58eSWF7++xdJJBHxZHF+rHmtpLE93Gj0RcSHf0rip//bOO707NzkaKVSnmq0T89cv3V6enbutxPXR6+Vr5VvnDn3+5GzI+eGz490LNdvPr14/6tf/uWz6rdvfnf3y5dfT+JiDDT61ubRyHrHhmJo5XeyRn8HLr1vdEVEYc29zySFLU5KdzkoAADaStfM4Y5FMbpidfJWjPc+yjU4AAAAoCOWuyKWAQAAgAMusf4HAACAA675PoAni/NjzZLvOxL21uNLETFYz3+pUeo9hajWtn3RHRGHniSx9mOtSf20HRuKiEefnH8nK9Hic8i7rboQET9vdf+TWv6DjU9Cr88/jYjhDow/tK79Y8r/YgfGzzt/AF5MDy7VH2Qbn3/pyvwnWjz/Ci2eXc8j7+dfc/63tGH+t5p/V5v539+ecYw7b7x6u11flv8f7v/57WbJxs+2O0pqGx4vRPyi0Cr/ZCX/pE3+V7a4dhL1SxS/v11ud0ze+S+/FnEyWufflGz+/USnxycq5eH6z5ZjLHww8la78fPOP7v/h9rkv8n978v23XrqSu2/1Oefly/fa9e3Zf5d6ec9yT9q1Z7Grn+PzsxMnYnoSf66cf/ZzfNtHtO8Rpb/qV9t/v/f6u8/e02oNv42sswXGtus/d91Y/7x7p13N8s/W/vlef+vbv/+1/b9/xnH+PX7L51q17d2/ZuVbPxHSX0tDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABNaUQMRJKWIiKp1dO0VIo4HBE/i0Np5eb0zG/Gb/7rxtWsL2IwutPxiUq5EBHFejvJ2mdq9dX22XXt30XE0Yh4pdhfa5fGblau5p08AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKw5HxEAkaSki0ohYKqZpqZR3VAAAAEDHDeYdAAAAALDrrP8BAADg4NvG+v/YbsYBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAgXX0xIOHSURUL/TXSqan0deda2TAbkvzDgDITVfeAQC5KeQdAJCbba7xTRfgAEq26O9r29Pb8VgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2L9OHn/wMImI6oX+Wsn0NPq6W55xYg+jA3ZTmncAQG66Nuss7F0cwN577n/xI52NA9h7rdf4wIsk2aK/b/WY6tM9vbsWEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD7z0CtJGkpItJaPU1LpYgjETEY3cn4RKU8HBE/iYiPi929Wbs376ABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADouOnZucnRSqU89TyVZGenq6i0q/xnf4Sxt5Vkf4RRr+T9ygQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQB6mZ+cmRyuV8tT0+p7ufAICAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcjM9Ozc5WqmUp1pV0sZBjT33Nj24fSXnFAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAyNEPAQAA//8w+gn+")
getgroups(0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x800, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, &(0x7f0000000180)="420fc7bc4898580000640f01c50f01c566baf80cb864c95782ef66bafc0cec67670f1b0166b8fb008ec046d9c3c442b90a2c81c442812852fcc744240012000000c74424020b000000ff1c24", 0x4c}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
pwritev(0xffffffffffffffff, 0x0, 0x0, 0x4, 0x20000006)
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r4, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, 0x0, 0x4b}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000200)="f7790066baa00066b86b4266ef66ba420066b8e20066ef0f29902cbb0000c4e2b1ba8c88d9000000666666440f38826b410f7842280f07b8010000000f01d9c4033921820f47a753fd", 0x49}], 0x1, 0x43, 0x0, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r5, 0x4400ae8f, &(0x7f0000000140)=@x86={0x40, 0x1, 0xc, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x80, 0x9, 0x0, 0x0, 0x0, 0xfffffff8, 0x0, 0xff, 0xff})
ioctl$KVM_RUN(r5, 0xae80, 0x0)

9.727496627s ago: executing program 3 (id=2100):
r0 = socket$kcm(0x10, 0x400000002, 0x0)
write$cgroup_subtree(r0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0007000042009103"], 0xfe33)
recvmsg(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000c00)=[{&(0x7f0000001e00)=""/4069, 0xfe5}, {&(0x7f0000002e00)=""/4122, 0x101a}, {&(0x7f0000000dc0)=""/4125, 0x101d}, {0x0}, {&(0x7f0000000180)=""/182, 0xb6}, {&(0x7f0000000cc0)=""/242, 0xf2}], 0x6}, 0x40000142)

9.187554982s ago: executing program 3 (id=2103):
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r0 = syz_pidfd_open(0x0, 0x0)
pidfd_send_signal(r0, 0x2, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, &(0x7f0000000340)={0x1, &(0x7f0000000300)=[{0x9, 0x6, 0x3, 0x7ff}]}, 0x10)
r4 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r4, &(0x7f00000000c0), 0x10)
sendmsg$can_bcm(r4, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x44000}, 0x0)

6.340166519s ago: executing program 0 (id=2105):
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000001c0)={&(0x7f0000000ac0)=ANY=[], &(0x7f0000000000)=""/130, 0x3b, 0x82, 0x1, 0x10}, 0x28)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)

6.150253594s ago: executing program 3 (id=2107):
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$RDMA_USER_CM_CMD_JOIN_IP_MCAST(r0, &(0x7f0000010080)={0x10, 0x30, 0xfa00, {&(0x7f0000010040), 0x0, {0xa, 0x4e21, 0xe, @private0={0xfc, 0x0, '\x00', 0x1}, 0xe}}}, 0x38)

6.104096545s ago: executing program 0 (id=2108):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz1\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff1000/0x3000)=nil, &(0x7f0000ff1000/0xf000)=nil, &(0x7f0000ff6000/0x3000)=nil, &(0x7f0000ff2000/0x1000)=nil, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffa000/0x2000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045)
r1 = io_uring_setup(0x1b7b, &(0x7f0000000040)={0x0, 0xc89d, 0xc000, 0xa, 0x20002f7})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000093c0)={0x0, 0x0, 0x0}, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x20, &(0x7f0000000000)=0x6, 0xffffff13)
r2 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x8)
io_uring_enter(r1, 0x2219, 0x7721, 0x16, 0x0, 0x0)

5.951944569s ago: executing program 3 (id=2109):
setsockopt(0xffffffffffffffff, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
sendto$inet6(0xffffffffffffffff, &(0x7f0000000400)="cd", 0x1, 0x8010, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback, 0xfffffffe}, 0x1c)
sendmmsg$sock(0xffffffffffffffff, &(0x7f0000001c80)=[{{0x0, 0x0, &(0x7f0000001bc0)=[{&(0x7f0000000b00)="edb1", 0x2}], 0x1}}], 0x1, 0x8000)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x17, &(0x7f0000000ac0)={0x0, 0x0, 0x1, "c8"}, 0x9)

5.878412451s ago: executing program 0 (id=2110):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000000000040260933334000000000010902"], 0x0)
syz_usb_connect(0x0, 0x24, &(0x7f0000000000)={{0x12, 0x1, 0x300, 0xf4, 0xb1, 0x6a, 0x20, 0xfc5, 0x1227, 0xf304, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x1, 0xf7, 0x50, 0x18, "", [{{0x9, 0x4, 0xaa, 0x4, 0x0, 0x99, 0x46, 0xe5, 0x6}}]}}]}}, 0x0)
syz_usb_disconnect(r0)
syz_usb_connect$hid(0x2, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000"], 0x0)
syz_usb_control_io$uac1(0xffffffffffffffff, 0x0, 0x0)

5.704017526s ago: executing program 3 (id=2112):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)={0x64, 0x0, 0x1, 0x401, 0x0, 0x1a14, {0x2, 0x0, 0x10}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @local}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8, 0x7, 0x1, 0x0, 0x1}]}, 0x64}}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)={0x4c, 0x0, 0x1, 0x101, 0x0, 0x0, {0x2, 0x0, 0x2}, [@CTA_SEQ_ADJ_ORIG={0x14, 0xf, 0x0, 0x1, [@CTA_SEQADJ_CORRECTION_POS={0x8, 0x1, 0x1, 0x0, 0x9be8}, @CTA_SEQADJ_OFFSET_BEFORE={0x8}]}, @CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4004881}, 0x20008820)

5.586173029s ago: executing program 3 (id=2114):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
lsetxattr$system_posix_acl(0x0, 0x0, 0x0, 0x24, 0x0)
mount$cgroup(0x0, &(0x7f0000000140)='.\x00', 0x0, 0x2008000, &(0x7f0000000680)={[{@subsystem='memory'}]})
rmdir(0x0)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
getsockopt$sock_buf(r3, 0x1, 0x24, 0x0, 0x0)
syz_mount_image$erofs(&(0x7f0000000040), &(0x7f0000000580)='./file2\x00', 0x8, &(0x7f0000000000)=ANY=[], 0x5, 0x1e2, &(0x7f00000002c0)="$eJzslb+qE0EUxr+ZTXaTW1nbWHjBa+Fmd6+CzYVrY2Uh+CdYCAaTSHRDJNnCBCT4BPZ2Fj6GEFsfQqIgCqKN2gkj82d3h7gbzRKJ4PnBzn4zczhzZga+AUEQ/y3v3n5fim9HHxoAmtiHZ8Y/OpkEt+LfNL48fnXlcvvp7RevvaW3km2l/0MI8Zv15bqLSw6Skvl9878Onukb4DhrdBsMvtF3wHHT6B4Ybhl939IjGe/7/UHc8++O4q4UQX9QRyhVJJtDe/0agM9PGLqmL4QQzJqfTGcPOnHcG28qxHxdzAl7pPhkFp+y+hrAkVWffV8+dLWBdX4hOEKjD8FwzeiL8NKzCWQTWvs/WcvzO2v376LiiaTiPYB8pF85zx8IVy61MrX3y0iRAFj1u/93hAMl0hvdeT1bF6htLaHwgF1vp0S8PNb3l5U61/3N8hyXTLkb5jEnn/mneM5wxvInbSXP1GPRSoYPW5Pp7Nxg2LnnmqDgfBBciFrKiHRbbIEqf1P5016ev1kW6zIXjzpJMg51m/Uj3RY5Llf+x3FwGnXZl26qyqznMV/V26lh5uPqL9WBU1o8SkslCIL465wCU56sfDkV5jXJJoSIru64ToIgCIIgCIIgCIIgqvMzAAD//7paW3I=")
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, &(0x7f0000000140)=ANY=[@ANYBLOB="61124c00000000006113500000000000bf2000000000000007000000080000002d0301000000000095001800000000006926000000000000bf67000000000000150600000fff070067060000200000006a0200000ee60000bf050000000000003d350000000000006507000002000000070700004a0000000f75000000000000bf54000000000000070400000400f9ff3d53010000000000840400000000000073720000000000009500000000000000db13d5d8b741f2cdaabc8383caf56b8c2b84a8d09535a157f9005bd38addaa65b925cd3ded25b8b9e2a095d2c51ef45c5588ec78c7f32946b17cecfe54c53ab530c58b67851b7e0e82452a083b98a6aa766401047d150203b0417edef332233b081df18961d6822d133bf72a4de1c2ea17f04537fc211576846ac629d1d93265ba4580047a9dc88de358ce795731891a2031de4e09740c64e5506f991ed4785a9773a433e0db9c1a7d4ab9d658ce9cfdb4db3bed62bcb2bc91ddcdfadfe6d4421c49fb6641cbf56914e76702f673b586c767562a90a3967093b000e3806f825f1d0da2a304e06543b56d35235d78b7a7fe912971aab876022e96f5143b6234f5a6b701690b07fb664a44e22b72e843e7cf55f394cf75d1cd3ee79a25fb98cc45b3fde43e42e150d4a2fddd9a97677400ef0bd697d135324ce480c2960344de346bd511dea4ff7a07400b2d12dd1a8c4c300aee5f948777085ca142b79dfc3aca5fadaa0532ab0572169f68584ff2ee063bc7e75ecd5cc8973464629ba236e3ff97f6033d0800000000000000cef54a60aff12590a50ef147e3e640193d00263003a4ef412420a070dd0327e47c8c7abb77b4b53874788d7e2e5d554de4713db957afb56d4673f1b904c5a317d3670003000000183fb7d36e173044f4ab34"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_skb}, 0x48)

3.989290582s ago: executing program 6 (id=2115):
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r0 = syz_pidfd_open(0x0, 0x0)
pidfd_send_signal(r0, 0x2, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, &(0x7f0000000340)={0x1, &(0x7f0000000300)=[{0x9, 0x6, 0x3, 0x7ff}]}, 0x10)
r4 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r4, &(0x7f00000000c0), 0x10)
sendmsg$can_bcm(r4, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x44000}, 0x0)

1.692663464s ago: executing program 6 (id=2116):
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000001c0)={&(0x7f0000000ac0)=ANY=[], &(0x7f0000000000)=""/130, 0x3b, 0x82, 0x1, 0x10}, 0x28)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)

1.650266445s ago: executing program 2 (id=2117):
syz_io_uring_setup(0x4b6, &(0x7f0000000100)={0x0, 0x0, 0x400, 0x1, 0x5}, 0x0, 0x0, 0x0)
r0 = syz_pidfd_open(0x0, 0x0)
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000004c0), 0x48100)
r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000002c0), 0x1)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000040)={0x7, 0x100000, 0x0, 'queue0\x00'})
write$sndseq(r2, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick, {}, {}, @raw32}], 0xffc8)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_INFO(r1, 0xc08c5335, &(0x7f00000001c0)={0x0, 0x80, 0x0, 'queue0\x00'})
close_range(r0, 0xffffffffffffffff, 0x0)

1.589165267s ago: executing program 0 (id=2118):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz1\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff1000/0x3000)=nil, &(0x7f0000ff1000/0xf000)=nil, &(0x7f0000ff6000/0x3000)=nil, &(0x7f0000ff2000/0x1000)=nil, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffa000/0x2000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045)
r1 = io_uring_setup(0x1b7b, &(0x7f0000000040)={0x0, 0xc89d, 0xc000, 0xa, 0x20002f7})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000093c0)={0x0, 0x0, 0x0}, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x20, &(0x7f0000000000)=0x6, 0xffffff13)
r2 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x8)
io_uring_enter(r1, 0x2219, 0x7721, 0x16, 0x0, 0x0)

1.588526557s ago: executing program 6 (id=2119):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000340)={0x0, 0xcc}, 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000280)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
sendmmsg$inet6(r0, &(0x7f0000000540)=[{{&(0x7f0000000080)={0xa, 0x4e23, 0x3, @loopback, 0x3}, 0x1c, &(0x7f00000004c0)=[{&(0x7f0000000240)="dc", 0x1}], 0x1}}], 0x1, 0x3404c891)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000040)={0x1, &(0x7f0000000340)=[{0x6, 0x8, 0x0, 0xb}]}, 0x10)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000040)='./bus\x00', 0x2000000, &(0x7f0000000d40)=ANY=[@ANYBLOB="73686f72746e616d653d77696e39352c73686f72746e616d653d77696e6e742c756e695f786c6174653d302c756e695f786c6174653d312c757466383d312c757466383d312c646973636172642c757466383d302c756e695f786c6174653d302c666c7573682c73686f72746e616d653d6d697865642c73686f72746e616d653d6c6f7765722c646f733178666c6f7070792c73686f72746e616d653d77696e6e742c73686f72746e616d653d6c6f7765722c757466382c0014697a7960fb374b723f64329787434c6c9f891d2e309efaf1d4e529e1ba0f697fedffb095592bc19d5a8f8141ee9bf46262f3a2b1452bf206c0e2ae8a465e6e1be6eeb5d588035a24458d476fc1f9a234cdc4ba352a4185614ce67df4870bff796357ee95fffb99cde9"], 0x1, 0x2bc, &(0x7f00000015c0)="$eJzs3U9rY1UUAPDz0uQ1QxftwpUIvsUs3Fims3VhBqkgdqVk4R/QwZmBoQkDDQRGxTArP4ELF34Pd+4FN34DwYVLdw5SuPLeS5NMkkmmHdMO5ffb9HLuOe/em3fbFMK7+fKN/vG9R4MHT779I9rtLBqd6MTTLPaiEWfSWAAA18LTlOLvC72/NxubmhMAsFkz7/+t56RsL4be3fS0AIAN+viTTz+8c3R0+FFRtCP63w+7WdQ/6/47D+Jh9OJ+3IrdOJ1+FpBS3X7/g6PDaBalvbjZHw27ZWX/i98mqXlU9QexG3vL6w+K2kz9aNis/vPIsoiHnXIit2M3XluoL/sPby+pj24eb7XHiyzH34/d+P2reBS9uFd9pjEd/7s8ivfSD/9881mZXNZno2F3u8qbSluXfW8AAAAAAAAAAAAAAAAAAAAAALi+9ouJvbjZL0P1+TvdrdOqf/+Z/up8nUbVX9dnEXnVmDsfaJTip7PzdW4VRZGyOn9yvs+NZrzejOaVLRwAAAAAAAAAAAAAAAAAAABeIYPHXx/f7fXun/wvjfFD/pPH+i96nc5M5M1Ynbx9rrFia5xeznU+5+DXz/uTSLmIi0x+2CoiVs25tRC5Uc5n/ZX/TSmlLIt4udvUepGx1jR2VueUL/AvP+68fXw3W/cats9u3M+zXXmcDB7P3dPIVg96+kwknWv75Sty8vGOeaHr7LzkL9E7f9aDjSPZmlW0ZiKtcSOet/3a59rPl/c3CAAAAAAAAAAAAAAAAAAAqE0f+l3S+WRlaWNjkwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACASzb9/v9pIxYic41R/FUVL89JKY0mkTxOBle9RgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAK6//wIAAP//qWdtxQ==")
setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f0000000040)=ANY=[], 0x10)

1.316657034s ago: executing program 0 (id=2120):
setsockopt(0xffffffffffffffff, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
sendto$inet6(0xffffffffffffffff, &(0x7f0000000400)="cd", 0x1, 0x8010, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback, 0xfffffffe}, 0x1c)
sendmmsg$sock(0xffffffffffffffff, &(0x7f0000001c80)=[{{0x0, 0x0, &(0x7f0000001bc0)=[{&(0x7f0000000b00)="edb1", 0x2}], 0x1}}], 0x1, 0x8000)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x17, &(0x7f0000000ac0)={0x0, 0x0, 0x1, "c8"}, 0x9)

1.206052247s ago: executing program 2 (id=2121):
r0 = socket$kcm(0x10, 0x400000002, 0x0)
write$cgroup_subtree(r0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0007000042009103"], 0xfe33)
recvmsg(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000c00)=[{&(0x7f0000001e00)=""/4069, 0xfe5}, {&(0x7f0000002e00)=""/4122, 0x101a}, {&(0x7f0000000dc0)=""/4125, 0x101d}, {0x0}, {&(0x7f0000000180)=""/182, 0xb6}, {&(0x7f0000000cc0)=""/242, 0xf2}], 0x6}, 0x40000142)

1.205314737s ago: executing program 6 (id=2122):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)={0x64, 0x0, 0x1, 0x401, 0x0, 0x1a14, {0x2, 0x0, 0x10}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @local}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8, 0x7, 0x1, 0x0, 0x1}]}, 0x64}}, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)={0x4c, 0x0, 0x1, 0x101, 0x0, 0x0, {0x2, 0x0, 0x2}, [@CTA_SEQ_ADJ_ORIG={0x14, 0xf, 0x0, 0x1, [@CTA_SEQADJ_CORRECTION_POS={0x8, 0x1, 0x1, 0x0, 0x9be8}, @CTA_SEQADJ_OFFSET_BEFORE={0x8}]}, @CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4004881}, 0x20008820)

1.160023318s ago: executing program 0 (id=2123):
r0 = syz_usb_connect(0x3, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000df2bfd404b0c0001cad7010203010902240001000000000904450002c9cee40009050802ff03000000090582030004"], 0x0)
r1 = syz_usb_connect(0x2, 0x24, &(0x7f0000000100)={{0x12, 0x1, 0x200, 0xff, 0x0, 0x0, 0x20, 0x572, 0xcb01, 0xbe71, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x6, 0x3, 0x80, 0x2, "", [{{0x9, 0x4, 0x2c, 0x7, 0x0, 0x5f, 0x90, 0xe3}}]}}]}}, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x5, [{0x78, &(0x7f0000000200)=@string={0x78, 0x3, "8f2ea7172abbca1840b2bcbd4a4102c116f54710515e9265156202b69c880ff97133a3ce947e11a66871dafe5af8577d6604359f01611603817a71b49f8e7edec28107455b67df76a1fe30e3e65ffafc4cbf57566fba7b64ce44f8acaf4954a44144ee1c93569e602494a122720e4366f5550326517d"}}, {0x4, &(0x7f0000000280)=@lang_id={0x4, 0x3, 0x44e}}, {0x24, &(0x7f00000002c0)=@string={0x24, 0x3, "4206ea4006f5503834057933878888ff112eaa162c81449ba6aea231ae1c8eb37cd2"}}, {0x4, &(0x7f0000000300)=@lang_id={0x4, 0x3, 0x44a}}, {0x5c, &(0x7f0000000380)=@lang_id={0x4, 0x3, 0x439}}]})
syz_usb_control_io$hid(r1, &(0x7f00000037c0)={0x24, 0x0, &(0x7f0000000a40)={0x0, 0x3, 0x2, @string={0x2}}, 0x0, 0x0}, 0x0)
syz_usb_control_io$uac1(r1, &(0x7f00000006c0)={0x14, 0x0, &(0x7f00000003c0)={0x0, 0x3, 0x4, @string={0x4, 0x3, "52f4"}}}, 0x0)
syz_usb_control_io(0xffffffffffffffff, &(0x7f00000003c0)={0x2c, &(0x7f0000000040)=ANY=[@ANYBLOB="00003f0000003f00a7ea3163fdfa964eccac45d3456808f1e3fe0c472c8d954f8999b06ca46207f2b7bd7d2944fafc2276cc6b8f9629dc50c76a16f810156cb132f51eb69c"], 0x0, 0x0, 0x0, 0x0}, 0x0)
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="01"])
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0x5c, &(0x7f0000000180)={[{0x56, 0x4e00, "48e02d208e57af2748b552b417226aaa9116c328f3306a6f6680a597eeba1d075f17e2afc9f3b54e5a4661be0a9016781f6ce3ed4e8c14b827e444b135ba254b69d486358b6e2deeea3c3464449e7570e98607b0c3b4"}]})
syz_usb_connect$cdc_ncm(0x6, 0x76, &(0x7f00000000c0)=ANY=[@ANYBLOB="12010000020000002505a1a44000010203010902640002010000000904000001020d000008"], 0x0)
syz_usb_control_io(0xffffffffffffffff, &(0x7f0000000140)={0x2c, 0x0, 0x0, &(0x7f0000000080)={0x0, 0xf, 0x20, {0x5, 0xf, 0x20, 0x2, [@ss_container_id={0x14, 0x10, 0x4, 0x7, "ad0e475b1bf392818f68c2ef4b7feda5"}, @ext_cap={0x7, 0x10, 0x2, 0x1c, 0x2, 0x3, 0x6}]}}, 0x0, 0x0}, 0x0)
syz_usb_connect$cdc_ncm(0x4, 0xd1, &(0x7f0000000040)=ANY=[], 0x0)
syz_usb_connect(0x3, 0xf5, &(0x7f0000000000)=ANY=[], 0x0)
r2 = syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000062d14406d04700847610000000109021200010000000009"], 0x0)
syz_usb_control_io(r2, 0x0, 0x0)
syz_usb_control_io(r2, 0x0, 0x0)
syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0)

999.241913ms ago: executing program 2 (id=2124):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000006c0)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x1, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0x0, 0xb}, {0xffff, 0xffff}, {0x5}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x1, 0x3, 0x6361, 0x5, 0xffffffff, 0x3}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40088c1}, 0x4008814)
r4 = socket$kcm(0x11, 0x3, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$kcm(r4, &(0x7f0000000340)={&(0x7f0000000440)=@xdp={0x2c, 0xdd86, r6, 0x5}, 0x80, &(0x7f0000000ac0)=[{&(0x7f0000000680)=',', 0x1}], 0x1}, 0x20008110)

978.090854ms ago: executing program 6 (id=2125):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x381, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x5032})
sendmsg$DEVLINK_CMD_TRAP_GET(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000400)={0x14, 0x0, 0xb0d, 0x70bd27, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x80}, 0x10)
io_setup(0x4, &(0x7f00000013c0)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000002c00)=[&(0x7f00000000c0)={0x20000000, 0x0, 0x7, 0x8, 0x0, r0, &(0x7f0000000080)}])

700.102701ms ago: executing program 2 (id=2126):
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0xe, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000800000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="05000000040000000c0000000b"], 0x50)
close(0x3)
bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0b00000008000000010001000900000001000000", @ANYBLOB="000000000000000000670000004f00fbffff1200", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/24], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000f4751f2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000018110000", @ANYRES32=r0], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000380)={r1}, 0xc)

662.021792ms ago: executing program 6 (id=2127):
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2}, &(0x7f0000000300)=<r0=>0x0)
fcntl$lock(0xffffffffffffffff, 0x7, &(0x7f0000000040)={0x0, 0x0, 0x8000, 0x3ff})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x9)
timer_settime(r0, 0x1, &(0x7f0000000040)={{0x77359400}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xfc778000)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000100)=0x1)
read(r1, &(0x7f00000006c0)=""/96, 0x60)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000040)={0x4000000, 0x0, &(0x7f0000000000)={&(0x7f0000000200)={0x2, 0xf, 0x8, 0x0, 0x10, 0x0, 0x2, 0x25dfdbfe, [@sadb_x_policy={0x8, 0x12, 0x0, 0x2, 0x0, 0x0, 0x0, {0x6, 0x32, 0x0, 0x0, 0x0, 0x0, 0x0, @in=@private=0xa010101, @in6=@loopback}}, @sadb_address={0x5, 0x17, 0x0, 0x20, 0x0, @in6={0xa, 0x4e21, 0xe28, @rand_addr=' \x01\x00', 0x9}}, @sadb_x_sec_ctx={0x1, 0x18, 0x39, 0x32}]}, 0x80}}, 0x0)

625.285333ms ago: executing program 2 (id=2128):
syz_mount_image$vfat(&(0x7f0000000440), &(0x7f0000000000)='./file1\x00', 0x10000, &(0x7f0000000040)=ANY=[], 0x1, 0x27d, &(0x7f0000000180)="$eJzs3c9LI2cYAOA3Jv7qJVIKhVJpoBR6Cir0nlJaKpW2VEKxFGmssYgRoYKgB7WnQk+99NijN0th97C33f9hYS97Wfay7FFvHhZniSNxskZ3I6vZ1ee5fC/zfu/MN/MxM8khX375cHlpfmV1YX//SQwN5aJQ+e0wSXIxEn2Rj9R2AADXyUGSxF6S6vVYAICr4f0PADfPWe//r/vStj9tvu/F2ACAy3Hx7///zNx9VKtXPnuFrslgK3w42/0YAYDXa3rmp28O730yPBm3/45Y/nOtulZN2zT/+UIsRiPqMRbFeBaRtKTxV5NTX46VmoYjqstbx/Vba9V8e/14FGMk4sdvT9ePl1Lt9f3xTrZ+IorxXufjT3SsH4hPP87Ul6MY93+NlWjEfPMjSaZ+c7xU+uK7qRfqB4/6xU6+p/MDAAAAAAAAAAAAAAAAAAAAAMD1VC61jHRav6dcPiuf1p+/PtBBZn2gk/V5/jqqL8QHhfijt2cPAAAAAAAAAAAAAAAAAAAAb4bV9Y2lWqNR/70VzP2w+G77lpcFuQ6p/PH+u9nPWxbk9pLkYuXNC3OJA/soIjqkRqMZdEx1H9zarT/Ymf15enW9cr1nORt0vnT/93xgc+f06Ys4mveN9/+t1O5sPn56uk9sZ+7lQnrf1hppO5B9WJSu+OEEAAAAAAAAAAAAAAAAAAA3zMnPgM/qkVztgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgB07+/7/rYKC1ZXc43VkrNTqU7Zwm/2s7bm67BycLAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCN9TwAAP//Haum6w==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0)
fallocate(r0, 0x0, 0x0, 0x8ffff)

0s ago: executing program 2 (id=2129):
r0 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000080)={0x42, 0x80000009, 0x3}, 0x10)
setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, 0x0, 0x110)
setsockopt$inet_group_source_req(0xffffffffffffffff, 0x0, 0x2c, 0x0, 0x0)
setsockopt$inet_group_source_req(0xffffffffffffffff, 0x0, 0x2b, &(0x7f0000000480)={0x2, {{0x2, 0x400, @multicast2}}, {{0x2, 0x0, @private}}}, 0x108)
r1 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r2)
ioctl$IOCTL_GET_NCIDEV_IDX(r1, 0x0, &(0x7f00000000c0)=<r4=>0x0)
sendmsg$NFC_CMD_DEV_UP(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000d80)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r3, @ANYBLOB="010426bd7000f8dbdf250200000008000100", @ANYRES32=r4], 0x1c}}, 0x4008054)
r5 = socket(0x1e, 0x4, 0x0)
unshare(0x30000000)
preadv2(0xffffffffffffffff, 0x0, 0x0, 0x40102, 0x6, 0x3b)
write$nci(r1, &(0x7f0000000140)=ANY=[@ANYBLOB="5001", @ANYRES8=r2, @ANYRES16=r5], 0x14)
r6 = socket$tipc(0x1e, 0x5, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x140}}, 0xdc955a41d9e63ba0)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x0, &(0x7f00000001c0)={[{@data_err_ignore}, {@dioread_nolock}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5a}}, {@grpid}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x4}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x3c}}, {@min_batch_time={'min_batch_time', 0x3d, 0x3}}]}, 0x1, 0x47a, &(0x7f00000006c0)="$eJzs28uPFMUfAPBv9z6AH4/lh/gAUVeJyUbjLrugcvCi0cQYjCZ6wOM6O5ANA2vY1QgSWYzxZGJI9Ew8Gv0LvBkTo55MuHryZEiIcgE8remebpgdZni4M8yy8/kkPVPVXT1VNdWP6qqZAPrWaPaSRGyKiN8jYqQeXZ5gtP525dKpytVLpypJLC299VeSp7t86VSlTFrut7GIjKUR6adJkcly8ydOHpmu1arHi/jEwtH3JuZPnHzmg6PTh6uHq8em9u/ft3fy+eemnu1IPbN6Xd758dyuHa++c/b1ysGz7/7yXVbeTcX2xnp0ymhW8b+Xcs3bnux0Zj22uSGcDPawINyRgYjImmsoP/9HYiCuN95IvPJJTwsHdFV2b1rXfvPiErCGJdHrEgC9Ud7os+ffcrlLXY9V4eKL9QegrN5XiqW+ZTDSIs1Q0/NtJ41GxMHFf85lS3RpHAIAoNHnla8ODEfER1e/fS3re4xERDke9ED++kf+uqWYQ9kaEf+PiG0RcV9EbI+I+4u0D0bEQyssz439n/TCCj/yprL+3wvF3Nby/l/Z+4utA0Vsc17/oeTQbK26J9bl38lYDK3L4pM3yeOHl89/0W5bY/8vW7L8y75gUY4Lg00DdDPTC9N5p7QDLp6J2DnYqv7JtZmAJCJ2RMTOO/voLWVg9qlvdrVL1Lr+l8/dVg4dmGda+jqr3mJW/8Voqn8paZyfnL1hfnJifdSqeybqR0Urv/722Zvt8r91+3fXxWr9vaH9m5NsTRrna+c7m/9/PP7T4eTtfJ55uFj34fTCwvHJiOHkQB5ftn7q+r5lvEyfHf9ju1uf/9uKfbL6PxwR2UH8SEQ8GhGPFWV/PCKeiIjdN6njzy/duv6R9qj9z0TMtLz+XTv+m9r/zgMDR376vl3+t9f++/LQWLEmv/7dQqviZJeL5gKu5LsDAACAe0Wa/wY+ScevhdN0fLz+G/7t8b+0Nje/8PShufePzcT5LfXxz7Qc6RopxkNrs7XqZLJYfGJ9fHSqGCsux0v3FuPGXw5syOPjlbnaTI/rDv1uY5vzP/PnQK9LB3TZhpZrp4bvekGAHmieR0+XR0+/ES4GsFb5vzb0r/L8b/O83/g/GGCNcf+H/tXq/D/dFDcXAGuT+z/0L+c/9Kn0xxXs7KkA7nXu/9CXVvK//i4G1q+OYvQmsFobJQ9ElIF0VZRHoEuBXl+ZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOuPfAAAA//+Pc+dq")
setsockopt$TIPC_GROUP_JOIN(r6, 0x10f, 0x87, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc(0x0, 0xffffffffffffffff)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x10000, &(0x7f0000000140), 0x0, 0x4d9, &(0x7f0000000680)="$eJzs3MFvFNUfAPDvbHdpgR8/KyIKohTQ2JjYQkHh4AUTEw+aGPEgx6atBFnA0B6EECmJ4U7i0cR4NN408apH48k/AA8eTAwJMVwAT2tmd6bdbme3u7S0lP18ku2+t/Nm3nvz5s2+ndeZAPrWSPonifhfRNyKiKca0aUJRhpv9+9enXpw9+pUzNdqp/5J6unupfFMvt72LDJaiih9mbRssGH28pVzk9XqzKUsPj53/rPx2ctXXj97fvLMzJmZCxMnThw7euT4mxNv9F6pgvzSet3b+8XFfXvePX3z/aly/vlQ9t5cj7bKvRVjpMOyV3rb1GNvR1M4Wb6frq1rYejaUHZYV9L+f7V68PRGFwhYN7VarTbYfvF8rdX1ZZ8Am1YSG10CYGPkX/Tp79/8tU5Dj8fCnZONH0Bpve9nr8aScpSyNJWW37draSQiPp7/95v0FZ2uQ/z5iAoAAPSdX07mI8HW8V8pdjel+382hzIcEU9HxM6IeCYidkXEsxH1tM9FxPOtGSQRtQ7572qJL+b/YzaLULq96kp2kI7/3srmtpaO//LRXwwPZLEdEfmAeeZwtk9GozL4ydnqzJE229+yQv7N47/0leafjwWzctwut1ygm56cm3y42i5353rE3nJr/ZNy2nD5NE4SEXsiYm8P2x1uCp997bt9C5FK9v51423l+tfVCqb0ep6PK1L7NuLVRvvPR3P7J4s5Jp3nJ8eHojpzeDw9Cg4X5vHb7zc+aJf/ivX/6a/WVd45/vOpVdc7l7b/tqbjP/L528VJ1OEkIlmYr52NqA30lseNP7IVCtrrYY//LclH9XDevz6fnJu7dCRiS/Le8s8nFtfN43n6tP6jh4r7/85snXRPvBAR6UH8YkS8FBH7s7IfiIiDEXGoQ/1/ffvlT9st6/L4f2TS+k8Xnv+WtP/ifH2XgXzl9JOBcwduPWhz8uiu/Y/VQ6PZJ8Xnv2TJKaLbkq5u7wEAAMDmUIr6//6XxhbCpdLYWOMa0K7YVqpenJ3bHxEXphv3CAxHpZRf6WpcD64k+fXP4ab4REv8aHbd+KuBrfX42NTF6vRGVx763PZ6n0+W9f/U3z1e5wU2oTWYRwM2qZX6/+6b61QQYN35/of+1dT/59skmfefMvBk8v0P/auo/1+L7zveu+CcAZtfTV+Gvqb/Q/8qx4cL4fptz4V32wJPIt//0Jd6va+/m0D+uIYr52qDxWmGouCJAUNrXIwssLUgrw0JpCOrNdxgJSK6S7z1YbLIh4Dtn/BQ6m2Dg7F80UB0Wivp4TkOeSDdKysmPrN7zQ/+/Jkoa33Y/LDYTytNbVFeqXVWH1jX0xAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAj818AAAD//522zx4=")

kernel console output (not intermixed with test programs):

capacity change from 0 to 128
[  771.798706][T12415] loop0: detected capacity change from 0 to 64
[  771.881090][ T1110] bridge0: port 1(bridge_slave_0) entered blocking state
[  771.888389][ T1110] bridge0: port 1(bridge_slave_0) entered forwarding state
[  772.977416][T12442] loop6: detected capacity change from 0 to 2048
[  773.092804][T12442] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  773.174934][T12442] ext4 filesystem being mounted at /114/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  773.377506][T12456] loop0: detected capacity change from 0 to 64
[  773.442768][ T9969] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  773.781724][T12458] loop2: detected capacity change from 0 to 4096
[  773.912082][T12458] EXT4-fs: Ignoring removed orlov option
[  774.142428][T12468] loop0: detected capacity change from 0 to 16
[  774.275614][T12468] erofs: (device loop0): mounted with root inode @ nid 36.
[  774.423800][T12458] EXT4-fs (loop2): Test dummy encryption mode enabled
[  774.840111][T12458] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  775.725279][T12458] fscrypt (loop2): Missing crypto API support for AES-256-XTS (API name: "xts(aes)")
[  775.983295][T12486] loop6: detected capacity change from 0 to 128
[  776.037921][ T5771] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  776.369338][T12493] loop0: detected capacity change from 0 to 4096
[  776.443513][T12495] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  776.690552][T12503] loop3: detected capacity change from 0 to 64
[  778.136273][T12510] loop6: detected capacity change from 0 to 4096
[  778.160298][T12510] EXT4-fs: Ignoring removed orlov option
[  778.174215][T12512] loop2: detected capacity change from 0 to 4096
[  778.196162][T12512] EXT4-fs: Ignoring removed orlov option
[  778.204168][T12510] EXT4-fs (loop6): Test dummy encryption mode enabled
[  778.234493][T12510] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  778.260968][T12512] EXT4-fs (loop2): Test dummy encryption mode enabled
[  778.337162][T12512] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  778.456380][ T9969] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  778.833897][T12529] loop6: detected capacity change from 0 to 64
[  778.930887][T12512] fscrypt (loop2): Missing crypto API support for AES-256-XTS (API name: "xts(aes)")
[  779.087512][ T5771] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  779.225164][T12540] loop3: detected capacity change from 0 to 128
[  781.161010][T12566] loop3: detected capacity change from 0 to 64
[  781.366774][T12568] loop2: detected capacity change from 0 to 4096
[  781.377917][T12568] EXT4-fs: Ignoring removed orlov option
[  781.405154][T12568] EXT4-fs (loop2): Test dummy encryption mode enabled
[  781.428895][T12568] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  781.801506][T12568] fscrypt: AES-256-XTS using implementation "xts-aes-aesni"
[  781.821612][   T28] audit: type=1800 audit(1777438879.758:33): pid=12568 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1609" name="file1" dev="loop2" ino=19 res=0 errno=0
[  781.938756][ T5771] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  782.145485][T12595] loop0: detected capacity change from 0 to 64
[  782.268467][ T5758] IPVS: starting estimator thread 0...
[  782.291452][T12597] IPVS: sh: FWM 3 0x00000003 - no destination available
[  782.406571][T12598] IPVS: using max 18 ests per chain, 43200 per kthread
[  782.481516][T12603] lo speed is unknown, defaulting to 1000
[  782.535065][T12603] lo speed is unknown, defaulting to 1000
[  782.693859][T12603] lo speed is unknown, defaulting to 1000
[  782.820144][T12603] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  782.974725][T12603] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[  783.055026][T12614] raw_sendmsg: syz.2.1623 forgot to set AF_INET. Fix it!
[  783.216368][T12603] lo speed is unknown, defaulting to 1000
[  783.231675][T12603] lo speed is unknown, defaulting to 1000
[  783.249656][T12603] lo speed is unknown, defaulting to 1000
[  783.266194][T12603] lo speed is unknown, defaulting to 1000
[  783.279683][T12603] lo speed is unknown, defaulting to 1000
[  783.296395][T12603] lo speed is unknown, defaulting to 1000
[  783.357915][T12616] loop2: detected capacity change from 0 to 4096
[  783.391119][T12616] EXT4-fs: Ignoring removed orlov option
[  783.423029][T12616] EXT4-fs (loop2): Test dummy encryption mode enabled
[  783.455307][T12616] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  783.492002][T12619] loop3: detected capacity change from 0 to 256
[  783.789353][   T28] audit: type=1800 audit(1777438881.564:34): pid=12616 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1624" name="file1" dev="loop2" ino=19 res=0 errno=0
[  783.870094][ T5771] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  784.021373][T12628] autofs4:pid:12628:check_dev_ioctl_version: ioctl control interface version mismatch: kernel(1.1), user(1.768), cmd(0xc0189375)
[  784.074072][T12628] autofs4:pid:12628:validate_dev_ioctl: invalid device control module version supplied for cmd(0xc0189375)
[  784.205252][T12631] loop0: detected capacity change from 0 to 4096
[  784.242051][T12631] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  784.283317][T12631] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  784.345523][T12637] loop2: detected capacity change from 0 to 128
[  784.668846][T12645] loop2: detected capacity change from 0 to 256
[  784.739035][ T5776] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  785.207454][T12654] loop0: detected capacity change from 0 to 4096
[  785.224006][T12654] EXT4-fs: Ignoring removed orlov option
[  785.236973][T12654] EXT4-fs (loop0): Test dummy encryption mode enabled
[  785.276472][T12654] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  785.311953][T12657] loop2: detected capacity change from 0 to 512
[  785.380504][T12657] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[  785.454302][   T28] audit: type=1800 audit(1777438883.155:35): pid=12654 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1637" name="file1" dev="loop0" ino=19 res=0 errno=0
[  785.458604][T12663] netdevsim netdevsim3 netdevsim0: entered allmulticast mode
[  785.514681][T12657] EXT4-fs warning (device loop2): ext4_update_dynamic_rev:1154: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  785.533411][T12657] EXT4-fs error (device loop2): ext4_validate_block_bitmap:439: comm syz.2.1640: bg 0: block 248: padding at end of block bitmap is not set
[  785.607087][T12657] Quota error (device loop2): write_blk: dquota write failed
[  785.618927][T12657] Quota error (device loop2): qtree_write_dquot: Error -28 occurred while creating quota
[  785.630775][T12657] EXT4-fs error (device loop2): ext4_acquire_dquot:6953: comm syz.2.1640: Failed to acquire dquot type 1
[  785.699203][T12657] EXT4-fs (loop2): 1 truncate cleaned up
[  785.722926][T12657] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0008-000000000000 r/w without journal. Quota mode: writeback.
[  785.798711][ T5776] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  785.883562][T12657] Quota error (device loop2): do_check_range: Getting dqdh_prev_free 1536 out of range 0-5
[  785.915975][T12657] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota
[  785.926140][T12657] EXT4-fs error (device loop2): ext4_acquire_dquot:6953: comm syz.2.1640: Failed to acquire dquot type 1
[  786.090896][T12675] loop3: detected capacity change from 0 to 128
[  786.191728][T12675] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000001)
[  786.235607][T12675] FAT-fs (loop3): Filesystem has been set read-only
[  786.267745][T12675] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000001)
[  786.335987][T12676] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  786.394554][T12676] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  786.980146][ T5771] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0008-000000000000.
[  787.179242][T12691] set_capacity_and_notify: 1 callbacks suppressed
[  787.179259][T12691] loop2: detected capacity change from 0 to 256
[  787.188935][T12670] loop6: detected capacity change from 0 to 131072
[  787.232367][ T5776] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  787.241647][T12670] F2FS-fs (loop6): Found nat_bits in checkpoint
[  787.330100][T12670] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  787.450296][T12696] loop3: detected capacity change from 0 to 4096
[  787.539920][T12696] EXT4-fs: Ignoring removed orlov option
[  787.608234][T12696] EXT4-fs (loop3): Test dummy encryption mode enabled
[  788.002313][T12704] F2FS-fs (loop6): access invalid blkaddr:0
[  788.008370][T12704] CPU: 1 PID: 12704 Comm: syz.6.1647 Not tainted syzkaller #0
[  788.015885][T12704] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  788.025984][T12704] Call Trace:
[  788.029313][T12704]  <TASK>
[  788.032275][T12704]  dump_stack_lvl+0x18c/0x250
[  788.037139][T12704]  ? show_regs_print_info+0x20/0x20
[  788.042398][T12704]  ? lock_chain_count+0x20/0x20
[  788.047314][T12704]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  788.053010][T12704]  ? lockdep_hardirqs_on+0x98/0x150
[  788.058259][T12704]  f2fs_is_valid_blkaddr+0xef8/0x1580
[  788.063693][T12704]  sanity_check_extent_cache+0xfc/0x1f0
[  788.069296][T12704]  f2fs_iget+0x33c5/0x47e0
[  788.073799][T12704]  f2fs_lookup+0x37f/0x780
[  788.078265][T12704]  ? f2fs_encrypted_symlink_getattr+0x50/0x50
[  788.084374][T12704]  ? make_vfsuid+0x51/0xb0
[  788.088854][T12704]  ? inode_permission+0xf3/0x480
[  788.093846][T12704]  ? bpf_lsm_inode_create+0x9/0x10
[  788.099013][T12704]  ? security_inode_create+0xb7/0x100
[  788.104435][T12704]  ? f2fs_encrypted_symlink_getattr+0x50/0x50
[  788.110555][T12704]  path_openat+0x10e4/0x3230
[  788.115233][T12704]  ? do_filp_open+0x430/0x430
[  788.119984][T12704]  do_filp_open+0x1f5/0x430
[  788.124564][T12704]  ? vfs_tmpfile+0x490/0x490
[  788.129203][T12704]  ? preempt_schedule_common+0x82/0xc0
[  788.134747][T12704]  ? _raw_spin_unlock+0x3a/0x40
[  788.139659][T12704]  ? alloc_fd+0x58f/0x630
[  788.144050][T12704]  do_sys_openat2+0x134/0x1d0
[  788.148798][T12704]  ? do_sys_open+0xe0/0xe0
[  788.153279][T12704]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  788.159310][T12704]  ? lock_chain_count+0x20/0x20
[  788.164235][T12704]  __x64_sys_open+0x11f/0x140
[  788.169009][T12704]  do_syscall_64+0x55/0xa0
[  788.173492][T12704]  ? clear_bhb_loop+0x40/0x90
[  788.178220][T12704]  ? clear_bhb_loop+0x40/0x90
[  788.182957][T12704]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  788.188905][T12704] RIP: 0033:0x7f4e9799cdd9
[  788.193376][T12704] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  788.213066][T12704] RSP: 002b:00007f4e957d3028 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
[  788.221559][T12704] RAX: ffffffffffffffda RBX: 00007f4e97c16270 RCX: 00007f4e9799cdd9
[  788.229594][T12704] RDX: 0000000000000002 RSI: 0000000000060840 RDI: 00002000009e1000
[  788.237610][T12704] RBP: 00007f4e97a32d69 R08: 0000000000000000 R09: 0000000000000000
[  788.245626][T12704] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  788.253659][T12704] R13: 00007f4e97c16308 R14: 00007f4e97c16270 R15: 00007ffe4654a388
[  788.261692][T12704]  </TASK>
[  788.267123][T12704] F2FS-fs (loop6): sanity_check_extent_cache: inode (ino=4) extent info [0, 0, 5178624] is incorrect, run fsck to fix
[  788.312056][T12703] F2FS-fs (loop6): access invalid blkaddr:0
[  788.318174][T12703] CPU: 1 PID: 12703 Comm: syz.6.1647 Not tainted syzkaller #0
[  788.325675][T12703] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  788.335775][T12703] Call Trace:
[  788.339090][T12703]  <TASK>
[  788.342057][T12703]  dump_stack_lvl+0x18c/0x250
[  788.346806][T12703]  ? show_regs_print_info+0x20/0x20
[  788.352051][T12703]  ? lock_chain_count+0x20/0x20
[  788.356952][T12703]  ? lockdep_hardirqs_on+0x98/0x150
[  788.362211][T12703]  f2fs_is_valid_blkaddr+0xef8/0x1580
[  788.367637][T12703]  sanity_check_extent_cache+0xfc/0x1f0
[  788.373251][T12703]  f2fs_iget+0x33c5/0x47e0
[  788.377761][T12703]  f2fs_lookup+0x37f/0x780
[  788.382229][T12703]  ? f2fs_encrypted_symlink_getattr+0x50/0x50
[  788.388381][T12703]  ? d_hash_and_lookup+0x1b0/0x1b0
[  788.393548][T12703]  ? __lookup_slow+0x11b/0x400
[  788.398364][T12703]  __lookup_slow+0x2a1/0x400
[  788.403040][T12703]  ? lookup_one_len+0x2e0/0x2e0
[  788.407949][T12703]  ? try_to_unlazy+0x34c/0x5a0
[  788.412763][T12703]  ? down_read+0x1ac/0x2e0
[  788.417292][T12703]  lookup_slow+0x53/0x70
[  788.421592][T12703]  walk_component+0x2be/0x3f0
[  788.426341][T12703]  ? path_lookupat+0x15c/0x440
[  788.431238][T12703]  path_lookupat+0x169/0x440
[  788.435898][T12703]  filename_lookup+0x228/0x560
[  788.440726][T12703]  ? hashlen_string+0x110/0x110
[  788.445670][T12703]  ? strncpy_from_user+0x197/0x2d0
[  788.450829][T12703]  ? getname_flags+0x20a/0x500
[  788.455649][T12703]  user_path_at_empty+0x42/0x60
[  788.460543][T12703]  __se_sys_mount+0x2a8/0x3d0
[  788.465259][T12703]  ? __x64_sys_mount+0xc0/0xc0
[  788.470075][T12703]  ? lockdep_hardirqs_on+0x98/0x150
[  788.475323][T12703]  ? __x64_sys_mount+0x20/0xc0
[  788.480132][T12703]  do_syscall_64+0x55/0xa0
[  788.484583][T12703]  ? clear_bhb_loop+0x40/0x90
[  788.489299][T12703]  ? clear_bhb_loop+0x40/0x90
[  788.494033][T12703]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  788.499973][T12703] RIP: 0033:0x7f4e9799cdd9
[  788.504423][T12703] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  788.524120][T12703] RSP: 002b:00007f4e95bf6028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  788.532596][T12703] RAX: ffffffffffffffda RBX: 00007f4e97c16180 RCX: 00007f4e9799cdd9
[  788.540687][T12703] RDX: 0000200000000040 RSI: 00002000000001c0 RDI: 0000000000000000
[  788.548698][T12703] RBP: 00007f4e97a32d69 R08: 0000200000000080 R09: 0000000000000000
[  788.556729][T12703] R10: 0000000000010000 R11: 0000000000000246 R12: 0000000000000000
[  788.564738][T12703] R13: 00007f4e97c16218 R14: 00007f4e97c16180 R15: 00007ffe4654a388
[  788.572769][T12703]  </TASK>
[  788.577627][T12703] F2FS-fs (loop6): sanity_check_extent_cache: inode (ino=4) extent info [0, 0, 5178624] is incorrect, run fsck to fix
[  788.634472][ T1283] ieee802154 phy1 wpan1: encryption failed: -22
[  788.851768][T12704] F2FS-fs (loop6): access invalid blkaddr:0
[  788.857944][T12704] CPU: 1 PID: 12704 Comm: syz.6.1647 Not tainted syzkaller #0
[  788.865499][T12704] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  788.875611][T12704] Call Trace:
[  788.878931][T12704]  <TASK>
[  788.881903][T12704]  dump_stack_lvl+0x18c/0x250
[  788.886653][T12704]  ? show_regs_print_info+0x20/0x20
[  788.891924][T12704]  ? __sanitizer_cov_trace_cmp2+0x90/0x90
[  788.897697][T12704]  f2fs_is_valid_blkaddr+0xef8/0x1580
[  788.903120][T12704]  sanity_check_extent_cache+0xfc/0x1f0
[  788.908712][T12704]  f2fs_iget+0x33c5/0x47e0
[  788.913217][T12704]  f2fs_lookup+0x37f/0x780
[  788.917683][T12704]  ? f2fs_encrypted_symlink_getattr+0x50/0x50
[  788.923819][T12704]  ? d_hash_and_lookup+0x1b0/0x1b0
[  788.928990][T12704]  ? __init_waitqueue_head+0xa9/0x150
[  788.934412][T12704]  __lookup_slow+0x2a1/0x400
[  788.939059][T12704]  ? lookup_one_len+0x2e0/0x2e0
[  788.943966][T12704]  ? try_to_unlazy+0x34c/0x5a0
[  788.948774][T12704]  ? down_read+0x1ac/0x2e0
[  788.953225][T12704]  lookup_slow+0x53/0x70
[  788.957515][T12704]  walk_component+0x2be/0x3f0
[  788.962242][T12704]  ? path_lookupat+0x15c/0x440
[  788.967049][T12704]  path_lookupat+0x169/0x440
[  788.971706][T12704]  filename_lookup+0x228/0x560
[  788.976537][T12704]  ? hashlen_string+0x110/0x110
[  788.981464][T12704]  ? strncpy_from_user+0x197/0x2d0
[  788.986620][T12704]  ? getname_flags+0x20a/0x500
[  788.991437][T12704]  user_path_at_empty+0x42/0x60
[  788.996335][T12704]  do_fchmodat+0xde/0x1e0
[  789.000718][T12704]  ? do_faccessat+0xd00/0xd00
[  789.005442][T12704]  ? syscall_enter_from_user_mode+0x25/0x80
[  789.011390][T12704]  __x64_sys_chmod+0x62/0x70
[  789.016035][T12704]  do_syscall_64+0x55/0xa0
[  789.020491][T12704]  ? clear_bhb_loop+0x40/0x90
[  789.025217][T12704]  ? clear_bhb_loop+0x40/0x90
[  789.029944][T12704]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  789.035877][T12704] RIP: 0033:0x7f4e9799cdd9
[  789.040328][T12704] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  789.059975][T12704] RSP: 002b:00007f4e957d3028 EFLAGS: 00000246 ORIG_RAX: 000000000000005a
[  789.068439][T12704] RAX: ffffffffffffffda RBX: 00007f4e97c16270 RCX: 00007f4e9799cdd9
[  789.076454][T12704] RDX: 0000000000000000 RSI: 00000000000003dc RDI: 0000200000000100
[  789.084463][T12704] RBP: 00007f4e97a32d69 R08: 0000000000000000 R09: 0000000000000000
[  789.092479][T12704] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  789.100483][T12704] R13: 00007f4e97c16308 R14: 00007f4e97c16270 R15: 00007ffe4654a388
[  789.108511][T12704]  </TASK>
[  789.190103][T12696] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  789.214036][T12704] F2FS-fs (loop6): sanity_check_extent_cache: inode (ino=4) extent info [0, 0, 5178624] is incorrect, run fsck to fix
[  789.298220][  T786] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[  789.449335][T12703] F2FS-fs (loop6): access invalid blkaddr:0
[  789.456547][T12703] CPU: 1 PID: 12703 Comm: syz.6.1647 Not tainted syzkaller #0
[  789.464075][T12703] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  789.474174][T12703] Call Trace:
[  789.477492][T12703]  <TASK>
[  789.480461][T12703]  dump_stack_lvl+0x18c/0x250
[  789.485193][T12703]  ? show_regs_print_info+0x20/0x20
[  789.490444][T12703]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  789.496131][T12703]  ? f2fs_is_valid_blkaddr+0xec3/0x1580
[  789.501734][T12703]  f2fs_is_valid_blkaddr+0xef8/0x1580
[  789.507188][T12703]  sanity_check_extent_cache+0xfc/0x1f0
[  789.512786][T12703]  f2fs_iget+0x33c5/0x47e0
[  789.517288][T12703]  f2fs_lookup+0x37f/0x780
[  789.521746][T12703]  ? f2fs_encrypted_symlink_getattr+0x50/0x50
[  789.527902][T12703]  ? d_hash_and_lookup+0x1b0/0x1b0
[  789.533056][T12703]  ? __lookup_slow+0x11b/0x400
[  789.537992][T12703]  __lookup_slow+0x2a1/0x400
[  789.542650][T12703]  ? lookup_one_len+0x2e0/0x2e0
[  789.547567][T12703]  ? try_to_unlazy+0x34c/0x5a0
[  789.552402][T12703]  ? down_read+0x1ac/0x2e0
[  789.556869][T12703]  lookup_slow+0x53/0x70
[  789.561152][T12703]  walk_component+0x2be/0x3f0
[  789.565878][T12703]  ? path_lookupat+0x15c/0x440
[  789.570698][T12703]  path_lookupat+0x169/0x440
[  789.575359][T12703]  filename_lookup+0x228/0x560
[  789.580178][T12703]  ? hashlen_string+0x110/0x110
[  789.585105][T12703]  ? strncpy_from_user+0x197/0x2d0
[  789.590269][T12703]  ? getname_flags+0x20a/0x500
[  789.595104][T12703]  user_path_at_empty+0x42/0x60
[  789.600010][T12703]  do_fchmodat+0xde/0x1e0
[  789.604386][T12703]  ? do_faccessat+0xd00/0xd00
[  789.609101][T12703]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  789.615130][T12703]  ? syscall_enter_from_user_mode+0x25/0x80
[  789.621064][T12703]  __x64_sys_chmod+0x62/0x70
[  789.625702][T12703]  do_syscall_64+0x55/0xa0
[  789.630158][T12703]  ? clear_bhb_loop+0x40/0x90
[  789.634923][T12703]  ? clear_bhb_loop+0x40/0x90
[  789.639660][T12703]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  789.645623][T12703] RIP: 0033:0x7f4e9799cdd9
[  789.650092][T12703] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  789.669732][T12703] RSP: 002b:00007f4e95bf6028 EFLAGS: 00000246 ORIG_RAX: 000000000000005a
[  789.678244][T12703] RAX: ffffffffffffffda RBX: 00007f4e97c16180 RCX: 00007f4e9799cdd9
[  789.686345][T12703] RDX: 0000000000000000 RSI: 0000000000000050 RDI: 0000200000000000
[  789.694376][T12703] RBP: 00007f4e97a32d69 R08: 0000000000000000 R09: 0000000000000000
[  789.702382][T12703] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  789.710395][T12703] R13: 00007f4e97c16218 R14: 00007f4e97c16180 R15: 00007ffe4654a388
[  789.718441][T12703]  </TASK>
[  789.723181][T12703] F2FS-fs (loop6): sanity_check_extent_cache: inode (ino=4) extent info [0, 0, 5178624] is incorrect, run fsck to fix
[  790.234985][   T28] audit: type=1800 audit(1777438887.637:36): pid=12696 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1653" name="file1" dev="loop3" ino=15 res=0 errno=0
[  790.617561][ T5775] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  790.670873][  T786] usb 7-1: device descriptor read/all, error -71
[  791.355699][T12728] loop0: detected capacity change from 0 to 4096
[  791.382874][T12728] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  791.473194][T12728] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  792.165049][ T5776] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  792.887532][T12748] loop3: detected capacity change from 0 to 131072
[  792.978176][T12748] F2FS-fs (loop3): Found nat_bits in checkpoint
[  793.061680][T12748] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  793.583012][T12771] F2FS-fs (loop3): access invalid blkaddr:0
[  793.589402][T12771] CPU: 1 PID: 12771 Comm: syz.3.1666 Not tainted syzkaller #0
[  793.596917][T12771] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  793.607008][T12771] Call Trace:
[  793.610327][T12771]  <TASK>
[  793.613306][T12771]  dump_stack_lvl+0x18c/0x250
[  793.618060][T12771]  ? show_regs_print_info+0x20/0x20
[  793.623334][T12771]  ? __up_read+0x2b6/0x6b0
[  793.627794][T12771]  f2fs_is_valid_blkaddr+0xef8/0x1580
[  793.633226][T12771]  sanity_check_extent_cache+0xfc/0x1f0
[  793.638858][T12771]  f2fs_iget+0x33c5/0x47e0
[  793.643360][T12771]  f2fs_lookup+0x37f/0x780
[  793.647844][T12771]  ? f2fs_encrypted_symlink_getattr+0x50/0x50
[  793.653960][T12771]  ? lockdep_hardirqs_on+0x98/0x150
[  793.659224][T12771]  ? f2fs_encrypted_symlink_getattr+0x50/0x50
[  793.665346][T12771]  path_openat+0x10e4/0x3230
[  793.670025][T12771]  ? do_filp_open+0x430/0x430
[  793.674762][T12771]  do_filp_open+0x1f5/0x430
[  793.679312][T12771]  ? vfs_tmpfile+0x490/0x490
[  793.683942][T12771]  ? preempt_schedule_common+0x82/0xc0
[  793.689474][T12771]  ? _raw_spin_unlock+0x3a/0x40
[  793.694377][T12771]  ? alloc_fd+0x58f/0x630
[  793.698782][T12771]  do_sys_openat2+0x134/0x1d0
[  793.703528][T12771]  ? do_sys_open+0xe0/0xe0
[  793.707987][T12771]  ? lockdep_hardirqs_on+0x98/0x150
[  793.713253][T12771]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  793.718948][T12771]  __x64_sys_open+0x11f/0x140
[  793.723675][T12771]  do_syscall_64+0x55/0xa0
[  793.728136][T12771]  ? clear_bhb_loop+0x40/0x90
[  793.732863][T12771]  ? clear_bhb_loop+0x40/0x90
[  793.737589][T12771]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  793.743535][T12771] RIP: 0033:0x7f0b9ab9cdd9
[  793.747993][T12771] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  793.767658][T12771] RSP: 002b:00007f0b98db4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
[  793.776142][T12771] RAX: ffffffffffffffda RBX: 00007f0b9ae16180 RCX: 00007f0b9ab9cdd9
[  793.784162][T12771] RDX: 0000000000000002 RSI: 0000000000060840 RDI: 00002000009e1000
[  793.792181][T12771] RBP: 00007f0b9ac32d69 R08: 0000000000000000 R09: 0000000000000000
[  793.800206][T12771] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  793.808218][T12771] R13: 00007f0b9ae16218 R14: 00007f0b9ae16180 R15: 00007fff0231e928
[  793.816265][T12771]  </TASK>
[  793.820920][T12771] F2FS-fs (loop3): sanity_check_extent_cache: inode (ino=4) extent info [0, 0, 5178624] is incorrect, run fsck to fix
[  793.871922][T12771] F2FS-fs (loop3): access invalid blkaddr:0
[  793.878079][T12771] CPU: 1 PID: 12771 Comm: syz.3.1666 Not tainted syzkaller #0
[  793.885615][T12771] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  793.895721][T12771] Call Trace:
[  793.899041][T12771]  <TASK>
[  793.902011][T12771]  dump_stack_lvl+0x18c/0x250
[  793.906800][T12771]  ? show_regs_print_info+0x20/0x20
[  793.912059][T12771]  ? lock_chain_count+0x20/0x20
[  793.916965][T12771]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  793.922663][T12771]  ? lockdep_hardirqs_on+0x98/0x150
[  793.927908][T12771]  f2fs_is_valid_blkaddr+0xef8/0x1580
[  793.933400][T12771]  sanity_check_extent_cache+0xfc/0x1f0
[  793.939007][T12771]  f2fs_iget+0x33c5/0x47e0
[  793.943528][T12771]  f2fs_lookup+0x37f/0x780
[  793.948135][T12771]  ? f2fs_encrypted_symlink_getattr+0x50/0x50
[  793.954278][T12771]  ? d_hash_and_lookup+0x1b0/0x1b0
[  793.959462][T12771]  ? __init_waitqueue_head+0xa9/0x150
[  793.964895][T12771]  __lookup_slow+0x2a1/0x400
[  793.969545][T12771]  ? lookup_one_len+0x2e0/0x2e0
[  793.974466][T12771]  ? down_read+0x1ac/0x2e0
[  793.978955][T12771]  lookup_slow+0x53/0x70
[  793.983249][T12771]  walk_component+0x2be/0x3f0
[  793.987977][T12771]  ? path_lookupat+0x15c/0x440
[  793.992800][T12771]  path_lookupat+0x169/0x440
[  793.997469][T12771]  filename_lookup+0x228/0x560
[  794.002295][T12771]  ? hashlen_string+0x110/0x110
[  794.007197][T12771]  ? lockdep_hardirqs_on+0x98/0x150
[  794.012469][T12771]  ? strncpy_from_user+0x197/0x2d0
[  794.017653][T12771]  ? getname_flags+0x20a/0x500
[  794.022478][T12771]  user_path_at_empty+0x42/0x60
[  794.027384][T12771]  __se_sys_mount+0x2a8/0x3d0
[  794.032120][T12771]  ? __x64_sys_mount+0xc0/0xc0
[  794.036928][T12771]  ? lockdep_hardirqs_on+0x98/0x150
[  794.042188][T12771]  ? __x64_sys_mount+0x20/0xc0
[  794.047012][T12771]  do_syscall_64+0x55/0xa0
[  794.051468][T12771]  ? clear_bhb_loop+0x40/0x90
[  794.056207][T12771]  ? clear_bhb_loop+0x40/0x90
[  794.060947][T12771]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  794.066883][T12771] RIP: 0033:0x7f0b9ab9cdd9
[  794.071345][T12771] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  794.091014][T12771] RSP: 002b:00007f0b98db4028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  794.099477][T12771] RAX: ffffffffffffffda RBX: 00007f0b9ae16180 RCX: 00007f0b9ab9cdd9
[  794.107533][T12771] RDX: 0000200000000040 RSI: 00002000000001c0 RDI: 0000000000000000
[  794.115561][T12771] RBP: 00007f0b9ac32d69 R08: 0000200000000080 R09: 0000000000000000
[  794.123577][T12771] R10: 0000000000010000 R11: 0000000000000246 R12: 0000000000000000
[  794.131594][T12771] R13: 00007f0b9ae16218 R14: 00007f0b9ae16180 R15: 00007fff0231e928
[  794.139625][T12771]  </TASK>
[  794.144447][T12771] F2FS-fs (loop3): sanity_check_extent_cache: inode (ino=4) extent info [0, 0, 5178624] is incorrect, run fsck to fix
[  794.421007][T12771] F2FS-fs (loop3): access invalid blkaddr:0
[  794.427137][T12771] CPU: 1 PID: 12771 Comm: syz.3.1666 Not tainted syzkaller #0
[  794.434661][T12771] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  794.444769][T12771] Call Trace:
[  794.448091][T12771]  <TASK>
[  794.451058][T12771]  dump_stack_lvl+0x18c/0x250
[  794.455803][T12771]  ? show_regs_print_info+0x20/0x20
[  794.461059][T12771]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  794.466749][T12771]  ? f2fs_is_valid_blkaddr+0xec3/0x1580
[  794.472388][T12771]  f2fs_is_valid_blkaddr+0xef8/0x1580
[  794.477824][T12771]  sanity_check_extent_cache+0xfc/0x1f0
[  794.483436][T12771]  f2fs_iget+0x33c5/0x47e0
[  794.487938][T12771]  f2fs_lookup+0x37f/0x780
[  794.492399][T12771]  ? f2fs_encrypted_symlink_getattr+0x50/0x50
[  794.498487][T12771]  ? d_hash_and_lookup+0x1b0/0x1b0
[  794.503617][T12771]  ? __init_waitqueue_head+0xa9/0x150
[  794.509010][T12771]  __lookup_slow+0x2a1/0x400
[  794.513625][T12771]  ? lookup_one_len+0x2e0/0x2e0
[  794.518500][T12771]  ? try_to_unlazy+0x34c/0x5a0
[  794.523280][T12771]  ? down_read+0x1ac/0x2e0
[  794.527720][T12771]  lookup_slow+0x53/0x70
[  794.532190][T12771]  walk_component+0x2be/0x3f0
[  794.536891][T12771]  ? path_lookupat+0x15c/0x440
[  794.541700][T12771]  path_lookupat+0x169/0x440
[  794.546368][T12771]  filename_lookup+0x228/0x560
[  794.551210][T12771]  ? hashlen_string+0x110/0x110
[  794.556156][T12771]  ? strncpy_from_user+0x197/0x2d0
[  794.561334][T12771]  ? getname_flags+0x20a/0x500
[  794.566178][T12771]  user_path_at_empty+0x42/0x60
[  794.571079][T12771]  do_fchmodat+0xde/0x1e0
[  794.575491][T12771]  ? do_faccessat+0xd00/0xd00
[  794.580251][T12771]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  794.586313][T12771]  ? syscall_enter_from_user_mode+0x25/0x80
[  794.592260][T12771]  __x64_sys_chmod+0x62/0x70
[  794.596927][T12771]  do_syscall_64+0x55/0xa0
[  794.601382][T12771]  ? clear_bhb_loop+0x40/0x90
[  794.606108][T12771]  ? clear_bhb_loop+0x40/0x90
[  794.610832][T12771]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  794.616784][T12771] RIP: 0033:0x7f0b9ab9cdd9
[  794.621236][T12771] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  794.640878][T12771] RSP: 002b:00007f0b98db4028 EFLAGS: 00000246 ORIG_RAX: 000000000000005a
[  794.649332][T12771] RAX: ffffffffffffffda RBX: 00007f0b9ae16180 RCX: 00007f0b9ab9cdd9
[  794.657335][T12771] RDX: 0000000000000000 RSI: 00000000000003dc RDI: 0000200000000100
[  794.665333][T12771] RBP: 00007f0b9ac32d69 R08: 0000000000000000 R09: 0000000000000000
[  794.673328][T12771] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  794.681330][T12771] R13: 00007f0b9ae16218 R14: 00007f0b9ae16180 R15: 00007fff0231e928
[  794.689359][T12771]  </TASK>
[  794.693845][T12771] F2FS-fs (loop3): sanity_check_extent_cache: inode (ino=4) extent info [0, 0, 5178624] is incorrect, run fsck to fix
[  794.846810][T12772] F2FS-fs (loop3): access invalid blkaddr:0
[  794.853451][T12772] CPU: 1 PID: 12772 Comm: syz.3.1666 Not tainted syzkaller #0
[  794.860968][T12772] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  794.871164][T12772] Call Trace:
[  794.874486][T12772]  <TASK>
[  794.877452][T12772]  dump_stack_lvl+0x18c/0x250
[  794.882188][T12772]  ? show_regs_print_info+0x20/0x20
[  794.887439][T12772]  ? lock_chain_count+0x20/0x20
[  794.892362][T12772]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  794.898045][T12772]  ? lockdep_hardirqs_on+0x98/0x150
[  794.903295][T12772]  f2fs_is_valid_blkaddr+0xef8/0x1580
[  794.908741][T12772]  sanity_check_extent_cache+0xfc/0x1f0
[  794.914352][T12772]  f2fs_iget+0x33c5/0x47e0
[  794.918851][T12772]  f2fs_lookup+0x37f/0x780
[  794.923333][T12772]  ? f2fs_encrypted_symlink_getattr+0x50/0x50
[  794.929459][T12772]  ? d_hash_and_lookup+0x1b0/0x1b0
[  794.934628][T12772]  ? __init_waitqueue_head+0xa9/0x150
[  794.940072][T12772]  __lookup_slow+0x2a1/0x400
[  794.944734][T12772]  ? lookup_one_len+0x2e0/0x2e0
[  794.949647][T12772]  ? try_to_unlazy+0x34c/0x5a0
[  794.954456][T12772]  ? down_read+0x1ac/0x2e0
[  794.958926][T12772]  lookup_slow+0x53/0x70
[  794.963204][T12772]  walk_component+0x2be/0x3f0
[  794.967935][T12772]  ? path_lookupat+0x15c/0x440
[  794.972764][T12772]  path_lookupat+0x169/0x440
[  794.977431][T12772]  filename_lookup+0x228/0x560
[  794.982304][T12772]  ? hashlen_string+0x110/0x110
[  794.987248][T12772]  ? strncpy_from_user+0x197/0x2d0
[  794.992414][T12772]  ? getname_flags+0x20a/0x500
[  794.997236][T12772]  user_path_at_empty+0x42/0x60
[  795.002139][T12772]  do_fchmodat+0xde/0x1e0
[  795.006528][T12772]  ? do_faccessat+0xd00/0xd00
[  795.011267][T12772]  ? syscall_enter_from_user_mode+0x25/0x80
[  795.017241][T12772]  __x64_sys_chmod+0x62/0x70
[  795.021903][T12772]  do_syscall_64+0x55/0xa0
[  795.026377][T12772]  ? clear_bhb_loop+0x40/0x90
[  795.031113][T12772]  ? clear_bhb_loop+0x40/0x90
[  795.035846][T12772]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  795.041823][T12772] RIP: 0033:0x7f0b9ab9cdd9
[  795.046300][T12772] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  795.065956][T12772] RSP: 002b:00007f0b98991028 EFLAGS: 00000246 ORIG_RAX: 000000000000005a
[  795.074423][T12772] RAX: ffffffffffffffda RBX: 00007f0b9ae16270 RCX: 00007f0b9ab9cdd9
[  795.082445][T12772] RDX: 0000000000000000 RSI: 0000000000000050 RDI: 0000200000000000
[  795.090462][T12772] RBP: 00007f0b9ac32d69 R08: 0000000000000000 R09: 0000000000000000
[  795.098512][T12772] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  795.106523][T12772] R13: 00007f0b9ae16308 R14: 00007f0b9ae16270 R15: 00007fff0231e928
[  795.114553][T12772]  </TASK>
[  795.119115][T12772] F2FS-fs (loop3): sanity_check_extent_cache: inode (ino=4) extent info [0, 0, 5178624] is incorrect, run fsck to fix
[  795.133608][ T5806] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[  796.553293][ T5806] usb 4-1: device descriptor read/all, error -71
[  797.024069][T12791] autofs4:pid:12791:autofs_fill_super: called with bogus options
[  798.136427][T12807] loop0: detected capacity change from 0 to 512
[  799.182619][T12812] loop3: detected capacity change from 0 to 4096
[  799.215568][T12812] EXT4-fs: Ignoring removed orlov option
[  799.255933][T12812] EXT4-fs (loop3): Test dummy encryption mode enabled
[  799.276738][T12816] loop6: detected capacity change from 0 to 512
[  799.298255][T12812] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  799.343016][T12816] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  799.356071][T12816] ext4 filesystem being mounted at /139/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  799.535704][ T9969] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  799.613480][ T5775] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  801.493770][T12854] loop3: detected capacity change from 0 to 16
[  801.561652][T12854] erofs: (device loop3): mounted with root inode @ nid 36.
[  801.886394][T12859] loop0: detected capacity change from 0 to 4096
[  801.919207][T12859] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  801.982246][T12859] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  802.580440][T12867] loop6: detected capacity change from 0 to 512
[  802.620136][ T5776] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  802.663193][T12869] loop2: detected capacity change from 0 to 4096
[  802.665569][T12867] EXT4-fs warning (device loop6): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  802.705504][T12869] EXT4-fs: Ignoring removed orlov option
[  802.742588][T12869] EXT4-fs (loop2): Test dummy encryption mode enabled
[  802.754780][T12867] EXT4-fs warning (device loop6): dx_probe:881: Enable large directory feature to access it
[  802.767751][T12869] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  802.803008][T12867] EXT4-fs warning (device loop6): dx_probe:966: inode #2: comm syz.6.1697: Corrupt directory, running e2fsck is recommended
[  802.871833][T12867] EXT4-fs (loop6): Cannot turn on journaled quota: type 1: error -117
[  802.911320][T12867] EXT4-fs error (device loop6): ext4_iget_extra_inode:4739: inode #15: comm syz.6.1697: corrupted in-inode xattr: invalid ea_ino
[  802.950263][T12867] EXT4-fs error (device loop6): ext4_orphan_get:1409: comm syz.6.1697: couldn't read orphan inode 15 (err -117)
[  802.998274][T12867] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  803.016490][ T5771] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  803.081080][T12867] EXT4-fs warning (device loop6): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  803.142217][T12867] EXT4-fs warning (device loop6): dx_probe:881: Enable large directory feature to access it
[  803.152399][T12867] EXT4-fs warning (device loop6): dx_probe:966: inode #2: comm syz.6.1697: Corrupt directory, running e2fsck is recommended
[  803.237991][T12878] EXT4-fs warning (device loop6): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  803.281099][T12878] EXT4-fs warning (device loop6): dx_probe:881: Enable large directory feature to access it
[  803.305980][T12878] EXT4-fs warning (device loop6): dx_probe:966: inode #2: comm syz.6.1697: Corrupt directory, running e2fsck is recommended
[  803.333026][T12876] syzkaller0: entered promiscuous mode
[  803.341107][T12867] EXT4-fs warning (device loop6): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  803.368574][T12876] syzkaller0: entered allmulticast mode
[  803.391099][T12881] EXT4-fs warning (device loop6): ext4_resize_begin:84: There are errors in the filesystem, so online resizing is not allowed
[  803.405412][T12867] EXT4-fs warning (device loop6): dx_probe:881: Enable large directory feature to access it
[  803.429248][T12867] EXT4-fs warning (device loop6): dx_probe:966: inode #2: comm syz.6.1697: Corrupt directory, running e2fsck is recommended
[  803.530821][ T9969] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  803.894859][T12887] netlink: 52 bytes leftover after parsing attributes in process `syz.2.1704'.
[  805.026796][T12895] loop6: detected capacity change from 0 to 4096
[  805.090685][T12895] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  805.136740][T12895] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  805.386492][T12897] loop2: detected capacity change from 0 to 4096
[  805.421272][T12897] EXT4-fs: Ignoring removed orlov option
[  805.508587][T12897] EXT4-fs (loop2): Test dummy encryption mode enabled
[  805.691091][T12897] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  805.949430][ T5771] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  806.055253][ T9969] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  806.236767][T12908] loop2: detected capacity change from 0 to 7
[  806.273385][T12908] Dev loop2: unable to read RDB block 7
[  806.279131][T12908]  loop2: unable to read partition table
[  806.303067][T12910] loop6: detected capacity change from 0 to 512
[  806.310937][T12908] loop2: partition table beyond EOD, truncated
[  806.326621][T12908] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  806.389736][T12910] EXT4-fs warning (device loop6): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  806.476424][T12910] EXT4-fs warning (device loop6): dx_probe:881: Enable large directory feature to access it
[  806.513484][T12910] EXT4-fs warning (device loop6): dx_probe:966: inode #2: comm syz.6.1710: Corrupt directory, running e2fsck is recommended
[  806.551675][T12910] EXT4-fs (loop6): Cannot turn on journaled quota: type 1: error -117
[  806.560141][T12910] EXT4-fs error (device loop6): ext4_iget_extra_inode:4739: inode #15: comm syz.6.1710: corrupted in-inode xattr: invalid ea_ino
[  806.586099][T12910] EXT4-fs error (device loop6): ext4_orphan_get:1409: comm syz.6.1710: couldn't read orphan inode 15 (err -117)
[  806.610997][T12910] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  806.690988][T12910] EXT4-fs warning (device loop6): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  806.718117][T12918] IPVS: sh: FWM 3 0x00000003 - no destination available
[  806.725686][T12910] EXT4-fs warning (device loop6): dx_probe:881: Enable large directory feature to access it
[  806.753302][T12910] EXT4-fs warning (device loop6): dx_probe:966: inode #2: comm syz.6.1710: Corrupt directory, running e2fsck is recommended
[  806.789355][T12919] EXT4-fs warning (device loop6): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  806.823028][T12919] EXT4-fs warning (device loop6): dx_probe:881: Enable large directory feature to access it
[  806.872114][T12919] EXT4-fs warning (device loop6): dx_probe:966: inode #2: comm syz.6.1710: Corrupt directory, running e2fsck is recommended
[  806.937217][T12910] EXT4-fs warning (device loop6): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  806.970531][T12922] loop0: detected capacity change from 0 to 256
[  806.979686][T12920] EXT4-fs warning (device loop6): ext4_resize_begin:84: There are errors in the filesystem, so online resizing is not allowed
[  806.979729][T12910] EXT4-fs warning (device loop6): dx_probe:881: Enable large directory feature to access it
[  807.007473][T12910] EXT4-fs warning (device loop6): dx_probe:966: inode #2: comm syz.6.1710: Corrupt directory, running e2fsck is recommended
[  807.294070][ T9969] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  808.241513][T12928] loop0: detected capacity change from 0 to 4096
[  808.275193][T12928] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  808.302463][T12932] loop6: detected capacity change from 0 to 4096
[  808.327528][T12932] EXT4-fs: Ignoring removed orlov option
[  808.341332][T12928] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  808.473390][T12932] EXT4-fs (loop6): Test dummy encryption mode enabled
[  808.546202][T12932] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  809.110033][ T9969] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  809.299131][ T5776] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  809.317846][T12941] loop6: detected capacity change from 0 to 512
[  809.397508][T12941] EXT4-fs (loop6): feature flags set on rev 0 fs, running e2fsck is recommended
[  809.455991][T12941] EXT4-fs warning (device loop6): ext4_update_dynamic_rev:1154: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  809.505692][T12941] EXT4-fs error (device loop6): ext4_validate_block_bitmap:439: comm syz.6.1720: bg 0: block 248: padding at end of block bitmap is not set
[  809.575017][T12946] Illegal XDP return value 4294967294 on prog  (id 93) dev syz_tun, expect packet loss!
[  809.585494][T12941] Quota error (device loop6): write_blk: dquota write failed
[  809.607307][T12941] Quota error (device loop6): qtree_write_dquot: Error -28 occurred while creating quota
[  809.617296][T12941] EXT4-fs error (device loop6): ext4_acquire_dquot:6953: comm syz.6.1720: Failed to acquire dquot type 1
[  809.660715][T12941] EXT4-fs (loop6): 1 truncate cleaned up
[  809.672629][T12941] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0008-000000000000 r/w without journal. Quota mode: writeback.
[  809.708887][T12948] loop2: detected capacity change from 0 to 7
[  809.725751][T12948] Dev loop2: unable to read RDB block 7
[  809.731437][T12948]  loop2: unable to read partition table
[  809.773202][T12948] loop2: partition table beyond EOD, truncated
[  809.782849][T12948] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  809.819426][ T9969] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0008-000000000000.
[  809.985440][T12952] loop2: detected capacity change from 0 to 256
[  811.118118][T12960] loop0: detected capacity change from 0 to 4096
[  811.221622][T12960] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  811.347748][T12960] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  811.748795][T12975] loop2: detected capacity change from 0 to 128
[  811.989548][T12975] syz.2.1733: attempt to access beyond end of device
[  811.989548][T12975] loop2: rw=2049, sector=138, nr_sectors = 2 limit=128
[  812.152155][T12978] syz.2.1733: attempt to access beyond end of device
[  812.152155][T12978] loop2: rw=2049, sector=138, nr_sectors = 6 limit=128
[  812.318331][ T5776] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  812.394858][T12958] loop6: detected capacity change from 0 to 16
[  812.408557][T12958] erofs: (device loop6): mounted with root inode @ nid 36.
[  812.605263][T12982] loop2: detected capacity change from 0 to 7
[  812.615595][T12982] Dev loop2: unable to read RDB block 7
[  812.629855][T12982]  loop2: unable to read partition table
[  812.655438][T12982] loop2: partition table beyond EOD, truncated
[  812.691932][T12982] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  812.765544][T12988] loop3: detected capacity change from 0 to 16
[  812.886571][T12988] erofs: (device loop3): mounted with root inode @ nid 36.
[  813.065490][T12993] loop6: detected capacity change from 0 to 256
[  814.411463][T13007] loop0: detected capacity change from 0 to 4096
[  814.435654][   T28] audit: type=1326 audit(1777438910.274:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13001 comm="syz.2.1743" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe76259cdd9 code=0x7fc00000
[  814.526077][T13007] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  814.566770][   T28] audit: type=1326 audit(1777438910.302:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13001 comm="syz.2.1743" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7fe76259cdd9 code=0x7fc00000
[  814.661858][T13007] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  814.692528][   T28] audit: type=1326 audit(1777438910.443:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13001 comm="syz.2.1743" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fe76253e159 code=0x7fc00000
[  814.742369][   T28] audit: type=1326 audit(1777438910.443:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13001 comm="syz.2.1743" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7fe76253e21d code=0x7fc00000
[  814.770115][   T28] audit: type=1326 audit(1777438910.443:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13001 comm="syz.2.1743" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7fe76259cdd9 code=0x7fc00000
[  815.909556][ T5776] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  816.481137][T13029] loop0: detected capacity change from 0 to 4096
[  816.519846][T13030] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  820.051757][T13044] loop6: detected capacity change from 0 to 2048
[  820.064688][T13044] EXT4-fs: quotafile must be on filesystem root
[  821.582456][T13056] loop2: detected capacity change from 0 to 4096
[  821.631449][T13056] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  821.708999][T13056] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  821.764595][T13059] loop6: detected capacity change from 0 to 512
[  821.838485][T13059] EXT4-fs (loop6): unsupported inode size: 0
[  821.875061][T13059] EXT4-fs (loop6): blocksize: 1024
[  822.014744][T13056] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=151295488 (302590976 ns) > initial count (302525440 ns). Using initial count to start timer.
[  822.528504][ T5771] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  824.214938][ T5806] usb 3-1: new high-speed USB device number 18 using dummy_hcd
[  824.418028][ T5806] usb 3-1: Using ep0 maxpacket: 32
[  824.430122][ T5806] usb 3-1: config index 0 descriptor too short (expected 35577, got 27)
[  824.438550][ T5806] usb 3-1: config 1 has too many interfaces: 92, using maximum allowed: 32
[  824.471861][ T5806] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 92
[  824.481147][ T5806] usb 3-1: config 1 has no interface number 0
[  824.499859][ T5806] usb 3-1: config 1 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  824.521891][ T5806] usb 3-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17
[  824.550205][ T5806] usb 3-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8
[  824.577451][ T5806] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  824.623504][ T5806] snd_usb_pod 3-1:1.1: Line 6 Pocket POD found
[  824.992342][ T5806] snd_usb_pod 3-1:1.1: Line 6 Pocket POD now attached
[  825.117524][T13086] loop6: detected capacity change from 0 to 16
[  825.156154][T13086] erofs: (device loop6): mounted with root inode @ nid 36.
[  825.812762][ T5806] usb 3-1: USB disconnect, device number 18
[  825.838303][ T5806] snd_usb_pod 3-1:1.1: Line 6 Pocket POD now disconnected
[  825.946264][T13092] loop0: detected capacity change from 0 to 512
[  825.977805][T13092] EXT4-fs (loop0): unsupported inode size: 0
[  826.009040][T13092] EXT4-fs (loop0): blocksize: 1024
[  826.078452][T13094] loop6: detected capacity change from 0 to 2048
[  826.091218][T13094] EXT4-fs: quotafile must be on filesystem root
[  826.168524][ T5761] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  826.237197][T13096] loop3: detected capacity change from 0 to 4096
[  826.305734][T13096] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  826.470638][T13096] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  826.499231][T13103] loop6: detected capacity change from 0 to 256
[  827.788399][ T5775] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  828.483415][T13135] loop3: detected capacity change from 0 to 16
[  828.493697][T13135] erofs: (device loop3): mounted with root inode @ nid 36.
[  830.153721][T13144] loop6: detected capacity change from 0 to 2048
[  830.194633][T13144] EXT4-fs: quotafile must be on filesystem root
[  831.011388][ T5806] usb 4-1: new high-speed USB device number 16 using dummy_hcd
[  831.205145][T13153] loop0: detected capacity change from 0 to 4096
[  831.246607][ T5806] usb 4-1: Using ep0 maxpacket: 32
[  831.267454][T13153] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  831.295695][ T5806] usb 4-1: config index 0 descriptor too short (expected 35577, got 27)
[  831.316274][ T5806] usb 4-1: config 1 has too many interfaces: 92, using maximum allowed: 32
[  831.351486][T13153] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  831.374134][ T5806] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 92
[  831.403209][ T5806] usb 4-1: config 1 has no interface number 0
[  831.429082][ T5806] usb 4-1: config 1 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  831.455297][T13148] loop2: detected capacity change from 0 to 131072
[  831.488623][ T5806] usb 4-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17
[  831.514626][ T5806] usb 4-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8
[  831.532335][T13148] F2FS-fs (loop2): Found nat_bits in checkpoint
[  831.549858][ T5806] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  831.587554][T13148] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  831.605131][ T5806] snd_usb_pod 4-1:1.1: Line 6 Pocket POD found
[  831.836383][ T5806] snd_usb_pod 4-1:1.1: Line 6 Pocket POD now attached
[  832.374721][T13170] F2FS-fs (loop2): access invalid blkaddr:0
[  832.380873][T13170] CPU: 1 PID: 13170 Comm: syz.2.1781 Not tainted syzkaller #0
[  832.388383][T13170] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  832.398478][T13170] Call Trace:
[  832.401802][T13170]  <TASK>
[  832.404797][T13170]  dump_stack_lvl+0x18c/0x250
[  832.409543][T13170]  ? show_regs_print_info+0x20/0x20
[  832.415336][T13170]  ? __up_read+0x2b6/0x6b0
[  832.419800][T13170]  f2fs_is_valid_blkaddr+0xef8/0x1580
[  832.425237][T13170]  sanity_check_extent_cache+0xfc/0x1f0
[  832.430853][T13170]  f2fs_iget+0x33c5/0x47e0
[  832.435356][T13170]  f2fs_lookup+0x37f/0x780
[  832.439823][T13170]  ? f2fs_encrypted_symlink_getattr+0x50/0x50
[  832.445942][T13170]  ? from_kgid+0x8b/0x690
[  832.450334][T13170]  ? make_vfsuid+0x51/0xb0
[  832.454815][T13170]  ? inode_permission+0xf3/0x480
[  832.459813][T13170]  ? bpf_lsm_inode_create+0x9/0x10
[  832.464982][T13170]  ? security_inode_create+0xb7/0x100
[  832.470415][T13170]  ? f2fs_encrypted_symlink_getattr+0x50/0x50
[  832.476546][T13170]  path_openat+0x10e4/0x3230
[  832.481222][T13170]  ? do_filp_open+0x430/0x430
[  832.485953][T13170]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  832.491650][T13170]  do_filp_open+0x1f5/0x430
[  832.496210][T13170]  ? vfs_tmpfile+0x490/0x490
[  832.500841][T13170]  ? preempt_schedule_common+0x82/0xc0
[  832.506373][T13170]  ? _raw_spin_unlock+0x3a/0x40
[  832.511274][T13170]  ? alloc_fd+0x58f/0x630
[  832.515662][T13170]  do_sys_openat2+0x134/0x1d0
[  832.520414][T13170]  ? do_sys_open+0xe0/0xe0
[  832.524891][T13170]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  832.531015][T13170]  ? lock_chain_count+0x20/0x20
[  832.535900][T13170]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  832.542070][T13170]  __x64_sys_open+0x11f/0x140
[  832.546858][T13170]  do_syscall_64+0x55/0xa0
[  832.551341][T13170]  ? clear_bhb_loop+0x40/0x90
[  832.556065][T13170]  ? clear_bhb_loop+0x40/0x90
[  832.560805][T13170]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  832.566765][T13170] RIP: 0033:0x7fe76259cdd9
[  832.571247][T13170] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  832.590904][T13170] RSP: 002b:00007fe76345f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
[  832.599372][T13170] RAX: ffffffffffffffda RBX: 00007fe762816270 RCX: 00007fe76259cdd9
[  832.607396][T13170] RDX: 0000000000000002 RSI: 0000000000060840 RDI: 00002000009e1000
[  832.615404][T13170] RBP: 00007fe762632d69 R08: 0000000000000000 R09: 0000000000000000
[  832.623425][T13170] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  832.631440][T13170] R13: 00007fe762816308 R14: 00007fe762816270 R15: 00007ffd23be1aa8
[  832.639503][T13170]  </TASK>
[  832.644377][T13170] F2FS-fs (loop2): sanity_check_extent_cache: inode (ino=4) extent info [0, 0, 5178624] is incorrect, run fsck to fix
[  832.705112][T13171] F2FS-fs (loop2): access invalid blkaddr:0
[  832.711317][T13171] CPU: 1 PID: 13171 Comm: syz.2.1781 Not tainted syzkaller #0
[  832.718824][T13171] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  832.728922][T13171] Call Trace:
[  832.732239][T13171]  <TASK>
[  832.735226][T13171]  dump_stack_lvl+0x18c/0x250
[  832.739990][T13171]  ? show_regs_print_info+0x20/0x20
[  832.745256][T13171]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  832.750996][T13171]  f2fs_is_valid_blkaddr+0xef8/0x1580
[  832.756444][T13171]  sanity_check_extent_cache+0xfc/0x1f0
[  832.762086][T13171]  f2fs_iget+0x33c5/0x47e0
[  832.766589][T13171]  f2fs_lookup+0x37f/0x780
[  832.771060][T13171]  ? f2fs_encrypted_symlink_getattr+0x50/0x50
[  832.777187][T13171]  ? lockdep_hardirqs_on+0x98/0x150
[  832.782506][T13171]  __lookup_slow+0x2a1/0x400
[  832.787161][T13171]  ? lookup_one_len+0x2e0/0x2e0
[  832.792080][T13171]  ? try_to_unlazy+0x34c/0x5a0
[  832.796903][T13171]  ? down_read+0x1ac/0x2e0
[  832.801362][T13171]  lookup_slow+0x53/0x70
[  832.805653][T13171]  walk_component+0x2be/0x3f0
[  832.810382][T13171]  ? path_lookupat+0x15c/0x440
[  832.815211][T13171]  path_lookupat+0x169/0x440
[  832.819869][T13171]  filename_lookup+0x228/0x560
[  832.824698][T13171]  ? hashlen_string+0x110/0x110
[  832.829634][T13171]  ? strncpy_from_user+0x197/0x2d0
[  832.834805][T13171]  ? getname_flags+0x20a/0x500
[  832.839630][T13171]  user_path_at_empty+0x42/0x60
[  832.844534][T13171]  __se_sys_mount+0x2a8/0x3d0
[  832.849283][T13171]  ? __x64_sys_mount+0xc0/0xc0
[  832.854095][T13171]  ? lockdep_hardirqs_on+0x98/0x150
[  832.859353][T13171]  ? __x64_sys_mount+0x20/0xc0
[  832.864176][T13171]  do_syscall_64+0x55/0xa0
[  832.868639][T13171]  ? clear_bhb_loop+0x40/0x90
[  832.873400][T13171]  ? clear_bhb_loop+0x40/0x90
[  832.878128][T13171]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  832.884072][T13171] RIP: 0033:0x7fe76259cdd9
[  832.888540][T13171] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  832.908208][T13171] RSP: 002b:00007fe76343e028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  832.916764][T13171] RAX: ffffffffffffffda RBX: 00007fe762816360 RCX: 00007fe76259cdd9
[  832.924782][T13171] RDX: 0000200000000040 RSI: 00002000000001c0 RDI: 0000000000000000
[  832.932796][T13171] RBP: 00007fe762632d69 R08: 0000200000000080 R09: 0000000000000000
[  832.940820][T13171] R10: 0000000000010000 R11: 0000000000000246 R12: 0000000000000000
[  832.948861][T13171] R13: 00007fe7628163f8 R14: 00007fe762816360 R15: 00007ffd23be1aa8
[  832.956910][T13171]  </TASK>
[  832.961329][T13171] F2FS-fs (loop2): sanity_check_extent_cache: inode (ino=4) extent info [0, 0, 5178624] is incorrect, run fsck to fix
[  832.981794][  T786] snd_usb_pod 4-1:1.1: line6_send_raw_message_async_part: usb_submit_urb failed (-22)
[  833.001300][T13169] F2FS-fs (loop2): access invalid blkaddr:0
[  833.008299][T13169] CPU: 1 PID: 13169 Comm: syz.2.1781 Not tainted syzkaller #0
[  833.015821][T13169] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  833.025936][T13169] Call Trace:
[  833.029263][T13169]  <TASK>
[  833.032244][T13169]  dump_stack_lvl+0x18c/0x250
[  833.037005][T13169]  ? show_regs_print_info+0x20/0x20
[  833.042284][T13169]  ? __up_read+0x2b6/0x6b0
[  833.046751][T13169]  f2fs_is_valid_blkaddr+0xef8/0x1580
[  833.052180][T13169]  sanity_check_extent_cache+0xfc/0x1f0
[  833.057774][T13169]  f2fs_iget+0x33c5/0x47e0
[  833.062241][T13169]  f2fs_lookup+0x37f/0x780
[  833.066703][T13169]  ? f2fs_encrypted_symlink_getattr+0x50/0x50
[  833.072811][T13169]  ? d_hash_and_lookup+0x1b0/0x1b0
[  833.077966][T13169]  ? __init_waitqueue_head+0xa9/0x150
[  833.083394][T13169]  __lookup_slow+0x2a1/0x400
[  833.088043][T13169]  ? lookup_one_len+0x2e0/0x2e0
[  833.092938][T13169]  ? try_to_unlazy+0x34c/0x5a0
[  833.097762][T13169]  ? down_read+0x1ac/0x2e0
[  833.102214][T13169]  lookup_slow+0x53/0x70
[  833.106493][T13169]  walk_component+0x2be/0x3f0
[  833.111198][T13169]  ? path_lookupat+0x15c/0x440
[  833.116004][T13169]  path_lookupat+0x169/0x440
[  833.120654][T13169]  filename_lookup+0x228/0x560
[  833.125534][T13169]  ? hashlen_string+0x110/0x110
[  833.130452][T13169]  ? strncpy_from_user+0x197/0x2d0
[  833.135622][T13169]  ? getname_flags+0x20a/0x500
[  833.140431][T13169]  user_path_at_empty+0x42/0x60
[  833.145322][T13169]  do_fchmodat+0xde/0x1e0
[  833.149690][T13169]  ? do_faccessat+0xd00/0xd00
[  833.154429][T13169]  ? syscall_enter_from_user_mode+0x25/0x80
[  833.160361][T13169]  __x64_sys_chmod+0x62/0x70
[  833.164989][T13169]  do_syscall_64+0x55/0xa0
[  833.169440][T13169]  ? clear_bhb_loop+0x40/0x90
[  833.174168][T13169]  ? clear_bhb_loop+0x40/0x90
[  833.178881][T13169]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  833.184805][T13169] RIP: 0033:0x7fe76259cdd9
[  833.189271][T13169] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  833.208917][T13169] RSP: 002b:00007fe763480028 EFLAGS: 00000246 ORIG_RAX: 000000000000005a
[  833.217361][T13169] RAX: ffffffffffffffda RBX: 00007fe762816180 RCX: 00007fe76259cdd9
[  833.225376][T13169] RDX: 0000000000000000 RSI: 00000000000003dc RDI: 0000200000000100
[  833.233400][T13169] RBP: 00007fe762632d69 R08: 0000000000000000 R09: 0000000000000000
[  833.241413][T13169] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  833.249420][T13169] R13: 00007fe762816218 R14: 00007fe762816180 R15: 00007ffd23be1aa8
[  833.257467][T13169]  </TASK>
[  833.261976][T13169] F2FS-fs (loop2): sanity_check_extent_cache: inode (ino=4) extent info [0, 0, 5178624] is incorrect, run fsck to fix
[  833.436575][T13170] F2FS-fs (loop2): access invalid blkaddr:0
[  833.442817][T13170] CPU: 1 PID: 13170 Comm: syz.2.1781 Not tainted syzkaller #0
[  833.450353][T13170] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  833.460463][T13170] Call Trace:
[  833.463786][T13170]  <TASK>
[  833.466777][T13170]  dump_stack_lvl+0x18c/0x250
[  833.471517][T13170]  ? show_regs_print_info+0x20/0x20
[  833.476788][T13170]  ? __up_read+0x2b6/0x6b0
[  833.481249][T13170]  f2fs_is_valid_blkaddr+0xef8/0x1580
[  833.486680][T13170]  sanity_check_extent_cache+0xfc/0x1f0
[  833.492301][T13170]  f2fs_iget+0x33c5/0x47e0
[  833.496809][T13170]  f2fs_lookup+0x37f/0x780
[  833.501274][T13170]  ? f2fs_encrypted_symlink_getattr+0x50/0x50
[  833.507390][T13170]  ? d_hash_and_lookup+0x1b0/0x1b0
[  833.512565][T13170]  ? __init_waitqueue_head+0xa9/0x150
[  833.517989][T13170]  __lookup_slow+0x2a1/0x400
[  833.522652][T13170]  ? lookup_one_len+0x2e0/0x2e0
[  833.527596][T13170]  ? try_to_unlazy+0x34c/0x5a0
[  833.532418][T13170]  ? down_read+0x1ac/0x2e0
[  833.536893][T13170]  lookup_slow+0x53/0x70
[  833.541181][T13170]  walk_component+0x2be/0x3f0
[  833.545902][T13170]  ? path_lookupat+0x15c/0x440
[  833.550723][T13170]  path_lookupat+0x169/0x440
[  833.555379][T13170]  filename_lookup+0x228/0x560
[  833.560209][T13170]  ? hashlen_string+0x110/0x110
[  833.565138][T13170]  ? strncpy_from_user+0x197/0x2d0
[  833.570318][T13170]  ? getname_flags+0x20a/0x500
[  833.575163][T13170]  user_path_at_empty+0x42/0x60
[  833.580075][T13170]  do_fchmodat+0xde/0x1e0
[  833.584494][T13170]  ? do_faccessat+0xd00/0xd00
[  833.589241][T13170]  ? syscall_enter_from_user_mode+0x25/0x80
[  833.595184][T13170]  __x64_sys_chmod+0x62/0x70
[  833.599822][T13170]  do_syscall_64+0x55/0xa0
[  833.604271][T13170]  ? clear_bhb_loop+0x40/0x90
[  833.608993][T13170]  ? clear_bhb_loop+0x40/0x90
[  833.613721][T13170]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  833.619682][T13170] RIP: 0033:0x7fe76259cdd9
[  833.624149][T13170] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  833.643812][T13170] RSP: 002b:00007fe76345f028 EFLAGS: 00000246 ORIG_RAX: 000000000000005a
[  833.652271][T13170] RAX: ffffffffffffffda RBX: 00007fe762816270 RCX: 00007fe76259cdd9
[  833.660282][T13170] RDX: 0000000000000000 RSI: 0000000000000050 RDI: 0000200000000000
[  833.668299][T13170] RBP: 00007fe762632d69 R08: 0000000000000000 R09: 0000000000000000
[  833.676316][T13170] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  833.684345][T13170] R13: 00007fe762816308 R14: 00007fe762816270 R15: 00007ffd23be1aa8
[  833.692389][T13170]  </TASK>
[  833.697089][T13170] F2FS-fs (loop2): sanity_check_extent_cache: inode (ino=4) extent info [0, 0, 5178624] is incorrect, run fsck to fix
[  833.972954][ T5805] usb 3-1: new high-speed USB device number 19 using dummy_hcd
[  834.343693][ T5805] usb 3-1: New USB device found, idVendor=0bda, idProduct=8150, bcdDevice= 0.00
[  834.735587][ T5805] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  834.933544][ T5805] usb 3-1: Product: syz
[  835.048759][ T5805] usb 3-1: Manufacturer: syz
[  835.104000][ T5805] usb 3-1: SerialNumber: syz
[  835.155906][ T5832] usb 4-1: USB disconnect, device number 16
[  835.165226][ T5832] snd_usb_pod 4-1:1.1: Line 6 Pocket POD now disconnected
[  835.466061][ T5805] usb 3-1: can't set config #1, error -71
[  835.477042][ T5805] usb 3-1: USB disconnect, device number 19
[  835.845048][T13181] loop6: detected capacity change from 0 to 16
[  835.926478][T13181] erofs: (device loop6): mounted with root inode @ nid 36.
[  836.081452][ T5776] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  836.555721][T13186] loop3: detected capacity change from 0 to 2048
[  836.579836][T13186] EXT4-fs: quotafile must be on filesystem root
[  837.369258][    T8] IPVS: starting estimator thread 0...
[  837.465884][T13198] IPVS: using max 18 ests per chain, 43200 per kthread
[  838.037343][T13207] loop2: detected capacity change from 0 to 7
[  838.061110][T13207] Dev loop2: unable to read RDB block 7
[  838.077973][T13207]  loop2: unable to read partition table
[  838.083916][T13207] loop2: partition table beyond EOD, truncated
[  838.103483][T13207] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  838.362190][T13209] loop2: detected capacity change from 0 to 4096
[  838.415014][T13209] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  838.567856][T13209] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  840.163256][T13233] loop0: detected capacity change from 0 to 16
[  840.212972][T13233] erofs: (device loop0): mounted with root inode @ nid 36.
[  840.683724][ T5771] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  841.199042][T13239] loop6: detected capacity change from 0 to 512
[  841.280814][T13239] EXT4-fs (loop6): unsupported inode size: 0
[  841.286893][T13239] EXT4-fs (loop6): blocksize: 1024
[  843.344018][T13260] loop2: detected capacity change from 0 to 4096
[  843.371951][T13260] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  843.417029][T13260] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  843.738174][ T5771] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  845.137181][T13267] loop2: detected capacity change from 0 to 131072
[  845.227021][T13267] F2FS-fs (loop2): Found nat_bits in checkpoint
[  845.289340][T13267] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  846.023430][T13272] loop6: detected capacity change from 0 to 16
[  846.046986][T13272] erofs: (device loop6): mounted with root inode @ nid 36.
[  846.368013][T13286] F2FS-fs (loop2): access invalid blkaddr:0
[  846.374043][T13286] CPU: 1 PID: 13286 Comm: syz.2.1816 Not tainted syzkaller #0
[  846.381553][T13286] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  846.391673][T13286] Call Trace:
[  846.395002][T13286]  <TASK>
[  846.397986][T13286]  dump_stack_lvl+0x18c/0x250
[  846.402748][T13286]  ? show_regs_print_info+0x20/0x20
[  846.408048][T13286]  ? __up_read+0x2b6/0x6b0
[  846.412537][T13286]  f2fs_is_valid_blkaddr+0xef8/0x1580
[  846.417993][T13286]  sanity_check_extent_cache+0xfc/0x1f0
[  846.423636][T13286]  f2fs_iget+0x33c5/0x47e0
[  846.428139][T13286]  f2fs_lookup+0x37f/0x780
[  846.432619][T13286]  ? f2fs_encrypted_symlink_getattr+0x50/0x50
[  846.438749][T13286]  ? make_vfsuid+0x51/0xb0
[  846.443234][T13286]  ? inode_permission+0xf3/0x480
[  846.448235][T13286]  ? bpf_lsm_inode_create+0x9/0x10
[  846.453402][T13286]  ? security_inode_create+0xb7/0x100
[  846.458879][T13286]  ? f2fs_encrypted_symlink_getattr+0x50/0x50
[  846.465020][T13286]  path_openat+0x10e4/0x3230
[  846.469707][T13286]  ? do_filp_open+0x430/0x430
[  846.474462][T13286]  ? __virt_addr_valid+0x18c/0x540
[  846.479655][T13286]  do_filp_open+0x1f5/0x430
[  846.484279][T13286]  ? vfs_tmpfile+0x490/0x490
[  846.488989][T13286]  ? _raw_spin_unlock+0x28/0x40
[  846.493907][T13286]  ? alloc_fd+0x58f/0x630
[  846.498317][T13286]  do_sys_openat2+0x134/0x1d0
[  846.503066][T13286]  ? do_sys_open+0xe0/0xe0
[  846.507540][T13286]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  846.513614][T13286]  ? lock_chain_count+0x20/0x20
[  846.518541][T13286]  __x64_sys_open+0x11f/0x140
[  846.523297][T13286]  do_syscall_64+0x55/0xa0
[  846.527771][T13286]  ? clear_bhb_loop+0x40/0x90
[  846.532510][T13286]  ? clear_bhb_loop+0x40/0x90
[  846.537251][T13286]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  846.543233][T13286] RIP: 0033:0x7fe76259cdd9
[  846.547702][T13286] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  846.567375][T13286] RSP: 002b:00007fe763480028 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
[  846.575856][T13286] RAX: ffffffffffffffda RBX: 00007fe762816180 RCX: 00007fe76259cdd9
[  846.583891][T13286] RDX: 0000000000000002 RSI: 0000000000060840 RDI: 00002000009e1000
[  846.591906][T13286] RBP: 00007fe762632d69 R08: 0000000000000000 R09: 0000000000000000
[  846.599943][T13286] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  846.607978][T13286] R13: 00007fe762816218 R14: 00007fe762816180 R15: 00007ffd23be1aa8
[  846.616056][T13286]  </TASK>
[  846.620837][T13286] F2FS-fs (loop2): sanity_check_extent_cache: inode (ino=4) extent info [0, 0, 5178624] is incorrect, run fsck to fix
[  846.637178][T13293] F2FS-fs (loop2): access invalid blkaddr:0
[  846.643182][T13293] CPU: 1 PID: 13293 Comm: syz.2.1816 Not tainted syzkaller #0
[  846.650698][T13293] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  846.660819][T13293] Call Trace:
[  846.664153][T13293]  <TASK>
[  846.667136][T13293]  dump_stack_lvl+0x18c/0x250
[  846.671891][T13293]  ? show_regs_print_info+0x20/0x20
[  846.677196][T13293]  ? __up_read+0x2b6/0x6b0
[  846.681678][T13293]  f2fs_is_valid_blkaddr+0xef8/0x1580
[  846.687127][T13293]  sanity_check_extent_cache+0xfc/0x1f0
[  846.692758][T13293]  f2fs_iget+0x33c5/0x47e0
[  846.697266][T13293]  f2fs_lookup+0x37f/0x780
[  846.701748][T13293]  ? f2fs_encrypted_symlink_getattr+0x50/0x50
[  846.707912][T13293]  ? d_hash_and_lookup+0x1b0/0x1b0
[  846.713100][T13293]  ? __init_waitqueue_head+0xa9/0x150
[  846.718540][T13293]  __lookup_slow+0x2a1/0x400
[  846.723190][T13293]  ? lookup_one_len+0x2e0/0x2e0
[  846.728093][T13293]  ? try_to_unlazy+0x34c/0x5a0
[  846.732985][T13293]  ? down_read+0x1ac/0x2e0
[  846.737449][T13293]  lookup_slow+0x53/0x70
[  846.741741][T13293]  walk_component+0x2be/0x3f0
[  846.746449][T13293]  ? path_lookupat+0x15c/0x440
[  846.751272][T13293]  path_lookupat+0x169/0x440
[  846.755937][T13293]  filename_lookup+0x228/0x560
[  846.760783][T13293]  ? hashlen_string+0x110/0x110
[  846.765703][T13293]  ? strncpy_from_user+0x197/0x2d0
[  846.770866][T13293]  ? getname_flags+0x20a/0x500
[  846.775685][T13293]  user_path_at_empty+0x42/0x60
[  846.780564][T13293]  do_fchmodat+0xde/0x1e0
[  846.784932][T13293]  ? do_faccessat+0xd00/0xd00
[  846.789647][T13293]  ? syscall_enter_from_user_mode+0x25/0x80
[  846.795583][T13293]  __x64_sys_chmod+0x62/0x70
[  846.800216][T13293]  do_syscall_64+0x55/0xa0
[  846.804664][T13293]  ? clear_bhb_loop+0x40/0x90
[  846.809387][T13293]  ? clear_bhb_loop+0x40/0x90
[  846.814102][T13293]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  846.820037][T13293] RIP: 0033:0x7fe76259cdd9
[  846.824484][T13293] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  846.844150][T13293] RSP: 002b:00007fe76343e028 EFLAGS: 00000246 ORIG_RAX: 000000000000005a
[  846.852601][T13293] RAX: ffffffffffffffda RBX: 00007fe762816360 RCX: 00007fe76259cdd9
[  846.860607][T13293] RDX: 0000000000000000 RSI: 0000000000000050 RDI: 0000200000000000
[  846.868627][T13293] RBP: 00007fe762632d69 R08: 0000000000000000 R09: 0000000000000000
[  846.876627][T13293] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  846.884627][T13293] R13: 00007fe7628163f8 R14: 00007fe762816360 R15: 00007ffd23be1aa8
[  846.892754][T13293]  </TASK>
[  846.897540][T13293] F2FS-fs (loop2): sanity_check_extent_cache: inode (ino=4) extent info [0, 0, 5178624] is incorrect, run fsck to fix
[  846.911435][T13290] F2FS-fs (loop2): access invalid blkaddr:0
[  846.917710][T13290] CPU: 0 PID: 13290 Comm: syz.2.1816 Not tainted syzkaller #0
[  846.925225][T13290] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  846.935333][T13290] Call Trace:
[  846.938665][T13290]  <TASK>
[  846.941674][T13290]  dump_stack_lvl+0x18c/0x250
[  846.946428][T13290]  ? show_regs_print_info+0x20/0x20
[  846.951713][T13290]  ? __up_read+0x2b6/0x6b0
[  846.956194][T13290]  f2fs_is_valid_blkaddr+0xef8/0x1580
[  846.961645][T13290]  sanity_check_extent_cache+0xfc/0x1f0
[  846.967269][T13290]  f2fs_iget+0x33c5/0x47e0
[  846.971869][T13290]  f2fs_lookup+0x37f/0x780
[  846.976347][T13290]  ? f2fs_encrypted_symlink_getattr+0x50/0x50
[  846.982490][T13290]  ? d_hash_and_lookup+0x1b0/0x1b0
[  846.987661][T13290]  ? __init_waitqueue_head+0xa9/0x150
[  846.993092][T13290]  __lookup_slow+0x2a1/0x400
[  846.997738][T13290]  ? lookup_one_len+0x2e0/0x2e0
[  847.002669][T13290]  ? try_to_unlazy+0x34c/0x5a0
[  847.007468][T13290]  ? down_read+0x1ac/0x2e0
[  847.011926][T13290]  lookup_slow+0x53/0x70
[  847.016209][T13290]  walk_component+0x2be/0x3f0
[  847.020928][T13290]  ? path_lookupat+0x15c/0x440
[  847.025734][T13290]  path_lookupat+0x169/0x440
[  847.030368][T13290]  filename_lookup+0x228/0x560
[  847.035169][T13290]  ? hashlen_string+0x110/0x110
[  847.040076][T13290]  ? strncpy_from_user+0x197/0x2d0
[  847.045229][T13290]  ? getname_flags+0x20a/0x500
[  847.050033][T13290]  user_path_at_empty+0x42/0x60
[  847.054924][T13290]  do_fchmodat+0xde/0x1e0
[  847.059299][T13290]  ? do_faccessat+0xd00/0xd00
[  847.064013][T13290]  ? syscall_enter_from_user_mode+0x25/0x80
[  847.069967][T13290]  __x64_sys_chmod+0x62/0x70
[  847.074621][T13290]  do_syscall_64+0x55/0xa0
[  847.079083][T13290]  ? clear_bhb_loop+0x40/0x90
[  847.083820][T13290]  ? clear_bhb_loop+0x40/0x90
[  847.088554][T13290]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  847.094486][T13290] RIP: 0033:0x7fe76259cdd9
[  847.098945][T13290] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  847.118605][T13290] RSP: 002b:00007fe76345f028 EFLAGS: 00000246 ORIG_RAX: 000000000000005a
[  847.127058][T13290] RAX: ffffffffffffffda RBX: 00007fe762816270 RCX: 00007fe76259cdd9
[  847.135063][T13290] RDX: 0000000000000000 RSI: 00000000000003dc RDI: 0000200000000100
[  847.143095][T13290] RBP: 00007fe762632d69 R08: 0000000000000000 R09: 0000000000000000
[  847.151107][T13290] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  847.159114][T13290] R13: 00007fe762816308 R14: 00007fe762816270 R15: 00007ffd23be1aa8
[  847.167169][T13290]  </TASK>
[  847.171404][T13290] F2FS-fs (loop2): sanity_check_extent_cache: inode (ino=4) extent info [0, 0, 5178624] is incorrect, run fsck to fix
[  847.218597][T13297] loop6: detected capacity change from 0 to 512
[  847.305256][T13297] EXT4-fs warning (device loop6): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  847.329965][T13297] EXT4-fs warning (device loop6): dx_probe:881: Enable large directory feature to access it
[  847.346352][T13297] EXT4-fs warning (device loop6): dx_probe:966: inode #2: comm syz.6.1821: Corrupt directory, running e2fsck is recommended
[  847.359573][ T7281] usb 3-1: new high-speed USB device number 20 using dummy_hcd
[  847.405982][T13297] EXT4-fs (loop6): Cannot turn on journaled quota: type 1: error -117
[  847.425075][T13297] EXT4-fs error (device loop6): ext4_iget_extra_inode:4739: inode #15: comm syz.6.1821: corrupted in-inode xattr: invalid ea_ino
[  847.447450][T13297] EXT4-fs error (device loop6): ext4_orphan_get:1409: comm syz.6.1821: couldn't read orphan inode 15 (err -117)
[  847.482311][T13297] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  847.558238][T13297] EXT4-fs warning (device loop6): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  847.580075][ T7281] usb 3-1: New USB device found, idVendor=0bda, idProduct=8150, bcdDevice= 0.00
[  847.596070][T13297] EXT4-fs warning (device loop6): dx_probe:881: Enable large directory feature to access it
[  847.606347][T13297] EXT4-fs warning (device loop6): dx_probe:966: inode #2: comm syz.6.1821: Corrupt directory, running e2fsck is recommended
[  847.606764][ T7281] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  847.648688][T13297] EXT4-fs warning (device loop6): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  847.649865][ T7281] usb 3-1: Product: syz
[  847.663695][T13297] EXT4-fs warning (device loop6): dx_probe:881: Enable large directory feature to access it
[  847.677437][T13297] EXT4-fs warning (device loop6): dx_probe:966: inode #2: comm syz.6.1821: Corrupt directory, running e2fsck is recommended
[  847.700619][T13297] EXT4-fs warning (device loop6): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  847.709932][ T7281] usb 3-1: Manufacturer: syz
[  847.723176][ T7281] usb 3-1: SerialNumber: syz
[  847.727877][T13297] EXT4-fs warning (device loop6): dx_probe:881: Enable large directory feature to access it
[  847.727906][T13297] EXT4-fs warning (device loop6): dx_probe:966: inode #2: comm syz.6.1821: Corrupt directory, running e2fsck is recommended
[  847.737727][T13297] EXT4-fs warning (device loop6): ext4_resize_begin:84: There are errors in the filesystem, so online resizing is not allowed
[  847.799983][T13301] loop0: detected capacity change from 0 to 4096
[  847.818637][ T9969] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  847.849578][T13301] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  847.917619][ T7281] usb 3-1: can't set config #1, error -71
[  847.923419][T13301] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  847.970177][ T7281] usb 3-1: USB disconnect, device number 20
[  848.273007][ T5776] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  849.736314][T13323] loop6: detected capacity change from 0 to 512
[  849.759843][T13323] EXT4-fs warning (device loop6): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  849.787452][T13323] EXT4-fs warning (device loop6): dx_probe:881: Enable large directory feature to access it
[  849.809494][T13328] loop3: detected capacity change from 0 to 16
[  849.820376][T13328] erofs: (device loop3): mounted with root inode @ nid 36.
[  849.841580][T13323] EXT4-fs warning (device loop6): dx_probe:966: inode #2: comm syz.6.1833: Corrupt directory, running e2fsck is recommended
[  849.889124][T13323] EXT4-fs (loop6): Cannot turn on journaled quota: type 1: error -117
[  849.912868][T13327] loop0: detected capacity change from 0 to 4096
[  849.924492][T13327] EXT4-fs: Ignoring removed orlov option
[  849.926627][T13323] EXT4-fs error (device loop6): ext4_iget_extra_inode:4739: inode #15: comm syz.6.1833: corrupted in-inode xattr: invalid ea_ino
[  849.946648][T13327] EXT4-fs (loop0): Test dummy encryption mode enabled
[  849.954511][T13323] EXT4-fs error (device loop6): ext4_orphan_get:1409: comm syz.6.1833: couldn't read orphan inode 15 (err -117)
[  849.994243][T13327] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  850.009121][T13323] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  850.036623][T13323] EXT4-fs warning (device loop6): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  850.057234][T13323] EXT4-fs warning (device loop6): dx_probe:881: Enable large directory feature to access it
[  850.070445][T13323] EXT4-fs warning (device loop6): dx_probe:966: inode #2: comm syz.6.1833: Corrupt directory, running e2fsck is recommended
[  850.102734][   T28] audit: type=1800 audit(1777438943.654:42): pid=13327 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1832" name="file1" dev="loop0" ino=19 res=0 errno=0
[  850.138712][T13323] EXT4-fs warning (device loop6): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  850.168815][T13323] EXT4-fs warning (device loop6): dx_probe:881: Enable large directory feature to access it
[  850.215683][T13323] EXT4-fs warning (device loop6): dx_probe:966: inode #2: comm syz.6.1833: Corrupt directory, running e2fsck is recommended
[  850.256422][T13330] EXT4-fs warning (device loop6): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  850.291105][ T5776] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  850.320082][T13323] EXT4-fs warning (device loop6): ext4_resize_begin:84: There are errors in the filesystem, so online resizing is not allowed
[  850.343043][T13330] EXT4-fs warning (device loop6): dx_probe:881: Enable large directory feature to access it
[  850.395747][T13330] EXT4-fs warning (device loop6): dx_probe:966: inode #2: comm syz.6.1833: Corrupt directory, running e2fsck is recommended
[  850.612195][ T9969] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  850.888286][T13341] loop3: detected capacity change from 0 to 512
[  850.951854][T13341] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[  851.024325][T13341] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 48 vs 41 free clusters
[  851.146314][T13341] Quota error (device loop3): write_blk: dquota write failed
[  851.153882][T13341] Quota error (device loop3): find_free_dqentry: Can't write quota data block 5
[  851.233338][T13341] Quota error (device loop3): write_blk: dquota write failed
[  851.253562][T13341] Quota error (device loop3): qtree_write_dquot: Error -28 occurred while creating quota
[  851.282032][T13341] EXT4-fs error (device loop3): ext4_acquire_dquot:6953: comm syz.3.1836: Failed to acquire dquot type 1
[  851.324653][T13341] EXT4-fs (loop3): 1 truncate cleaned up
[  851.341213][T13341] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  851.727883][T13341] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000.
[  851.759559][T13341] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  851.829033][ T5775] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  852.218242][T13358] loop2: detected capacity change from 0 to 4096
[  852.268591][T13361] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  852.797538][T13364] loop2: detected capacity change from 0 to 512
[  852.841365][T13364] EXT4-fs warning (device loop2): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  852.863375][T13364] EXT4-fs warning (device loop2): dx_probe:881: Enable large directory feature to access it
[  852.880961][T13364] EXT4-fs warning (device loop2): dx_probe:966: inode #2: comm syz.2.1843: Corrupt directory, running e2fsck is recommended
[  852.909653][T13364] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -117
[  852.919355][T13364] EXT4-fs error (device loop2): ext4_iget_extra_inode:4739: inode #15: comm syz.2.1843: corrupted in-inode xattr: invalid ea_ino
[  852.949353][T13364] EXT4-fs error (device loop2): ext4_orphan_get:1409: comm syz.2.1843: couldn't read orphan inode 15 (err -117)
[  853.004820][T13364] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  853.072958][T13364] EXT4-fs warning (device loop2): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  853.124483][T13364] EXT4-fs warning (device loop2): dx_probe:881: Enable large directory feature to access it
[  853.162655][T13364] EXT4-fs warning (device loop2): dx_probe:966: inode #2: comm syz.2.1843: Corrupt directory, running e2fsck is recommended
[  853.214224][T13364] EXT4-fs warning (device loop2): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  853.312516][T13364] EXT4-fs warning (device loop2): dx_probe:881: Enable large directory feature to access it
[  853.333118][T13377] EXT4-fs warning (device loop2): ext4_resize_begin:84: There are errors in the filesystem, so online resizing is not allowed
[  853.362226][T13364] EXT4-fs warning (device loop2): dx_probe:966: inode #2: comm syz.2.1843: Corrupt directory, running e2fsck is recommended
[  853.395181][T13374] EXT4-fs warning (device loop2): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  853.426717][T13374] EXT4-fs warning (device loop2): dx_probe:881: Enable large directory feature to access it
[  853.452089][T13374] EXT4-fs warning (device loop2): dx_probe:966: inode #2: comm syz.2.1843: Corrupt directory, running e2fsck is recommended
[  853.607026][ T5771] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  853.856414][ T1283] ieee802154 phy1 wpan1: encryption failed: -22
[  853.924304][T13378] loop3: detected capacity change from 0 to 16
[  853.935581][T13378] erofs: (device loop3): mounted with root inode @ nid 36.
[  853.963994][T13386] autofs4:pid:13386:autofs_fill_super: called with bogus options
[  855.396673][T13405] loop0: detected capacity change from 0 to 512
[  855.491354][T13405] EXT4-fs warning (device loop0): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  855.550521][T13405] EXT4-fs warning (device loop0): dx_probe:881: Enable large directory feature to access it
[  855.589227][T13405] EXT4-fs warning (device loop0): dx_probe:966: inode #2: comm syz.0.1855: Corrupt directory, running e2fsck is recommended
[  855.603432][T13410] loop6: detected capacity change from 0 to 16
[  855.617065][T13405] EXT4-fs (loop0): Cannot turn on journaled quota: type 1: error -117
[  855.649701][T13410] erofs: (device loop6): mounted with root inode @ nid 36.
[  855.670743][T13405] EXT4-fs error (device loop0): ext4_iget_extra_inode:4739: inode #15: comm syz.0.1855: corrupted in-inode xattr: invalid ea_ino
[  855.731401][T13405] EXT4-fs error (device loop0): ext4_orphan_get:1409: comm syz.0.1855: couldn't read orphan inode 15 (err -117)
[  855.749194][T13405] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  855.807209][T13405] EXT4-fs warning (device loop0): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  855.850011][T13405] EXT4-fs warning (device loop0): dx_probe:881: Enable large directory feature to access it
[  855.867718][T13405] EXT4-fs warning (device loop0): dx_probe:966: inode #2: comm syz.0.1855: Corrupt directory, running e2fsck is recommended
[  855.892093][T13405] EXT4-fs warning (device loop0): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  855.907204][T13405] EXT4-fs warning (device loop0): dx_probe:881: Enable large directory feature to access it
[  855.917519][T13405] EXT4-fs warning (device loop0): dx_probe:966: inode #2: comm syz.0.1855: Corrupt directory, running e2fsck is recommended
[  855.934768][T13405] EXT4-fs warning (device loop0): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  855.946624][T13405] EXT4-fs warning (device loop0): dx_probe:881: Enable large directory feature to access it
[  855.963155][T13405] EXT4-fs warning (device loop0): dx_probe:966: inode #2: comm syz.0.1855: Corrupt directory, running e2fsck is recommended
[  855.988890][T13405] EXT4-fs warning (device loop0): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  856.073090][ T5776] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  856.525895][T13422] loop6: detected capacity change from 0 to 2048
[  856.557849][T13422] EXT4-fs: quotafile must be on filesystem root
[  857.714006][T13439] loop2: detected capacity change from 0 to 512
[  857.746789][T13439] EXT4-fs warning (device loop2): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  857.784573][T13439] EXT4-fs warning (device loop2): dx_probe:881: Enable large directory feature to access it
[  857.815220][T13439] EXT4-fs warning (device loop2): dx_probe:966: inode #2: comm syz.2.1865: Corrupt directory, running e2fsck is recommended
[  857.834630][T13439] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -117
[  857.852764][T13439] EXT4-fs error (device loop2): ext4_iget_extra_inode:4739: inode #15: comm syz.2.1865: corrupted in-inode xattr: invalid ea_ino
[  857.871796][T13439] EXT4-fs error (device loop2): ext4_orphan_get:1409: comm syz.2.1865: couldn't read orphan inode 15 (err -117)
[  857.891828][T13439] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  858.050261][T13439] EXT4-fs warning (device loop2): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  858.079861][T13439] EXT4-fs warning (device loop2): dx_probe:881: Enable large directory feature to access it
[  858.090611][T13439] EXT4-fs warning (device loop2): dx_probe:966: inode #2: comm syz.2.1865: Corrupt directory, running e2fsck is recommended
[  858.112794][T13439] EXT4-fs warning (device loop2): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  858.132221][T13439] EXT4-fs warning (device loop2): dx_probe:881: Enable large directory feature to access it
[  858.152835][T13439] EXT4-fs warning (device loop2): dx_probe:966: inode #2: comm syz.2.1865: Corrupt directory, running e2fsck is recommended
[  858.178264][T13445] EXT4-fs warning (device loop2): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  858.194766][T13445] EXT4-fs warning (device loop2): dx_probe:881: Enable large directory feature to access it
[  858.206348][T13445] EXT4-fs warning (device loop2): dx_probe:966: inode #2: comm syz.2.1865: Corrupt directory, running e2fsck is recommended
[  858.231695][T13439] EXT4-fs warning (device loop2): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  858.356231][ T5771] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  858.737243][T13451] loop2: detected capacity change from 0 to 2048
[  858.749347][T13453] loop3: detected capacity change from 0 to 4096
[  858.787622][T13451] EXT4-fs: quotafile must be on filesystem root
[  858.797341][T13453] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  858.874602][T13453] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  859.156151][T13459] loop6: detected capacity change from 0 to 128
[  859.561107][ T5775] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  860.859406][T13476] loop0: detected capacity change from 0 to 512
[  860.903379][T13476] EXT4-fs warning (device loop0): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  860.965889][T13476] EXT4-fs warning (device loop0): dx_probe:881: Enable large directory feature to access it
[  861.045127][T13476] EXT4-fs warning (device loop0): dx_probe:966: inode #2: comm syz.0.1876: Corrupt directory, running e2fsck is recommended
[  861.137971][T13476] EXT4-fs (loop0): Cannot turn on journaled quota: type 1: error -117
[  861.168302][T13476] EXT4-fs error (device loop0): ext4_iget_extra_inode:4739: inode #15: comm syz.0.1876: corrupted in-inode xattr: invalid ea_ino
[  861.247536][T13476] EXT4-fs error (device loop0): ext4_orphan_get:1409: comm syz.0.1876: couldn't read orphan inode 15 (err -117)
[  861.286046][T13476] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  861.345732][T13476] EXT4-fs warning (device loop0): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  861.370432][T13476] EXT4-fs warning (device loop0): dx_probe:881: Enable large directory feature to access it
[  861.391980][T13476] EXT4-fs warning (device loop0): dx_probe:966: inode #2: comm syz.0.1876: Corrupt directory, running e2fsck is recommended
[  861.427938][T13476] EXT4-fs warning (device loop0): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  861.462801][T13476] EXT4-fs warning (device loop0): dx_probe:881: Enable large directory feature to access it
[  861.495383][T13476] EXT4-fs warning (device loop0): dx_probe:966: inode #2: comm syz.0.1876: Corrupt directory, running e2fsck is recommended
[  861.523863][T13483] EXT4-fs warning (device loop0): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  861.542474][T13483] EXT4-fs warning (device loop0): dx_probe:881: Enable large directory feature to access it
[  861.556946][T13483] EXT4-fs warning (device loop0): dx_probe:966: inode #2: comm syz.0.1876: Corrupt directory, running e2fsck is recommended
[  861.582145][T13476] EXT4-fs warning (device loop0): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  861.678663][ T5776] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  862.031138][T13493] loop0: detected capacity change from 0 to 4096
[  862.064778][T13493] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  862.092132][T13489] loop6: detected capacity change from 0 to 2048
[  862.119058][T13493] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  862.136506][T13489] EXT4-fs: quotafile must be on filesystem root
[  862.443646][T13497] loop2: detected capacity change from 0 to 512
[  862.495636][T13497] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[  862.614266][T13497] EXT4-fs (loop2): 1 truncate cleaned up
[  862.637243][T13497] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  862.795008][ T5771] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  862.800795][ T5776] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  863.650123][T13515] loop2: detected capacity change from 0 to 16
[  863.744372][T13515] erofs: (device loop2): mounted with root inode @ nid 36.
[  864.450166][T13528] loop2: detected capacity change from 0 to 7
[  864.471290][T13528] Dev loop2: unable to read RDB block 7
[  864.476965][T13528]  loop2: unable to read partition table
[  864.503803][T13528] loop2: partition table beyond EOD, truncated
[  864.533469][T13528] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  864.565190][T13529] loop0: detected capacity change from 0 to 2048
[  864.620391][T13529] EXT4-fs: quotafile must be on filesystem root
[  864.870300][T13533] loop6: detected capacity change from 0 to 128
[  864.876847][T13532] loop2: detected capacity change from 0 to 4096
[  864.892385][T13532] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  865.033540][T13532] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  866.568719][ T5771] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  867.896885][T13563] loop2: detected capacity change from 0 to 16
[  867.921765][T13563] erofs: (device loop2): mounted with root inode @ nid 36.
[  868.339327][T13575] loop0: detected capacity change from 0 to 4096
[  868.361977][T13575] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  868.390927][T13575] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  868.716677][T13575] kvm: vcpu 0: requested 2210 ns lapic timer period limited to 200000 ns
[  868.955658][ T5776] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  869.797056][T13594] loop2: detected capacity change from 0 to 128
[  870.994108][T13604] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1913'.
[  871.581063][T13612] loop6: detected capacity change from 0 to 4096
[  871.620283][T13612] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  871.681495][T13612] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  872.190691][T13624] loop3: detected capacity change from 0 to 256
[  872.219191][T13624] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  872.368781][ T9969] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  873.210842][    T8] usb 4-1: new high-speed USB device number 17 using dummy_hcd
[  873.413686][    T8] usb 4-1: Using ep0 maxpacket: 32
[  873.425190][    T8] usb 4-1: config index 0 descriptor too short (expected 35577, got 27)
[  873.456375][    T8] usb 4-1: config 1 has too many interfaces: 92, using maximum allowed: 32
[  873.465082][    T8] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 92
[  873.485979][    T8] usb 4-1: config 1 has no interface number 0
[  873.499007][    T8] usb 4-1: config 1 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  873.531821][    T8] usb 4-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17
[  873.566631][    T8] usb 4-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8
[  873.595480][    T8] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  873.622856][    T8] snd_usb_pod 4-1:1.1: Line 6 Pocket POD found
[  873.839112][    T8] snd_usb_pod 4-1:1.1: Line 6 Pocket POD now attached
[  873.924944][T13647] loop2: detected capacity change from 0 to 128
[  873.947830][T13645] loop6: detected capacity change from 0 to 128
[  874.301375][    T8] usb 4-1: USB disconnect, device number 17
[  874.319715][    T8] snd_usb_pod 4-1:1.1: Line 6 Pocket POD now disconnected
[  874.613556][T13654] loop6: detected capacity change from 0 to 4096
[  874.632960][T13654] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  874.650241][T13654] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  874.965446][ T9969] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  875.205817][T13662] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[  875.460951][T13664] loop3: detected capacity change from 0 to 16
[  875.506176][T13664] erofs: (device loop3): mounted with root inode @ nid 36.
[  878.362060][T13683] loop0: detected capacity change from 0 to 4096
[  878.397502][T13683] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  878.424693][T13683] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  878.596532][    T8] usb 4-1: new high-speed USB device number 18 using dummy_hcd
[  878.820635][    T8] usb 4-1: Using ep0 maxpacket: 32
[  878.828103][    T8] usb 4-1: config index 0 descriptor too short (expected 35577, got 27)
[  878.841958][    T8] usb 4-1: config 1 has too many interfaces: 92, using maximum allowed: 32
[  878.855793][    T8] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 92
[  878.906273][    T8] usb 4-1: config 1 has no interface number 0
[  878.923404][    T8] usb 4-1: config 1 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  878.941402][    T8] usb 4-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17
[  878.960839][ T5776] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  878.977822][    T8] usb 4-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8
[  878.988426][    T8] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  879.022052][    T8] snd_usb_pod 4-1:1.1: Line 6 Pocket POD found
[  879.255962][    T8] snd_usb_pod 4-1:1.1: Line 6 Pocket POD now attached
[  879.634358][T13699] loop0: detected capacity change from 0 to 128
[  879.716973][    T8] usb 4-1: USB disconnect, device number 18
[  879.736950][    T8] snd_usb_pod 4-1:1.1: Line 6 Pocket POD now disconnected
[  880.404247][T13704] loop6: detected capacity change from 0 to 128
[  882.480937][T13735] loop0: detected capacity change from 0 to 16
[  882.491332][T13735] erofs: (device loop0): mounted with root inode @ nid 36.
[  883.459249][T13748] loop6: detected capacity change from 0 to 128
[  884.401112][T13757] loop6: detected capacity change from 0 to 128
[  884.484727][T13759] loop2: detected capacity change from 0 to 7
[  884.500447][ T9753] Dev loop2: unable to read RDB block 7
[  884.523699][ T9753]  loop2: AHDI p1 p2 p3
[  884.543509][ T9753] loop2: partition table partially beyond EOD, truncated
[  884.554602][ T9753] loop2: p1 start 1601398130 is beyond EOD, truncated
[  884.570330][ T9753] loop2: p2 start 1702059890 is beyond EOD, truncated
[  884.585156][T13759] Dev loop2: unable to read RDB block 7
[  884.595932][T13759]  loop2: AHDI p1 p2 p3
[  884.608759][T13759] loop2: partition table partially beyond EOD, truncated
[  884.637449][T13759] loop2: p1 start 1601398130 is beyond EOD, truncated
[  884.666110][T13759] loop2: p2 start 1702059890 is beyond EOD, truncated
[  886.693536][T13787] loop2: detected capacity change from 0 to 7
[  886.707120][ T9753] Dev loop2: unable to read RDB block 7
[  886.713307][ T9753]  loop2: AHDI p1 p2 p3
[  886.723868][ T9753] loop2: partition table partially beyond EOD, truncated
[  886.732856][ T9753] loop2: p1 start 1601398130 is beyond EOD, truncated
[  886.757399][ T9753] loop2: p2 start 1702059890 is beyond EOD, truncated
[  886.768445][T13787] Dev loop2: unable to read RDB block 7
[  886.776904][T13787]  loop2: AHDI p1 p2 p3
[  886.792203][T13787] loop2: partition table partially beyond EOD, truncated
[  886.812238][T13787] loop2: p1 start 1601398130 is beyond EOD, truncated
[  886.822347][T13787] loop2: p2 start 1702059890 is beyond EOD, truncated
[  887.035460][T13789] syzkaller0: entered promiscuous mode
[  887.051962][T13789] syzkaller0: entered allmulticast mode
[  888.755278][T13813] loop0: detected capacity change from 0 to 16
[  893.486065][T13813] erofs: (device loop0): erofs_read_superblock: cannot read erofs superblock
[  894.497079][ T9753] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  898.150249][T13860] loop2: detected capacity change from 0 to 512
[  900.758057][T13880] syzkaller0: entered promiscuous mode
[  900.764585][T13880] syzkaller0: entered allmulticast mode
[  900.802221][T13881] loop2: detected capacity change from 0 to 512
[  903.894322][T13912] netlink: 52 bytes leftover after parsing attributes in process `syz.3.2011'.
[  905.081938][T13922] loop6: detected capacity change from 0 to 512
[  905.243644][T13924] syzkaller0: entered promiscuous mode
[  905.251370][T13924] syzkaller0: entered allmulticast mode
[  906.785330][T13940] loop2: detected capacity change from 0 to 256
[  906.820661][T13940] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  907.406520][T13948] loop2: detected capacity change from 0 to 512
[  908.248154][T13953] syzkaller0: entered promiscuous mode
[  908.259681][T13953] syzkaller0: entered allmulticast mode
[  909.751341][T13970] loop6: detected capacity change from 0 to 256
[  909.799117][T13970] FAT-fs (loop6): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  909.868755][T13974] loop0: detected capacity change from 0 to 512
[  910.999142][T13980] syzkaller0: entered promiscuous mode
[  911.004712][T13980] syzkaller0: entered allmulticast mode
[  912.765778][T14003] loop6: detected capacity change from 0 to 16
[  912.801458][T14003] erofs: (device loop6): mounted with root inode @ nid 36.
[  913.631255][T14008] loop2: detected capacity change from 0 to 256
[  913.725188][T14008] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  914.089589][T14010] loop0: detected capacity change from 0 to 512
[  915.306207][T14019] syzkaller0: entered promiscuous mode
[  915.334455][T14019] syzkaller0: entered allmulticast mode
[  916.797182][T14042] loop6: detected capacity change from 0 to 256
[  916.885754][T14042] FAT-fs (loop6): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  918.555886][T14055] loop3: detected capacity change from 0 to 16
[  918.595132][T14055] erofs: (device loop3): mounted with root inode @ nid 36.
[  919.007350][T14060] loop2: detected capacity change from 0 to 512
[  919.652648][ T1283] ieee802154 phy1 wpan1: encryption failed: -22
[  921.267260][T14080] loop2: detected capacity change from 0 to 256
[  921.305776][T14080] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  921.440968][T14086] loop0: detected capacity change from 0 to 512
[  922.713583][T14098] capability: warning: `syz.2.2076' uses 32-bit capabilities (legacy support in use)
[  922.907763][T14102] loop6: detected capacity change from 0 to 16
[  924.924913][T14102] erofs: (device loop6): mounted with root inode @ nid 36.
[  926.394003][T14118] loop0: detected capacity change from 0 to 256
[  926.494322][T14118] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  926.650557][T14124] loop6: detected capacity change from 0 to 512
[  927.691430][T14131] loop2: detected capacity change from 0 to 764
[  927.910593][T14131] Symlink component flag not implemented
[  927.933881][T14131] Symlink component flag not implemented
[  927.955225][T14131] Symlink component flag not implemented (128)
[  928.051601][T14131] Symlink component flag not implemented (105)
[  928.312968][T14142] loop0: detected capacity change from 0 to 16
[  930.375657][T14142] erofs: (device loop0): mounted with root inode @ nid 36.
[  931.371314][T14149] loop3: detected capacity change from 0 to 1024
[  931.416883][T14149] EXT4-fs (loop3): stripe (4) is not aligned with cluster size (4096), stripe is disabled
[  931.723221][T14149] EXT4-fs error (device loop3): ext4_map_blocks:610: inode #3: block 2: comm syz.3.2092: lblock 2 mapped to illegal pblock 2 (length 1)
[  932.914567][T14155] loop2: detected capacity change from 0 to 131072
[  933.014065][T14149] Quota error (device loop3): qtree_write_dquot: dquota write failed
[  933.050716][T14155] F2FS-fs (loop2): Found nat_bits in checkpoint
[  933.117614][T14155] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  933.158715][T14149] EXT4-fs error (device loop3): ext4_map_blocks:610: inode #3: block 48: comm syz.3.2092: lblock 0 mapped to illegal pblock 48 (length 1)
[  933.274145][T14149] Quota error (device loop3): v2_write_file_info: Can't write info structure
[  933.284426][T14149] EXT4-fs error (device loop3): ext4_acquire_dquot:6953: comm syz.3.2092: Failed to acquire dquot type 0
[  933.351783][T14149] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5939: Corrupt filesystem
[  933.441981][T14149] EXT4-fs error (device loop3): ext4_evict_inode:254: inode #11: comm syz.3.2092: mark_inode_dirty error
[  933.471135][T14149] EXT4-fs warning (device loop3): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[  933.482095][T14149] EXT4-fs (loop3): 1 orphan inode deleted
[  933.508863][T14149] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  933.880436][T14168] F2FS-fs (loop2): access invalid blkaddr:0
[  933.886580][T14168] CPU: 1 PID: 14168 Comm: syz.2.2091 Not tainted syzkaller #0
[  933.894090][T14168] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  933.904251][T14168] Call Trace:
[  933.907575][T14168]  <TASK>
[  933.910556][T14168]  dump_stack_lvl+0x18c/0x250
[  933.915308][T14168]  ? show_regs_print_info+0x20/0x20
[  933.920579][T14168]  ? __up_read+0x2b6/0x6b0
[  933.925053][T14168]  f2fs_is_valid_blkaddr+0xef8/0x1580
[  933.930518][T14168]  sanity_check_extent_cache+0xfc/0x1f0
[  933.936161][T14168]  f2fs_iget+0x33c5/0x47e0
[  933.940671][T14168]  f2fs_lookup+0x37f/0x780
[  933.945139][T14168]  ? f2fs_encrypted_symlink_getattr+0x50/0x50
[  933.951268][T14168]  ? make_vfsuid+0x51/0xb0
[  933.955750][T14168]  ? inode_permission+0xf3/0x480
[  933.960744][T14168]  ? bpf_lsm_inode_create+0x9/0x10
[  933.965906][T14168]  ? security_inode_create+0xb7/0x100
[  933.971333][T14168]  ? f2fs_encrypted_symlink_getattr+0x50/0x50
[  933.977463][T14168]  path_openat+0x10e4/0x3230
[  933.982138][T14168]  ? do_filp_open+0x430/0x430
[  933.986885][T14168]  do_filp_open+0x1f5/0x430
[  933.991440][T14168]  ? vfs_tmpfile+0x490/0x490
[  933.996076][T14168]  ? preempt_schedule_common+0x82/0xc0
[  934.001608][T14168]  ? _raw_spin_unlock+0x3a/0x40
[  934.006511][T14168]  ? alloc_fd+0x58f/0x630
[  934.010914][T14168]  do_sys_openat2+0x134/0x1d0
[  934.015659][T14168]  ? do_sys_open+0xe0/0xe0
[  934.020123][T14168]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  934.026157][T14168]  ? lock_chain_count+0x20/0x20
[  934.031067][T14168]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  934.037110][T14168]  __x64_sys_open+0x11f/0x140
[  934.041847][T14168]  do_syscall_64+0x55/0xa0
[  934.046317][T14168]  ? clear_bhb_loop+0x40/0x90
[  934.051060][T14168]  ? clear_bhb_loop+0x40/0x90
[  934.055801][T14168]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  934.061753][T14168] RIP: 0033:0x7fe76259cdd9
[  934.066225][T14168] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  934.085884][T14168] RSP: 002b:00007fe76345f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
[  934.094361][T14168] RAX: ffffffffffffffda RBX: 00007fe762816270 RCX: 00007fe76259cdd9
[  934.102431][T14168] RDX: 0000000000000002 RSI: 0000000000060840 RDI: 00002000009e1000
[  934.110478][T14168] RBP: 00007fe762632d69 R08: 0000000000000000 R09: 0000000000000000
[  934.118514][T14168] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  934.126537][T14168] R13: 00007fe762816308 R14: 00007fe762816270 R15: 00007ffd23be1aa8
[  934.134604][T14168]  </TASK>
[  934.139436][T14168] F2FS-fs (loop2): sanity_check_extent_cache: inode (ino=4) extent info [0, 0, 5178624] is incorrect, run fsck to fix
[  934.186309][T14169] F2FS-fs (loop2): access invalid blkaddr:0
[  934.192376][T14169] CPU: 1 PID: 14169 Comm: syz.2.2091 Not tainted syzkaller #0
[  934.199890][T14169] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  934.209997][T14169] Call Trace:
[  934.213323][T14169]  <TASK>
[  934.216297][T14169]  dump_stack_lvl+0x18c/0x250
[  934.221053][T14169]  ? show_regs_print_info+0x20/0x20
[  934.226325][T14169]  ? __up_read+0x31b/0x6b0
[  934.230806][T14169]  f2fs_is_valid_blkaddr+0xef8/0x1580
[  934.236252][T14169]  sanity_check_extent_cache+0xfc/0x1f0
[  934.241864][T14169]  f2fs_iget+0x33c5/0x47e0
[  934.246367][T14169]  f2fs_lookup+0x37f/0x780
[  934.250841][T14169]  ? f2fs_encrypted_symlink_getattr+0x50/0x50
[  934.256964][T14169]  ? d_hash_and_lookup+0x1b0/0x1b0
[  934.262144][T14169]  ? __init_waitqueue_head+0xa9/0x150
[  934.267664][T14169]  __lookup_slow+0x2a1/0x400
[  934.272325][T14169]  ? lookup_one_len+0x2e0/0x2e0
[  934.277279][T14169]  ? try_to_unlazy+0x34c/0x5a0
[  934.282103][T14169]  ? down_read+0x1ac/0x2e0
[  934.286577][T14169]  lookup_slow+0x53/0x70
[  934.290867][T14169]  walk_component+0x2be/0x3f0
[  934.295614][T14169]  ? path_lookupat+0x15c/0x440
[  934.300446][T14169]  path_lookupat+0x169/0x440
[  934.305104][T14169]  filename_lookup+0x228/0x560
[  934.309936][T14169]  ? hashlen_string+0x110/0x110
[  934.314874][T14169]  ? strncpy_from_user+0x286/0x2d0
[  934.320040][T14169]  ? getname_flags+0x20a/0x500
[  934.324859][T14169]  user_path_at_empty+0x42/0x60
[  934.329768][T14169]  __se_sys_mount+0x2a8/0x3d0
[  934.334501][T14169]  ? __x64_sys_mount+0xc0/0xc0
[  934.339326][T14169]  ? lockdep_hardirqs_on+0x98/0x150
[  934.344582][T14169]  ? __x64_sys_mount+0x20/0xc0
[  934.349396][T14169]  do_syscall_64+0x55/0xa0
[  934.353856][T14169]  ? clear_bhb_loop+0x40/0x90
[  934.358594][T14169]  ? clear_bhb_loop+0x40/0x90
[  934.363363][T14169]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  934.369316][T14169] RIP: 0033:0x7fe76259cdd9
[  934.373810][T14169] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  934.393478][T14169] RSP: 002b:00007fe76343e028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  934.401951][T14169] RAX: ffffffffffffffda RBX: 00007fe762816360 RCX: 00007fe76259cdd9
[  934.409977][T14169] RDX: 0000200000000040 RSI: 00002000000001c0 RDI: 0000000000000000
[  934.418016][T14169] RBP: 00007fe762632d69 R08: 0000200000000080 R09: 0000000000000000
[  934.426059][T14169] R10: 0000000000010000 R11: 0000000000000246 R12: 0000000000000000
[  934.434080][T14169] R13: 00007fe7628163f8 R14: 00007fe762816360 R15: 00007ffd23be1aa8
[  934.442121][T14169]  </TASK>
[  934.446766][T14169] F2FS-fs (loop2): sanity_check_extent_cache: inode (ino=4) extent info [0, 0, 5178624] is incorrect, run fsck to fix
[  934.567518][ T9356] EXT4-fs error (device loop3): ext4_map_blocks:610: inode #3: block 1: comm kworker/u4:15: lblock 1 mapped to illegal pblock 1 (length 1)
[  934.588061][T14167] F2FS-fs (loop2): access invalid blkaddr:0
[  934.594157][T14167] CPU: 1 PID: 14167 Comm: syz.2.2091 Not tainted syzkaller #0
[  934.601682][T14167] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  934.611804][T14167] Call Trace:
[  934.615137][T14167]  <TASK>
[  934.618124][T14167]  dump_stack_lvl+0x18c/0x250
[  934.622889][T14167]  ? show_regs_print_info+0x20/0x20
[  934.628200][T14167]  ? __up_read+0x2b6/0x6b0
[  934.632689][T14167]  f2fs_is_valid_blkaddr+0xef8/0x1580
[  934.638142][T14167]  sanity_check_extent_cache+0xfc/0x1f0
[  934.643789][T14167]  f2fs_iget+0x33c5/0x47e0
[  934.648328][T14167]  f2fs_lookup+0x37f/0x780
[  934.652818][T14167]  ? f2fs_encrypted_symlink_getattr+0x50/0x50
[  934.658963][T14167]  ? d_hash_and_lookup+0x1b0/0x1b0
[  934.664160][T14167]  ? __init_waitqueue_head+0xa9/0x150
[  934.669602][T14167]  __lookup_slow+0x2a1/0x400
[  934.674263][T14167]  ? lookup_one_len+0x2e0/0x2e0
[  934.679186][T14167]  ? try_to_unlazy+0x34c/0x5a0
[  934.684004][T14167]  ? down_read+0x1ac/0x2e0
[  934.688505][T14167]  lookup_slow+0x53/0x70
[  934.692795][T14167]  walk_component+0x2be/0x3f0
[  934.697522][T14167]  ? path_lookupat+0x15c/0x440
[  934.702345][T14167]  path_lookupat+0x169/0x440
[  934.707030][T14167]  filename_lookup+0x228/0x560
[  934.711866][T14167]  ? hashlen_string+0x110/0x110
[  934.716818][T14167]  ? strncpy_from_user+0x197/0x2d0
[  934.722034][T14167]  ? getname_flags+0x20a/0x500
[  934.726949][T14167]  user_path_at_empty+0x42/0x60
[  934.731883][T14167]  do_fchmodat+0xde/0x1e0
[  934.736284][T14167]  ? do_faccessat+0xd00/0xd00
[  934.741010][T14167]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  934.747074][T14167]  ? syscall_enter_from_user_mode+0x25/0x80
[  934.753040][T14167]  __x64_sys_chmod+0x62/0x70
[  934.757695][T14167]  do_syscall_64+0x55/0xa0
[  934.762158][T14167]  ? clear_bhb_loop+0x40/0x90
[  934.766883][T14167]  ? clear_bhb_loop+0x40/0x90
[  934.771616][T14167]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  934.777566][T14167] RIP: 0033:0x7fe76259cdd9
[  934.782051][T14167] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  934.801720][T14167] RSP: 002b:00007fe763480028 EFLAGS: 00000246 ORIG_RAX: 000000000000005a
[  934.810190][T14167] RAX: ffffffffffffffda RBX: 00007fe762816180 RCX: 00007fe76259cdd9
[  934.818213][T14167] RDX: 0000000000000000 RSI: 00000000000003dc RDI: 0000200000000100
[  934.826239][T14167] RBP: 00007fe762632d69 R08: 0000000000000000 R09: 0000000000000000
[  934.834261][T14167] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  934.842280][T14167] R13: 00007fe762816218 R14: 00007fe762816180 R15: 00007ffd23be1aa8
[  934.850319][T14167]  </TASK>
[  934.855229][T14167] F2FS-fs (loop2): sanity_check_extent_cache: inode (ino=4) extent info [0, 0, 5178624] is incorrect, run fsck to fix
[  935.101463][ T9356] Quota error (device loop3): remove_tree: Can't read quota data block 1
[  935.178265][T14168] F2FS-fs (loop2): access invalid blkaddr:0
[  935.184523][T14168] CPU: 1 PID: 14168 Comm: syz.2.2091 Not tainted syzkaller #0
[  935.192052][T14168] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  935.202177][T14168] Call Trace:
[  935.205507][T14168]  <TASK>
[  935.208477][T14168]  dump_stack_lvl+0x18c/0x250
[  935.213230][T14168]  ? show_regs_print_info+0x20/0x20
[  935.218490][T14168]  ? lock_chain_count+0x20/0x20
[  935.223397][T14168]  ? lockdep_hardirqs_on+0x98/0x150
[  935.228650][T14168]  f2fs_is_valid_blkaddr+0xef8/0x1580
[  935.234106][T14168]  sanity_check_extent_cache+0xfc/0x1f0
[  935.239785][T14168]  f2fs_iget+0x33c5/0x47e0
[  935.244310][T14168]  f2fs_lookup+0x37f/0x780
[  935.248816][T14168]  ? f2fs_encrypted_symlink_getattr+0x50/0x50
[  935.254937][T14168]  ? d_hash_and_lookup+0x1b0/0x1b0
[  935.260101][T14168]  ? __init_waitqueue_head+0xa9/0x150
[  935.265528][T14168]  __lookup_slow+0x2a1/0x400
[  935.270211][T14168]  ? lookup_one_len+0x2e0/0x2e0
[  935.275141][T14168]  ? try_to_unlazy+0x34c/0x5a0
[  935.279962][T14168]  ? down_read+0x1ac/0x2e0
[  935.284426][T14168]  lookup_slow+0x53/0x70
[  935.288716][T14168]  walk_component+0x2be/0x3f0
[  935.293451][T14168]  ? path_lookupat+0x15c/0x440
[  935.298280][T14168]  path_lookupat+0x169/0x440
[  935.302948][T14168]  filename_lookup+0x228/0x560
[  935.307774][T14168]  ? hashlen_string+0x110/0x110
[  935.312737][T14168]  ? strncpy_from_user+0x197/0x2d0
[  935.317906][T14168]  ? getname_flags+0x20a/0x500
[  935.322733][T14168]  user_path_at_empty+0x42/0x60
[  935.327637][T14168]  do_fchmodat+0xde/0x1e0
[  935.332027][T14168]  ? do_faccessat+0xd00/0xd00
[  935.336786][T14168]  __x64_sys_chmod+0x62/0x70
[  935.341428][T14168]  do_syscall_64+0x55/0xa0
[  935.345894][T14168]  ? clear_bhb_loop+0x40/0x90
[  935.350631][T14168]  ? clear_bhb_loop+0x40/0x90
[  935.355355][T14168]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  935.361297][T14168] RIP: 0033:0x7fe76259cdd9
[  935.365750][T14168] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  935.385402][T14168] RSP: 002b:00007fe76345f028 EFLAGS: 00000246 ORIG_RAX: 000000000000005a
[  935.393869][T14168] RAX: ffffffffffffffda RBX: 00007fe762816270 RCX: 00007fe76259cdd9
[  935.401882][T14168] RDX: 0000000000000000 RSI: 0000000000000050 RDI: 0000200000000000
[  935.409895][T14168] RBP: 00007fe762632d69 R08: 0000000000000000 R09: 0000000000000000
[  935.417914][T14168] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  935.425933][T14168] R13: 00007fe762816308 R14: 00007fe762816270 R15: 00007ffd23be1aa8
[  935.433973][T14168]  </TASK>
[  935.438559][T14168] F2FS-fs (loop2): sanity_check_extent_cache: inode (ino=4) extent info [0, 0, 5178624] is incorrect, run fsck to fix
[  935.455415][ T5805] usb 3-1: new high-speed USB device number 21 using dummy_hcd
[  935.645595][ T9356] EXT4-fs error (device loop3): ext4_release_dquot:6989: comm kworker/u4:15: Failed to release dquot type 0
[  935.680485][T14149] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  935.693627][T14149] EXT4-fs error (device loop3): __ext4_get_inode_loc:4496: comm syz.3.2092: Invalid inode table block 1 in block_group 0
[  935.738730][T14149] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5939: Corrupt filesystem
[  935.799816][ T5805] usb 3-1: New USB device found, idVendor=0bda, idProduct=8150, bcdDevice= 0.00
[  935.923482][T14149] EXT4-fs error (device loop3): ext4_quota_off:7237: inode #3: comm syz.3.2092: mark_inode_dirty error
[  936.007707][ T5805] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  936.019826][T14172] loop0: detected capacity change from 0 to 256
[  936.055744][ T5805] usb 3-1: Product: syz
[  936.081330][ T5805] usb 3-1: Manufacturer: syz
[  936.112004][T14172] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  936.124214][T14174] loop6: detected capacity change from 0 to 512
[  936.135104][ T5805] usb 3-1: SerialNumber: syz
[  936.656026][ T5805] usb 3-1: can't set config #1, error -71
[  936.737173][ T5805] usb 3-1: USB disconnect, device number 21
[  937.335459][T14186] loop0: detected capacity change from 0 to 1024
[  937.365105][T14186] EXT4-fs: inline encryption not supported
[  937.371451][T14186] EXT4-fs: Ignoring removed mblk_io_submit option
[  937.378009][T14186] EXT4-fs: Ignoring removed mblk_io_submit option
[  937.391759][T14186] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  937.621339][T14191] loop6: detected capacity change from 0 to 16
[  937.785889][T14191] erofs: (device loop6): mounted with root inode @ nid 36.
[  937.934797][T14186] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  938.260000][T14186] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  940.617284][T14211] loop6: detected capacity change from 0 to 256
[  940.641173][T14211] FAT-fs (loop6): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  941.102086][T14225] loop6: detected capacity change from 0 to 256
[  941.116513][T14225] FAT-fs (loop6): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  941.294656][ T5805] usb 1-1: new high-speed USB device number 13 using dummy_hcd
[  941.549148][T14231] loop2: detected capacity change from 0 to 16
[  941.600498][T14231] erofs: (device loop2): mounted with root inode @ nid 36.
[  941.690799][ T5805] usb 1-1: config 0 has no interfaces?
[  941.849402][ T5805] usb 1-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  942.135694][ T5805] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  942.233004][ T5805] usb 1-1: config 0 descriptor??
[  942.478800][   T28] audit: type=1800 audit(1777439030.103:43): pid=14225 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.6.2113" name="file1" dev="loop6" ino=1048722 res=0 errno=0
[  942.509601][T14215] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  942.553908][T14215] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  942.597033][ T5805] usb 1-1: USB disconnect, device number 13
[  943.182035][T14236] loop3: detected capacity change from 0 to 16
[  943.249868][T14236] erofs: (device loop3): mounted with root inode @ nid 36.
[  944.723167][ T5805] usb 1-1: new full-speed USB device number 14 using dummy_hcd
[  945.055168][ T5805] usb 1-1: device descriptor read/all, error -71
[  945.214576][T14246] loop6: detected capacity change from 0 to 256
[  945.275418][T14246] FAT-fs (loop6): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  946.035889][ T5805] usb 1-1: new high-speed USB device number 15 using dummy_hcd
[  946.072037][T14264] loop2: detected capacity change from 0 to 256
[  946.119193][T14264] FAT-fs (loop2): Directory bread(block 64) failed
[  946.132433][T14264] FAT-fs (loop2): Directory bread(block 65) failed
[  946.156831][T14264] FAT-fs (loop2): Directory bread(block 66) failed
[  946.163630][T14264] FAT-fs (loop2): Directory bread(block 67) failed
[  946.190285][T14264] FAT-fs (loop2): Directory bread(block 68) failed
[  946.206469][T14264] FAT-fs (loop2): Directory bread(block 69) failed
[  946.223355][T14264] FAT-fs (loop2): Directory bread(block 70) failed
[  946.235273][T14264] FAT-fs (loop2): Directory bread(block 71) failed
[  946.253819][ T5805] usb 1-1: config 0 has an invalid interface number: 69 but max is 0
[  946.262325][T14264] FAT-fs (loop2): Directory bread(block 72) failed
[  946.262367][T14264] FAT-fs (loop2): Directory bread(block 73) failed
[  946.335113][ T5805] usb 1-1: config 0 has no interface number 0
[  946.342592][T14264] syz.2.2128: attempt to access beyond end of device
[  946.342592][T14264] loop2: rw=524288, sector=1768, nr_sectors = 4 limit=256
[  946.360297][ T5805] usb 1-1: config 0 interface 69 altsetting 0 bulk endpoint 0x8 has invalid maxpacket 1023
[  946.386719][T14264] syz.2.2128: attempt to access beyond end of device
[  946.386719][T14264] loop2: rw=0, sector=1768, nr_sectors = 4 limit=256
[  946.388905][ T5805] usb 1-1: config 0 interface 69 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  946.414005][ T5805] usb 1-1: New USB device found, idVendor=0c4b, idProduct=0100, bcdDevice=d7.ca
[  946.427342][ T5805] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  946.435682][ T5805] usb 1-1: Product: syz
[  946.439910][ T5805] usb 1-1: Manufacturer: syz
[  946.447851][   T28] audit: type=1800 audit(1777439033.818:44): pid=14264 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.2128" name="file1" dev="loop2" ino=1048723 res=0 errno=0
[  946.468197][ T5805] usb 1-1: SerialNumber: syz
[  946.479432][ T5805] usb 1-1: config 0 descriptor??
[  946.494417][T14254] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  946.511753][ T5805] cyberjack 1-1:0.69: Reiner SCT Cyberjack USB card reader converter detected
[  946.546577][ T5805] usb 1-1: Reiner SCT Cyberjack USB card reader converter now attached to ttyUSB0
[  946.806165][T14254] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  946.838929][T14254] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  946.914585][T14269] loop2: detected capacity change from 0 to 512
[  946.962271][T14269] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  947.120621][T14269] ------------[ cut here ]------------
[  947.127093][T14269] EA inode 11 i_nlink=0
[  947.147624][T14269] WARNING: CPU: 0 PID: 14269 at fs/ext4/xattr.c:1059 ext4_xattr_inode_update_ref+0x53c/0x590
[  947.162397][T14269] Modules linked in:
[  947.166371][T14269] CPU: 0 PID: 14269 Comm: syz.2.2129 Not tainted syzkaller #0
[  947.173939][T14269] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  947.184149][T14269] RIP: 0010:ext4_xattr_inode_update_ref+0x53c/0x590
[  947.191604][T14269] Code: 8d 7e 50 4c 89 f8 48 c1 e8 03 42 80 3c 20 00 74 08 4c 89 ff e8 35 d5 98 ff 49 8b 37 48 c7 c7 20 d8 de 8a 89 da e8 74 54 0a ff <0f> 0b 4c 8b 74 24 08 4c 8b 7c 24 10 e9 ab fe ff ff e8 be f5 3f 08
[  947.211527][T14269] RSP: 0018:ffffc900051af1a0 EFLAGS: 00010246
[  947.217709][T14269] RAX: 9c884b8351678b00 RBX: 0000000000000000 RCX: 0000000000080000
[  947.225792][T14269] RDX: ffffc9000bfe9000 RSI: 000000000004b834 RDI: 000000000004b835
[  947.234174][T14269] RBP: ffffc900051af298 R08: ffff8880b8e28c13 R09: 1ffff110171c5182
[  947.242218][T14269] R10: dffffc0000000000 R11: ffffed10171c5183 R12: dffffc0000000000
[  947.251022][T14269] R13: ffff8880780dd4a8 R14: ffff8880780dd2b0 R15: ffff8880780dd300
[  947.259247][T14269] FS:  00007fe7634c26c0(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000
[  947.268310][T14269] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  947.274973][T14269] CR2: 00007ff9ad7ad000 CR3: 000000006446a000 CR4: 00000000003506f0
[  947.283122][T14269] Call Trace:
[  947.286537][T14269]  <TASK>
[  947.289531][T14269]  ? ext4_xattr_list_entries+0x3d0/0x3d0
[  947.295245][T14269]  ? ext4_xattr_inode_iget+0x3df/0x600
[  947.300851][T14269]  ext4_xattr_set_entry+0xcda/0x1e90
[  947.306242][T14269]  ext4_xattr_ibody_set+0x254/0x6a0
[  947.311687][T14269]  ext4_expand_extra_isize_ea+0x1398/0x1e80
[  947.317726][T14269]  __ext4_expand_extra_isize+0x306/0x400
[  947.323556][T14269]  __ext4_mark_inode_dirty+0x45d/0x6e0
[  947.329156][T14269]  ext4_evict_inode+0x7f3/0xea0
[  947.334079][T14269]  ? _raw_spin_unlock+0x28/0x40
[  947.339035][T14269]  ? ext4_inode_is_fast_symlink+0x390/0x390
[  947.345050][T14269]  ? do_raw_spin_unlock+0x121/0x230
[  947.349513][T14254] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  947.350343][T14269]  ? ext4_inode_is_fast_symlink+0x390/0x390
[  947.365592][T14269]  evict+0x4ca/0x8d0
[  947.369570][T14269]  ? proc_nr_inodes+0x230/0x230
[  947.374626][T14269]  ? do_raw_spin_unlock+0x121/0x230
[  947.379904][T14269]  ? _raw_spin_unlock+0x28/0x40
[  947.384929][T14269]  ? iput+0x706/0x920
[  947.389002][T14269]  ext4_orphan_cleanup+0xbec/0x1420
[  947.394557][T14269]  ? ext4_orphan_del+0xbf0/0xbf0
[  947.399565][T14269]  ? ext4_register_li_request+0x183/0x940
[  947.405436][T14269]  ? errseq_check_and_advance+0x66/0x120
[  947.411150][T14269]  ext4_fill_super+0x5eea/0x67b0
[  947.416251][T14269]  ? ext4_parse_test_dummy_encryption+0xb0/0xb0
[  947.422568][T14269]  ? __might_sleep+0xe0/0xe0
[  947.427291][T14269]  ? read_lock_is_recursive+0x20/0x20
[  947.432732][T14269]  ? snprintf+0xe9/0x140
[  947.437134][T14269]  ? down_read_killable+0x340/0x340
[  947.442422][T14269]  ? setup_bdev_super+0x56b/0x660
[  947.447592][T14269]  get_tree_bdev+0x3f3/0x520
[  947.452266][T14269]  ? vfs_parse_fs_string+0x170/0x170
[  947.457757][T14269]  ? ext4_parse_test_dummy_encryption+0xb0/0xb0
[  947.464091][T14269]  ? setup_bdev_super+0x660/0x660
[  947.470035][T14269]  ? apparmor_capable+0x137/0x1a0
[  947.475137][T14269]  ? bpf_lsm_capable+0x9/0x10
[  947.480063][T14269]  ? security_capable+0x89/0xb0
[  947.485191][T14269]  vfs_get_tree+0x8c/0x280
[  947.489725][T14269]  do_new_mount+0x24b/0xa40
[  947.494326][T14269]  __se_sys_mount+0x2e7/0x3d0
[  947.499079][T14269]  ? __x64_sys_mount+0xc0/0xc0
[  947.504028][T14269]  ? lockdep_hardirqs_on+0x98/0x150
[  947.509307][T14269]  ? __x64_sys_mount+0x20/0xc0
[  947.514189][T14269]  do_syscall_64+0x55/0xa0
[  947.518668][T14269]  ? clear_bhb_loop+0x40/0x90
[  947.523451][T14269]  ? clear_bhb_loop+0x40/0x90
[  947.528202][T14269]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  947.534228][T14269] RIP: 0033:0x7fe76259e04a
[  947.538706][T14269] Code: 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  947.558995][T14269] RSP: 002b:00007fe7634c1e58 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  947.567544][T14269] RAX: ffffffffffffffda RBX: 00007fe7634c1ee0 RCX: 00007fe76259e04a
[  947.576303][T14269] RDX: 0000200000000180 RSI: 0000200000000000 RDI: 00007fe7634c1ea0
[  947.584354][T14269] RBP: 0000200000000180 R08: 00007fe7634c1ee0 R09: 0000000000000000
[  947.592528][T14269] R10: 0000000000000000 R11: 0000000000000246 R12: 0000200000000000
[  947.600646][T14269] R13: 00007fe7634c1ea0 R14: 000000000000047a R15: 00002000000001c0
[  947.608751][T14269]  </TASK>
[  947.611826][T14269] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  947.619160][T14269] CPU: 0 PID: 14269 Comm: syz.2.2129 Not tainted syzkaller #0
[  947.626672][T14269] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  947.636786][T14269] Call Trace:
[  947.640112][T14269]  <TASK>
[  947.643099][T14269]  dump_stack_lvl+0x18c/0x250
[  947.647869][T14269]  ? show_regs_print_info+0x20/0x20
[  947.653150][T14269]  ? load_image+0x420/0x420
[  947.657742][T14269]  panic+0x2dc/0x730
[  947.661704][T14269]  ? bpf_jit_dump+0xd0/0xd0
[  947.666279][T14269]  __warn+0x2e0/0x470
[  947.670324][T14269]  ? ext4_xattr_inode_update_ref+0x53c/0x590
[  947.676354][T14269]  ? ext4_xattr_inode_update_ref+0x53c/0x590
[  947.682389][T14269]  report_bug+0x2be/0x4f0
[  947.686781][T14269]  ? ext4_xattr_inode_update_ref+0x53c/0x590
[  947.692813][T14269]  ? ext4_xattr_inode_update_ref+0x53c/0x590
[  947.698836][T14269]  ? ext4_xattr_inode_update_ref+0x53e/0x590
[  947.704861][T14269]  handle_bug+0xcf/0x120
[  947.709154][T14269]  exc_invalid_op+0x1a/0x50
[  947.713695][T14269]  asm_exc_invalid_op+0x1a/0x20
[  947.718588][T14269] RIP: 0010:ext4_xattr_inode_update_ref+0x53c/0x590
[  947.725244][T14269] Code: 8d 7e 50 4c 89 f8 48 c1 e8 03 42 80 3c 20 00 74 08 4c 89 ff e8 35 d5 98 ff 49 8b 37 48 c7 c7 20 d8 de 8a 89 da e8 74 54 0a ff <0f> 0b 4c 8b 74 24 08 4c 8b 7c 24 10 e9 ab fe ff ff e8 be f5 3f 08
[  947.744908][T14269] RSP: 0018:ffffc900051af1a0 EFLAGS: 00010246
[  947.751025][T14269] RAX: 9c884b8351678b00 RBX: 0000000000000000 RCX: 0000000000080000
[  947.759026][T14269] RDX: ffffc9000bfe9000 RSI: 000000000004b834 RDI: 000000000004b835
[  947.767045][T14269] RBP: ffffc900051af298 R08: ffff8880b8e28c13 R09: 1ffff110171c5182
[  947.775055][T14269] R10: dffffc0000000000 R11: ffffed10171c5183 R12: dffffc0000000000
[  947.783063][T14269] R13: ffff8880780dd4a8 R14: ffff8880780dd2b0 R15: ffff8880780dd300
[  947.791091][T14269]  ? ext4_xattr_list_entries+0x3d0/0x3d0
[  947.796803][T14269]  ? ext4_xattr_inode_iget+0x3df/0x600
[  947.802315][T14269]  ext4_xattr_set_entry+0xcda/0x1e90
[  947.807666][T14269]  ext4_xattr_ibody_set+0x254/0x6a0
[  947.812921][T14269]  ext4_expand_extra_isize_ea+0x1398/0x1e80
[  947.818909][T14269]  __ext4_expand_extra_isize+0x306/0x400
[  947.824601][T14269]  __ext4_mark_inode_dirty+0x45d/0x6e0
[  947.830140][T14269]  ext4_evict_inode+0x7f3/0xea0
[  947.835034][T14269]  ? _raw_spin_unlock+0x28/0x40
[  947.839929][T14269]  ? ext4_inode_is_fast_symlink+0x390/0x390
[  947.845871][T14269]  ? do_raw_spin_unlock+0x121/0x230
[  947.851160][T14269]  ? ext4_inode_is_fast_symlink+0x390/0x390
[  947.857114][T14269]  evict+0x4ca/0x8d0
[  947.861052][T14269]  ? proc_nr_inodes+0x230/0x230
[  947.865936][T14269]  ? do_raw_spin_unlock+0x121/0x230
[  947.871218][T14269]  ? _raw_spin_unlock+0x28/0x40
[  947.876107][T14269]  ? iput+0x706/0x920
[  947.880135][T14269]  ext4_orphan_cleanup+0xbec/0x1420
[  947.885389][T14269]  ? ext4_orphan_del+0xbf0/0xbf0
[  947.890396][T14269]  ? ext4_register_li_request+0x183/0x940
[  947.896178][T14269]  ? errseq_check_and_advance+0x66/0x120
[  947.901870][T14269]  ext4_fill_super+0x5eea/0x67b0
[  947.906872][T14269]  ? ext4_parse_test_dummy_encryption+0xb0/0xb0
[  947.913179][T14269]  ? __might_sleep+0xe0/0xe0
[  947.917817][T14269]  ? read_lock_is_recursive+0x20/0x20
[  947.923231][T14269]  ? snprintf+0xe9/0x140
[  947.927522][T14269]  ? down_read_killable+0x340/0x340
[  947.932771][T14269]  ? setup_bdev_super+0x56b/0x660
[  947.937833][T14269]  get_tree_bdev+0x3f3/0x520
[  947.942463][T14269]  ? vfs_parse_fs_string+0x170/0x170
[  947.947791][T14269]  ? ext4_parse_test_dummy_encryption+0xb0/0xb0
[  947.954076][T14269]  ? setup_bdev_super+0x660/0x660
[  947.959142][T14269]  ? apparmor_capable+0x137/0x1a0
[  947.964218][T14269]  ? bpf_lsm_capable+0x9/0x10
[  947.968935][T14269]  ? security_capable+0x89/0xb0
[  947.973820][T14269]  vfs_get_tree+0x8c/0x280
[  947.978269][T14269]  do_new_mount+0x24b/0xa40
[  947.982807][T14269]  __se_sys_mount+0x2e7/0x3d0
[  947.987582][T14269]  ? __x64_sys_mount+0xc0/0xc0
[  947.992408][T14269]  ? lockdep_hardirqs_on+0x98/0x150
[  947.997643][T14269]  ? __x64_sys_mount+0x20/0xc0
[  948.002476][T14269]  do_syscall_64+0x55/0xa0
[  948.006925][T14269]  ? clear_bhb_loop+0x40/0x90
[  948.011646][T14269]  ? clear_bhb_loop+0x40/0x90
[  948.016374][T14269]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  948.022301][T14269] RIP: 0033:0x7fe76259e04a
[  948.026751][T14269] Code: 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  948.046403][T14269] RSP: 002b:00007fe7634c1e58 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  948.054858][T14269] RAX: ffffffffffffffda RBX: 00007fe7634c1ee0 RCX: 00007fe76259e04a
[  948.062859][T14269] RDX: 0000200000000180 RSI: 0000200000000000 RDI: 00007fe7634c1ea0
[  948.070870][T14269] RBP: 0000200000000180 R08: 00007fe7634c1ee0 R09: 0000000000000000
[  948.078874][T14269] R10: 0000000000000000 R11: 0000000000000246 R12: 0000200000000000
[  948.086876][T14269] R13: 00007fe7634c1ea0 R14: 000000000000047a R15: 00002000000001c0
[  948.094903][T14269]  </TASK>
[  948.098538][T14269] Kernel Offset: disabled
[  948.103059][T14269] Rebooting in 86400 seconds..