last executing test programs:

4m27.019676927s ago: executing program 1 (id=290):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000500000085000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000040)='netlink_extack\x00', r0}, 0x10)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = socket(0x400000000010, 0x3, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000bc0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0x2}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x0, 0x3}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000004400)=@newtfilter={0x24, 0x2c, 0xd27, 0x30bd29, 0x25dfdc00, {0x0, 0x0, 0x0, r4, {0x0, 0x4}, {}, {0x8}}}, 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

4m23.752456969s ago: executing program 1 (id=295):
r0 = socket(0xa, 0x5, 0x0)
symlinkat(&(0x7f0000001040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000640)='./file0\x00')
socket$inet(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10)
syz_emit_ethernet(0xd2, &(0x7f0000000040)={@local, @multicast, @void, {@ipv6={0x86dd, @udp={0xa, 0x6, "001d00", 0x9c, 0x11, 0x0, @local, @local, {[], {0x4e1d, 0x4e20, 0x9c, 0x0, @wg=@initiation={0x1, 0x3, "4b168aa2b91bfec01b5a57dc49dfd8ab7f56eadf3c022d7e34658e2217e2898b", "3aad5f2d546b1c9edfe42efc42a1a994f403d6d11a7e6e56acebe4ed14ee1492d65c23b3f7b8cd913df92f6ff3e3763d", "4eb91c45055f804f693c63782e99be4f59f137811deac225c993b5c6", {"fb45e24f4afcbaf166d2a058a154c25c", "2d334ce9dea13327d6c7afc403c039ef"}}}}}}}}, 0x0)
r1 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000), 0x20040, 0x0)
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(r1, 0xc0189374, &(0x7f0000000040)={{0x1, 0x1, 0x1018, 0xffffffffffffffff, {0x1}}, './file0\x00'})
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x10)
sendmsg$NFT_BATCH(r3, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)={{0x14, 0x10, 0x1, 0x0, 0x0, {0xa}}, [@NFT_MSG_NEWRULE={0x70, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x44, 0x4, 0x0, 0x1, [{0x40, 0x1, 0x0, 0x1, @inner={{0xa}, @val={0x30, 0x2, 0x0, 0x1, [@NFTA_INNER_FLAGS={0x8, 0x3, 0x1, 0x0, 0x7}, @NFTA_INNER_HDRSIZE={0x8, 0x4, 0x1, 0x0, 0x400000f}, @NFTA_INNER_NUM={0x8, 0x1, 0x1, 0x0, 0x2400}, @NFTA_INNER_EXPR={0x14, 0x5, 0x0, 0x1, @payload={{0xc}, @val={0x4}}}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x3}}}, 0x98}}, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f0000000280)={0x0, 0x1c, &(0x7f0000000000)=[@in6={0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x9}]}, &(0x7f00000002c0)=0x10)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r2, 0x84, 0x83, &(0x7f0000000000)=@assoc_value={<r4=>0x0}, &(0x7f00000010c0)=0x8)
getsockopt$inet_sctp_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f0000000140)={r4, @in={{0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x39}}}}, &(0x7f0000000080)=0x84)

4m22.267637949s ago: executing program 1 (id=300):
syz_usb_connect(0x5, 0x428, &(0x7f0000000000)=ANY=[@ANYBLOB="120110033f072308560829acd563010203010902160401070690050904fc090b6370dd04090509100800067f1883024695596fa011f06eed12798527d0ebd2062ae169724b0a2e85e416384458a381a0479543fdbcc34827c1d4a96ee818f13d725f38e74f6819623dc5515cc4114380b76f5e61da1dc5bc29fd6e333384fc0787fb9a7a672d695935b3004eb161f8a3f00092a48b4f194c6076ddc02c5c8b5a92df932b2729567bdf0ac8bb503196d507250101ff0100090509000800077f0431306ea328e575ce2a148959bb52b6b7f83aff48c6e2b974ccb60bad033d2007e3f243130bf7b27184d06ce28525f64947090507010004060608072501830b00800725010105fdff09050f10000410a8000905070340008000064b21bf13fd2b509254e71aa00d4ef2bcb8653cf9899f29427865bd4a13105fb845e9ef2319d2fbf807054bfd582675054d141c9b9482e23209b8b4d536f613ac8cabeafe75cfdf7b0b085609050b100004019102c330a2a57b07148b806e5a377a7a2e4db8ccd98950462ced2a4315788c2c29bb4890daba0e24883caf23a3c2358219b6a47d82aba98e5b87b15ee10d1c0b196d712b4ffc094dbc829689c7bbd474f18b18ef0fa9670fff987b461c28fa1a4b6d83998d833e0c41147e6c86d32aacefc3a3a8842ccac2cc1819ae41fc8e502b66f3bfa0328ad4245a1bd5f2a39693ac5600f68db9ce8be8b77404101cd535e25b42cfb4116fc23c93130b567802e86bb779e163aa2cbd23264a006157c57a3dc9127a4f9d09050c0200047f0307072501000d36020725010308000009050b050004b60040072501806f0500ce1041cd0c82cac393410262b57899b6f935db166d60b1b31d74e43cf4a1a22a1711483be176d5932ab14f561087304018e6da2fd52f0320393e28e9c3f319f0c78a298bd43e217ab69b585a3810e43b9ded059b2f03e7c07e833932368aff8432c973931045c0cb81eb7c1d3b47278094a3f914c17696f276569e02c22084548b73cfa786dd1b6678fce919530cbf19714a45c251fc90dcc6b0bdab47620d2dca22f8701d70897dc1423eb059e77fb3de0b58565d6b395fd0e87746c01bf8742c905072e16e86b4c16a84149877090580100002020eaf09050302ff03390100313bbe0ec15c85c7972b2d4bc19c08ce2bf27043ff727ef7ee61c0546c98e7eb413f64a0238a5378f239a353f5cd67459f0725010008470009050b13000000bb01a809c7d9aab6a362dcd9f33e4aee95a5619843a0276f7207bea1d51bdcb9b2d96c742d8d5fb2a49e817f0ef8ee751b9e6c62b3e33b473ca0f02823c625314fb69b7242c64b2ffe33968e35682b53578ecd08876770b1cccb4c35f5f151911927ddd60aaa70e5371595f08c15f3764e07036055f05500f0e84b1b837ad226bd361e170667067e856bae507d27c43e914f2d9acc45ff197d4f8cadef11f533f0c770f6d6ea2fec2677072501860c03"], &(0x7f0000001380)={0x0, 0x0, 0x0, 0x0})
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000300), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_TRAP_POLICER_GET(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f00000000c0)={0x3c, r1, 0x1, 0x3, 0x0, {0x33}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}}]}, 0x3c}}, 0x20000040)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x34, 0x34, 0x2, [@array={0x0, 0x0, 0x0, 0x3, 0x0, {0x3, 0x3, 0xfffffffe}}, @int={0x0, 0x0, 0x0, 0x1, 0x5, 0x20}, @union={0x0, 0x0, 0x0, 0xb, 0x0, 0x2}]}}, 0x0, 0x4e}, 0x20)
readv(r0, &(0x7f0000000940)=[{&(0x7f0000000680)=""/236, 0xec}, {&(0x7f0000000780)=""/10, 0xa}, {&(0x7f00000007c0)=""/142, 0x8e}, {&(0x7f0000000880)=""/80, 0x50}, {&(0x7f00000013c0)=""/4096, 0x1000}, {&(0x7f0000000900)=""/3, 0x3}, {&(0x7f00000023c0)=""/4096, 0x1000}], 0x7)
syz_usb_connect$uac1(0x4, 0xd7, &(0x7f0000000440)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x1d6b, 0x101, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0xc5, 0x3, 0x1, 0x10, 0x60, 0x2, {{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, {{0xa, 0x24, 0x1, 0xafa7, 0x2}, [@feature_unit={0xb, 0x24, 0x6, 0x2, 0x5, 0x2, [0x5, 0x0], 0xb}]}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {[@format_type_ii_discrete={0xa, 0x24, 0x2, 0x2, 0x8, 0x4, 0x9, '|'}, @format_type_ii_discrete={0xf, 0x24, 0x2, 0x2, 0xfffb, 0x1000, 0x6, "627730188d9d"}, @format_type_ii_discrete={0xe, 0x24, 0x2, 0x2, 0x10, 0x4, 0x6, "05b983a4bf"}, @as_header={0x7, 0x24, 0x1, 0x8, 0x9, 0x1001}]}, {{0x9, 0x5, 0x1, 0x9, 0x8, 0x0, 0x7, 0x8, {0x7, 0x25, 0x1, 0x80, 0x9, 0x4}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {[@as_header={0x7, 0x24, 0x1, 0xb, 0x4, 0x4}, @format_type_i_continuous={0xa, 0x24, 0x2, 0x1, 0x7, 0x1, 0x2, 0x5, "24d5"}, @format_type_ii_discrete={0x12, 0x24, 0x2, 0x2, 0x8, 0x400, 0xf7, "cb253b388ebafbc683"}, @format_type_i_continuous={0xa, 0x24, 0x2, 0x1, 0x7, 0x1, 0x7, 0xe, 'E', "ea"}]}, {{0x9, 0x5, 0x82, 0x9, 0x40, 0xfd, 0x0, 0x5, {0x7, 0x25, 0x1, 0x2, 0x1, 0x1}}}}}}}]}}, &(0x7f0000000640)={0xa, &(0x7f0000000540)={0xa, 0x6, 0x110, 0xf5, 0xfb, 0x7, 0xff, 0xd}, 0x2b, &(0x7f0000000580)=ANY=[@ANYBLOB="050f2b000314100401f65066d66001447ed7433af0ee9cdbb20b100108c3000b070500000710020c413bbe"], 0x2, [{0x4f, &(0x7f00000009c0)=@string={0x4f, 0x3, "77588469d78d3511b1b90d0f8a5faedf72d3d08e8412c446e27e6fe145e3aea8bdd032a1f05f32268a6b7d466677b94117c509b537a9326ce90a69d22c6d0e0c02f0243ffc1efebeac68e23d40"}}, {0x4, &(0x7f0000000600)=@lang_id={0x4, 0x3, 0x44e}}]})

4m20.011958911s ago: executing program 1 (id=309):
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x804810, &(0x7f0000000b80)={[{@init_itable}, {@usrjquota}, {@nobh}, {@resuid}]}, 0x26, 0x756, &(0x7f00000002c0)="$eJzs3M1rXOUaAPDnnGaafuTeyYUL9+pChBZaKD1Jmk27aty4KxQKbmtITkLISSZkJrUTC7auhdpsFARR1y7dCqX+Ae6koOBeEK1xIW5GzuSjNGam0ybpSPr7wcl53vP1vE/m8GYO5D0BvLReL38kEUMRcTUiqpvb04g42o6ORdzeOG790a2pckmi1br2S1KeFuut6va1ks31yWifEv+PiAeViHPv/z1vvbk6P1kU+fJme6SxsDRSb66en1uYnM1n88Wx8UujF8fHL46OP7WG//VY6+m3Lh2/9+2ba2vffdW4+9rA+SQm2nXHZm09XuaZbPxOKjGxY/viQSTro6TfHQAAoCfl9/wjETHQ/pZajSPtCAAAADhMWoMtAAAA4NBLot89AAAAAA7W1v8BbM3tPah5sJ38/EZEDO+Wf6A9hzjiWFQi4sR68sTMhGTjNNiT23ci4v7Ezvvvi/IOu73Ha4/uaD85R/roHq/Ofrhfjj8Tu40/6fb4E7uMPwNb707Yo87j3+P8RzqMf1d7zPH1p69UOua/E/HqwG75k+38SYf8b/eY/+7aB/c67Wt9HnFm178/yRO5urwfYmJmruj6+oEHf5592K3+E53yJ93rX+qx/nfXf5vvNJaU+c+e6v7575a/vCc+3OxHGhH3Ntdle21HjlML33/Trf7piNbzfP6f9Vj/j18O3uzxUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGhLI2IokjTbjtM0yyJORsR/40Ra1OqNczO1lcXpcl/EcFTSmbkiH42I6kY7Kdtj7fhx+8KO9nhE/OeH4xtJ54o8m6oV0/0uHgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG0nI2IokjSLiDQifq+maZZFDPRw7uAL6B8AAACwT4b73QEAAADgwHn+BwAAgMPveZ//k33uBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHCoXb1ypVxa649uTZXt6RvNlfnajfPTeX0+W1iZyqZqy0vZbK02W+TZVG3hadcrarWlsUuxcnOkkdcbI/Xm6vWF2spi4/rcwuRsfj2vvJCqAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeFZD7SVJs4hI23GaZlnEvyJiOCrJzFyRj0bEvyPiYbUyWLbH+t1pAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9l29uTo/WRT5skAgeGHBexHxD+hGl6DfIxMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP1Qb67OTxZFvlzvd08AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADor/SnJCLK5Uz19NDOvUeTP6rtdUS888m1j25ONhrLY+X2X7e3Nz7e3H6hH/0HAACAl8LlZzl46zl96zkeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgV/Xm6vxkUeTLewsuR3O1lXQ4pt81AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAz+evAAAA//8KQsc4")
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r0, &(0x7f0000004200)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000540)=ANY=[], 0x4c}, 0x1, 0x0, 0x0, 0x84}, 0x8851)
r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x8042, 0x0)
write$P9_RSTATu(r1, &(0x7f0000000580)={0x208, 0x2, 0x0, {{0x500, 0xf8, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0, 0x1b, '\x04nodev{evoo~\x059\xc6\x00\x05\x00\x007\xd9:\x8b\x92\x00\x00\x00', 0x38, 'pJ\x86\xce\xc6\x02\x00}\xfag>\xff\xeb\t\xb55\x1f[\xde\x05@\x00\x00\x00\x00\x18{\x82\x00\xb5\x00\x00+Y_\xcb\x14\x03CT\xb9\xfd\x9e\xf1\x96\xa5\x1c\xd5\x15z\xdc\x81\x03\xb4\x94\xe1', 0x1d, '\xd2\x99\x98\x80\x14\x98l\xe9\x82\xcf\xc2m\xd7\xc5\x00\xf0L\xd8_*p\xf5\xe9\x93\x0e\x97\xa5\x9ad', 0x55, '\xf8\xf6i\xfbqm\xcf1^\xca\xf3\x85@\x9a\xc6[\x94\bg\x8c,;\x9e\x1dR\xc3l\xde{\xa4\xa4\x00\xb4\xb0\xb4\xf1t\xa6f\xa8R\x9aE\x1b4\a\xdb\xda\xb2\x88K\xaf\x05\x00\x00\x00\x00\x00\x00\x00G\xec!\xca\xbf\xf2\x0f\x9c\x1c\xbe6\xf4\xfd\x1aL\xc2\x80\xe8\xe2\x89\xdad\x9a7\x00'}, 0x12c, 'odev/n\xb1{#\x00\xf9\xda\xa5\xee#&n\xcf\x85\xfe\xa6^B\xd9y\xa3\xfd\xe5\xf4u\xda\xf0;\x11r\xd9{\xad\xc7\tZ\xfdv\xfeO\x04A\xf7\xf7t\x1e\xac\x03\x00\x00\xec\xff\x00\x00\xdb\xa0\xc2\xf7\xf0\x9f\xf5<~M\x1a\xd6n-\a\x01\x98\x01\x9f0\x11\x84G\xaa\x9at\xf5\x16\x85\xf5\x06\xae\x89H\x06\x87\x82g\xd5\xa1)\x8dy,J7\xf2\xe1\xcb\xbd$\x82\x92\x9a\r\x89r\xb5\xcfs.\xa5\xb0\xd7#\x85\x9d\xba?\x93\xae\xd3\xb4.\xe7\xca\xc0}\xe0\x9d\x1dh\xa6\x033\xa8\x82F}+1\xaa\xcd\xf9\x18\x85I\xb1\x12]lL\x9b\x18\xc2\xfbV\xc5}}\xc6&\xe49\a\x96\xa1\xebH\'Fi\xab\x13\xf8\xb1\x1d\x14`Y\xf3\x10\xe2cMY?\xece\xd5)\xf3\x82\x06fd\xdf$NL\x90W\np\x04\x9f9\x9f\x06\x1fu\xb7y|\xe1\xfe\x11\xea\x91\x96\t\xd5\x1aA\xdd=\xe3\x04\xbd|~\xd0\xa4V\xf0\xae\x12Qa\x05\xc9\xce\x88}\xf5\xa6\xe0\xb6\xa7}Yl\xf8\x8b\xa6\xe5\xc69|}P!\xd7\x98\x95(\xfd\x179\xe1\xc2\xd8\x7f\xff\x00'/300}}, 0x239)
preadv(r1, &(0x7f0000000500)=[{&(0x7f0000000400)=""/246, 0xf6}, {0x0}], 0x2, 0x4, 0x1)
chdir(&(0x7f00000001c0)='./file0\x00')
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000a40)={{0x1, 0x1, 0x18, <r2=>r0}, './file0\x00'})
ioctl$MEDIA_IOC_G_TOPOLOGY(r2, 0xc0487c04, &(0x7f0000000f00)={0x0, 0x4, 0x0, &(0x7f0000000d00)=[{}, {}, {}, {}], 0x249249249249337, 0x0, &(0x7f0000000a80)=[{}, {}], 0x3, 0x0, &(0x7f0000000bc0)=[{}, {}, {}], 0x3, 0x0, &(0x7f0000000e80)=[{}, {}, {}]})
r3 = add_key$user(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x0}, &(0x7f00000000c0)="ff", 0x1, 0xffffffffffffffff)
r4 = add_key$keyring(&(0x7f0000000540), &(0x7f0000000180)={'syz', 0x2}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r4, 0x0, 0x0)
keyctl$KEYCTL_MOVE(0x1e, r3, 0xffffffffffffffff, r4, 0x0)
newfstatat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140), 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x86400, 0x0)
fchdir(0xffffffffffffffff)
r6 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f00090581d7"], 0x0)
syz_usb_control_io$hid(r6, 0x0, 0x0)
syz_usb_control_io$hid(r6, &(0x7f00000002c0)={0x24, 0x0, 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="00220f000000540b4550182195f57584b3"], 0x0}, 0x0)
r7 = syz_open_dev$hiddev(&(0x7f0000000540), 0x0, 0x0)
ioctl$HIDIOCGUSAGE(r7, 0xc018480b, &(0x7f0000000040)={0x3, 0xffffffff, 0x5, 0xfffffff2, 0x2, 0x3})
syz_usb_connect$cdc_ecm(0x2, 0x5e, &(0x7f00000001c0)={{0x12, 0x1, 0x0, 0x2, 0x0, 0x0, 0x10, 0x525, 0xa4a1, 0x40, 0x0, 0x0, 0xffffffffffff8001, 0x1, [{{0x9, 0x2, 0x4c, 0x1, 0x1, 0x0, 0x0, 0x3, [{{0x9, 0x4, 0x0, 0x0, 0xff, 0x2, 0x2, 0x0, 0x0, {{0x5}, {0x5}, {0xd}, [@mdlm_detail={0x4, 0x24, 0x13, 0x5}, @mdlm_detail={0x4}]}, {[{{0x9, 0x5, 0x81, 0x3, 0x20}}], {{0x9, 0x5, 0x82, 0x2, 0x20}}, {{0x9, 0x5, 0x3, 0x2, 0x8}}}}}]}}]}}, 0x0)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r8 = gettid()
ioctl$DRM_IOCTL_ADD_CTX(0xffffffffffffffff, 0xc0086420, &(0x7f0000000c40)={<r9=>0x0})
ioctl$DRM_IOCTL_GET_SAREA_CTX(r5, 0xc010641d, &(0x7f0000000fc0)={r9, &(0x7f0000000f80)=""/55})
r10 = syz_open_procfs(r8, &(0x7f00000001c0)='timers\x00')
sendfile(r10, 0xffffffffffffffff, &(0x7f0000000280)=0x7, 0x1e6)
exit(0x0)
bpf$MAP_CREATE(0x800000000000000, &(0x7f0000000c80)=@base={0xc, 0x4, 0x4, 0x80010000}, 0x48)

4m15.113046783s ago: executing program 1 (id=318):
r0 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
mount$9p_fd(0x0, &(0x7f00000001c0)='.\x00', &(0x7f0000000180), 0x0, &(0x7f0000000300)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000dfff75390000000000000000850000007d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='io_uring_register\x00', r2}, 0x10)
r3 = syz_io_uring_setup(0x4b5, &(0x7f0000010400)={0x0, 0xffea, 0x8, 0x8}, &(0x7f0000010080), &(0x7f0000000000))
io_uring_register$IORING_REGISTER_BUFFERS(r3, 0x0, &(0x7f0000010300)=[{0x0}], 0x1)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r3, 0x10, &(0x7f00000000c0)={0x2000000, 0x0, &(0x7f0000000540)=[{0x0}], 0x0, 0x1}, 0x20)

4m13.934411747s ago: executing program 1 (id=322):
r0 = syz_usb_connect(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="120100003d37d840890457e00000000000010902240003000000000904"], 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000800)={0x84, &(0x7f00000003c0)=ANY=[@ANYBLOB='A! \x00\x00\x00'], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

4m9.857365337s ago: executing program 32 (id=322):
r0 = syz_usb_connect(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="120100003d37d840890457e00000000000010902240003000000000904"], 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000800)={0x84, &(0x7f00000003c0)=ANY=[@ANYBLOB='A! \x00\x00\x00'], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

1m17.690456082s ago: executing program 3 (id=740):
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x21c0, 0x103)
ioctl$VIDIOC_CREATE_BUFS(0xffffffffffffffff, 0xc100565c, &(0x7f0000000000)={0x5, 0x3, 0x2, {0x2, @sliced={0xfffa, [0x2, 0x4, 0x8000, 0xa, 0x5, 0xa, 0x1, 0x1, 0x9, 0xe, 0xffff, 0x6, 0x7, 0x6, 0x6, 0x0, 0x5, 0x0, 0x6, 0x8000, 0x0, 0xfffc, 0xe6, 0xd, 0x9, 0xfff2, 0xf6d, 0x1, 0x31, 0x0, 0x1, 0x735e, 0x1, 0x8, 0x31, 0x68, 0x6, 0x4, 0x9, 0x9, 0x0, 0x81, 0x1ff, 0x4191, 0x6, 0x101, 0x8, 0x44], 0x6}}, 0x8})
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f00000029c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c00000010000107000000000000fd000a00000006"], 0x1c}}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000240)='./file0\x00', 0x402, &(0x7f0000001a00)={[{@iocharset={'iocharset', 0x3d, 'koi8-ru'}}, {@errors_continue}, {@umask={'umask', 0x3d, 0x5}}, {@errors_remount}, {@zero_size_dir}, {@discard}, {@allow_utime={'allow_utime', 0x3d, 0x8}}, {@iocharset={'iocharset', 0x3d, 'iso8859-13'}}, {@allow_utime={'allow_utime', 0x3d, 0x4}}, {}]}, 0x1, 0x151e, &(0x7f0000007640)="$eJzs3AucT9XaOPDnWWvtMSbp1ySXYa31bH7JZZkkySVJLkmSJEluCUmTHElIDLklDUlILkNyGUJymZg07ve7JCRJkyQhuSXr/5ni73TqvOec9/Qe7+ed5/v57I/1zN7P2s/+PbNnXzDfdh1Wq0nt6o2ICP4t+OsfyQAQCwCDAOAaAAgAoHx8+fjs9bklJv97O2F/rofSrnQF7Eri/uds3P+cjfufs3H/czbuf87G/c/ZuP85G/efsZxsy4xC1/KScxd+/5+T8fX//4aLJx98ua7M9d0AYv7ZPO5/zsb9/z8r+Gc24v7nbNz/nCr2ShfA/hfg8z8nyPV313D/czbuP2M52ZV+/3ylF4jk7M/gSn//McYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhjLGc74yxQAXBpf6boYY4wxxhhjjDH25/G5rnQFjDHGGGOMMcYY+5+HIECCggBiIBfEQm6IAwEAV0NeuAYicC3Ew3WQD66H/FAACkIhSIDCUAQ0GIgBghCKQjGIwg1QHG6EElASSkFpcFAGEuEmKAs3Qzm4BcrDrVABboOKUAkqQxW4HarCHVAN7oTqcBfUgJpQC2rD3VAH7oG6cC/Ug/ugPtwPDeABaAgPQiN4CBrDw9AEHoGm8Cg0g+bQAlpCq/9W/gvQE16EXtAbkqEP9IWXoB/0hwEwEAbByzAYXoEh8CqkwFAYBq/BcHgdRsAbMBJGwWh4E8bAWzAWxsF4mACpMBEmwdswGd6BKTAVpsF0SIMZMBPehVkwG+bAezAX3od5MB8WwEJIhw9gESyGDPgQlsBHkAlLYRkshxWwElbBalgDa2EdrIcNsBE2wWbYAlthG2yHHfAx7IRPYBd8CrthD+yFz2AffP4v5p/+m/xuCAgoUKBChTEYg7EYi3EYh3kwD+bFvBjBCMZjPObDfJgf82NBLIgJmIBFsAgaNEhIWBSLYhSjWByLYwksgaWwFDp0mIiJWBZvxnJYDstjeayAFbAiVsJKWAWrYFWsitWwGlbH6lgDa2AtrIV3493YB+tiXayH9bA+1r/0egobYSNsjI2xCTbBptgUm2EzbIEtsBW2wtbYGttgG2yH7bA9tscO2AGTMAk7YkfshJ2wM3bGLtgFu2JX7IbdsXvWC7kAX8QXsTfWEH2wL/bFfpiSawAOxIH4Mg7GV/AVfBVTcCgOw9fwNXwdR+ApHImjcDSOxqriLRyL45DEBEzFVJyEk3AyTsYpOBWn4nRMwxk4E2fiLJyNs/E9nIvv4/s4H+fjQkzHdFyEizEDM3AJnsZMXIrLcDmuwJW4AlfjGlyN63A9rsONuBE342bciltxO27Hj/Fj/AQVAH6Ke3APpuA+3If7cT8ewAN4EA9iFmbhITyEh/EwHsEjeBSP4jE8jifwOJ7Ek3gKT+MZPIPn8Byex+cSvm78Scm1KSCyKaFEjIgRsSJWxIk4kUfkEXlFXhEREREv4kU+kU/kF/lFQVFQJIgEUUQUEUYYQSKMAQARFVFRXBQXJUQJUUqUEk44kSgSRVlRVpQT5UR5cauoIG4TFUUl0dZVEVVEVdHOVRN3iuqiuqghaopaoraoLeqIOqKuqCvqiXqivqgvGogHREPRBwfgQyK7M03EUGwqhmEz0VzIiz/BWosR2Ea0Fe3EE2IUjsQOorVLEk+LjmIsdhJ/EePwWdFFTMCu4nnRTXQXPcQLoqdo43qJ3mIK9hF9xXTsJ/qLAWKgmIU1xXs4N3ct8apIEUPFMPGaWIivixHiDTFSjBKjxZtijHhLjBXjxHgxQaSKiWKSeFtMFu+IKWKqmCamizQxQ8wU74pZYraYI94Tc8X7Yp6YLxaIhSJdfCAWicUiQ3woloiPRKZYKpaJ5WKFWClWidVijVgr1on1YoPYKDaJzWKL2Cq2ie1ih/hY7BSfiF3iU7Fb7BF7xWdin/hc7BdfiAPiS3FQfCWyxNfikPhGHBbfiiPiO3FUfC+OiePihPhBnBQ/ilPitDgjzopz4idxXvwsLggvQKIUUkolAxkjc8lYmVvGyatkHhlc/HSvlfHyOplPXi/zywKyoCwkE2RhWURqaaSVJENZVBaTUXmDLC5vlCVkSVlKlpZOlpGJ8iZZVt4sy8lbZHl5q6wgb5MVZSVZWVaRt8uq8g4JkV/3UUPWlLVkbXm3TIZ7ZF15r6wn75P15f2ygXxANpQPykbyIdlYPiybyEdkU/mobCabyxaypWwlH5Ot5eOyjWwr28knZHv5pOwgn5JJ8mnZUfqL3yLPyi7yOdlVPi+7ye6yh/xZXpBe9pK9JfQB2Ve+JPvJ/nKAHCgHyZflYPmKHCJflSlyqBwmX5PD5etyhHxDjpSj5Gj5phwj35Jj5Tg5Xk6QqXKinCTflpPlO3KKnCqnyekyTc6QAy7ONEfKf5j/9h/kD/ll75vlFrlVbsOLrZCfyF1yl9wtd8u9cq/cJ/fJ/XK/PCAPyIPyoMySWfKQPCQPy8PyiDwij8qj8pg8Ls/KH+RJ+aM8JU/L0/KsPCfPyfMXPwNQqISSSqlAxahcKlblVnHqKpVHXa3yqmtURF2r4tV1Kp+6XuVXBVRBVUglqMKqiNLKKKtIhaqoKqai6oZLVapSqrRyqoxKVDf9K/mquLpRlVAlf5N/qb7kv1NfK9VKtVatVRvVRrVT7VR71V51UB1UkkpSHVVH1Ul1Up1VZ9VFdVFdVVfVTXVTPVQP1VP1VL1UL5WsklVf9ZLqp/qrAWqgGqReVoPVYDVEDVEpKkUNU8PUcDVcjVAj1Eg1Uo1Wo9UYNUaNVWPVeDVepapUNUlNUpPVZDVFTVHT1DSVptLUTDVTzVKz1Bw1R81Vc9U8NU8tUAtUukpXi9QilaEy1BK1RGWqpWqpWq6Wq5VqpVqtVqu1aq1ar9arjWqjylRb1Ba1TW1TO9QOtVPtVLvULrVb7VZ71V61T+1T+9V+dUAdUAfVQZWlstQhdUgdVofVEXVEHVVH1TF1TJ1QJ9RJdVKdUqfUGXVGnVPn1Hl1Xl1QF7Jv+wIRiEAF2VfamCA2iA3igrggT5AnyBvkDSJBJIgP4oN8wfVB/qBAUDAoFCQEhYMigQ5MYANxsenR4IageHBjUCIoGZQKSgcuKBMkBjcFZYObg3LBLUH54NagQnBbUDGoFFQOqgS3B1WDO4JqwZ1B9eCuoEZQM6gV1A7uDuoE9wR1g3uDesF9Qf3g/qBB8EDQMHgwaBQ8FDQOHg6aBI8ETYNHg2ZB86BF0DJo9afO7/2pAo+7zbq3TtZ9dF/9ku6n++sBeqAepF/Wg/Ureoh+VafooXqYfk0P16/rEfoNPVKP0qP1m3qMfkuP1eP0eD1Bp+qJepJ+W0/W7+gpeqqepqfrND1Dz9Tv6ll6tp6j39Nz9ft6np6vF+iFOl1/oBfpxTpDf6iX6I90pl6ql+nleoVeqVfp1XqNXqvX6fV6g96oN+nNeoveqrfp7XqH/ljv1J/oXfpTvVvv0Xv1Z3qf/lzv11/oA/pLfVB/pbP01/qQ/kYf1t/qI/o7fVR/r4/p4/qE/kGf1D/qU/q0PqPP6nP6J31e/6wvaJ99c599eTfKKBNjYkysiTVxJs7kMXlMXpPXREzExJt4k8/kM/lNflPQFDQJJsEUMUVMNjJkipqiJmqiprgpbkqYEqaUKWWccSbRJJqypqwpZ8qZ8qa8qWAqmIqmoqlsKpvbze3mDnOHudPcae4yd5mapqapbWqbOqaOqWvqmnqmnqlv6psGpoFpaBqaRqaRaWwamyamiWlqmppmpplpYVqYVqaVaW1amzamjWln2pn2pr3pYDqYJJNkOpqOppPpZDqbzqaL6WK6mq6mm+lmepgepqfpaXqZXibZJJu+pq/pZ/qZAWaAGWQGmcFmsBlihpgUk2KGmWFmuBluRpgRZqQZZUZnnz7mLTPWjDPjzQSTalLNJDPJTDaTzRQzxUwz00yaSTMzzUwzy8wyc8wcM9fMNfPMPLPALDDpJt0sMotMhskwS8wSk2kyzTKzzKwwK8wqs8qsMWvMOrPObIANZpPZZLaYLWab2WZ2mB1mp9lpdpldZrfZbfaavWaf2Wf2m/3mgDlgDpqDJstkmUPmkDlsDpsj5og5ao6aY+aYOWFOmJPmpDllTpkz5ow5ZwpcvF56E2tz2zh7lc1jr7Z57TX2b+OCtpBNsIVtEattflvgN7Gx1pawJW0pW9o6W8Ym2pt+F1e0lWxlW8XebqvaO2y138V17D22rr3X1rP32dr27t/E9e39toF9xDZEBLDNbWPb0jaxj9im9lHbzDa3LWxL294+aTvYp2ySfdp2tM/8Ll5kF9s1dq1dZ9fb3XaPPWPP2sP2W3vO/mR72d52kH3ZDrav2CH2VZtih/4uHm3ftGPsW3asHWfH2wm/i6fZ6TbNzrAz7bt2lp39uzjdfmDn2gw7z863C+zCX+LsmjLsh3aJ/chm2gCW2eV2hV1pV9nV/7/W5Xaj3WQ32132U7vNbrc77Md256UbYbvH7rWf2X32c3vIfmMP2C/tQXvEZtmvf4mzj++I/c4etd/bY/a4PWF/sCftj+pSdvax/2B/thest0BIQJIUBRRDuSiWclMcXUV56GrKS9dQhK6leLqO8tH1lJ8KUEEqRAlUmIqQJkOWiEIqSsUoSjfQpfJKUWlyVIYS6SYqSzdTObqFytOtVIFuo4pUiSpTFbqdqtIdVI3upOp0F9WgmlSLatPdVIfuobp0L9WD+6g+3U8N6AFqSA9SI3qIGtPD1IQeoab0KDWj5tSCWlIreoxa0+PUhtpSO3qC2tOT1IGeoiR6mjrSM9SJ/kKd6VnqQs9RV3qeulF36kEvUE96kXpRb0qmPtSXXqJ+1J8G0EAaRC/TYHqFhtCrlEJDaRi9RsPpdRpBb9BIGkWj6U0aQ2/RWBpH42kCpdJEmkRv02R6h6bQVJpG0ymNZtBMepdm0WyaQ+/RXHqf5tF8WkALKZ0+oEW0mDLoQ1pCH1EmLaVltJxW0EpaRatpDa2ldbSeNtBG2kSbaQttpW20nXbQx7STPqFd9Cntpj20lz6jffQ57acv6AB9SQfpK8qir+kQfUOH6Vs6Qt/53vQ9HaPjdIJ+oJP0I52i03SGztI5+onO0890gTxBiKEIZajCIIwJc4WxYe4wLrwqzBNeHeYNrwkj4bVhfHhdmC+8PswfFggLhoXChLBwWCTUoQltSGEYFg2LhdHwhrB4eGNYIiwZlgpLhy4sEyaGN4Vlw5vDcuEtYfnw1rBCeFtYMawUPnJflfD2sGp4R1gtvDOsHt4V1ghrhrXC2uHdYZ3wnrBueG9YL7wvLBfeHzYIHwgbhg+GjcKHwsbhw2GT8JGwafho2CxsHrYIW4atwsfC1uHjYZuwbdgufCJsHz4ZdgifCpPCp8OO4TO/rL9/8d9fnxz2CfuGL4Uvhd7fKxdEF0bTox9EF0UXRzOiH0aXRD+KZkaXRpdFl0dXRFdGV0VXR9dE10bXRddHN0Q3RjdFN0e9r50LHDrhpFMucDEul4t1uV2cu8rlcVe7vO4aF3HXunh3ncvnrnf5XQFX0BVyCa6wK+K0M846cqEr6oq5qLvBFXc3uhKupCvlSjvnyrhE19K1cq1ca/e4a+PaunbuCfeEe9I96Z5yT7mnXUf3jOvk/uI6u2ddF/ece84977q57q6He8H1dBPz/npOJru+rq/r5/q5AW6AG+QGucFusBvihrgUl+KGuWFuuBvuRrgRbqQb6Ua70W6MG+PGurFuvBvvUl2qm+QmucluspviprhpbppLc2luppvpZrlZrursX/cyz81zC9wCl+7S3SKXfc+Y4Za4JS7TZbplbplb4Va4VW6VW+PWuHVundvgNrhNbpPb4ra4bW6b2+F2uJ1up9vldrnd/ppfJ3X73H633x1wB9xB95XLcl+7Q+4bd9h9646479xR97075o67E+4Hd9L96E650+6MO+vOuZ/cefezu+C8S41MjEyKvB2ZHHknMiUyNTItMj2SFpkRmRl5NzIrMjsyJ/JeZG7k/ci8yPzIgsjCSHrkg8iiyOJIRuTDyJLIR5HMyNLIssjyyIrIyoj3hbeFvqgv5qP+Bl/c3+hL+JK+lC/tnS/jE/1Nvqy/2Zfzt/jy/lZfwd/mK/pKvrJ/1DfzzX0L39K38o/51v5x38a39e38E769f9J38E/5JP+07+if8Z38X3xn/6zv4p/zXf3zvpvv7nv4F3xP/6Lv5Xv7ZN/H9/Uv+X6+vx/gB/pB/mU/2L/ih/hXfYof6of51/xw/7of4d/wI/0oPzrmTT/m0iMyTPCpfqKf5N/2k/07cKef6qf56T7Nz/Az/bt+lp/t5/j3/Fz/vp/n5/sFfqFP9x/4RX6xz/Af+iX+I5/pl156qexX+dV+jV/r1/n1foPf6Df5zX6L3+q3+e1+h//Y7/Sf+F3+U7/b7/F7/Wd+n//c7/df+AP+S3/Qf+Wz/Nf+kP/GH/bf+iP+O3/Uf++P+eP+hP/Bn/Q/+lP+tD/jz/pz/id/3v/sL/D/WWOMMcYY+6dMvDwUv13z6+v8Pn+QI/5q474AcPX2Qll/vT77jnJD/l/H/UVC+wgAPN2760OXlho1kpOTL26bKSEoNh/g0t8EZYuBy/FSaAdPQhK0hbJ/WH9/0f0c/YP5o7cCxP1VTixcji/P/wUAJv/B/I89MXpRhfBM/H8x/3yAEsUu5+SGy/FSaPfL+5W2UO7v1F+g9T+oP/eXqQBt/ionD1yOL9efCI/DM5D0my0ZY4wxxhhjjLFf9ReVO196/rz0Lz7/6Pk8QV3OyQWX43/0fM4YY4wxxhhjjLEr79nuPZ56LCmpbed/fVDtv5X1Tw+awv/UzDz4w4H3AJe+ogDg35wQIHsg/5NHsfU/sq+Ui6fO365acdYH8L+jlX/G4Ar/YGKMMcYYY4z96S7f9P/26+pKFcQYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjOVA/4lfJ3alj5ExxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhi70v5fAAAA//85evzE")
mount$nfs(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x123b058, 0x0)
mknod(&(0x7f0000000280)='./file0\x00', 0x1ffa, 0xfffffffc)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = syz_mount_image$btrfs(&(0x7f00000001c0), &(0x7f0000005600)='./file0\x00', 0x1, &(0x7f0000000000), 0x0, 0x559e, &(0x7f0000005680)="$eJzs3X9sVeX9B/BzWwoN+C39jhUYfxAgBoMkyJYtjqB4MQa24eKlgsKcCEQlBivYRDcYqUWSZcaghU4EF5GQaDJjscM/FMywy7CMZfzY5hZjs4JSaZZsAzVrHDG69N77XO49l9tembNOXy/SnvPcz3me+9yT88d9X/qcGwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAURUcSc9+d0f3i0ZE1X77/Hz+e+OjGn4zfvX/roVvu23T/gjMjbto5a1nf+mlN8zdsbDjS/PS+ObdGUSLdL5Htf9u136q/88bbvlsdBly+MLOtrS31lJmuJzON4QUP9vcr/FkRRVFVbIDK7PbV7E5FwQC53cbiAQf0Tuui6O7J8ya1dT01bklyYU/xS6df9VBPYKhkr6ue89dSMv27InZErp136SUKLtFM//gF96m8CADgY5mZSm9yb0ezb3Fz7eZ4PdZOxtotsXZ4h9CS37gYmXGHl5rnpHh9iOaZzESFESXnGatnz3+unYr3j7VjUeNjzLPw0GykqS41z7Wx+lDNEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOCzZOzxo2tWtD2y575fdtQceff9OVc+8KWOw22LT4y8eunKHWum/HTWsr7105rmb9jYcKT56X1zbo2i2nS/RKZ74kTL5b9NjZ3fvXfcG427n6vpq8yOG7bD8g6OXg87s0ZH0cq8Sk8Y9q81UZQqLKSb0Y7iwl3pnW+HAgAAAJ8nX0n/rsi1M3GwqqCdSKfJRPpfkAmL77Quiu6ePG9SW9dT45YkF/Zc/HipEuMlLzherl17/ieRF4xD/I2Pd74eDm0sGmdg8RHjef7SMWPefmty/eSvT5v7xA3PjOru+r8nZ2xJ/bGu5oUrru+tf/a6ovxfO3D+D2dO/gcAAOA/If/HxxnYYPn/jqVTt7z+i2Grft3a8MTB+h1/bv3OMzsXneq54Ud9L09N3v7o1UX5f1LBUxbl/zDjkP8roovL/wAAAPBZ9t/O/8micQY2WP5vONM3+wcHX6vr+PucxXt+9dAVi8+e/tv8U7t3DV9zR8v6uoeuLMr/M8vL/8Pypx0e/F2Y8OrRUTSz/JMKAAAAFAj/737+o4WQ1zOfHMTz+rX/vKp5380ffPMbD97zpzff/s2xA7MnrdteN/PgyzfVf1j5ve3dRfk/WV7+r/p0Xi4AAABQhuePrpw773jPucfPvtB18vDu3pMznjyzrqnvdOslLatXbTr2WlH+T5WX/0cMzcsBAAAALuDeO59bsfnVl/oe2H/X2Ck9FVc1XpK4ZduOqU0TPuq8tPfy7VuL8v/y8vL/yOw2u/Ih06kz/BVC6+goqu7fWZspHIparskVAAAAgE9IyOlbP1ixbOzOsb3jj59+rObQG4dn/2Vt55yN13RXdW/uXNZ4WdH9AkJiL3X//3Cng7D+v+D+f0Xr//MKmbv+zXZjAAAAAL6Iitfzh9vjZ765oNT375e7/n9J3cQTiba33lv11XMHzo1ZsP/7129aV9/be8+El37/wz9M/6i6KP83l5f/K/O3n+T3/wEAAMBF+F/7/r+lReMMbLD7/zdV9DWsWrd3+uota7csTCw7UH3qwdV731+w5l9Tb36+qea6A0X5v6W8/B+2o/JfXkc4P5tGR9H4/p3s3QR/Hqa7OlZor8orZE58rMeNoUe20D4ir5C2Ntbja6OjaHL/TnOs8P+h0BIrnK3JFnbFCsdCIXs95Ap7YoWOcKVtq8lON154MRSyCyzawwqKUbklEbEe75Xq0V+4YI+u3JMDAAB8oYTwnM2yVYXNKB5l2xODHTBysAMqBjugcrADhsUOiB9Y6vFoeWEhPH575yMbNjVMSb7y8NzHfvbms40T9j1+WV3v5g9f2XbvxJ3TW6YW5f9d5eX/cCqGZzal1v9HYf1/9nsNc+v/l4dCbazQHgqp+B0DUuE5MmH34fActalsj7PjcwUAAAD4XAufC1QO8TwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/s3evcdJVd0JAj/d9INumqaNE9GMk3TUgGakaWwNw+AoaoxGRZpZddxkNBBoEGmE8FgFURtQZxziZ3ztrJnoCAoiu+qHGFeDwUhcxIw6iWLiA/Cxjq7r+h6VGM2E/XTfOkXVrS67EFDa+X7/6DpVv/O89eg69946FwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/xjuPfjlk4YunP0PHzace8nqqqmL/kfH6Mv+cNW3vvjUPy5b9G9h/i9GnLll3kEXHjd/wbR/6Vi++ogzQmjtKleWFC977oqvPtS613HP3jFw48wbb63fUpWpNxMP/Tr/lGfuXBxbfbF/CHeXhVCRDgypSwKVmft1sb5960LYI2wLZEu01SYl0g2HB2pCWBK2BbJVra4JoS4ncMqG+++7vDNxTU0IXwkhVKfbeKY6aaMmHRhUlQRq04HpFUngt1sT2cBPypMA7LD4Zsi+6Fe15mdo6L5ckddf5U7r2KcrPbw+MdFQPN/rR+3iTuWoSj/QukNPW0F17BIFb4+13m294N1WsJ2v8LTlfpHKfEPZui1UHcontk0aP6d9dnykPDQ19SlW0y56np9+e/6E7Un3mtdh7EDDTnkdXvrYiun9lo2+9OrNvxqz4ayaA3a0m0/lbNLc9K5WHTKvuV7zPEajfJ70grdfwbekRl+6Qghbzz17xtfnTDz7iD63PLnu1QcfrNty9pwFvzhz4nmLLj55w7/Pf6lg/t/w0fP/+HKOt+V5uWOrH9Ync/P4SF1MvFmfzM0BAACg1+gNe01Xnv/6X73+/bWtMxed/u23Dj73w71afz3i/gFVB7yxrqn1/I2ff6Vg/t9Y2vH/eMi/Lne0a0MY1ZVYNCCEvbseTwIrY3e+OyCEL3elWvMDR6UCa0PYpytxULaqVIm+sURjKvByfSYwKhVYHwOtqcDyGLgiFbg4BlalAhNiYG0qcHQMhCn54/hqfWYcJQdqYmBcshFXxbMQ3qmPraW21aZsVQAAADtJZnZYmX8351yHHc0Qp5eranrKEM/ALpqhOlVDegabnVYVraGipxrKe6ohO+6Ojx5+Qc1lPdVccBpGWX6GG9f85X2LXjzsC2P3mvj5xUMvmPKz8eGst++uerx5yYtv7XvEzesK5v/NHz3/r+6mI2UFx/9DGNv1N+Yuz0Tas/FxrXkZAAAAgB1w0R//xR61Lw85oGHT+2X3zl/7xKMrfrl5j1NOf3/c8a//8PCaxnsL5v+jSjv/P+4T6ZOTOTwSd0NMHRBCc34gqXZkYSA56t0vEwAAAIDeIHs8PnssfErmNjlFOz2fLszfup3544H/Ud3m//09/7P2jq3/+mLZBd89d0TNgKX/9GrHhBNOPvqW47/1zj4VB/yyvGD+31ra+f+1+bdJJ9bHXlw9IIS+OYEHYy87A10aY+D5I/MDmfGvjxtgcawqc2JCtqrFscS4GGhOBZYUK/FotsTe+YHMk5VtfFF2HFMyJXICAAAA8ImLuwPicfl4/n/LGSNO++vvzfrbha88eN7qCy75q+Ed80eedP/THzbMvXJp2PTmEQXz/3Hbd/5/1zy44PT+9n4hDK0IoU/6hwGP1CYLA8ZAXVkmcW9tUlefdFULa0MY2TmwdFUvZNb/r0ivMfh4TVJVDOy93y1vD+pMLKsJYWhu4IlvLz2sMzEnFcg2flpNCF/qHG268bv6Jo1Xphu/tm8IX8wJZKua0DeEzsaq0lX9r+rMdQzSVa2qDmHPnEC2quHVIcwNAPRW8X/pxNwHZ82dN3V8e3vbzF2YiDvxa8KkKe1tTROmt0+sLtKniak+561jtKBwTKVe+mZTZo2ixSsnV5aSzv5QsDm3rcyO/IIzBzP345ehyq5xHlKZd7clPeQD9y9sIuR8lSo25PJdPOTa3Eq2PYkF9cf8VaFf6DtnVtvMpvPGz549c1jyt9TshyR/43GmZFsNS2+r2u76VsLLo+hyWSkfd1sNyq1k6OxpM4bOmjtvyJRp4ye3TW47p+XQP2sZMXz410YM7RxUc/K3h5EO6q7m1Ei3Li1xWDtxpF+oyKnkk/jQkJCQ6G2J/f7L5odH77n+nOt/9tqPz+/3zdPu3fvImT889KqpD1Xve/ji24ccWDD/n/HR8//4qRM/+DPrMxQ7/t8QD/Mnj287zD8uBpaUevy/odjR/OyJAY2pQEcMdDjMDwAAwGdD3B0Z92bGndKbb1m/buOSlrk/aHin5dY17Utvuum+U39y58ATvjQ47LXhuhM+VzD/7yjt9/87af3/7NL1JxRb5v+gWKK52Pr/6WX+s+v/dxRb/z+9zH92/f8ln8L6/3OygdQmecf6/wAAwGfBJ7f+f4/L+6cvEFCQocfl/dMXCCjI0OMy/qVeIGC71/9f8+Bff6Wq35g7/qTlN/WXvPZ39xzWeuS6zTP/5Etb10+877qxt6wpmP9fUdr838L9AAAAsPv4z5ddU3H02Xff0bJu6sZxbw5+98m3lgzq80HF0Q+3j3xh4Bu3nlcw/19S2vz/k1//LxQ7/7+xWKC12MKA1v8DAACglyq2/t89Q1sa/zCm/x+eHvab5Q/ePPqnj/z898v3+/mJPyvfZ8Gxz8+8bFLB/H9VafP/eNpFeV7u2JsP65M17UJ6Tbs367M/GQAAAIDeoTw0NVWWmDdvYdSjPn6bT2eWAv2odK7vvXLt2ZtfmH7c46ev+7uaEwbvOWHaBasa/2b4gXd+ftQley7ddGrB/H9tafP/vN9lXPrYiun9lo2+9MOrN/9qzIazag7YdvwfAAAA2HVK3S8BAAAAAAAAAAAAAAB8+s7tWHzhI8uOfe+bt//F/kcseXXwbXcd+Lsh/V664qoHJq1648zJXy/4/X8Y21Wu2O//43X/4u8L/igvd2y15/X/MvdPOfH2uV1LFj5SH8L+uYGpC6fuETLX5h+cG7jvjIMGdiYWpkusefbolzoT30kHjh/yuS2dicNTgXFxkcR90oF4VcUt/VOBuLzi4+lA3B6r0oGqTOCy/sk4ytLb6pW6ZFuVpbfVxroQBuQEstvq7rqkjbL0AK9JBbID/F46EAd4ciZQnu7V7f2SXsVAXSx6Q7+kVwAA7Lbit8DKMGlKe1tz/Aofb79QkX8b5S1ZtqCw2rISm9+UWZps8crJlaWk+6S/i2671nhlqO4cwrCCr6u5Wcq6Rrlzaulh0/1RkSH3tNpbeZFyadu76aqKj6gmGVHThOntEyt7HHhLz1kOqegxy7CCyU5ulvKuTVpCLSX0pYQRlbhtSuhyvF8empr6pHL9eQw2hDw9vSJK/b1+7jp/xV4FuXluO/TKt758zE+f++CfP/9E/2+cVnP7rO+/e+KvX7//wEOOuG5C05otBfP/htLm/9W549qSuRhAR7yy3sgBIYwrcUQAAADw2XfbRbfecfr09a9MWlvx5GOPTS0fc3rl1vl3zp93ycZ7Fx9/2cErdjR+2Fm//f5vBu//b89e9dJPR+7zwA03/58nD3v8z3//8I8eeqduZZ+x7xXM/xtLm//HPViZQ8HJ3o618fr/iwaE0HVp/YYksDIO97sDQvhyV6o1lkguqH9CLNGcBFbGHSYHxRLjWvOr6hsDq1KBl+szgbWpwPoYyOyluCVkduVcWR/CYV2psfklZsQSDanAmBhoTAWaYqA5FegfA6NSgdf6ZwKtqcDDMRCm5G+rH/fPbCsAAIDtkZlnVebfDel53qqKnjKU9ZShtqcM5T1lqO4pQ7FRxPt3xAyVqZNXynIyVaZrrUnVUpAhXgx/u/tVkCE8mp8zXbCg6Xj+QfZ8g7L8DFf+4NlT1w+e/tDqzcd8beBt/zhkz4Obp9e9t+CGp3475pzrnv/TQQXz/+bS5v+1+bdJ6+vj/H/b9f+SwIOxe1fHU8cbY+D5I/MDmR0D6+Nkd3G2qtZMicykfXEsMSoGGlOBGTEwKhUYNzYTWDIwP5CZaWcbX5RtfEqmRE4AAAAAPnFxB0HcTRPn/zce9YOr3x8wccuyeTPvH9vyxMmjv3H1XT+6d/9ld767YvCAce99p2D+P6q0+X9sr19uYxfH3rzYP4S7y7b1JhsYUpcE4n6Muvjz+H3rQtgjZwdHtkRbbVKiKtVweKAm+YV6Vbqq1TXJGgPx/ikb7r/v8s7ENTUhfCVn70u2jWeqkzZq0oFBVUmgNh2YXpEE4p6fbOAn5UkAdlh2r2B8QWVOdclq6L5ckdffZ+WaoOnhFewD7SZfd7+52lWq0w9k9qlmbd/TVlAdu0TB22Otd1tvfLc1eLflfpHKfEPZui1UHcontk0aP6d9dnwk95esBXbR85z7K9VS0jvhddjx8Xvbs+p0B5pTHx/N3Zfr/nVYFqu79LEV0/stG33p1Zt/NWbDWTUHlNyNIuIPhX+05X9XPpWzeXe16pB5zfW6z5NWnye98d9Ao6cthHDZ9cfsu+TdX+/33A3Pnbqu7Maxr/7lrHs2Lf+bysNHrXv/yaGjLy+Y/7eWNv+vSN12+V3cmLMGhHBgzsZ9JG7+YwYkn4M5geRTcs/CQHLI/V/ri35yAgAAwM6W3d2R3V8wJXObnBCenicX5m/dzvxxf8WobvOX2u9j121cedLQN6474G8vOPGNv7/28Kceuv6ysnXL//vYD1avuXzxe08UzP/HffT8v2+qm47/O/7PLuL4f7d2913RfdMPdOzQruiC6tglHP/v1u7+bnP8v1uO/zv+3x3H/3vg+H+3dvenreBb0gxfujonwdff+fPfTbzpg7mN+x180lPPHDrxun+6quXuu0555b+de9601761uWD+P6O0+b/1/7pftC+7/t+4Yuv/zSi2/l+H9f8AAIBdqshCc+l5XsHqfQUZ0qv3FWTocYHAHpcYtP7fdq//t3Dkv1904Q+fb7n2nTvHXb5m07Fnvvr0utXPzFpx3Lnnv9V6112tBfP/jtLm//Hl0C+39d6y/l/j2CJVXREDMywMCAAAwO6o2A4CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPl2HnvbO+5d8/R/aBv1ixc1/f+v/+7/P1q594JvfuGn4L6f86RllazZcM+LMLfMOuvC4+Qum/UvH8tVHnBHClK5yZUnxsueu+OpDrXsd9+wdAzfOvPHW+i3VmXorM7d/nJc7tvphfQhLch6pi4k36zvvbAuccuLtcys6E4/Uh7B/bmDqwql7dCaW14cwODdw3xkHDexMLEyXWPPs0S91Jr6TDhw/5HNbOhOHZwJl6e5e1z/pblm6u5f3D2FATiDb3bP751eVbeO4TKA83caKuqSNGKiLRa+tS9qIgfZYYkrfEIZWhNAnXdU/VydV9UlXdU91UlWfdFUXVYcwMoRQka7quaqkqor0yB+tSqqKgb33u+XtQZ2JpVUhDM0NPPHtpYd1JmamAtnG/1NVCF/qfMmkG/9xZdJ4Zbrx/1oZwhdDCFXpEu9VJCWq0iVeqAhhz5zAto1YEcLcwGdD/PSZmPvgrLnzpo5vb2+buQsTVZm2asKkKe1tTROmt0+sTvWpmLKc9NYFH3/sm96eP6HzdvHKyZWlpCsy5Sq7unxIZd7dlt2997FftbmVbHs+CuqP+atCv9B3zqy2mU3njZ89e+aw5G+p2Q9J/vbJRJNtNay3bKtBuZUMnT1txtBZc+cNmTJt/OS2yW3ntBz6Zy0jhg//2oihnYNqTv7ujJEu/eRH+oWKnEo+ife/hIREb0uU5326Ne/un+MFX/S3dbQyVHd9QBdMK3KzlHWNcmcM+qiPOeKP8zWlxxENK5g4FGQ5pOcsLQWTiW1ZapIsXV/rCiaHuTWVd23SeL88NDX1KbYdGvLv5m7e13dg8z6d2XSlpgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+P/swIEAAAAAAJD/ayNUVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYQcOBAAAAACA/F8boaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqgo7cCwAAAAAIMzfOoyeDQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4FAAA//8fSxmR")
r2 = openat$mice(0xffffffffffffff9c, &(0x7f0000000600), 0x940)
sendmsg$IPSET_CMD_FLUSH(r2, &(0x7f0000000700)={&(0x7f0000000640)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000006c0)={&(0x7f0000000680)={0x3c, 0x4, 0x6, 0x401, 0x0, 0x0, {0x2, 0x0, 0x4}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40000}, 0x4040804)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
r4 = epoll_create(0x7)
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r3, &(0x7f0000000040)={0x40002016})
epoll_ctl$EPOLL_CTL_MOD(r4, 0x3, r3, &(0x7f0000000100)={0xe0000002})
poll(&(0x7f00000000c0), 0x0, 0x7)
ioctl$BTRFS_IOC_START_SYNC(r1, 0x80089418, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x4e20, 0x2, @dev={0xfe, 0x80, '\x00', 0x35}, 0x6}, 0x1c)
unshare(0x22020600)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f0000000280)=@filter={'filter\x00', 0xe, 0x4, 0x318, 0xffffffff, 0x0, 0xf8, 0x0, 0xffffffff, 0xffffffff, 0x280, 0x280, 0x280, 0xffffffff, 0x4, &(0x7f0000000200), {[{{@uncond, 0x0, 0xb8, 0xf8, 0x0, {}, [@common=@ttl={{0x28}, {0x2, 0xc0}}, @common=@socket0={{0x20}}]}, @common=@inet=@TCPOPTSTRIP={0x40, 'TCPOPTSTRIP\x00', 0x0, {[0x10001, 0x0, 0x6, 0x2186, 0xd5, 0x3, 0xff, 0x9]}}}, {{@ip={@loopback, @remote, 0xff000000, 0xffffffff, 'ip6gre0\x00', 'team0\x00', {0xff}, {0xff}, 0x845650534b1b9192, 0x1, 0x2}, 0x0, 0x98, 0xc8, 0x0, {}, [@common=@ttl={{0x28}, {0x0, 0x9b}}]}, @common=@inet=@SET2={0x30, 'SET\x00', 0x2, {{0x2, 0x0, 0x5}, {0x0, 0x3, 0x3}, 0x141, 0xff800000}}}, {{@uncond, 0x0, 0x98, 0xc0, 0x0, {}, [@common=@ttl={{0x28}, {0x0, 0x3b}}]}, @REJECT={0x28}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x378)
r5 = memfd_secret(0x80000)
readahead(r5, 0x7, 0x0)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000880)=[{{0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000040)="0c0c762f32b73a4d730c30320e171c690e95ee8b61b0bba9c9e599c9868b361574f1ddf5ba8427ba", 0x28}], 0x1}}, {{&(0x7f0000000240)={0xa, 0x4e23, 0xe, @loopback, 0x6}, 0x1c, 0x0, 0x0, 0xfffffffffffffffc}}], 0x2, 0x4000)
r6 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000080), 0x1, &(0x7f0000002140)={{'fd', 0x3d, r6}, 0x2c, {'rootmode', 0x3d, 0x8000}})
read$FUSE(r6, &(0x7f0000004280)={0x2020, 0x0, <r7=>0x0}, 0xffe7)
write$FUSE_INIT(r6, &(0x7f0000004200)={0x50, 0x0, r7, {0x7, 0x2b, 0x0, 0x10204804, 0x0, 0xfffe, 0x0, 0x2, 0x0, 0x0, 0x100}}, 0x50)
openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x1)

1m13.958716232s ago: executing program 3 (id=748):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET_DEF(r1, 0x4b72, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
bind$bt_hci(r0, &(0x7f0000000040)={0x1f, 0x2}, 0x6)
syz_usb_connect(0x5, 0x3f, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000d0918108ac051582588f0000000109022d00010000000009040000030b08000009058d67c8002a000009050502000000000009058b6e", @ANYRES16], 0x0)

1m9.319364433s ago: executing program 3 (id=755):
r0 = syz_init_net_socket$bt_rfcomm(0x1f, 0x3, 0x3)
bind$bt_rfcomm(r0, &(0x7f0000000740)={0x1f, @none, 0xc5}, 0xa)

1m7.563721911s ago: executing program 3 (id=760):
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000640)='./file1\x00', 0x120400d, &(0x7f0000000000), 0x3e, 0x51f, &(0x7f0000000a00)="$eJzs3c9vI1cdAPDvTOLd7G6KU0CoVKJUtGi3grU3DW0jhKBc4FQJKPclJN4oih1HsVM2UUVT8R8gJJA4ceKCxB+AhHrgD0CVKsEFcUCAQAi2cEACOmjGY23WsZNAs3Y2/nykF78345nve2P5eX68zAQwtZ6OiJcjYiYinouIajk9LdPtvHDQe9+7915fzVMSWfbqX5NIymn9deXl2Yi41lsk5iLia1+O+GZyNG5nb39zpdls7JTlere1Xe/s7d/caK2sN9YbW0tLiy8uv7T8wvKtrPS+2rnQz/z4S5//+ae/9bvbf77x7bxan/tIVGKgHWep1/RKsS368m208zCCTcBM2Z7KpCsCAMCp5Pv4H4yITxT7/9WYKfbmBsxMomYAAADAWcm+MB//TiIyAAAA4MJKI2I+krRWjgWYjzS9VJ4b+HBcTZvtTvdTd9q7W2v5vIiFqKR3NpqNW+VY4YWoJHl5sRxj2y8/P1BeiojHI+J71StFubbabq5N+NwHAAAATItrA8f//6imRf5kQ/5PAAAAADi/FkYWAAAAgIvCIT8AAABcfIPH/+73DwAAABfKV155JU9Z//nXa6/t7W62X7u51uhs1lq7q7XV9s52bb3dXi/u2dc6aX3Ndnv7M7G1e7febXS69c7e/u1We3ere3vjgUdgAwAAAGP0+Mff+nUSEQefvVKkKO8DCPCAP0y6AsBZMtQPppe7eMP0qky6AsDEJSfMN3gHAAAefdc/evT6f//5/84NwMVmrA8ATB/X/2F6VYwAhKk1W54D+ECveHnU+0Ze///laSNlWcTb1cNTnF8EAIDxmi9SktbK44D5SNNaLeKxiHQhKsmdjWbjVnl88Ktq5XJeXiyWTE4cMwwAAAAAAAAAAAAAAAAAAAAAAAAA9GRZEhkAAABwoUWkf0qKu/lHXK8+Oz94fuBS8s9q/LEs/PDV799d6XZ3FvPpfyue5XUpIro/KKc/P/LxYQAAAMBZSw5Gzuodp5evi2OtFQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABT4N17r6/20zjj/uWLEbEwLP5szBWvc1GJiKt/T2L20HJJRMycQfyDNyPiiWHxk3gvy96IshbD4l95yPEXik0zPH4aEdfOID5Ms7fy/uflYd+/NJ4uXod//2bL9H6N7v/SMvITRT83rP957MjaWkNjPPnOT+u9XOVo/Dcjnpwd3v/0+99kRPxnjqztX1mWHY3/ja/v749qf/ajiOtDf3+SB2LVu63temdv/+ZGa2W9sd7YWlpafHH5peUXlm/V72w0G+XfoTG++7GfvTcqft7+q0Pi//Y3vf73uPY/O2qlA/7zzt17H+plj3wAefwbzwz9/Z2LEfHT8rfvk2U+n3+9nz/o5Q976idvP3Vc+9dGbP+TPv8b94uXj2v/c1/9zu+Pmw8AjFdnb39zpdls7ByTmTvFex7FzC/mzkU1/sdM9kbvkzsv9fl/M/ne6v0p/Vadg4odymRjiXW52J8/7VKXxtT2iXZLAADAQ3B/p3/SNQEAAAAAAAAAAAAAAAAAAIDpNY5bqQ3GPJhMUwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAjvXfAAAA//9a5dxz")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x61, 0x8e}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = syz_clone(0x100411, 0x0, 0x0, 0x0, 0x0, 0x0)
tkill(r3, 0x13)
tkill(r3, 0x12)

1m7.375863075s ago: executing program 2 (id=763):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt(r0, 0xff, 0x1, 0x0, 0x10)

1m5.469781699s ago: executing program 2 (id=766):
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301)
unshare(0x8000600)
pselect6(0x40, &(0x7f0000000100)={0x0, 0x3, 0x0, 0x0, 0x800, 0x0, 0x1}, 0x0, &(0x7f0000000240)={0x1f}, &(0x7f0000000280)={0x0, 0x3938700}, 0x0)

1m3.440411559s ago: executing program 3 (id=767):
getdents(0xffffffffffffffff, &(0x7f0000000300)=""/187, 0xbb)
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x35, &(0x7f0000000000)=0x8000, 0x4)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
io_setup(0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB], 0x48)
io_setup(0x101, 0x0)

56.587601994s ago: executing program 3 (id=770):
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x5, 0x4)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r1 = syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x40000001, r1, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000032680)=""/102400, 0x19000)
bpf$ITER_CREATE(0x21, 0x0, 0x0)
capset(0x0, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x81, 0xfffffffb})
unshare(0x28000600)
syz_io_uring_setup(0x110, &(0x7f0000000480)={0x0, 0x2817, 0x3d, 0x10000003, 0x335}, 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000cc0)=ANY=[@ANYBLOB="0300000004000000040000000a"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0x8, &(0x7f0000000180)=ANY=[@ANYBLOB="1808000000000000000000000000000018"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, 0x0, 0x0)
sendmsg$unix(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4800}, 0x4004000)
timer_create(0x2, &(0x7f0000533fa0)={0x0, 0x1d, 0x1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
syz_mount_image$squashfs(&(0x7f00000001c0), &(0x7f0000000200)='./file0\x00', 0x0, &(0x7f0000000240), 0x1, 0x19d, &(0x7f0000000000)="$eJzskD9rFFEUxX/3zdud3UDUVbFYwSwYXEeC+0exsFqsVnDAwkYw4LIZs+KsupktVBJIIwFZzFfQKpZiYSWiYB0sBAsdm3SSKYKFiMjIzD4FP4PvBzPnncN7917uIBpFLvBrb7VPhxyHfbxH0MCcTDOlpvrS+K9GN6fCBeMnQn7zmfHV6P6DW70wDFZq52tU/gmAb3n2N4rmOKJIhA7ycW+135PrPmmHoVoqwwHKec2R95iqnuWwwiGtT7ioGEkB2N8YD+82op9pmg57y8FycLvdPnOuebbp0m7cuBkGMyDeI1E8YQ3Px/Upe2sUFnm4rWdYEMQbqNiRUwnFRTa3nZPHFxKUt0uK8Kae4H7Wg5q6wglK17LhuxwSnuL4zF+irNBkjZpd5LJ6IS39QX8vKErrjnO6fydc2riq5EdxqyO7JWntUKi3UtfssMpB3rIRMx/TjdmK2fmCyKusy8TsU69n/+fGHeUYFLnXG49XWkV4J3WfdvZVYDYvp/K5KvDavDHCpz8Hi8VisVgsFovFYrH8B/wOAAD//8UHYms=")
syz_clone(0x102311, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_open_pts(0xffffffffffffffff, 0x60c40)
mount$tmpfs(0x0, 0x0, 0x0, 0x0, 0x0)

56.58440688s ago: executing program 2 (id=771):
syz_read_part_table(0x5c3, &(0x7f00000005c0)="$eJzs2z9I22kYB/A31lBohw7XqVPbocPRpaVjM7QlSVsqhKiL3KCgiJgpghC5gKAHmkExgzi6iJDFP5Mxg5Oi4Czi4CE4uNyhi+BiDvG97e7wUI8rfD7w48n75vu+T54h4y/wXWsJvzebzUQIofnwrxPNfzjdWUtnvjzPfch3xMvCfPWXH64+Jv48HW99GdeHcb0w/6gxefY5WTtoP3/VvVlpid+PxufxYr3zDsbjni2ltp6MjRezU6XUwH62fDyxt9u2fJrO179Vqitfk596Y2471tZYh0IpjITB0BMKoRD6QvGO+s/Vjt5cPsvW1vrfX2Qa0xtvYy53yzlv2n/4xUxXtfzx9erT2Xel9Z38yYPrXOFv/l0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPy/LKW2noyNF7NTpdTAfrZ8PLG327Z8ms7Xv1WqK1+Tn3pjbjvW1liHQimMhMHQEwohEfpC8Y76z9WO3lw+y9bW+t9fZBrTG29jLnfLOW/af/jFTFe1/PH16tPZd6X1nfzJg+tc4eE9/QAAAAAAAAAAAAAAAAAAAAAIIaQzX57nPuQ7QkiEn0Jr+PG3n1uu9pvxffdEzL2M9TDuL8w/akyefU7WDtrPX3VvVn6N+6PxebxY7/zPh+Ff+yMAAP//17OV3g==")
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000040)='./file1\x00', 0x400, &(0x7f00000000c0)=ANY=[], 0x1, 0x68b, &(0x7f0000000a40)="$eJzs3U1sHGf9B/DvbnbX3vz/Sp02SQOqRNRIBRGROLGSYi4NCKFIVKgqB8TRSpzGyiatHBc5EYLwfuDCoXeKRG5cQOIeVM7AqVcfKyFx6SmAxKKZnbXXL7F3ndhri88nmp3nmedlnuc3Mzu7s4oc4H/WtXNpPE4t1869uVzkVx7NdFYezdzpp5NMJKknjd4qtbtJ7aPkanpLPlNsrLqrPW0/HyzMvv3xpyuf9HKNainr17drt8mV+hYbH1ZLziQ5Uq2fwbr+rm/orzVyd7XVGRYBO9sPHIxbM0l3ne+eWivZ0fDXLXBg1Xr3zU0X9FRyNMlk9Tmgd1fs3bMPtYfjHgAAAADsgxd+WX6FPzbucQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBhUv39/1q11PvpM6n1//5/q9qWKn2oPR73AAAAAAAAAABgdN/8/w0bPvckT7KcY/18t1b+5v9qmTlRvv5f3s+9zGcx57OcuSxlKYu5mGSqLG+Wr63luaWlxYtDtLy02jIDLS8NOYP27icPAAAAAAAAAIdFY/QmP861td//AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgIKglR3qrcjnRT0+l3kgymaRV1HuY/LWfPpB+/afBXPff3dKmao/3c0wAAAAwJi88yZMs51g/362V3/lPld/7J/N+7mYpC1lKJ/O5UT4L6H3rr688mumsPJq5Uyyb+/3qP0YaRtljes8ett7z6bJGOzezUG45n+t5N53cSL1sWTjdH8/W4/pRMabaG5UhR3ajWhcz/1WaI81qN2pD15wqI1KMqBeR6aptEY3j20dixKPT31M/9hdTX33yc+J5xny5t3r9t711MZ+fjxSTvbYxEpcGzr5T20ci+fwff/edW527tydu3jt3cKY0gomBJ2gbIzEzEImXh43ErcMaiUHTZSROruav5Rv5ds7lTN7KYhbyvcxlKfM5k69nLkcyV53PxevU9pG6ui731k4jaZXHpVm9iw4/pqXM5dWy7bEs5Ft5Nzcynyvlv0u5mNdzOZczO3CETw5x1ddHe6c9+4WBh8m/SNIert0+KAZ2fPXuNHjWT5fXwfF1W9ai9OLzvx81Plslin38pFofDBsjcXEgEi9tH4nflG8r9zp3by/emntvyP29Vq2L6+hnB+ouUZwvLxYHq8ytPzuKspc2lk324tWqfnHpla2/4xZlJ1fLdrpSW9VnuM09XSrLXt6ybKYsOz1Qtu7z1tXe5y0ADryjXzzaav+9/Zf2h+2ftm+135z82sSXJ15ppfnn5lca00deq79S+0M+zA/Wvv8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC7d+/+g9tznc784oZEt9v94VOK9jDRTtLfkuzUqpmd6+xNopWkTDT6idH6mRiqcmvt6Lzx+2cZc3PUVslzCVSjOsnuP7j9z263u++HaYtEc5tzfi3RrWwq6g7VfGyJf3WfX4djfmMC9tyFpTvvXbh3/8GXFu7MvTP/zvzd2cuXZ6dnL1/524WbC5356d7ruEcJ7IW1m/64RwIAAAAAAAAAAAAMaz/+W8JTdv2ffZ4qAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcEhdOzdRpc5PF68rj2Y6xdJPr1Ysq9WT1L6f1D5Krqa3ZGqgu9rT9vPBwuzbH3+68kkv16iWsn59XbvmbmbxsFpyJsmRaj1o8hn6u16tdzWyUm11hkXAzvYDB+P23wAAAP//+B8RmQ==")
truncate(&(0x7f0000000080)='./file1\x00', 0xbdf5)

55.612608391s ago: executing program 2 (id=776):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = userfaultfd(0x801)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x749})
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000200)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1})
syz_kvm_setup_syzos_vm$x86(0xffffffffffffffff, &(0x7f000054a000/0x400000)=nil)
syz_kvm_setup_syzos_vm$x86(0xffffffffffffffff, &(0x7f0000bff000/0x400000)=nil)
lstat(0x0, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

51.300756674s ago: executing program 2 (id=781):
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r1 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
syz_emit_ethernet(0x4a, 0x0, 0x0)
r3 = fsopen(&(0x7f0000000100)='cgroup2\x00', 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
fsmount(r3, 0x1, 0x86)
fsconfig$FSCONFIG_SET_FLAG(r3, 0x0, &(0x7f00000000c0)='ro\x00', 0x0, 0x0)
ioctl$LOOP_CONFIGURE(0xffffffffffffffff, 0x4c0a, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, {0x2a00, 0x80010000, 0x0, 0x2, 0x1, 0x0, 0x0, 0xb, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "f4bd000000801900000000000000000700", [0x0, 0x2000000000001]}})
bpf$MAP_CREATE(0x0, 0x0, 0x50)
r4 = open(&(0x7f0000000280)='./file1/file0\x00', 0x141501, 0x184)
ioctl$TUNGETVNETBE(r4, 0x800454df, &(0x7f00000000c0)=0x1)
syz_mount_image$vfat(&(0x7f0000000180), &(0x7f0000000040)='./file0\x00', 0x2000000, &(0x7f0000000c00)=ANY=[@ANYBLOB="7379735f696d6d757461626c652c666d61736b3d30313737373737373737373737373737373737373737332c73686f72746e616d653d6c6f7765722c636865636b3d7374726963742c2c756e695f786c6174653d302c726f6469722c726f6469722c73686f72746e616d653d6c6f7765722c73686f72746e616d653d6c6f7765722c6e6f6e756d7461696c3d302c756e695f786c6174653d312c756e695f786c6174653d312c6572726f72733d636f6e74696e75652c74696d655f6f66667365743d3078303030303030303030303030303465302c757466383d302c0077b5b28056fc4549d277ed7fab6b0be29df17f888ccab55cccc917ad315c8ea56f5a89c104f92d058b92f5881e69e06002f5914c03fefbeb09121733eaf5ded73df976fbd4cfcb8b70b0bf44da1b46bc3935431d5e60a641f9e4ebbf71c77fc9a810ce726b8c6d6295a5f2e2b069b95ba8ecce5200000000000000847d5e1ec11cdbcabb8a89cbf2cf2771d69e3cf0e6760094145e542e426bceaab9b2cf261046247bce0565db3ac5888b74efd48bc9f455e60f49496ca8137aba85fe39756814fda1f0624b33a2025792a477ccfff09befb1d0cf1599d272628028b9786e1fbfb3d637c2561421488c9d0000000094bf13ac582f6b67de0cad933631794271b2259fe5d73a74ad7da615c31505c7c0c168052d38e5b64c4bb7d0599e5dcf0000000000000000000000000000002790cf17418aa278cfc0c9d1c81c63e58b877706a4b7eed8a5aff253298db2939adc0efdab4745ab0e09ef8beaaf04e5374c2e7e4672e47fe5a25502919954242f8d779d84091f20646210edf871d3f20ad66fcf4b816323b8abb307381d4ada887dcc71e35f364baa1b93fd5ee36c02aa4628511442992ced893ab946472440b53fc08cc41403e167b1f2605e04d5f0c16ed49969b59d650d88642b10c7893fe9b664421a40f4822ffcc284dfe9aea76e4a04293c970f2daef5f4f5437b085e16511b0bd365b0f86c7fcd8df00a87f4dbbf8e623667e3b65e4c487055a2e5cd64402a4de537bf113fc7370099e4faebe6ea9d4f155f8f5f4c5f9b205ce1bbc8c0002a19457e05a210d9e9820bc7f318ebfdfcc22f83150503b28c52096d13d6b9aac338f27ca2d2108c51ad7bbbc6ec9d577b00c703c4ef2ee9f16febbb7afdafc59e817dc8edb56d445c74fa48cdccf79223640f685b92b26c62d7d65dd4fdd6f73c1d9c70f1bca7a7150f62de63f2f579f1fb2d10f3a770f2b9ce8cd8be9414e0444fd357b3fad5b16d91c91c0f1aa3e11d39426af77180bdb588060a2546b369655c02eb52709e0e03785f8010bfd1a72a817dad46c854ebb0a8aa5d59cae56089e2aac882b33018aa4006a44968a267cde827c86aa1abccb51cb152459f91a39a5cbbd8d218d37f4cf35d339694a379", @ANYBLOB="d23c17f6ec95b3b820b1161ffa233394c6007d8285b061be4d1d842e4a63e477908347691f71d1e4132f09405a5b81867a01cf3df73c16fd31622d37a921bdbff76ef2fed6da828ab4e0f87928c18c0380050249fb6ab8e225d1f3c041a6377723b83e57fcac059a09aa95a2d433974df43b0efc268cbd67279c5e0f19f5b89100cc35aafb9e96dae3d8afe28e887e01475b9ec063d40d1080f70254a3f65a1c6261571866a21a54d762495480"], 0xf, 0x2a4, &(0x7f0000000480)="$eJzs3T9rc2UUAPBzkzSNOqSIiyJ4QQen0rq6NEoFsZMSQR002BYkCYUWAlYwduoncPR7+BFcXPwGgqvg1g6VKzf33ia16R/65k3h7e83nd7nnvOc3KckU06+eXPY3z1I4uTsz2i1kqhtxVacJ7EWtaj8FI0AAF4c51kW/2QPyWzUFt8NALAMxed/4bF7AQCW47Mvvvyks7Oz/WmatuL19umom0TE8HTULdY7+/FdDGIvNqIdFxHZpSL+6OOd7WikubV4ZzgedfPM4de/l/U7f0dM8jejHWvz8zfTwmX+y1V3aXT2V6o/2vHa/Pz3/p8fw3F0m/Hu2zP9r0c7/vg2DmIQu5HnTvN/3EzTD7Ofz374Kt8mz09q0V2d3DeV1Zd0JAAAAAAAAAAAAAAAAAAAAAAAPAHraZoU43sm83vyS5P5OaNu/WKyvp5WZuf7jKv5QElVqJgPlEU5omecxS/VfJ2NNE2z8sZpfiPeaPhhAQAAAAAAAAAAAAAAAAAAAMgdfX/c7w0Ge4cLCappANXX+h9aZ2vmyltx3O/Vby64ev+9ZqcN5L3eenM0GrGgx3JX8FLez8Irr04P9/MogupgFrrXqx8URY/7vbRcqh5yv5fctVerOrhfZ5ea8ayNZZN/iYvs6pm2Llu9mtVc0NNovjJ36d8sy+5X5/2/ijMqrySTERv3232lDOa+wDxoXT+L324ueONbRn0hbzwAAAAAAAAAAAAAAAAAAMA10y/9zlk8uTW19tyaAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAlm/7+fxW0IuLqlWvBuEy+7Z4yaMbh0SO/RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ6A/wIAAP//4ipOSw==")

46.936374961s ago: executing program 2 (id=782):
syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f00000001c0)='./file1\x00', 0x2004000, &(0x7f00000046c0)={[{@resuid}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}, {@usrjquota}]}, 0xfe, 0x563, &(0x7f00000007c0)="$eJzs3c9rHFUcAPDvbHbbpK02BSnoQQI9WKndtIk/KnioR9FiQe91SaahZNMt2U1pYsH2oBcvUgQRC+If4N1j8R/wryhooUgJevASmWQ22Ta7m1/bZHU/H5j2vZnZefPmzXv5vp1dNoCBNZb9U4h4OSK+SSKOt2wrRr5xbG2/5Se3p7IliZWVT/5MIsnXNfdP8v+PNjPFiF+/jDhT2FxufXFptlKtpvN5frwxd2O8vrh09tpcZSadSa9PTE5eeGty4t133u5ZXV+//Pf3Hz/44MLXp5a/+/nRiXtJXIxj+bbWeuzBndbMWIzl16QUF5/Z8XwPCusnyUGfALsylPfzUmRjwPEYyns98P/3RUSsAANpJBL9HwZUMw5ozu035sHDBxiV7J/H769NgDbXv7j23kgMr86NjiwnT82MsvnuaA/Kz8r45Y/797Ilevc+BMCW7tyNiHPF4ubxL8nHv907t419ni3D+Af750EW/7zRLv4prMc/0Sb+Odqm7+7G1v2/8KgHxXSUxX/vtY1/1x9ajQ7luRciRkajlFy9Vk2zse3FiDgdpcNZvtvznAvLD1c6bWuN/7IlK78ZC+bn8ah4+OnXTFcalb3UudXjuxGvtI1/k/X2T9q0f3Y9Lm+zjJPp/Vc7bdu6/s/Xyk8Rr7Vt/40nWkn355Pjq/fDePOu2Oyvr07+1qn8g65/1v5Hutd/NGl9XlvfeRk/Dv+Tdtq22/v/UPLpavpQvu5WpdGYPx9xKPlo8/qJjdc28839s/qfPtV9/Gt3/49ExGfbrH+3mXQ/tP/0jtp/54mHH37+Q6fy8/qXomv7v7maOp2v2c74t90T3Mu1AwAAAAAAgH5TiIhjkRTK6+lCoVxe+3zHS3GkUK3VG2eu1hauT8fqd2VHo1RoPuk+vpZPmp9/GG3JTzyTn4yIExHx7dDIar48VatOH3TlAQAAAAAAAAAAAAAAAAAAoE8c7fD9/8zvQwd9dsBz5ye/YXBt2f978UtPQF/a7d//+R6fB7D/xP8wuPR/GFz6Pwwu/R8Gl/4Pg0v/h8Gl/wMAAAAAAAAAAAAAAAAAAAAAAAAAAEBPXb50KVtWlp/cnsry0zcXF2ZrN89Op/XZ8tzCVHmqNn+jPFOrzVTT8lRtbqvjVWu1G+cnYuHWeCOtN8bri0tX5moL1xtXrs1VZtIraWlfagUAAAAAAAAAAAAAAAAAAAD/LfXFpdlKtZrOS/RzYvg5HfnO3o9T7IfrI7HjRBLd9znokQkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANvwbAAD//+f9MzI=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x1)
unlinkat(r0, &(0x7f0000000000)='./file1\x00', 0x0)
setfsuid(0x0)
setfsuid(0x0)
stat(0x0, 0x0)
syz_fuse_handle_req(r0, 0x0, 0x0, 0x0)

37.980269718s ago: executing program 33 (id=770):
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x5, 0x4)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r1 = syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x40000001, r1, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000032680)=""/102400, 0x19000)
bpf$ITER_CREATE(0x21, 0x0, 0x0)
capset(0x0, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x81, 0xfffffffb})
unshare(0x28000600)
syz_io_uring_setup(0x110, &(0x7f0000000480)={0x0, 0x2817, 0x3d, 0x10000003, 0x335}, 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000cc0)=ANY=[@ANYBLOB="0300000004000000040000000a"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0x8, &(0x7f0000000180)=ANY=[@ANYBLOB="1808000000000000000000000000000018"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, 0x0, 0x0)
sendmsg$unix(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4800}, 0x4004000)
timer_create(0x2, &(0x7f0000533fa0)={0x0, 0x1d, 0x1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
syz_mount_image$squashfs(&(0x7f00000001c0), &(0x7f0000000200)='./file0\x00', 0x0, &(0x7f0000000240), 0x1, 0x19d, &(0x7f0000000000)="$eJzskD9rFFEUxX/3zdud3UDUVbFYwSwYXEeC+0exsFqsVnDAwkYw4LIZs+KsupktVBJIIwFZzFfQKpZiYSWiYB0sBAsdm3SSKYKFiMjIzD4FP4PvBzPnncN7917uIBpFLvBrb7VPhxyHfbxH0MCcTDOlpvrS+K9GN6fCBeMnQn7zmfHV6P6DW70wDFZq52tU/gmAb3n2N4rmOKJIhA7ycW+135PrPmmHoVoqwwHKec2R95iqnuWwwiGtT7ioGEkB2N8YD+82op9pmg57y8FycLvdPnOuebbp0m7cuBkGMyDeI1E8YQ3Px/Upe2sUFnm4rWdYEMQbqNiRUwnFRTa3nZPHFxKUt0uK8Kae4H7Wg5q6wglK17LhuxwSnuL4zF+irNBkjZpd5LJ6IS39QX8vKErrjnO6fydc2riq5EdxqyO7JWntUKi3UtfssMpB3rIRMx/TjdmK2fmCyKusy8TsU69n/+fGHeUYFLnXG49XWkV4J3WfdvZVYDYvp/K5KvDavDHCpz8Hi8VisVgsFovFYrH8B/wOAAD//8UHYms=")
syz_clone(0x102311, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_open_pts(0xffffffffffffffff, 0x60c40)
mount$tmpfs(0x0, 0x0, 0x0, 0x0, 0x0)

34.947366417s ago: executing program 4 (id=792):
sched_setscheduler(0x0, 0x1, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
r0 = socket$inet6(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'sit0\x00', <r1=>0x0})
ioctl$sock_inet6_SIOCSIFDSTADDR(r0, 0x8918, &(0x7f0000000080)={@loopback={0x0, 0x307}, 0x0, r1})

33.774598528s ago: executing program 5 (id=793):
r0 = syz_clone(0x20202100, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$TOKEN_CREATE(0x24, 0x0, 0x0)
r1 = syz_pidfd_open(r0, 0x0)
getpid()
pidfd_send_signal(r1, 0x6, &(0x7f0000000000)={0x0, 0x2, 0xb}, 0x0)

33.700116565s ago: executing program 4 (id=794):
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x42302)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00'})
write$sndseq(r0, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick, {}, {}, @raw32}], 0xffc8)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000040)={0x201d})

33.1548497s ago: executing program 4 (id=795):
syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x1218088, &(0x7f00000001c0)=ANY=[@ANYBLOB="7379735f696d6d757461626c652c757466383d312c696f636861727365743d61736369692c73686f72746e616d653d77696e39352c73686f77657865632c6e66732c636865636b3d7374726963742c756e695f786c6174653d302c757466383d312c73686f72746e616d653d6c6f7765722c73686f72746e616d653d6c6f7765722c726f6469722c726f6469722c64656275672c757466383d302c726f6469722c71756965742c6572726f72733d72656d6f756e742d726f2c009c8a8fc4f74784ad79ec08fb556262ebc972ef94821f3565ef5f75f11e30ef1f72a065c510b17cae352940538b7b2c5d72f4627c25306b2479725add28f511a68f5f6f47f9facdd0cc574286d00ab52d6b9374b6a58eac694336ebe971f41860d01084c1a0fa6b51d80fa9f9d2c5a2e7a5284f93296217ef8f28e0a36e573296a0bfb38b94191f4b82873563f3759b5e193ecfab6ed7892542364757e47d656ad6a0fbb6e8bf138bddae620a3602991821d4844f628e6bdd8b62cca73744332f0185a54b"], 0x6, 0x2c2, &(0x7f00000008c0)="$eJzs3T+LI2UcB/DfZLOTUYuksBLhBrzC6nCvE5sscgfiVh4p1EIX7w5kE4Q7WPAPxqtsbSwsfAWC4Au5xncg2Ap2nnAwMpOZndk1xkQ2K7f7+TT72+d5vjPPMxmys0WefPjy7OhuHvcfffFLZFkSvXGM40kSo+hF46s4ZfxNAADPsidFEb8XC5vkkojItjctAGCL1vv732/Lny5kWgDAFt1597239w8Obr2TRRa3Z18fT8r/7Mufi/79+/FxTONevBbDeBpRPSjsRvW0UJa3i6KY9/PSKK7P5seTMjn74HF9/P3fIqr8XgxjVDWdPG1U+bcObu3lC538vJzH8/X5x2X+ZgzjxZPwqfzNJfmYpPHqK53534hh/PxRfBLTuFtNos1/uZfnbxbf/vH5++X0ynwyP54MqnGtYueCXxoAAAAAAAAAAAAAAAAAAAAAAC6xG/XeOYPIr8X1WdlU77+z8zTS8te8MWpTZf+iSpqm7v5ARVHMi/i+s6VgXtQD2/19+vFSv7uxIAAAAAAAAAAAAAAAAAAAAFxdDz/97OhwOr334FyKZjeAfkT8eSfivx5n3Gm5FqsHD+pzHk6nvbo8NeZx2m2JnWZMErFyGuUizumy/Fvx3Nk5N8UPP5YL3OSAWafl9eUL3N3+upq76+gwWX6uQTQtWX2TfJdGtGPSWPNc6T91FbHJ7Zcu7RpuvPb0haqYrxgTyaqJvfHr4srVLcnZVaTVVV0a362LTvzMvbHW6x7ZIv7394qk2q1jsL03IwAAAAAAAAAAAAAAAAAAuOLaT/8u6Xy0MtorfBQYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgEui/f7/DYp5HV5jcBoPHv7PSwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOAK+CsAAP//hipWFQ==")
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x48a, &(0x7f0000000000)={[{@jqfmt_vfsold}, {@usrjquota, 0x22}, {@errors_continue}, {@noload}, {@data_err_ignore}, {@usrjquota, 0x22}, {@errors_continue}, {@errors_remount}, {@noblock_validity}]}, 0x1, 0x44e, &(0x7f0000000900)="$eJzs3M1vG0UbAPDHdpw0bfMmbykfDS0ECiLiI2nSD3rgUgQSB5CQ4FDEKSRpFeo2qAkSrSIIHMIRVeKOOCLxF3ChXBBwQuIKd4QUoVwonIzW3k3dxE7ixIlL/ftJm8x4xpp5dnfs8azXAXSsoeRPLuJgRPwaEf3V7J0Vhqr/bq0sTP69sjCZi3L5jT9zlXp/rSxMZlWz5x2oZsrlDdpdejtiolSavprmR+cvvzc6d+36czOXJy5OX5y+Mn727KmTx7rPjJ9uSZx9SV8HP5w9euSVt268Nnn+xjs/fp3092BaXhtHqwxV925dT7a6sTbrq0nnutrYEZpSiIjkcBUr478/CtG7WtYfL3/S1s4Bu6pczpd7GhcvloF7WDJRBzpR9kaffP7Ntj2aetwVls/F6jrGrXSrlnRFPq1TTD8j7YahiDi/+M8XyRa7tA4BAFDr5rmIeLbe/C8fD9TU+196bWggIv4fEYci4r6IOBwR90dU6j4YEQ812f7aKyTr5z/l/m0FtkXJ/O+F9NrWnfO/bPYXA4U011eJv5i7MFOaPpHuk+Eo9iT5sQ3a+O6lXz5rVFY7/0u2pP1sLpj244+uNQt0UxPzEzuJudbyxxGDXfXiz63OeZP58ZGIGNxmGzNPf3W0Udnm8W+gBZPy8pcRT1WP/2KsiT+Ta3h9cuz5M+OnR/dFafrEaHZWrPfTz0uvN2p/R/G3wPLNcuyve/6vxj+Q2xcxd+36pcr12rnm21j67dOGn2m2e/53596spLvTxz6YmJ+/OhbRnXt1/ePjt5+b5bP6yfk/fLz++D8Ut/fEwxGRnMTHIuKRiHg07ftjEfF4RBzfIP4fXnzi3ebj32BVvoWS+Kc2O/5Re/ybTxQuff9N8/FnkuN/qpIaTh/ZyuvfVju4k30HAAAA/xX5ynfgc/mR1XQ+PzJS/Q7/4difL83OzT9zYfb9K1PV78oPRDGfrXT116yHjqVrw1l+fE3+ZLpu/Hmht5IfmZwtTbU7eOhwBxqM/8TvhXb3Dth17teCzmX8Q+cy/qFzGf/QuYx/6Fz1xv9HbegHsPc2ef/v3at+AHvP/B86l/EPncv4h47U8N74/I5u+ZdoU+Lb7p39VsPWE5G/S0K+ZxLFqFvUteUfs9hmoqduUbtfmQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFrj3wAAAP//j57jFA==")
open_by_handle_at(0xffffffffffffffff, 0x0, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
mkdir(&(0x7f0000000000)='./file0\x00', 0x88)

32.083786571s ago: executing program 5 (id=797):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x1, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
msgget$private(0x0, 0x80)

32.083567825s ago: executing program 4 (id=798):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000f1ffffff0000000000100000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000340)='io_uring_register\x00', r0}, 0x10)
r1 = io_uring_setup(0x28fe, &(0x7f0000000080)={0x0, 0xb0c9, 0x1})
io_uring_register$IORING_REGISTER_IOWQ_MAX_WORKERS(r1, 0x11, &(0x7f00000002c0), 0x2)

30.99918377s ago: executing program 34 (id=782):
syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f00000001c0)='./file1\x00', 0x2004000, &(0x7f00000046c0)={[{@resuid}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}, {@usrjquota}]}, 0xfe, 0x563, &(0x7f00000007c0)="$eJzs3c9rHFUcAPDvbHbbpK02BSnoQQI9WKndtIk/KnioR9FiQe91SaahZNMt2U1pYsH2oBcvUgQRC+If4N1j8R/wryhooUgJevASmWQ22Ta7m1/bZHU/H5j2vZnZefPmzXv5vp1dNoCBNZb9U4h4OSK+SSKOt2wrRr5xbG2/5Se3p7IliZWVT/5MIsnXNfdP8v+PNjPFiF+/jDhT2FxufXFptlKtpvN5frwxd2O8vrh09tpcZSadSa9PTE5eeGty4t133u5ZXV+//Pf3Hz/44MLXp5a/+/nRiXtJXIxj+bbWeuzBndbMWIzl16QUF5/Z8XwPCusnyUGfALsylPfzUmRjwPEYyns98P/3RUSsAANpJBL9HwZUMw5ozu035sHDBxiV7J/H769NgDbXv7j23kgMr86NjiwnT82MsvnuaA/Kz8r45Y/797Ilevc+BMCW7tyNiHPF4ubxL8nHv907t419ni3D+Af750EW/7zRLv4prMc/0Sb+Odqm7+7G1v2/8KgHxXSUxX/vtY1/1x9ajQ7luRciRkajlFy9Vk2zse3FiDgdpcNZvtvznAvLD1c6bWuN/7IlK78ZC+bn8ah4+OnXTFcalb3UudXjuxGvtI1/k/X2T9q0f3Y9Lm+zjJPp/Vc7bdu6/s/Xyk8Rr7Vt/40nWkn355Pjq/fDePOu2Oyvr07+1qn8g65/1v5Hutd/NGl9XlvfeRk/Dv+Tdtq22/v/UPLpavpQvu5WpdGYPx9xKPlo8/qJjdc28839s/qfPtV9/Gt3/49ExGfbrH+3mXQ/tP/0jtp/54mHH37+Q6fy8/qXomv7v7maOp2v2c74t90T3Mu1AwAAAAAAgH5TiIhjkRTK6+lCoVxe+3zHS3GkUK3VG2eu1hauT8fqd2VHo1RoPuk+vpZPmp9/GG3JTzyTn4yIExHx7dDIar48VatOH3TlAQAAAAAAAAAAAAAAAAAAoE8c7fD9/8zvQwd9dsBz5ye/YXBt2f978UtPQF/a7d//+R6fB7D/xP8wuPR/GFz6Pwwu/R8Gl/4Pg0v/h8Gl/wMAAAAAAAAAAAAAAAAAAAAAAAAAAEBPXb50KVtWlp/cnsry0zcXF2ZrN89Op/XZ8tzCVHmqNn+jPFOrzVTT8lRtbqvjVWu1G+cnYuHWeCOtN8bri0tX5moL1xtXrs1VZtIraWlfagUAAAAAAAAAAAAAAAAAAAD/LfXFpdlKtZrOS/RzYvg5HfnO3o9T7IfrI7HjRBLd9znokQkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANvwbAAD//+f9MzI=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x1)
unlinkat(r0, &(0x7f0000000000)='./file1\x00', 0x0)
setfsuid(0x0)
setfsuid(0x0)
stat(0x0, 0x0)
syz_fuse_handle_req(r0, 0x0, 0x0, 0x0)

30.66710994s ago: executing program 4 (id=801):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r1 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x1, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
r3 = socket$netlink(0x10, 0x3, 0x10)
sendmsg$NFT_BATCH(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000900)=ANY=[], 0x3c}}, 0x0)
syz_genetlink_get_family_id$SEG6(&(0x7f0000000300), r3)
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
ptrace(0x10, 0x1)

22.83205566s ago: executing program 4 (id=802):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x21081e, &(0x7f0000000040)={[{@grpquota}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x40000}}, {@minixdf}]}, 0x1, 0x4fa, &(0x7f00000005c0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=")
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x109041, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x81105a, 0x0)
mount$bind(&(0x7f0000000880)='./file0/../file0\x00', &(0x7f0000000440)='./file0/file0\x00', 0x0, 0x1adc11, 0x0)
mount$bind(&(0x7f0000000100)='./file0/../file0\x00', &(0x7f0000000080)='./file0/file0/file0\x00', 0x0, 0x887008, 0x0)
umount2(&(0x7f00000000c0)='./file0/../file0\x00', 0xb)

22.143786373s ago: executing program 0 (id=803):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000000800000008"], 0x48)
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000400)='./bus\x00', 0x200880, &(0x7f0000000280)={[{@sys_tz}, {@allow_utime={'allow_utime', 0x3d, 0x7ffe}}, {@utf8}, {@errors_continue}, {@discard}]}, 0x3, 0x1509, &(0x7f0000000f80)="$eJzs3AuYTlXbOPD7XmvtMSQ9SQ7DWuvePMlhmSTJIUkOSZIkSU4JoUleSUgMOSUNSUgOQ3IYQnKYmDTO5/MxSZImSXLKKVn/a4rX21v936/v7Xt91zf377r2Zd3P2vfaa8+9H8/am2e+7TK0RqOaVRsQEfxb8Jc/EgEgFgAGAsB1ABAAQNncZXNn9meXmPjvHYT9tR5JudozYFcT1z9r4/pnbVz/rI3rn7Vx/bM2rn/WxvXP2rj+jGVlm6cXuJ63rLvx8/+sjD///w/JKDX2y7Wlbuz6J1K4/lkb1///rOC/shPXP2vj+mdtXP+sjeufFWT7wx6uf9bG9WcsK7vaz595u7rb1b7+GGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4xlDWf9FQoALrev9rwYY4wxxhhjjDH21/HZrvYMGGOMMcYYY4wx9j8PQYAEBQHEQDaIheyQAwQAXAu54DqIwPWQG26APHAj5IV8kB8KQBwUhEKgwYAFghAKQxGIwk1QFG6GYlAcSkBJcFAK4uEWKA23Qhm4DcrC7VAO7oDyUAEqQiW4EyrDXVAF7oaqcA9Ug+pQA2rCvVAL7oPacD/UgQegLjwI9eAhqA8PQwN4BBrCo9AIHoPG8Dg0gabQDJpDi/9W/ovQA16CntALEqE39IGXoS/0g/4wAAbCKzAIXoXB8BokwRAYCq/DMHgDhsObMAJGwih4C0bD2zAGxsI4GA/JMAEmwjswCd6FyTAFpsI0SIHpMAPeg5kwC2bD+zAHPoC5MA/mwwJIhQ9hISyCNPgIFsPHkA5LYCksg+WwAlbCKlgNa2AtrIP1sAE2wibYDFtgK2yD7bADdsIu2A2fwB74FPbCZ7APPv+T+Wf+Kb8rAgIKFKhQYQzGYCzGYg7MgTkxJ+bCXLGXL5I8mAfzYl7Mj/kxDuOwEBZCgwYJCQtjYYxiFItiUSyGxbAElkCHDuMxHkvjrVgGy2BZLIvlsByWxwpYASthJayMlbEKVsGqWBWrYTWsgTXwXrwXe2NtrI11sA7WxbqXH09hA2yADbEhNsJG2BgbYxNsgs2wGbbAFtgSW2IrbIVtsA22xbbYHttjAiZgB+yAHbEjdsJO2Bk7Yxfsgl2xG3bDF7MBvoQvYS+sJnpjH+yDfTEpW38cgAPwFRyEr+Kr+Bom4RAciq/j6/gGDsfTOAJH4igchZXF2zgGxyKJ8ZiMyTgRJ+IknISTcQpOwWmYgtNxBs7AmTgLZ+H7OAc/wA9wHs7DBZiKqbgQF2EapuFiPIPpuASX4jJcjitwOa7C1bgK1+I6XIsbcANuwk24BbfgNtyGO3AH7kIFgJ/gp/gpJuE+3If7cT8ewAN4EA9iBmbgITyEh/EwHsEjeBSP4jE8jifwOJ7CU3gaz+BZPIvn8TxewOfjvm64q/iaJBCZlFAiRsSIWBErcogcIqfIKXKJXCIiIiK3yC3yiDwir8gr8ov8Ik7EiUKikDDCCBJhDACIqIiKoqKoKCaKiRKihHDCiXgRL0qL0qKMKCPKittFOXGHKC8qiNaukqgkKos2roq4W1QVVUU1UV3UEDVFTVFL1BK1RW1RR9QRdUVdUU88JOqL3tgfHxGZlWkkhmBjMRSbiKZCXro4W4rh2Eq0Fm3EU2IkjsD2oqVLEM+IDmIMdhR/E2PxOdFZjMcu4gXRVXQT3cWLoodo5XqKXmIy9hZ9xDTsK/qJ/mKAmInVxfs4J3sN8ZpIEkPEUPG6WIBviOHiTTFCjBSjxFtitHhbjBFjxTgxXiSLCWKieEdMEu+KyWKKmCqmiRQxXcwQ74mZYpaYLd4Xc8QHYq6YJ+aLBSJVfCgWikUiTXwkFouPRbpYIpaKZWK5WCFWilVitVgj1op1Yr3YIDaKTWKz2CK2im1iu9ghdopdYrf4ROwRn4q94jOxT3wu9osvxAHxpTgovhIZ4mtxSHwjDotvxRHxnTgqvhfHxHFxQpwUp8QP4rQ4I86Kc+K8+FFcED+Ji8ILkCiFlFLJQMbIbDJWZpc55DUypwwu/XSvl7nlDTKPvFHmlflkfllAxsmCspDU0kgrSYaysCwio/ImWVTeLIvJ4rKELCmdLCXj5S2ytLxVlpG3ybLydllO3iHLywqyoqwk75SV5V0SIr8co5qsLmvImvJeWUveJ2vL+2Ud+YCsKx+U9eRDsr58WDaQj8iG8lHZSD4mG8vHZRPZVDaTzWUL+YRsKZ+UrWRr2UY+JdvKdrK9fFomyGdkB+kvXSLPyc7yedlFviC7ym6yu/xJXpRe9pS9JEBv2Ue+LPvKfrK/HCAHylfkIPmqHCxfk0lyiBwqX5fD5BtyuHxTjpAj5Sj5lhwt35Zj5Fg5To6XyXKCnCjfkZPku3KynCKnymkyRU6X/S+NNFvKf5n/zu/kD/756JvkZrlFbpXb5Ha5Q+6Uu+RuuVvukXvkXrlX7pP75H65Xx6QB+RBeVBmyAx5SB6Sh+VheUQekUflUXlMHpfn5El5Sv4gT8sz8ow8J8/L8/LCpZ8BKFRCSaVUoGJUNhWrsqsc6hqVU12rcqnrVERdr3KrG1QedaPKq/Kp/KqAilMFVSGllVFWkQpVYVVERdVNeOmCUSVUSeVUKRWvbvkz+aqoulkVU8V/lX95fol/ML8WqoVqqVqqVqqVaqPaqLaqrWqv2qsElaA6qA6qo+qoOqlOqrPqrLqoLqqr6qq6q+6qh+qheqqeKlElqj7qZdVX9VP91QA1UL2iBqlBarAarJJUkhqqhqphapgaroarEWqEGqVGqdFqtBqjxqhxapxKVslqopqoJqlJarKarKaqqSpFpagZaoaaqWaq2Wq2mqPmqLlqrpqv5qtUlaoWqoUqTaWpxWqxSldL1BK1TC1TK9QKtUqtUmvUGrVOrVMb1AaVrjarzWqr2qq2q+1qp9qpdqvdao/ao/aqvWqf2qf2q/3qgDqgDqqDKkNlqEPqkDqsDqsj6og6qo6qY+qYOqFOqFPqlDqtTquz6qw6r86rC+qCuqguZi77AhGIQAUqiAligtggNsgR5AhyBjmDXEGuIBJEgtxB7iBPcGOQN8gX5A8KBHFBwaBQoAMT2EBcKno0uCkoGtwcFAuKByWCkoELSgXxwS1B6eDWoExwW1A2uD0oF9wRlA8qBBWDSsGdQeXgrqBKcHdQNbgnqBZUD2oENYN7g1rBfUHt4P6gTvBAUDd4MKgXPBTUDx4OGgSPBA2DR4NGwWNB4+DxoEnQNGgWNA9a/KXje38635Oup+6lE3Vv3Ue/rPvqfrq/HqAH6lf0IP2qHqxf00l6iB6qX9fD9Bt6uH5Tj9Aj9Sj9lh6t39Zj9Fg9To/XyXqCnqjf0ZP0u3qynqKn6mk6RU/XM/R7eqaepWfr9/Uc/YGeq+fp+XqBTtUf6oV6kU7TH+nF+mOdrpfopXqZXq5X6JV6lV6t1+i1ep1erzfojXqT3qy36K16m96ud+idepferT/Re/Sneq/+TO/Tn+v9+gt9QH+pD+qvdIb+Wh/S3+jD+lt9RH+nj+rv9TF9XJ/QJ/Up/YM+rc/os/qcPq9/1Bf0T/qi9pmL+8yPd6OMMjEmxsSaWJPD5DA5TU6Ty+QyERMxuU3udpfKb/Kb/CbOxJlCppDJRIZMYVPYRE3UFDVFTTFTzJQwJYwzzsSbeFPalDZlTBlT1pQ15Uw5U96UNxVNRXOnudPcZe4yd5u7zT3mHlPdVDc1TU1Ty9QytU1tU8fUMXVNXVPP1DP1TX3TwDQwDU1D08g0Mo1NY9PENDHNTDPTwrQwLU1L08q0Mm1MG9PWtDXtTXuTYBJMB9PBdDQdTSfTyXQ2nU0X08V0NV1Nd9Pd9DA9TE/T0ySaRNPH9DF9TV/T3/Q3A81AM8gMMoPNYJNkksxQM9QMM8PMcDPcjDAjzajMhap524wxY804M94km2Qz0Uw0k8wkM9lMNlPNVJNiUswMM8PMNDPNbDPbzDFzzFwz18w3802qSTULzUKTZtLMYrPYpJt0s9QsNcvNcrPSrDSrzWqz1qw162G92Wg2ms1ms9lqtprtZrvZaXaa3Wa32WP2mL1mr9ln9pn9Zr85YA6Yg+agyTAZ5pA5ZA6bw+aIOWKOmqPmmDlmTpgT5pQ5ZU6b0+asOWvOm3yXPi+9ibXZbQ57jc1pr7W57HX2n+P8toCNswVtIattXpvvV7Gx1hazxW0JW9I6W8rG21t+E5e3FWxFW8neaSvbu2yV38S17H22tr3f1rEP2Jr23l/Fde2Dtp59zNZHBLBNbUPb3Dayj9nG9nHbxDa1zWxz29a2s+3t0zbBPmM72Gd/Ey+0i+xqu8autevsHvupPWvP2cP2W3ve/mh72l52oH3FDrKv2sH2NZtkh/wmHmXfsqPt23aMHWvH2fG/iafaaTbFTrcz7Ht2pp31mzjVfmjn2DQ7186z8+2Cn+PMOaXZj+xi+7FNt0vsUrvMLrcr7Eq76u9zXWY32I12k91tP7Fb7Ta73e6wO+2un+PM89hrP7P77Of2kP3GHrBf2oP2iM2wX/8cZ57fEfudPWq/t8fscXvCnrSn7A/2tD3z8/lnnvtJ+5O9aL0FQgKSpCigGMpGsZSdctA1lJOupVx0HUXoespNN1AeupHyUj7KTwUojgpSIdJkyBJRSIWpCEXpJrq8Ti9BJclRKYqnW6g03Upl6DYqS7dTObqDylMFqkiV6E6qTHdRFbqbqtI9VI2qUw2qSfdSLbqPatP9VIceoLr0INWjh6g+PUwN6BFqSI9SI3qMGtPj1ISaUjNqTi3oCWpJT1Irak1t6ClqS+2oPT1NCfQMdaBnqSP9jTrRc9SZnqcu9AJ1pW7UnV6kHvQS9aRelEi9qQ+9TH2pH/WnATSQXqFB9CoNptcoiYbQUHqdhtEbNJzepBE0kkbRWzSa3qYxNJbG0XhKpgk0kd6hSfQuTaYpNJWmUQpNpxn0Hs2kWTSb3qc59AHNpXk0nxZQKn1IC2kRpdFHtJg+pnRaQktpGS2nFbSSVtFqWkNraR2tpw20kTbRZtpCW2kbbacdtJN20W76hPbQp7SXPqN99Dntpy/oAH1JB+kryqCv6RB9Q4fpWzpC3/le9D0do+N0gk7SKfqBTtMZOkvn6Dz9SBfoJ7pIniDEUIQyVGEQxoTZwtgwe5gjvCbMGV4b5gqvCyPh9WHu8IYwT3hjmDfMF+YPC4RxYcGwUKhDE9qQwjAsHBYJo+FNYdHw5rBYWDwsEZYMXVgqjA9vCUuHt4ZlwtvCsuHtYbnwjrB8WCF87IFK4Z1h5fCusEp4d1g1vCesFlYPa4Q1w3vDWuF9Ye3w/rBO+EBYJnwwrBc+FNYPHw4bhI+EDcNHw0bhY2Hj8PGwSdg0bBY2D1uET4QtwyfDVmHrsE34VNg2bBe2D58OE8Jnwg7hsz/3P7joj/sTw95hn/Dl8OXQ+/vl/OiCaGr0w+jC6KJoWvSj6OLox9H06JLo0uiy6PLoiujK6Kro6uia6Nrouuj66IboxuimqPc1s4FDJ5x0ygUuxmVzsS67y+GucTndtS6Xu85F3PUut7vB5XE3urwun8vvCrg4V9AVctoZZx250BV2RVzU3eSKuptdMVfclXAlnXOlXLxr7lq4Fq6le9K1cq1dG/eUe8q1c+3c0+5p94zr4J51Hd3fXCf3nOvsnnfPuxdcV9fNdXcvuh5uQq5f3pOJro/r4/q6vq6/6+8GuoFukBvkBrvBLskluaFuqBvmhrnhbrgb4Ua4UW6UG+1GuzFujBvnxrlkl+wmuolukpvkJrvJbqqb6lJcipvhZriZbqarPOuXo8x1c918N9+lulS30GWuGdPcYrfYpbt0t9QtdcvdcrfSrXSr3Wq31q116916t9FtdJvdZrfVbXXb3Xa30+10u91ut8df98ugbp/b7/a7A+6AO+i+chnua3fIfeMOu2/dEfedO+q+d8fccXfCnXSn3A/utDvjzrpz7rz70V1wP7mLzrvkyITIxMg7kUmRdyOTI1MiUyPTIimR6ZEZkfciMyOzIrMj70fmRD6IzI3Mi8yPLIikRj6MLIwsiqRFPoosjnwcSY8siSyNLIssj6yIeF9wa+gL+yI+6m/yRf3Nvpgv7kv4kt75Uj7e3+JL+1t9GX+bL+tv9+X8Hb68r+Ar+sd9E9/UN/PNfQv/hG/pn/StfGvfxj/l2/p2vr1/2if4Z3wH/6zv6P/mO/nnfGf/vO/iX/BdfTff3b/oe/iXfE/fyyf63r6Pf9n39f18fz/AD/Sv+EH+VT/Yv+aT/BA/1L/uh/k3/HD/ph/hR/pRMW/50ZdvkWG8T/YT/ET/jp/k3/WT/RQ/1U/zKX66n+Hf8zP9LD/bv+/n+A/8XD/Pz/cLfKr/0C/0i3ya/8gv9h/7dL/k8kNlv9Kv8qv9Gr/Wr/Pr/Qa/0W/ym/0Wv9Vv89v9Dr/T7/K7/Sd+j//U7/Wf+X3+c7/ff+EP+C/9Qf+Vz/Bf+0P+G3/Yf+uP+O/8Uf+9P+aP+xP+pD/lf/Cn/Rl/1p/z5/2P/oL/yV/k76wxxhhjjP2XTLjSFL/X3/t3XhP/sHMfALh2W4GMf+zPXFGuz/tLu5+IaxsBgGd6dXnk8latWmJi4qV90yUEReYBXP6XoEwxcCVeAm2gHSRAayj9u/PvJ7qdp38xfvR2gBz/kBMLV+Ir43/xB+M/8dSoheXCs7n/P+PPAyhW5EpOdvh7/PdvV7SGMn8wfr6W/2L+2b9MBmj1Dzk54Up8Zf7x8CQ8Cwm/2pMxxhhjjDHGGPtFP1Gx0+X7z8v/4/P37s/j1JWczJvay/G/uj9njDHGGGOMMcbY1fdct+5PP5GQ0LrTn29U+W9lceN/a8N7gMuvKAD4NwcE+I+fxZb/yLGSLr11/rlr+TkfwP+OUv4Vjav8FxNjjDHGGGPsL3dl0f/r19XVmhBjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMZYF/Sd+ndjVPkfGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGPsavt/AQAA//+neQxq")
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x81000)
syz_mount_image$hfsplus(&(0x7f00000000c0), &(0x7f0000000300)='./file1\x00', 0x0, &(0x7f0000000040)=ANY=[], 0x1, 0x67d, &(0x7f0000000780)="$eJzs3c1vXFfdB/DvnUzsTNonddOkzYMq1WokQFgkfpELZkNACHlRQVUWrK3EaayM02K7lVsh6vC67aJ/QFl4g1ghsY9UWLCBXXfI7CohsekGsxo013fG4/FLxm3jccrnE905595zz7m/87tz77xY0QT4nzU/kfqDFJmfeHm9vb61OdPc2pxZ7tSTjCbZSOpJakmKf7darQ+TG0nRHaboK/d5f2nu1Y8+2fp4Z61eLeX+taP69an22+jbvNHZNp7kTFV+BnvGu/mZxyu6kd9IcrUqYejOJmnt8ZO/PNlt6dE4qPe5E4kReLSKndfNVK/HXWPJ+epCb78P6Lzy1k4+wsGMDrhf/zsIAAAAeNwM8hn4qe1sZ724cALhAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwBfCxu7v/xfVUuvUx1N0fv9/pNqWqn66vHC83R88qjgAAAAAAAAA4ET8o3x8YTvbWc+FztZWUf7N/8Vy5VL5+ETezGoWs5JrWc9C1rKWlUwlGesZbmR9YW1tZWqAntMH9px+SLijVdn4POYOAAAAAAAAAF84P8/87t//AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgNCiSMztFivs9m8dSqyc5l2SkvWEj+Vun/jh7MOwAAAAA4AQ8tZ3trOdCZ71V5FKSZ8vvAM7lzdzLWpaylmYWc6v8XmDnU39ta3OmubU5s7z1w4PG/c6/jhVGOWJ2vns4+MhXyj0auf1Wp8/NvJ5mbqVW9my7UsazOdPZY3nvQe63Yyq+XRkwsltV2Z75e1W5z7vHmuxhjvllyliZkbO5naUyR5NVbO1sPF1lorvs7XrMs9N/pKnUusFe6jtS3yQ+Vc7PV2V7Pr8+LOdD0Z+J6Z5n37NH5zz5yh9//+PJqn56pjSYM1XZKh8b+zMx05OJ5wbJxJ3mvbt3bq9OPG6Z2GeyzMTl7vp8vp8fZSLjeSUrWcpbWchaFjOe75W1herkFz2X/CGZurFn7ZWHRTJSPUN3TtbxYnqx7HshS/lBXs+tLOal8t90pvKNzGY2cz1n+PLRZ7i86muHXPWt/zsw+KtfrSqNJL+pygMd2vCotPP6dE9ee++5Y2Vb75bdLF0cIEvHvDfWv1RV2sf4RVWeDv2ZmOrJxDNHZ+K35W1ltXnv7sqdhTcGO9zF93qO+6tTdUttP18utk9Wubb32dFue6a75958tdsudfvV9rVd7raVV2pRP/RKHanew+0fabpse+7Atpmy7UpPW6Pbdq37fguAU+/8186PNP7Z+Gvjg8YvG3caL5/77ug3R58fydk/nf1WffLMl2vPF3/IB/nZ7ud/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg01t9+527C83m4kpfpdVqvXtI00lX6g8JdV8l439/ot2hs6WVblPn58xOcBb//2Qy9BwOvfKfVqtVbSkO2ed3fz41iWpVTkXqhlQZ3j0JOBnX15bfuL769jtfX1peeG3xtcV7c7Ozc5Nzsy/NXL+91Fyc3HkcdpTAo7D7oj/sSAAAAAAAAAAAAIBBncR/Jxj2HAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDH2/xE6g9SZGry2mR7fWtzptleOvXdPetJakmKnybFh8mN7CwZ6xmuOOw47y/NvfrRJ1sf745V7+xfO6rfYDaqJeNJzuyU9z+v8W5W5ZGKo6ZQdGfYTtjVTuJg2P4bAAD//8o1Bh8=")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f0000000280), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
r3 = socket(0x840000000002, 0x3, 0xff)
connect$bt_sco(0xffffffffffffffff, &(0x7f0000000000), 0x8)
shutdown(0xffffffffffffffff, 0x0)
getsockopt$MRT(r3, 0x0, 0xcf, 0x0, 0x0)
r4 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r4, 0xc0a85320, &(0x7f0000001e00)={{0x80, 0x80}, 'port0\x00', 0x25, 0x0, 0x7ffc, 0x1, 0x4, 0x0, 0x85, 0x0, 0x7, 0x9})
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(0xffffffffffffffff, 0xc0a85352, &(0x7f0000000440)={{0x80}, 'port1\x00', 0x89, 0x0, 0x4, 0xfffffeff, 0x0, 0x0, 0xffffffff, 0x0, 0x4875c99660ff2b28})
renameat2(r1, &(0x7f0000000140)='./file0\x00', r1, &(0x7f0000000040)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000001180)={0x3, 0xc, &(0x7f0000000300)=@framed={{0x18, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x80000001}, [@ringbuf_output={{0x18, 0x5, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x45}}]}, &(0x7f0000001100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x45, 0x0, 0x0, 0x0}, 0x94)

21.456680107s ago: executing program 5 (id=804):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x0, 0x27, &(0x7f0000000100)={@multicast1, @dev={0xac, 0x14, 0x14, 0xf}, @multicast1}, 0xc)
unshare(0x400)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x9)
ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f0000000100)={0x8000000, 0x2000, 0xffffffd})
ioctl$KVM_UNREGISTER_COALESCED_MMIO(r2, 0x4010ae68, &(0x7f0000000040)={0xdddd0000, 0x10000})

16.179908849s ago: executing program 5 (id=805):
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x3, 0x4, &(0x7f0000000740)=@framed={{0x18, 0x0, 0x0, 0x0, 0x9}, [@call={0x85, 0x0, 0x0, 0x13}]}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x36, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

14.83825596s ago: executing program 5 (id=806):
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8000, 0x20000000019}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r1 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bd2)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
setresuid(0xffffffffffffffff, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB], 0x37)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
rename(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0\x00')
bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000340)=ANY=[], 0x48)
syz_usb_connect$printer(0x6, 0x0, 0x0, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, 0x2, [{0x2, &(0x7f00000001c0)=@string={0x2}}, {0x3b, &(0x7f00000003c0)=@string={0x3b, 0x3, "6658ded9a350f5ee9f74964b1bd0d70c5ba650d6a0a79c60dffe15ab2d082d31435763bb11dbb78be2701c7659cd8888001cd9940dd9828ff5"}}]})
r4 = socket$packet(0x11, 0x3, 0x300)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), r5)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000000)={'wlan1\x00', <r7=>0x0})
sendmsg$NL80211_CMD_FRAME(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000000c0)=ANY=[@ANYBLOB="98030000", @ANYRES16=r6, @ANYBLOB="010028057000fcdbdf253b00000008000300", @ANYRES32=r7, @ANYBLOB="04008e00080057001b0a000004006c000500190107000000080026006c0900005603330080b0c000ffffffffffff080211000001"], 0x398}}, 0x4)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000400)=ANY=[@ANYRES32=r3, @ANYBLOB], 0x10)
close(r3)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
inotify_init()

6.574264182s ago: executing program 0 (id=807):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000340), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000002c0)={0x28, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0xc, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_HWMP_NET_DIAM_TRVS_TIME={0x6, 0xd, 0x7fff}]}]}, 0x28}, 0x1, 0x0, 0x0, 0x48041}, 0x40840)

6.541354139s ago: executing program 5 (id=808):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000340)='./file1\x00', 0x1804810, &(0x7f0000000180)=ANY=[], 0x1, 0x675, &(0x7f0000000cc0)="$eJzs3U1sHGf9B/DvbDZrb9p//m6atAFVqtVIgLBI/CIXzIWAEPKhQlU5cLYSp7GySYvtIrdC1OH12kMPHMvBF8QJiXukwoEL3HJDPlZC4tIL5rRoZ2ft9SvrpPE65fOJZp/nmWfmmd/zm53ZFyvaAP+z5idSf5Ai8xOvrXXamxszrc2Nmbu9epKRJOtJPUktSfGvdrv9cXI9KbaHKfaU+3y4NPfGw083P+m26tVSbl87ar89qu3W96xe760bT3KmKh/DrvFuPPZ4xXbk15NcqUoYurNJ2rv86C/Pbvf0aR609+iJxAg8WUX3dXOfseRcdaF33gf0XnlrJxvd4EYG3G7vOwgAAAB42gzyGfj/t7KVteL8CYQDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnwvrO7//X1RLrVcfT9H7/f9GtS5V/XR5+XibP3hScQAAAAAAAADACXp5K1tZy/leu12Uf/N/pWxcLB+fyTtZyWKWczVrWchqVrOcqSRjfQM11hZWV5enBthz+sA9p/9LoCNV2fxs5g0AAAAAAAAAnzM/y/zO3/8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOA0KJIz3SLF/b7VY6nVk4wmaXRWrCd/69WfZg+GHQAAAACcgJFkK2s532u3i1xM8kL5HcBo3sm9rGYpq2llMTfL7wW6n/prmxszrc2NmbudZf+43/7nscIoR0z3u4eDj3y53KKZW1kq11zNjbyVVm6mVu7ZcbmKpzdqX1yjSe53Yiq+VRkwsptV2Zn5B1W5z/vHmuxhjvllyliZkbPbGZmsYutk47nemTn4DB3z7Ow90lRq/cHuOlJj92QeKefnqrIzn18dlvOh2JuJ6b5n3wtH5zz58h9//8PJqn56pjSYM1XZLh+b+zMx05eJFwfJxO3WvTu3b61MPG2Z2GeyzMSl7fZ8vpcfZCLjeT3LWcqPs5DVLGY83y1rC9XJL/ou+UMydX1X6/XDIvhNdftuVM/Q7snqxPRw4JheKfc9n6V8P2/lZhbzavlvOlP5emYzm7m+M3zp6DNcXvW1Q6769v8dOIkrX6kqzSS/rsrToZPX5/ry2n/PHSv7+tfsZOnCAFk65r2x/sWq0jnGz6vydNibiam+TDx/dCZ+W95WVlr37izfXnh7sMNd+KCqdK6jXybjw72RNPbUL3ROVtna/ezo9D1/YN9U2Xdxu6+2r+/Sdl/3Sl0/9EptVO/h9o80Xfa9eGDfTNl3ua/voPdbAJx65756rtH8R/OvzY+av2jebr42+p2Rb4y81MjZP539Zn3yzJdqLxV/yEf56c7nfwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4NGtvPvenYVWa3G5W2kkKSvtdvv93V3HrdSrIzzi7o9Ryfjfn+kc+YCu3s+ZnWA8X3g2Obm5n9bKv9vtdrWmOGSb3/351CSqXTkVqRtSZXj3JOBkXFu9+/a1lXff+9rS3YU3F99cvDc3Ozs3OTf76sy1W0utxcnu47CjBJ6EnRf9YUcCAAAAAAAAAAAADOok/jvBsOcIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPN3mJ1J/kCJTk1cnO+3NjZlWZ+nVd7asJ6klKX6SFB8n19NdMtY3XHHYcT5cmnvj4aebn+yMVe9tXztqv8GsV0vGk5zplvc/q/FuVOWRiqOmUGzPsJOwK73EwbD9JwAA//+kuATA")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
pwrite64(r0, &(0x7f0000000180)="f7", 0x1, 0x200980)
ioctl$FIBMAP(r0, 0x1, &(0x7f0000000000)=0x4)

6.267418653s ago: executing program 35 (id=802):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x21081e, &(0x7f0000000040)={[{@grpquota}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x40000}}, {@minixdf}]}, 0x1, 0x4fa, &(0x7f00000005c0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=")
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x109041, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x81105a, 0x0)
mount$bind(&(0x7f0000000880)='./file0/../file0\x00', &(0x7f0000000440)='./file0/file0\x00', 0x0, 0x1adc11, 0x0)
mount$bind(&(0x7f0000000100)='./file0/../file0\x00', &(0x7f0000000080)='./file0/file0/file0\x00', 0x0, 0x887008, 0x0)
umount2(&(0x7f00000000c0)='./file0/../file0\x00', 0xb)

5.630596411s ago: executing program 0 (id=810):
r0 = syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x0, &(0x7f00000002c0), 0x0, 0x236, &(0x7f0000000300)="$eJzs3TFoM2UcBvDnLomf/b4gVRdBUEFEtFDqJrjURaEgpYgIKlREXJRWqC1urZOLg84qnVyKuFkdpUtxUQSnqh3qImhxsDjoELlcK9VGFFNz8t3vB5fcJe97//e4e95kOS5Aa00nmU/SSTKTpJekON/grnqZPt3cntpfTgaDx38shu3q7dpZv2tJtpI8mGSvLPJiN9nYffro54NH731jvXfPe7tPTU30IE8dHx0+dvLu4usfLjyw8fmX3y8WmU//D8d1+YoRn3WL5Jb/otj/RNFtegT8E0uvfvBVlftbk9w9zH8vZeqT9+baDXu93P/OX/V964cvbp/kWIHLNxj0qt/ArQHQOmWSfopyNkm9Xpazs/V/+K87V8uXVtdemXlhdX3l+aZnKuCy9JPDRz6+8tG1P+X/u06df+D6VeX/iaWdb6r1k07TowEmqcr/zLOb90X+oXXkH9pL/qG95B/aS/6hveQf2kv+ob3kH9pL/qG95B/a63z+AYB2GVxp+g5koClNzz8AAAAAAAAAAAAAAAAAAMBF21P7y2fLpGp++nZy/HCS7qj6neHziJMbh69XfyqqZr8r6m5jeebOMXcwpvcbvvv6pm+brf/ZHc3W31xJtl5LMtftXrz+itPr79+7+W++7z03ZoExPfRks/V/3Wm2/sJB8kk1/8yNmn/K3DZ8Hz3/9KvzN2b9l38ZcwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABMzG8BAAD//8n0bSk=")
syz_mount_image$erofs(&(0x7f00000001c0), &(0x7f0000000000)='./file1\x00', 0x1000801, &(0x7f0000000140)=ANY=[], 0x0, 0x21d, &(0x7f00000004c0)="$eJzsmb9rFEEUx7+zu7d7BhUttLBZi4ARzN7unkoaQW1FEBJRy8OsIbrJyt0WuYBgsLHxD/AfUbjKws5GLKwsYkCwMKWNgiPzy5tkk9U7PZu8TzH7ndl5b9682byBHAiCOLBsffy6+ezq3MI5AIcxjUCPf3aHcxxr/ofnbkPL16tHHw12+2MAOB/2vd+s7wN4dcUFHiu3nH/j9vtp7XMBjtSCm3BwVutbYIhMrFygZAaGO3r4vqWLQ1rkGbtb5Iv3lvMsFk0imlQ0bYDviH97g2ERQFMvwaz4ev31B50c6CqRZ0Y0uFmn8mpUUZc/D1ub4oQuWSkQ53X76ZMN0Y/0eGzlL4GDROs2GOa1nkOAKIpC3c0Sa/+nvKF/Vx2btf8/3Unz7xIxqjg+WzvHbGLSYfzgE/Hsj3UEkxEijtGtnLBq5df4KfZIwhgxs14fx1Tu1Ij4g/415+T24E3V6tO/ztjg/52OLFwAKq/eTeX5dXvk7TUtTuzwc9rOjyXMF7jvJ6HqB/OAM3oqA+eedSu0ypWHrV5/fXZ5pbOULWWradq+GJ+P4wtpS9Zm1dbUv6asT1NW/WuoK2PXPLG4j7VOWXaTNaDsJr7pp6q1Ku78i+KLtHNk/XMw851zc73IbQd7xyPvv0DZMdmbcfcNniAIgiAIgiAIgiAIgiAIoobwvXpeVo8jQIiX0P+rZOY3sSpeekMa/AwAAP//wyRe/Q==")
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
ioctl$EXT4_IOC_GROUP_ADD(r0, 0x40286608, &(0x7f0000000540)={0x7, 0xc, 0x0, 0x253, 0x1, 0x18b})

4.390863983s ago: executing program 0 (id=811):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0)
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000240)={0x3, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000010000000000000000000000850000008700000095"], &(0x7f0000000000)='GPL\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000200)="9e36d448b36e48d276c1a0fce104", 0x0, 0xe000000, 0xe8030000, 0x0, 0x0, 0x0, 0x0}, 0x50)

2.489246768s ago: executing program 0 (id=812):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000400)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x3)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="180000000900000000000000213f0000c50000000e800000850000000e00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='mmap_lock_acquire_returned\x00', r1}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
getdents(0xffffffffffffffff, &(0x7f0000001fc0)=""/184, 0xb8)
syz_io_uring_setup(0x1eaf, &(0x7f0000000480)={0x0, 0x4076a2, 0x2, 0x0, 0x8c}, &(0x7f0000000080), &(0x7f0000000000))

0s ago: executing program 0 (id=813):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
open(&(0x7f0000000000)='./file0\x00', 0x60c681, 0x148)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000040)={0x5, 0x0, 0x0, &(0x7f0000000100)='syzkaller\x00', 0x8001000d, 0xad, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x8d}, 0x90)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan1\x00'})
ioctl(r3, 0x8b1a, &(0x7f0000000040))
add_key$keyring(&(0x7f0000000080), 0x0, 0x0, 0x0, 0xffffffffffffffff)
r4 = getpid()
r5 = syz_pidfd_open(r4, 0x0)
setns(r5, 0x24020000)
syz_clone(0xfdba2180, 0x0, 0x0, 0x0, 0x0, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl(r6, 0x8b1b, &(0x7f0000000040))

kernel console output (not intermixed with test programs):

: G        W           6.17.0-rc1-syzkaller-00038-g0cc53520e68b #0 PREEMPT(none) 
[  366.405860][ T7404] Tainted: [W]=WARN
[  366.405908][ T7404] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  366.406000][ T7404] Call Trace:
[  366.406057][ T7404]  <TASK>
[  366.406101][ T7404]  __dump_stack+0x26/0x30
[  366.406290][ T7404]  dump_stack_lvl+0x1df/0x270
[  366.406467][ T7404]  dump_stack+0x1e/0x25
[  366.406627][ T7404]  should_fail_ex+0x7dc/0x8a0
[  366.406839][ T7404]  should_fail+0x2a/0x40
[  366.407012][ T7404]  should_fail_usercopy+0x2e/0x40
[  366.407150][ T7404]  strncpy_from_user+0x38/0x470
[  366.407314][ T7404]  ? __msan_memcpy+0x108/0x1c0
[  366.407446][ T7404]  __se_sys_memfd_create+0x59b/0x11f0
[  366.407618][ T7404]  __x64_sys_memfd_create+0x78/0xb0
[  366.407761][ T7404]  x64_sys_call+0x3500/0x3e20
[  366.407934][ T7404]  do_syscall_64+0xd9/0x210
[  366.408091][ T7404]  ? irqentry_exit+0x16/0x60
[  366.408226][ T7404]  ? clear_bhb_loop+0x40/0x90
[  366.408367][ T7404]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  366.408511][ T7404] RIP: 0033:0x7efd3898ebe9
[  366.408609][ T7404] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  366.408744][ T7404] RSP: 002b:00007efd397a6e18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[  366.408876][ T7404] RAX: ffffffffffffffda RBX: 00000000000001f0 RCX: 00007efd3898ebe9
[  366.408966][ T7404] RDX: 00007efd397a6ef0 RSI: 0000000000000000 RDI: 00007efd38a127e8
[  366.409053][ T7404] RBP: 0000200000000940 R08: 00007efd397a6bb7 R09: 00007efd397a6e40
[  366.409147][ T7404] R10: 000000000000000a R11: 0000000000000202 R12: 0000200000000140
[  366.409227][ T7404] R13: 00007efd397a6ef0 R14: 00007efd397a6eb0 R15: 00002000000002c0
[  366.409350][ T7404]  </TASK>
[  366.766770][ T7259] 8021q: adding VLAN 0 to HW filter on device bond0
[  366.816172][ T7259] 8021q: adding VLAN 0 to HW filter on device team0
[  366.870723][ T1026] bridge0: port 1(bridge_slave_0) entered blocking state
[  366.878349][ T1026] bridge0: port 1(bridge_slave_0) entered forwarding state
[  366.878593][ T5860] hid-steam 0003:28DE:1142.0013: hidraw0: USB HID v0.00 Device [HID 28de:1142] on usb-dummy_hcd.4-1/input0
[  367.105353][ T1026] bridge0: port 2(bridge_slave_1) entered blocking state
[  367.112985][ T1026] bridge0: port 2(bridge_slave_1) entered forwarding state
[  367.329230][ T5860] usb 5-1: USB disconnect, device number 21
[  368.106115][ T7418] loop0: detected capacity change from 0 to 16
[  368.184767][ T7409] fido_id[7409]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.4/usb5/report_descriptor': No such file or directory
[  368.251952][ T7418] erofs (device loop0): algorithm 1 isn't enabled on this kernel
[  369.000365][ T7428] loop2: detected capacity change from 0 to 256
[  369.051003][ T7428] exfat: Deprecated parameter 'utf8'
[  369.216111][ T7424] loop4: detected capacity change from 0 to 1024
[  369.332082][ T7428] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xbc51571d, utbl_chksum : 0xe619d30d)
[  369.984061][ T7259] 8021q: adding VLAN 0 to HW filter on device batadv0
[  370.156441][   T35] hfsplus: b-tree write err: -5, ino 4
[  370.619059][ T7446] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=none:owns=io+mem
[  370.695928][ T7446] netlink: 'syz.2.362': attribute type 16 has an invalid length.
[  370.705664][ T7446] netlink: 'syz.2.362': attribute type 17 has an invalid length.
[  370.857736][ T7439] loop3: detected capacity change from 0 to 32768
[  370.878514][ T7439] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.361 (7439)
[  370.909812][ T7439] BTRFS info (device loop3): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  370.921566][ T7439] BTRFS info (device loop3): using blake2b (blake2b-256-generic) checksum algorithm
[  370.932588][ T7439] BTRFS info (device loop3): using free-space-tree
[  371.037324][ T7446] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  371.259537][ T7439] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  371.268703][ T7439] overlayfs: NFS export requires "redirect_dir=nofollow" on non-upper mount, falling back to nfs_export=off.
[  371.280699][ T7439] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  371.606712][ T5804] BTRFS info (device loop3): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  371.855901][ T7465] loop4: detected capacity change from 0 to 1024
[  372.070148][ T7465] hfsplus: bad catalog entry type
[  372.648660][ T5933] usb 4-1: new high-speed USB device number 16 using dummy_hcd
[  372.674568][ T3766] hfsplus: b-tree write err: -5, ino 4
[  372.848857][ T5933] usb 4-1: Using ep0 maxpacket: 32
[  372.933338][ T5933] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xA6, changing to 0x86
[  372.946451][ T5933] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x86 has an invalid bInterval 0, changing to 7
[  372.957847][ T5933] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x86 has invalid wMaxPacketSize 0
[  372.967986][ T5933] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x7 has an invalid bInterval 255, changing to 11
[  372.979481][ T5933] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid maxpacket 59391, setting to 1024
[  373.340686][ T5933] usb 4-1: New USB device found, idVendor=05ef, idProduct=020a, bcdDevice=91.36
[  373.351478][ T5933] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  373.359920][ T5933] usb 4-1: Product: syz
[  373.364299][ T5933] usb 4-1: Manufacturer: syz
[  373.369178][ T5933] usb 4-1: SerialNumber: syz
[  373.595095][ T5933] usb 4-1: config 0 descriptor??
[  374.066363][ T7482] loop4: detected capacity change from 0 to 32768
[  374.587033][ T5933] iforce 4-1:0.0: usb_submit_urb failed: -71
[  374.635458][ T5933] iforce 4-1:0.0: usb_submit_urb failed: -71
[  374.706759][ T5933] iforce 4-1:0.0: usb_submit_urb failed: -71
[  374.763288][ T5933] iforce 4-1:0.0: usb_submit_urb failed: -71
[  374.828787][ T5933] iforce 4-1:0.0: usb_submit_urb failed: -71
[  374.836282][ T5933] iforce 4-1:0.0: usb_submit_urb failed: -71
[  374.973213][ T7259] veth0_vlan: entered promiscuous mode
[  375.000773][ T5933] iforce 4-1:0.0: usb_submit_urb failed: -71
[  375.085937][ T5933] iforce 4-1:0.0: usb_submit_urb failed: -71
[  375.134389][ T5933] iforce 4-1:0.0: usb_submit_urb failed: -71
[  375.136017][ T7259] veth1_vlan: entered promiscuous mode
[  375.218451][ T5933] iforce 4-1:0.0: usb_submit_urb failed: -71
[  375.265782][ T5933] iforce 4-1:0.0: usb_submit_urb failed: -71
[  375.288126][ T5933] iforce 4-1:0.0: usb_submit_urb failed: -71
[  375.358115][ T5933] iforce 4-1:0.0: usb_submit_urb failed: -71
[  375.398637][ T5933] iforce 4-1:0.0: usb_submit_urb failed: -71
[  375.413800][ T5933] iforce 4-1:0.0: usb_submit_urb failed: -71
[  375.458320][ T5933] iforce 4-1:0.0: usb_submit_urb failed: -71
[  375.479801][ T5933] iforce 4-1:0.0: usb_submit_urb failed: -71
[  375.486119][ T5933] input input7: Timeout waiting for response from device.
[  375.650007][ T7259] veth0_macvtap: entered promiscuous mode
[  375.720697][ T5933] usb 4-1: USB disconnect, device number 16
[  375.768516][ T7259] veth1_macvtap: entered promiscuous mode
[  376.137476][ T7259] batman_adv: batadv0: Interface activated: batadv_slave_0
[  376.367100][ T7259] batman_adv: batadv0: Interface activated: batadv_slave_1
[  376.529116][ T1026] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  376.657498][ T1026] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  376.689565][ T7501] loop2: detected capacity change from 0 to 1024
[  376.715797][ T1026] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  376.815416][ T1150] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  377.990648][ T7509] loop3: detected capacity change from 0 to 32768
[  378.026921][ T7509] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.374 (7509)
[  378.059959][ T7509] BTRFS info (device loop3): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  378.070823][ T7509] BTRFS info (device loop3): using blake2b (blake2b-256-generic) checksum algorithm
[  378.084399][ T7509] BTRFS info (device loop3): using free-space-tree
[  378.405502][ T1150] hfsplus: b-tree write err: -5, ino 4
[  378.533057][ T7509] overlayfs: missing 'lowerdir'
[  378.830479][ T5804] BTRFS info (device loop3): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  378.926200][ T7536] FAULT_INJECTION: forcing a failure.
[  378.926200][ T7536] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  378.941254][ T7536] CPU: 0 UID: 0 PID: 7536 Comm: syz.2.377 Tainted: G        W           6.17.0-rc1-syzkaller-00038-g0cc53520e68b #0 PREEMPT(none) 
[  378.941431][ T7536] Tainted: [W]=WARN
[  378.941477][ T7536] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  378.941555][ T7536] Call Trace:
[  378.941601][ T7536]  <TASK>
[  378.941650][ T7536]  __dump_stack+0x26/0x30
[  378.941813][ T7536]  dump_stack_lvl+0x1df/0x270
[  378.941980][ T7536]  dump_stack+0x1e/0x25
[  378.942125][ T7536]  should_fail_ex+0x7dc/0x8a0
[  378.942361][ T7536]  should_fail+0x2a/0x40
[  378.942548][ T7536]  should_fail_usercopy+0x2e/0x40
[  378.942693][ T7536]  _copy_from_user+0x33/0x100
[  378.942848][ T7536]  do_sock_getsockopt+0x1d0/0x580
[  378.943064][ T7536]  __x64_sys_getsockopt+0x32e/0x520
[  378.943235][ T7536]  ? kmsan_save_stack_with_flags+0x30/0x60
[  378.943490][ T7536]  ? kmsan_save_stack_with_flags+0x30/0x60
[  378.943693][ T7536]  x64_sys_call+0x36e0/0x3e20
[  378.943863][ T7536]  do_syscall_64+0xd9/0x210
[  378.944012][ T7536]  ? irqentry_exit+0x16/0x60
[  378.944149][ T7536]  ? clear_bhb_loop+0x40/0x90
[  378.944289][ T7536]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  378.944428][ T7536] RIP: 0033:0x7efd3898ebe9
[  378.944526][ T7536] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  378.944642][ T7536] RSP: 002b:00007efd397a7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  378.944767][ T7536] RAX: ffffffffffffffda RBX: 00007efd38bb5fa0 RCX: 00007efd3898ebe9
[  378.944861][ T7536] RDX: 0000000000000076 RSI: 0000000000000084 RDI: 0000000000000004
[  378.944942][ T7536] RBP: 00007efd397a7090 R08: 0000200000000000 R09: 0000000000000000
[  378.945028][ T7536] R10: 0000200000000840 R11: 0000000000000246 R12: 0000000000000001
[  378.945111][ T7536] R13: 00007efd38bb6038 R14: 00007efd38bb5fa0 R15: 00007ffe8ae5d6f8
[  378.945240][ T7536]  </TASK>
[  379.976505][ T7542] openvswitch: netlink: Tunnel attr 50 out of range max 16
[  380.235821][ T7540] afs: Unknown parameter 'šo'
[  380.426548][ T7540] loop2: detected capacity change from 0 to 64
[  380.511432][ T7540] hfs: Bad value for 'uid'
[  380.676394][ T7553] netlink: 'syz.3.381': attribute type 11 has an invalid length.
[  381.905688][ T7564] loop2: detected capacity change from 0 to 1024
[  382.188326][ T5933] usb 5-1: new high-speed USB device number 22 using dummy_hcd
[  382.237697][ T7566] loop3: detected capacity change from 0 to 2048
[  382.439690][ T5933] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  382.452530][ T5933] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  382.467475][ T5933] usb 5-1: New USB device found, idVendor=28de, idProduct=1142, bcdDevice= 0.00
[  382.477015][ T5933] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  382.491297][ T5933] usb 5-1: config 0 descriptor??
[  382.505119][ T5862] usb 3-1: new high-speed USB device number 15 using dummy_hcd
[  382.543281][ T7566] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  382.768315][ T5862] usb 3-1: Using ep0 maxpacket: 16
[  382.831842][ T5862] usb 3-1: config 0 has an invalid interface number: 1 but max is 0
[  382.840789][ T5862] usb 3-1: config 0 has no interface number 0
[  382.847224][ T5862] usb 3-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  382.859208][ T5862] usb 3-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  382.870263][ T5862] usb 3-1: New USB device found, idVendor=28bd, idProduct=0071, bcdDevice= 0.00
[  382.879675][ T5862] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  383.063925][ T5933] hid-steam 0003:28DE:1142.0014: hidraw0: USB HID v0.00 Device [HID 28de:1142] on usb-dummy_hcd.4-1/input0
[  383.221071][ T7582] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=4294967294 (8589934588 ns) > initial count (120 ns). Using initial count to start timer.
[  383.242101][ T5862] usb 3-1: config 0 descriptor??
[  383.253367][ T3836] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  383.368480][ T3836] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  383.382462][ T3836] EXT4-fs (loop3): This should not happen!! Data will be lost
[  383.382462][ T3836] 
[  383.392740][ T3836] EXT4-fs (loop3): Total free blocks count 0
[  383.399212][ T3836] EXT4-fs (loop3): Free/Dirty block details
[  383.405599][ T3836] EXT4-fs (loop3): free_blocks=2415919104
[  383.411970][ T3836] EXT4-fs (loop3): dirty_blocks=48
[  383.417442][ T3836] EXT4-fs (loop3): Block reservation details
[  383.423878][ T3836] EXT4-fs (loop3): i_reserved_data_blocks=3
[  383.711177][ T5933] usb 5-1: USB disconnect, device number 22
[  383.869361][ T1026] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 159 with max blocks 1 with error 28
[  384.112989][ T7584] fido_id[7584]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.4/usb5/report_descriptor': No such file or directory
[  384.820537][ T7598] netlink: 60 bytes leftover after parsing attributes in process `syz.0.388'.
[  384.963992][ T7597] netlink: 60 bytes leftover after parsing attributes in process `syz.0.388'.
[  385.374535][ T5862] usbhid 3-1:0.1: can't add hid device: -71
[  385.381380][ T5862] usbhid 3-1:0.1: probe with driver usbhid failed with error -71
[  385.389725][ T7592] loop3: detected capacity change from 0 to 32768
[  385.410442][ T7592] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.387 (7592)
[  385.436697][ T7592] BTRFS info (device loop3): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  385.447360][ T7592] BTRFS info (device loop3): using blake2b (blake2b-256-generic) checksum algorithm
[  385.457849][ T7592] BTRFS info (device loop3): using free-space-tree
[  385.497257][ T5862] usb 3-1: USB disconnect, device number 15
[  385.598732][   T30] kauditd_printk_skb: 61 callbacks suppressed
[  385.598809][   T30] audit: type=1326 audit(1755200603.395:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7601 comm="syz.4.389" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f49b998ebe9 code=0x0
[  385.682896][ T3766] hfsplus: b-tree write err: -5, ino 4
[  385.859515][ T7592] overlayfs: missing 'lowerdir'
[  386.111586][ T7623] openvswitch: netlink: Tunnel attr 50 out of range max 16
[  386.179862][ T5804] BTRFS info (device loop3): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  386.871328][ T7638] FAULT_INJECTION: forcing a failure.
[  386.871328][ T7638] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  386.884913][ T7638] CPU: 0 UID: 0 PID: 7638 Comm: syz.3.392 Tainted: G        W           6.17.0-rc1-syzkaller-00038-g0cc53520e68b #0 PREEMPT(none) 
[  386.885089][ T7638] Tainted: [W]=WARN
[  386.885138][ T7638] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  386.885215][ T7638] Call Trace:
[  386.885261][ T7638]  <TASK>
[  386.885307][ T7638]  __dump_stack+0x26/0x30
[  386.885472][ T7638]  dump_stack_lvl+0x1df/0x270
[  386.885640][ T7638]  dump_stack+0x1e/0x25
[  386.885786][ T7638]  should_fail_ex+0x7dc/0x8a0
[  386.885992][ T7638]  should_fail+0x2a/0x40
[  386.886155][ T7638]  should_fail_usercopy+0x2e/0x40
[  386.886281][ T7638]  _copy_to_user+0x35/0x120
[  386.886413][ T7638]  simple_read_from_buffer+0x1b2/0x340
[  386.886586][ T7638]  proc_fail_nth_read+0x1e0/0x2d0
[  386.886730][ T7638]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  386.886858][ T7638]  vfs_read+0x279/0xf90
[  386.886997][ T7638]  ? stack_depot_save_flags+0x35/0x7b0
[  386.887159][ T7638]  ? kmsan_get_metadata+0xfb/0x160
[  386.887306][ T7638]  ? kmsan_internal_set_shadow_origin+0x79/0x110
[  386.887449][ T7638]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  386.887612][ T7638]  __x64_sys_read+0x1fb/0x4d0
[  386.887778][ T7638]  x64_sys_call+0x2f9c/0x3e20
[  386.887945][ T7638]  do_syscall_64+0xd9/0x210
[  386.888131][ T7638]  ? irqentry_exit+0x16/0x60
[  386.888265][ T7638]  ? clear_bhb_loop+0x40/0x90
[  386.888403][ T7638]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  386.888538][ T7638] RIP: 0033:0x7f1983b8d5fc
[  386.888652][ T7638] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  386.888771][ T7638] RSP: 002b:00007f1984ab0030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  386.888901][ T7638] RAX: ffffffffffffffda RBX: 00007f1983db6090 RCX: 00007f1983b8d5fc
[  386.889008][ T7638] RDX: 000000000000000f RSI: 00007f1984ab00a0 RDI: 0000000000000004
[  386.889095][ T7638] RBP: 00007f1984ab0090 R08: 0000000000000000 R09: 0000000000000000
[  386.889183][ T7638] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  386.889265][ T7638] R13: 00007f1983db6128 R14: 00007f1983db6090 R15: 00007ffee6e81d38
[  386.889397][ T7638]  </TASK>
[  387.693144][ T1026] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  387.701506][ T1026] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  388.148468][ T7647] netlink: 8 bytes leftover after parsing attributes in process `syz.3.396'.
[  388.409597][ T7653] netlink: 32 bytes leftover after parsing attributes in process `syz.0.398'.
[  388.461026][ T7653] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.398'.
[  389.039209][ T7656] loop3: detected capacity change from 0 to 512
[  389.133525][ T3766] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  389.226944][ T7656] EXT4-fs warning (device loop3): ext4_enable_quotas:7168: Failed to enable quota tracking (type=0, err=-13, ino=3). Please run e2fsck to fix.
[  389.360416][ T7656] EXT4-fs (loop3): mount failed
[  389.385621][ T3766] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  389.683741][ T3766] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  389.927112][ T3766] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  390.531261][ T3766] bridge_slave_1: left allmulticast mode
[  390.537139][ T3766] bridge_slave_1: left promiscuous mode
[  390.543963][ T3766] bridge0: port 2(bridge_slave_1) entered disabled state
[  390.601483][ T3766] bridge_slave_0: left allmulticast mode
[  390.607342][ T3766] bridge_slave_0: left promiscuous mode
[  390.614216][ T3766] bridge0: port 1(bridge_slave_0) entered disabled state
[  391.221674][ T3766] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  391.277426][ T3766] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  391.304518][ T3766] bond0 (unregistering): Released all slaves
[  391.807197][ T7690] loop3: detected capacity change from 0 to 16
[  391.935161][ T7690] erofs (device loop3): mounted with root inode @ nid 36.
[  392.064640][ T7692] loop2: detected capacity change from 0 to 8
[  392.090946][ T7689] openvswitch: netlink: Tunnel attr 50 out of range max 16
[  392.337806][ T7692] SQUASHFS error: zlib decompression failed, data probably corrupt
[  392.346114][ T7692] SQUASHFS error: Failed to read block 0x4e8: -5
[  392.363579][   T30] audit: type=1800 audit(1755200610.155:105): pid=7692 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.404" name="file1" dev="loop2" ino=5 res=0 errno=0
[  392.489263][ T3766] hsr_slave_0: left promiscuous mode
[  392.519245][ T3766] hsr_slave_1: left promiscuous mode
[  392.527284][ T3766] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  392.535650][ T3766] batman_adv: batadv0: Removing interface: batadv_slave_0
[  392.690633][ T3766] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  392.698443][ T3766] batman_adv: batadv0: Removing interface: batadv_slave_1
[  392.889042][ T3766] veth1_macvtap: left promiscuous mode
[  392.894849][ T3766] veth0_macvtap: left promiscuous mode
[  392.901190][ T3766] veth1_vlan: left promiscuous mode
[  392.906721][ T3766] veth0_vlan: left promiscuous mode
[  393.435609][ T5101] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  393.456332][ T7711] loop2: detected capacity change from 0 to 64
[  393.503520][ T5101] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  393.538501][ T5101] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  393.565220][ T5101] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  393.586387][ T5101] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  393.935002][ T3766] team0 (unregistering): Port device team_slave_1 removed
[  394.010074][ T3766] team0 (unregistering): Port device team_slave_0 removed
[  394.222479][ T7713] netlink: 32 bytes leftover after parsing attributes in process `syz.0.411'.
[  394.234003][ T7714] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.411'.
[  394.428105][ T7709] virt_wifi0 speed is unknown, defaulting to 1000
[  395.129465][ T7724] ieee802154 phy0 wpan0: encryption failed: -22
[  395.469472][ T7730] loop3: detected capacity change from 0 to 8
[  395.654419][ T5101] Bluetooth: hci4: command tx timeout
[  396.422009][ T7744] openvswitch: netlink: Tunnel attr 50 out of range max 16
[  397.106683][ T7709] chnl_net:caif_netlink_parms(): no params data found
[  397.284199][ T7762] netlink: 32 bytes leftover after parsing attributes in process `syz.2.424'.
[  397.324845][ T7762] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.424'.
[  397.731088][ T5101] Bluetooth: hci4: command tx timeout
[  397.936295][ T7771] loop2: detected capacity change from 0 to 512
[  397.955946][ T7773] FAULT_INJECTION: forcing a failure.
[  397.955946][ T7773] name failslab, interval 1, probability 0, space 0, times 0
[  397.969431][ T7773] CPU: 0 UID: 0 PID: 7773 Comm: syz.3.426 Tainted: G        W           6.17.0-rc1-syzkaller-00038-g0cc53520e68b #0 PREEMPT(none) 
[  397.969602][ T7773] Tainted: [W]=WARN
[  397.969653][ T7773] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  397.969730][ T7773] Call Trace:
[  397.969776][ T7773]  <TASK>
[  397.969820][ T7773]  __dump_stack+0x26/0x30
[  397.969985][ T7773]  dump_stack_lvl+0x1df/0x270
[  397.970146][ T7773]  dump_stack+0x1e/0x25
[  397.970291][ T7773]  should_fail_ex+0x7dc/0x8a0
[  397.970488][ T7773]  should_failslab+0x15b/0x200
[  397.970655][ T7773]  __kmalloc_noprof+0x182/0x1310
[  397.970817][ T7773]  ? tomoyo_realpath_from_path+0xeb/0x9f0
[  397.970978][ T7773]  ? tomoyo_path_number_perm+0xb1/0x7d0
[  397.971165][ T7773]  ? filter_irq_stacks+0x49/0x190
[  397.971343][ T7773]  ? kmsan_get_metadata+0xfb/0x160
[  397.971513][ T7773]  tomoyo_realpath_from_path+0xeb/0x9f0
[  397.971729][ T7773]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  397.971898][ T7773]  ? __srcu_read_lock+0x5e/0xd0
[  397.972066][ T7773]  tomoyo_path_number_perm+0x1d0/0x7d0
[  397.972284][ T7773]  ? stack_depot_save_flags+0x35/0x7b0
[  397.972515][ T7773]  ? kmsan_get_metadata+0xfb/0x160
[  397.972692][ T7773]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  397.972915][ T7773]  tomoyo_file_ioctl+0x3d/0x50
[  397.973125][ T7773]  security_file_ioctl+0x141/0x590
[  397.973348][ T7773]  __se_sys_ioctl+0xbb/0x400
[  397.973535][ T7773]  __x64_sys_ioctl+0x97/0xe0
[  397.973680][ T7773]  x64_sys_call+0x1cbc/0x3e20
[  397.973849][ T7773]  do_syscall_64+0xd9/0x210
[  397.974000][ T7773]  ? irqentry_exit+0x16/0x60
[  397.974136][ T7773]  ? clear_bhb_loop+0x40/0x90
[  397.974274][ T7773]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  397.974410][ T7773] RIP: 0033:0x7f1983b8ebe9
[  397.974505][ T7773] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  397.974618][ T7773] RSP: 002b:00007f1984ad1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  397.974742][ T7773] RAX: ffffffffffffffda RBX: 00007f1983db5fa0 RCX: 00007f1983b8ebe9
[  397.974833][ T7773] RDX: 0000000000000000 RSI: 0000000000007001 RDI: 0000000000000004
[  397.974907][ T7773] RBP: 00007f1984ad1090 R08: 0000000000000000 R09: 0000000000000000
[  397.974985][ T7773] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  397.975061][ T7773] R13: 00007f1983db6038 R14: 00007f1983db5fa0 R15: 00007ffee6e81d38
[  397.975179][ T7773]  </TASK>
[  397.975231][ T7773] ERROR: Out of memory at tomoyo_realpath_from_path.
[  398.053490][ T7771] EXT4-fs: Ignoring removed oldalloc option
[  398.488047][ T7771] EXT4-fs error (device loop2): ext4_xattr_inode_iget:433: comm syz.2.427: Parent and EA inode have the same ino 15
[  398.528486][ T7771] EXT4-fs (loop2): 1 orphan inode deleted
[  398.536557][ T7771] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  398.666568][ T7781] netlink: 8 bytes leftover after parsing attributes in process `syz.4.428'.
[  399.063628][ T5806] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  399.162660][ T7709] bridge0: port 1(bridge_slave_0) entered blocking state
[  399.170420][ T7709] bridge0: port 1(bridge_slave_0) entered disabled state
[  399.178356][ T7709] bridge_slave_0: entered allmulticast mode
[  399.187397][ T7709] bridge_slave_0: entered promiscuous mode
[  399.347399][ T7709] bridge0: port 2(bridge_slave_1) entered blocking state
[  399.356002][ T7709] bridge0: port 2(bridge_slave_1) entered disabled state
[  399.367019][ T7709] bridge_slave_1: entered allmulticast mode
[  399.407993][ T7709] bridge_slave_1: entered promiscuous mode
[  399.700845][ T7796] openvswitch: netlink: Tunnel attr 50 out of range max 16
[  399.798243][ T7709] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  399.817922][ T5101] Bluetooth: hci4: command tx timeout
[  399.937997][ T7709] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  400.223085][ T7709] team0: Port device team_slave_0 added
[  400.319039][ T7709] team0: Port device team_slave_1 added
[  400.488413][ T5933] usb 4-1: new high-speed USB device number 17 using dummy_hcd
[  400.506043][ T7804] netlink: 32 bytes leftover after parsing attributes in process `syz.4.437'.
[  400.524190][ T7709] batman_adv: batadv0: Adding interface: batadv_slave_0
[  400.531816][ T7709] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  400.558218][    C1] vkms_vblank_simulate: vblank timer overrun
[  400.565648][ T7709] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  400.594721][ T7709] batman_adv: batadv0: Adding interface: batadv_slave_1
[  400.602311][ T7709] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  400.628573][    C1] vkms_vblank_simulate: vblank timer overrun
[  400.634801][ T7709] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  400.671335][ T7804] netlink: 16402 bytes leftover after parsing attributes in process `syz.4.437'.
[  400.705977][ T5933] usb 4-1: Using ep0 maxpacket: 32
[  400.750682][ T5933] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  400.762154][ T5933] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  400.772516][ T5933] usb 4-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00
[  400.782053][ T5933] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  400.795505][ T7805] netlink: 8 bytes leftover after parsing attributes in process `syz.4.437'.
[  400.828668][ T5933] usb 4-1: config 0 descriptor??
[  400.943512][ T7709] hsr_slave_0: entered promiscuous mode
[  400.958038][ T7709] hsr_slave_1: entered promiscuous mode
[  400.966633][ T7709] debugfs: 'hsr0' already exists in 'hsr'
[  400.973725][ T7709] Cannot create hsr debugfs directory
[  401.068997][ T5933] usbhid 4-1:0.0: can't add hid device: -71
[  401.075877][ T5933] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[  401.166113][ T5933] usb 4-1: USB disconnect, device number 17
[  401.888013][ T5101] Bluetooth: hci4: command tx timeout
[  402.103886][ T7822] netlink: 52 bytes leftover after parsing attributes in process `syz.3.441'.
[  403.078360][ T7836] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  403.230330][ T7709] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  403.302061][ T7709] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  403.372746][ T7842] openvswitch: netlink: Tunnel attr 50 out of range max 16
[  403.383163][ T7709] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  403.488888][ T7709] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  403.911427][ T7849] netlink: 52 bytes leftover after parsing attributes in process `syz.2.448'.
[  403.921585][ T7849] bridge0: port 2(bridge_slave_1) entered disabled state
[  403.931424][ T7849] bridge0: port 1(bridge_slave_0) entered disabled state
[  404.135934][ T7854] loop3: detected capacity change from 0 to 128
[  404.785780][ T7859] program syz.0.452 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  404.891337][ T7709] 8021q: adding VLAN 0 to HW filter on device bond0
[  405.119916][ T7709] 8021q: adding VLAN 0 to HW filter on device team0
[  405.224972][ T1150] bridge0: port 1(bridge_slave_0) entered blocking state
[  405.232805][ T1150] bridge0: port 1(bridge_slave_0) entered forwarding state
[  405.248618][ T5854] usb 4-1: new high-speed USB device number 18 using dummy_hcd
[  405.354040][ T1150] bridge0: port 2(bridge_slave_1) entered blocking state
[  405.361657][ T1150] bridge0: port 2(bridge_slave_1) entered forwarding state
[  405.489083][ T5854] usb 4-1: Using ep0 maxpacket: 8
[  405.526551][ T5854] usb 4-1: unable to get BOS descriptor or descriptor too short
[  405.570891][ T7866] netlink: 52 bytes leftover after parsing attributes in process `syz.0.455'.
[  405.630522][ T5854] usb 4-1: config 7 has an invalid interface number: 252 but max is 0
[  405.639356][ T5854] usb 4-1: config 7 contains an unexpected descriptor of type 0x2, skipping
[  405.648497][ T5854] usb 4-1: config 7 has an invalid descriptor of length 125, skipping remainder of the config
[  405.659098][ T5854] usb 4-1: config 7 has no interface number 0
[  405.665378][ T5854] usb 4-1: config 7 interface 252 altsetting 9 has a duplicate endpoint with address 0x9, skipping
[  405.676520][ T5854] usb 4-1: config 7 interface 252 altsetting 9 endpoint 0xF has invalid maxpacket 1024, setting to 64
[  405.688234][ T5854] usb 4-1: config 7 interface 252 altsetting 9 has a duplicate endpoint with address 0x7, skipping
[  405.699276][ T5854] usb 4-1: config 7 interface 252 altsetting 9 endpoint 0xB has invalid maxpacket 1024, setting to 64
[  405.710775][ T5854] usb 4-1: config 7 interface 252 altsetting 9 has 6 endpoint descriptors, different from the interface descriptor's value: 11
[  405.724686][ T5854] usb 4-1: config 7 interface 252 has no altsetting 0
[  405.801790][ T7709] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  405.813139][ T7709] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  406.131681][ T5854] usb 4-1: New USB device found, idVendor=0856, idProduct=ac29, bcdDevice=63.d5
[  406.141452][ T5854] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  406.149819][ T5854] usb 4-1: Product: syz
[  406.154184][ T5854] usb 4-1: Manufacturer: syz
[  406.159274][ T5854] usb 4-1: SerialNumber: syz
[  406.597809][ T7875] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  406.720919][ T5854] mos7840 4-1:7.252: required endpoints missing
[  406.829824][ T5854] usb 4-1: USB disconnect, device number 18
[  407.418741][ T7884] openvswitch: netlink: Tunnel attr 50 out of range max 16
[  407.838009][ T7893] loop3: detected capacity change from 0 to 128
[  408.033079][ T7709] 8021q: adding VLAN 0 to HW filter on device batadv0
[  408.109937][ T7896] FAULT_INJECTION: forcing a failure.
[  408.109937][ T7896] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  408.123511][ T7896] CPU: 1 UID: 0 PID: 7896 Comm: syz.0.464 Tainted: G        W           6.17.0-rc1-syzkaller-00038-g0cc53520e68b #0 PREEMPT(none) 
[  408.123687][ T7896] Tainted: [W]=WARN
[  408.123734][ T7896] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  408.123809][ T7896] Call Trace:
[  408.123854][ T7896]  <TASK>
[  408.123902][ T7896]  __dump_stack+0x26/0x30
[  408.124063][ T7896]  dump_stack_lvl+0x1df/0x270
[  408.124251][ T7896]  dump_stack+0x1e/0x25
[  408.124408][ T7896]  should_fail_ex+0x7dc/0x8a0
[  408.124619][ T7896]  should_fail+0x2a/0x40
[  408.124797][ T7896]  should_fail_usercopy+0x2e/0x40
[  408.124933][ T7896]  _copy_from_iter+0x1ba/0x3350
[  408.125112][ T7896]  ? kmsan_get_metadata+0xfb/0x160
[  408.125262][ T7896]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  408.125418][ T7896]  ? kmsan_get_metadata+0xfb/0x160
[  408.125563][ T7896]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  408.125752][ T7896]  netlink_sendmsg+0xc64/0x1250
[  408.125926][ T7896]  ? __pfx_netlink_sendmsg+0x10/0x10
[  408.126063][ T7896]  ? __pfx_netlink_sendmsg+0x10/0x10
[  408.126207][ T7896]  __sock_sendmsg+0x333/0x3d0
[  408.126381][ T7896]  ____sys_sendmsg+0x7e0/0xd80
[  408.126559][ T7896]  ___sys_sendmsg+0x271/0x3b0
[  408.126735][ T7896]  ? __rcu_read_unlock+0x6d/0xd0
[  408.126867][ T7896]  ? __fget_files+0x3b4/0x4a0
[  408.127030][ T7896]  ? __fget_files+0x3b9/0x4a0
[  408.127193][ T7896]  ? kmsan_get_metadata+0xfb/0x160
[  408.127340][ T7896]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  408.127502][ T7896]  __x64_sys_sendmsg+0x211/0x3e0
[  408.127650][ T7896]  ? kmsan_get_metadata+0xfb/0x160
[  408.127826][ T7896]  x64_sys_call+0x1dfd/0x3e20
[  408.127987][ T7896]  do_syscall_64+0xd9/0x210
[  408.128130][ T7896]  ? irqentry_exit+0x16/0x60
[  408.128257][ T7896]  ? clear_bhb_loop+0x40/0x90
[  408.128389][ T7896]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  408.128519][ T7896] RIP: 0033:0x7f6bf338ebe9
[  408.128613][ T7896] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  408.128736][ T7896] RSP: 002b:00007f6bf4116038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  408.128857][ T7896] RAX: ffffffffffffffda RBX: 00007f6bf35b5fa0 RCX: 00007f6bf338ebe9
[  408.128950][ T7896] RDX: 0000000000000000 RSI: 00002000000035c0 RDI: 0000000000000003
[  408.129030][ T7896] RBP: 00007f6bf4116090 R08: 0000000000000000 R09: 0000000000000000
[  408.129110][ T7896] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  408.129185][ T7896] R13: 00007f6bf35b6038 R14: 00007f6bf35b5fa0 R15: 00007ffd16bd7048
[  408.129305][ T7896]  </TASK>
[  408.383084][    C1] vkms_vblank_simulate: vblank timer overrun
[  409.273335][ T7909] netlink: 52 bytes leftover after parsing attributes in process `syz.0.467'.
[  409.380640][ T7913] loop4: detected capacity change from 0 to 512
[  409.435759][ T7913] EXT4-fs: Ignoring removed oldalloc option
[  409.588110][ T7913] EXT4-fs (loop4): 1 truncate cleaned up
[  409.610270][ T7913] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  410.079948][ T5101] Bluetooth: hci3: ACL packet for unknown connection handle 200
[  410.783996][ T5813] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  410.831840][ T7937] loop2: detected capacity change from 0 to 2048
[  410.980015][ T7937] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  411.309220][ T7948] openvswitch: netlink: Tunnel attr 50 out of range max 16
[  411.319636][ T7951] FAULT_INJECTION: forcing a failure.
[  411.319636][ T7951] name failslab, interval 1, probability 0, space 0, times 0
[  411.332739][ T7951] CPU: 1 UID: 0 PID: 7951 Comm: syz.3.475 Tainted: G        W           6.17.0-rc1-syzkaller-00038-g0cc53520e68b #0 PREEMPT(none) 
[  411.332930][ T7951] Tainted: [W]=WARN
[  411.332981][ T7951] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  411.333067][ T7951] Call Trace:
[  411.333119][ T7951]  <TASK>
[  411.333172][ T7951]  __dump_stack+0x26/0x30
[  411.333362][ T7951]  dump_stack_lvl+0x1df/0x270
[  411.333562][ T7951]  dump_stack+0x1e/0x25
[  411.333705][ T7951]  should_fail_ex+0x7dc/0x8a0
[  411.333902][ T7951]  should_failslab+0x15b/0x200
[  411.334063][ T7951]  __kmalloc_noprof+0x182/0x1310
[  411.334224][ T7951]  ? tomoyo_realpath_from_path+0xeb/0x9f0
[  411.334390][ T7951]  ? tomoyo_path_number_perm+0xb1/0x7d0
[  411.334574][ T7951]  ? filter_irq_stacks+0x49/0x190
[  411.334755][ T7951]  ? kmsan_get_metadata+0xfb/0x160
[  411.334916][ T7951]  tomoyo_realpath_from_path+0xeb/0x9f0
[  411.335073][ T7951]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  411.335232][ T7951]  ? __srcu_read_lock+0x5e/0xd0
[  411.335396][ T7951]  tomoyo_path_number_perm+0x1d0/0x7d0
[  411.335586][ T7951]  ? stack_depot_save_flags+0x35/0x7b0
[  411.335780][ T7951]  ? kmsan_get_metadata+0xfb/0x160
[  411.335924][ T7951]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  411.336118][ T7951]  tomoyo_file_ioctl+0x3d/0x50
[  411.336277][ T7951]  security_file_ioctl+0x141/0x590
[  411.336472][ T7951]  __se_sys_ioctl+0xbb/0x400
[  411.336619][ T7951]  __x64_sys_ioctl+0x97/0xe0
[  411.336763][ T7951]  x64_sys_call+0x1cbc/0x3e20
[  411.336933][ T7951]  do_syscall_64+0xd9/0x210
[  411.337082][ T7951]  ? irqentry_exit+0x16/0x60
[  411.337214][ T7951]  ? clear_bhb_loop+0x40/0x90
[  411.337358][ T7951]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  411.337495][ T7951] RIP: 0033:0x7f1983b8ebe9
[  411.337587][ T7951] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  411.337695][ T7951] RSP: 002b:00007f1984ad1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  411.337815][ T7951] RAX: ffffffffffffffda RBX: 00007f1983db5fa0 RCX: 00007f1983b8ebe9
[  411.337909][ T7951] RDX: 00002000000004c0 RSI: 0000000000008911 RDI: 0000000000000004
[  411.337991][ T7951] RBP: 00007f1984ad1090 R08: 0000000000000000 R09: 0000000000000000
[  411.338071][ T7951] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  411.338146][ T7951] R13: 00007f1983db6038 R14: 00007f1983db5fa0 R15: 00007ffee6e81d38
[  411.338267][ T7951]  </TASK>
[  411.579127][    C1] vkms_vblank_simulate: vblank timer overrun
[  411.586240][ T7951] ERROR: Out of memory at tomoyo_realpath_from_path.
[  411.818005][ T2981] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  411.860510][ T2981] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  411.873437][ T2981] EXT4-fs (loop2): This should not happen!! Data will be lost
[  411.873437][ T2981] 
[  411.883707][ T2981] EXT4-fs (loop2): Total free blocks count 0
[  411.890022][ T2981] EXT4-fs (loop2): Free/Dirty block details
[  411.896168][ T2981] EXT4-fs (loop2): free_blocks=2415919104
[  411.902162][ T2981] EXT4-fs (loop2): dirty_blocks=32
[  411.907690][ T2981] EXT4-fs (loop2): Block reservation details
[  411.916574][ T2981] EXT4-fs (loop2): i_reserved_data_blocks=2
[  411.936521][ T4705] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 65793 with max blocks 1 with error 28
[  412.373431][ T7709] veth0_vlan: entered promiscuous mode
[  412.484702][ T7709] veth1_vlan: entered promiscuous mode
[  412.762121][ T7709] veth0_macvtap: entered promiscuous mode
[  412.810973][ T7709] veth1_macvtap: entered promiscuous mode
[  412.918739][ T7968] netlink: 80 bytes leftover after parsing attributes in process `syz.3.479'.
[  412.932644][ T7968] netlink: 80 bytes leftover after parsing attributes in process `syz.3.479'.
[  413.013979][ T7709] batman_adv: batadv0: Interface activated: batadv_slave_0
[  413.133910][ T7709] batman_adv: batadv0: Interface activated: batadv_slave_1
[  413.248728][ T4705] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  413.285907][ T4705] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  413.370519][ T4705] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  413.411627][ T4705] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  413.536399][ T7975] netlink: 52 bytes leftover after parsing attributes in process `syz.4.481'.
[  413.833586][ T1287] ieee802154 phy0 wpan0: encryption failed: -22
[  413.841226][ T1287] ieee802154 phy1 wpan1: encryption failed: -22
[  415.407230][ T7992] loop0: detected capacity change from 0 to 32768
[  415.465563][ T7994] loop4: detected capacity change from 0 to 32768
[  415.746177][ T7994] bcachefs (loop4): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,nojournal_transaction_names
[  415.746302][ T7994]   allowing incompatible features above 0.0: (unknown version)
[  415.746388][ T7994]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  415.787139][ T7994] bcachefs (loop4): Using encoding defined by superblock: utf8-12.1.0
[  415.795788][ T7994] bcachefs (loop4): initializing new filesystem
[  415.818230][ T7994] bcachefs (loop4): going read-write
[  416.269683][ T7994] bcachefs (loop4): marking superblocks
[  416.320165][ T7994] bcachefs (loop4): initializing freespace
[  416.354506][ T7994] bcachefs (loop4): done initializing freespace
[  416.360208][ T8010] openvswitch: netlink: Tunnel attr 50 out of range max 16
[  416.375180][ T7994] bcachefs (loop4): reading snapshots table
[  416.383336][ T7994] bcachefs (loop4): reading snapshots done
[  416.488771][ T7994] bcachefs (loop4): done starting filesystem
[  416.811964][ T5813] bcachefs (loop4): shutting down
[  416.817168][ T5813] bcachefs (loop4): going read-only
[  416.822914][ T5813] bcachefs (loop4): finished waiting for writes to stop
[  416.957864][ T5813] bcachefs (loop4): flushing journal and stopping allocators, journal seq 4
[  417.177987][ T5854] usb 3-1: new full-speed USB device number 16 using dummy_hcd
[  417.319585][ T5813] bcachefs (loop4): flushing journal and stopping allocators complete, journal seq 4
[  417.402678][ T5854] usb 3-1: config 0 has an invalid interface number: 64 but max is 0
[  417.411230][ T5854] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  417.421796][ T5854] usb 3-1: config 0 has no interface number 0
[  417.428926][ T8023] netlink: 8 bytes leftover after parsing attributes in process `syz.3.491'.
[  417.486831][ T5813] bcachefs (loop4): clean shutdown complete, journal seq 5
[  417.524980][ T5854] usb 3-1: New USB device found, idVendor=046d, idProduct=0823, bcdDevice=39.48
[  417.534451][ T5854] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  417.544240][ T5854] usb 3-1: Product: syz
[  417.548741][ T5854] usb 3-1: Manufacturer: syz
[  417.553520][ T5854] usb 3-1: SerialNumber: syz
[  417.569947][ T5813] bcachefs (loop4): marking filesystem clean
[  417.688008][ T5854] usb 3-1: config 0 descriptor??
[  417.745136][ T5854] uvcvideo 3-1:0.64: probe with driver uvcvideo failed with error -22
[  417.813139][ T5813] bcachefs (loop4): shutdown complete
[  417.850768][ T5933] usb 4-1: new high-speed USB device number 19 using dummy_hcd
[  417.921849][ T8017] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  417.932438][ T8017] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  418.062495][ T5933] usb 4-1: too many configurations: 170, using maximum allowed: 8
[  418.131497][ T5933] usb 4-1: config 0 has an invalid descriptor of length 247, skipping remainder of the config
[  418.143269][ T5933] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  418.153595][ T5933] usb 4-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  418.253730][ T5854] usb 3-1: USB disconnect, device number 16
[  418.423608][ T5933] usb 4-1: config 0 has an invalid descriptor of length 247, skipping remainder of the config
[  418.434421][ T5933] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  418.443891][ T5933] usb 4-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  418.655991][ T5933] usb 4-1: config 0 has an invalid descriptor of length 247, skipping remainder of the config
[  418.666779][ T5933] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  418.676106][ T5933] usb 4-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  418.732610][ T5933] usb 4-1: config 0 has an invalid descriptor of length 247, skipping remainder of the config
[  418.744240][ T5933] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  418.754364][ T5933] usb 4-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  418.955818][ T5933] usb 4-1: config 0 has an invalid descriptor of length 247, skipping remainder of the config
[  418.966534][ T5933] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  418.975885][ T5933] usb 4-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  419.087149][ T5933] usb 4-1: config 0 has an invalid descriptor of length 247, skipping remainder of the config
[  419.098227][ T5933] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  419.107398][ T5933] usb 4-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  419.266053][ T5933] usb 4-1: config 0 has an invalid descriptor of length 247, skipping remainder of the config
[  419.277005][ T5933] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  419.287191][ T5933] usb 4-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  419.446260][   T30] audit: type=1326 audit(1755200637.235:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8031 comm="syz.0.492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6bf338ebe9 code=0x7ffc0000
[  419.495073][ T5933] usb 4-1: config 0 has an invalid descriptor of length 247, skipping remainder of the config
[  419.505799][ T5933] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  419.515143][ T5933] usb 4-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  419.615120][   T30] audit: type=1326 audit(1755200637.415:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8031 comm="syz.0.492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=242 compat=0 ip=0x7f6bf338ebe9 code=0x7ffc0000
[  419.638807][   T30] audit: type=1326 audit(1755200637.415:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8031 comm="syz.0.492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6bf338ebe9 code=0x7ffc0000
[  419.662268][   T30] audit: type=1326 audit(1755200637.415:109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8031 comm="syz.0.492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6bf338ebe9 code=0x7ffc0000
[  419.669360][ T8036] netlink: 52 bytes leftover after parsing attributes in process `syz.2.493'.
[  419.734622][ T5933] usb 4-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.00
[  419.744092][ T5933] usb 4-1: New USB device strings: Mfr=0, Product=200, SerialNumber=0
[  419.752983][ T5933] usb 4-1: Product: syz
[  419.840805][ T5933] usb 4-1: config 0 descriptor??
[  419.878992][ T5933] usbhid 4-1:0.0: couldn't find an input interrupt endpoint
[  420.300509][ T8032] loop0: detected capacity change from 0 to 4096
[  420.386295][ T8032] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512).
[  420.600923][ T8044] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  420.735302][ T8044] loop2: detected capacity change from 0 to 47
[  420.892804][ T8032] ntfs3(loop0): ino=19, mi_enum_attr
[  420.899564][ T8032] ntfs3(loop0): Mark volume as dirty due to NTFS errors
[  421.147948][   T30] audit: type=1326 audit(1755200638.945:110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8031 comm="syz.0.492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f6bf338ebe9 code=0x7ffc0000
[  421.969327][ T5854] usb 4-1: USB disconnect, device number 19
[  422.969427][ T1150] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  422.977471][ T1150] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  423.310638][ T2981] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  423.319162][ T2981] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  423.858207][   T30] audit: type=1326 audit(1755200641.655:111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8076 comm="syz.3.501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1983b8ebe9 code=0x7ffc0000
[  424.074794][   T30] audit: type=1326 audit(1755200641.715:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8076 comm="syz.3.501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1983b8ebe9 code=0x7ffc0000
[  424.097822][   T30] audit: type=1326 audit(1755200641.755:113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8076 comm="syz.3.501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1983b8ebe9 code=0x7ffc0000
[  424.102370][ T8075] loop2: detected capacity change from 0 to 32768
[  424.120944][   T30] audit: type=1326 audit(1755200641.765:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8076 comm="syz.3.501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1983b8ebe9 code=0x7ffc0000
[  424.150077][   T30] audit: type=1326 audit(1755200641.775:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8076 comm="syz.3.501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1983b8ebe9 code=0x7ffc0000
[  424.486816][   T30] kauditd_printk_skb: 22 callbacks suppressed
[  424.486889][   T30] audit: type=1326 audit(1755200642.275:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8076 comm="syz.3.501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1983b8ebe9 code=0x7ffc0000
[  424.525577][   T30] audit: type=1326 audit(1755200642.325:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8076 comm="syz.3.501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f1983b8ebe9 code=0x7ffc0000
[  424.550426][   T30] audit: type=1326 audit(1755200642.325:140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8076 comm="syz.3.501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1983b8ebe9 code=0x7ffc0000
[  424.573976][   T30] audit: type=1326 audit(1755200642.325:141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8076 comm="syz.3.501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1983b8ebe9 code=0x7ffc0000
[  424.596700][   T30] audit: type=1326 audit(1755200642.325:142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8076 comm="syz.3.501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f1983b8ebe9 code=0x7ffc0000
[  424.710896][   T30] audit: type=1326 audit(1755200642.425:143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8076 comm="syz.3.501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1983b8ebe9 code=0x7ffc0000
[  424.728167][ T5933] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  424.734848][   T30] audit: type=1326 audit(1755200642.425:144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8076 comm="syz.3.501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1983b8ebe9 code=0x7ffc0000
[  424.764931][   T30] audit: type=1326 audit(1755200642.455:145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8076 comm="syz.3.501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=440 compat=0 ip=0x7f1983b8ebe9 code=0x7ffc0000
[  424.788048][   T30] audit: type=1326 audit(1755200642.455:146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8076 comm="syz.3.501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1983b8ebe9 code=0x7ffc0000
[  424.811088][   T30] audit: type=1326 audit(1755200642.455:147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8076 comm="syz.3.501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1983b8ebe9 code=0x7ffc0000
[  425.023967][ T5933] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  425.035493][ T5933] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  425.046460][ T5933] usb 6-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00
[  425.056077][ T5933] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  425.114896][ T8075] bcachefs (loop2): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,nojournal_transaction_names
[  425.115028][ T8075]   allowing incompatible features above 0.0: (unknown version)
[  425.115117][ T8075]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  425.143253][ T5933] usb 6-1: config 0 descriptor??
[  425.180547][ T8075] bcachefs (loop2): Using encoding defined by superblock: utf8-12.1.0
[  425.189102][ T8075] bcachefs (loop2): initializing new filesystem
[  425.211925][ T8075] bcachefs (loop2): going read-write
[  425.265266][ T8075] bcachefs (loop2): marking superblocks
[  425.318164][ T8075] bcachefs (loop2): initializing freespace
[  425.348328][ T8075] bcachefs (loop2): done initializing freespace
[  425.371010][ T8075] bcachefs (loop2): reading snapshots table
[  425.377426][ T8075] bcachefs (loop2): reading snapshots done
[  425.485799][ T8075] bcachefs (loop2): done starting filesystem
[  425.533829][ T8098] sit0: entered promiscuous mode
[  425.554798][ T8098] netlink: 'syz.3.503': attribute type 1 has an invalid length.
[  425.562816][ T8098] netlink: 1 bytes leftover after parsing attributes in process `syz.3.503'.
[  425.597152][ T5933] cm6533_jd 0003:0D8C:0022.0015: unknown main item tag 0x0
[  425.605074][ T5933] cm6533_jd 0003:0D8C:0022.0015: unknown main item tag 0x0
[  425.612754][ T5933] cm6533_jd 0003:0D8C:0022.0015: unknown main item tag 0x0
[  425.620501][ T5933] cm6533_jd 0003:0D8C:0022.0015: unknown main item tag 0x0
[  425.628321][ T5933] cm6533_jd 0003:0D8C:0022.0015: unknown main item tag 0x0
[  425.945358][ T5933] cm6533_jd 0003:0D8C:0022.0015: hiddev0,hidraw0: USB HID v0.00 Device [HID 0d8c:0022] on usb-dummy_hcd.5-1/input0
[  426.122858][ T5933] usb 6-1: USB disconnect, device number 2
[  426.152324][ T5806] bcachefs (loop2): shutting down
[  426.157861][ T5806] bcachefs (loop2): going read-only
[  426.163258][ T5806] bcachefs (loop2): finished waiting for writes to stop
[  426.202114][ T5806] bcachefs (loop2): flushing journal and stopping allocators, journal seq 4
[  426.495294][ T5806] bcachefs (loop2): flushing journal and stopping allocators complete, journal seq 4
[  426.733123][ T5806] bcachefs (loop2): clean shutdown complete, journal seq 5
[  426.768201][ T8110] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  426.858252][ T8104] fido_id[8104]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.5/usb6/report_descriptor': No such file or directory
[  427.062660][ T5806] bcachefs (loop2): marking filesystem clean
[  427.076034][ T8109] loop3: detected capacity change from 0 to 16
[  427.145958][ T8107] netlink: 4 bytes leftover after parsing attributes in process `syz.0.505'.
[  427.260340][ T8109] erofs (device loop3): rootino(nid 36) is not a directory(i_mode 66300)
[  427.385850][ T5806] bcachefs (loop2): shutdown complete
[  427.416566][ T8109] capability: warning: `syz.3.506' uses deprecated v2 capabilities in a way that may be insecure
[  428.684973][ T8118] loop4: detected capacity change from 0 to 32768
[  428.725050][ T8116] loop3: detected capacity change from 0 to 2048
[  428.862583][ T8120] loop5: detected capacity change from 0 to 32768
[  428.872315][ T8120] XFS: ikeep mount option is deprecated.
[  428.889257][ T8116] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024)
[  428.956360][ T8126] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  429.018374][ T8120] XFS (loop5): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  429.787460][ T8120] XFS (loop5): Ending clean mount
[  429.803947][ T8120] XFS (loop5): Quotacheck needed: Please wait.
[  429.963230][ T8120] XFS (loop5): Quotacheck: Done.
[  430.156294][ T8138] loop0: detected capacity change from 0 to 1024
[  430.223843][ T7709] XFS (loop5): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  431.590681][ T8150] block nbd5: Device being setup by another task
[  431.654409][   T50] block nbd5: Receive control failed (result -107)
[  431.680030][ T8150] block nbd5: NBD_DISCONNECT
[  431.685062][ T8150] block nbd5: Send disconnect failed -22
[  432.080671][ T8148] loop3: detected capacity change from 0 to 32768
[  432.444923][ T8148] bcachefs (loop3): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,nojournal_transaction_names
[  432.445051][ T8148]   allowing incompatible features above 0.0: (unknown version)
[  432.445138][ T8148]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  432.484872][ T8148] bcachefs (loop3): Using encoding defined by superblock: utf8-12.1.0
[  432.493614][ T8148] bcachefs (loop3): initializing new filesystem
[  432.505693][ T8145] loop5: detected capacity change from 0 to 32768
[  432.516181][ T8148] bcachefs (loop3): going read-write
[  432.537334][ T8145] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.512 (8145)
[  432.576684][ T8145] BTRFS info (device loop5): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  432.588515][ T8145] BTRFS info (device loop5): using sha256 (sha256-lib) checksum algorithm
[  432.588604][ T8148] bcachefs (loop3): marking superblocks
[  432.603173][ T8145] BTRFS info (device loop5): using free-space-tree
[  432.637700][ T8148] bcachefs (loop3): initializing freespace
[  432.663916][ T8148] bcachefs (loop3): done initializing freespace
[  432.683773][ T8148] bcachefs (loop3): reading snapshots table
[  432.692383][ T8148] bcachefs (loop3): reading snapshots done
[  432.793157][ T8148] bcachefs (loop3): done starting filesystem
[  433.156646][ T2981] BTRFS warning (device loop5): checksum verify failed on logical 5332992 mirror 1 wanted 0x45c4daa94c2fee9c24887d4bee8f983cd8ca9d8901c4a5aa51fab9bc8d8bf5d6 found 0x35634bd048167273b2f4baa0b46421a5ce829daef47d389132c78956120c18e8 level 0
[  433.180564][ T8145] BTRFS warning (device loop5): couldn't read tree root
[  433.269489][ T8145] BTRFS error (device loop5): open_ctree failed: -5
[  433.613950][ T3766] hfsplus: b-tree write err: -5, ino 4
[  433.830812][ T5804] bcachefs (loop3): shutting down
[  433.836657][ T5804] bcachefs (loop3): going read-only
[  433.842865][ T5804] bcachefs (loop3): finished waiting for writes to stop
[  433.880508][ T8144] block nbd5: shutting down sockets
[  433.980814][ T5804] bcachefs (loop3): flushing journal and stopping allocators, journal seq 3
[  434.206860][ T5804] bcachefs (loop3): flushing journal and stopping allocators complete, journal seq 4
[  434.295539][ T5804] bcachefs (loop3): clean shutdown complete, journal seq 5
[  434.348002][ T5804] bcachefs (loop3): marking filesystem clean
[  434.627127][ T5804] bcachefs (loop3): shutdown complete
[  435.951237][ T8191] loop2: detected capacity change from 0 to 512
[  436.063047][ T8191] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[  436.088873][ T8197] netlink: 24 bytes leftover after parsing attributes in process `syz.5.521'.
[  436.143297][ T8191] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8042c118, mo2=0002]
[  436.174746][ T8191] EXT4-fs error (device loop2): ext4_iget_extra_inode:5104: inode #15: comm syz.2.520: corrupted in-inode xattr: e_value size too large
[  436.214082][ T8191] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.520: couldn't read orphan inode 15 (err -117)
[  436.269252][ T8191] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  436.398995][ T8191] netlink: 32 bytes leftover after parsing attributes in process `syz.2.520'.
[  436.490188][ T8191] input: syz0 as /devices/virtual/input/input8
[  436.820854][ T5806] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  438.067077][ T8221] FAULT_INJECTION: forcing a failure.
[  438.067077][ T8221] name failslab, interval 1, probability 0, space 0, times 0
[  438.080316][ T8221] CPU: 0 UID: 0 PID: 8221 Comm: syz.0.527 Tainted: G        W           6.17.0-rc1-syzkaller-00038-g0cc53520e68b #0 PREEMPT(none) 
[  438.080491][ T8221] Tainted: [W]=WARN
[  438.080539][ T8221] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  438.080615][ T8221] Call Trace:
[  438.080661][ T8221]  <TASK>
[  438.080709][ T8221]  __dump_stack+0x26/0x30
[  438.080895][ T8221]  dump_stack_lvl+0x1df/0x270
[  438.081087][ T8221]  dump_stack+0x1e/0x25
[  438.081240][ T8221]  should_fail_ex+0x7dc/0x8a0
[  438.081435][ T8221]  should_failslab+0x15b/0x200
[  438.081594][ T8221]  __kmalloc_noprof+0x182/0x1310
[  438.081758][ T8221]  ? tomoyo_encode+0x626/0xa10
[  438.081901][ T8221]  ? kmsan_get_metadata+0xfb/0x160
[  438.082048][ T8221]  ? kmsan_get_metadata+0xfb/0x160
[  438.082215][ T8221]  tomoyo_encode+0x626/0xa10
[  438.082430][ T8221]  tomoyo_realpath_from_path+0x92e/0x9f0
[  438.082621][ T8221]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  438.082817][ T8221]  tomoyo_path_number_perm+0x1d0/0x7d0
[  438.083039][ T8221]  ? stack_depot_save_flags+0x35/0x7b0
[  438.083265][ T8221]  ? kmsan_get_metadata+0xfb/0x160
[  438.083438][ T8221]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  438.083647][ T8221]  tomoyo_file_ioctl+0x3d/0x50
[  438.083806][ T8221]  security_file_ioctl+0x141/0x590
[  438.083993][ T8221]  __se_sys_ioctl+0xbb/0x400
[  438.084148][ T8221]  __x64_sys_ioctl+0x97/0xe0
[  438.084290][ T8221]  x64_sys_call+0x1cbc/0x3e20
[  438.084459][ T8221]  do_syscall_64+0xd9/0x210
[  438.084615][ T8221]  ? irqentry_exit+0x16/0x60
[  438.084751][ T8221]  ? clear_bhb_loop+0x40/0x90
[  438.084893][ T8221]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  438.085030][ T8221] RIP: 0033:0x7f6bf338ebe9
[  438.085128][ T8221] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  438.085243][ T8221] RSP: 002b:00007f6bf4116038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  438.085364][ T8221] RAX: ffffffffffffffda RBX: 00007f6bf35b5fa0 RCX: 00007f6bf338ebe9
[  438.085458][ T8221] RDX: 0000000000000000 RSI: 000000000000cdb8 RDI: 0000000000000004
[  438.085535][ T8221] RBP: 00007f6bf4116090 R08: 0000000000000000 R09: 0000000000000000
[  438.085618][ T8221] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  438.085697][ T8221] R13: 00007f6bf35b6038 R14: 00007f6bf35b5fa0 R15: 00007ffd16bd7048
[  438.085818][ T8221]  </TASK>
[  438.085908][ T8221] ERROR: Out of memory at tomoyo_realpath_from_path.
[  438.506961][ T8215] loop2: detected capacity change from 0 to 32768
[  438.751669][ T5933] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  438.768683][ T8215] bcachefs (loop2): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,nojournal_transaction_names
[  438.768824][ T8215]   allowing incompatible features above 0.0: (unknown version)
[  438.768924][ T8215]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  438.809786][ T8215] bcachefs (loop2): Using encoding defined by superblock: utf8-12.1.0
[  438.818616][ T8215] bcachefs (loop2): initializing new filesystem
[  438.838393][ T8215] bcachefs (loop2): going read-write
[  438.905598][ T8215] bcachefs (loop2): marking superblocks
[  438.965149][ T8215] bcachefs (loop2): initializing freespace
[  438.993680][ T8215] bcachefs (loop2): done initializing freespace
[  438.999822][ T5933] usb 6-1: Using ep0 maxpacket: 16
[  439.015154][ T8215] bcachefs (loop2): reading snapshots table
[  439.021611][ T8215] bcachefs (loop2): reading snapshots done
[  439.097365][ T5933] usb 6-1: too many endpoints for config 1 interface 0 altsetting 0: 255, using maximum allowed: 30
[  439.109012][ T5933] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  439.119303][ T5933] usb 6-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[  439.129563][ T5933] usb 6-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 8
[  439.139629][ T5933] usb 6-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 255
[  439.206462][ T8215] bcachefs (loop2): done starting filesystem
[  439.232868][ T5933] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  439.243309][ T5933] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  439.252315][ T5933] usb 6-1: SerialNumber: syz
[  439.313922][ T8218] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  439.340848][ T5933] cdc_acm 6-1:1.0: Control and data interfaces are not separated!
[  439.352913][ T5933] cdc_acm 6-1:1.0: probe with driver cdc_acm failed with error -12
[  439.598041][ T8235] loop0: detected capacity change from 0 to 256
[  439.696209][ T8235] exfat: Deprecated parameter 'utf8'
[  439.824121][ T5806] bcachefs (loop2): shutting down
[  439.829449][ T5806] bcachefs (loop2): going read-only
[  439.903521][ T5806] bcachefs (loop2): finished waiting for writes to stop
[  439.923413][ T8235] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xd9b3646f, utbl_chksum : 0xe619d30d)
[  439.974773][ T5806] bcachefs (loop2): flushing journal and stopping allocators, journal seq 4
[  440.118700][ T8235] block nbd0: server does not support multiple connections per device.
[  440.118782][   T24] usb 4-1: new high-speed USB device number 20 using dummy_hcd
[  440.128677][ T8235] block nbd0: NBD_DISCONNECT
[  440.139664][ T8235] block nbd0: Send disconnect failed -22
[  440.145524][ T8235] block nbd0: Send disconnect failed -22
[  440.209288][ T5806] bcachefs (loop2): flushing journal and stopping allocators complete, journal seq 4
[  440.294022][ T5806] bcachefs (loop2): clean shutdown complete, journal seq 5
[  440.357157][ T5806] bcachefs (loop2): marking filesystem clean
[  440.388383][ T5933] usb 6-1: USB disconnect, device number 3
[  440.401949][   T24] usb 4-1: Using ep0 maxpacket: 8
[  440.469119][   T24] usb 4-1: unable to get BOS descriptor or descriptor too short
[  440.541658][ T5806] bcachefs (loop2): shutdown complete
[  440.570475][   T24] usb 4-1: config 7 has an invalid interface number: 252 but max is 0
[  440.579022][   T24] usb 4-1: config 7 contains an unexpected descriptor of type 0x2, skipping
[  440.588134][   T24] usb 4-1: config 7 has an invalid descriptor of length 125, skipping remainder of the config
[  440.598782][   T24] usb 4-1: config 7 has no interface number 0
[  440.605055][   T24] usb 4-1: config 7 interface 252 altsetting 9 has a duplicate endpoint with address 0x9, skipping
[  440.616175][   T24] usb 4-1: config 7 interface 252 altsetting 9 endpoint 0xF has invalid maxpacket 1024, setting to 64
[  440.628366][   T24] usb 4-1: config 7 interface 252 altsetting 9 has a duplicate endpoint with address 0x7, skipping
[  440.639809][   T24] usb 4-1: config 7 interface 252 altsetting 9 endpoint 0xB has invalid maxpacket 1024, setting to 64
[  440.651172][   T24] usb 4-1: config 7 interface 252 altsetting 9 has 6 endpoint descriptors, different from the interface descriptor's value: 11
[  440.664755][   T24] usb 4-1: config 7 interface 252 has no altsetting 0
[  441.079305][   T24] usb 4-1: New USB device found, idVendor=0856, idProduct=ac29, bcdDevice=63.d5
[  441.089384][   T24] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  441.097757][   T24] usb 4-1: Product: syz
[  441.102110][   T24] usb 4-1: Manufacturer: syz
[  441.106885][   T24] usb 4-1: SerialNumber: syz
[  441.528902][   T24] mos7840 4-1:7.252: required endpoints missing
[  441.586323][ T8252] netlink: 'syz.4.533': attribute type 23 has an invalid length.
[  441.622409][   T24] usb 4-1: USB disconnect, device number 20
[  441.677429][   T30] kauditd_printk_skb: 10 callbacks suppressed
[  441.684015][   T30] audit: type=1326 audit(1755200659.465:158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8245 comm="syz.5.532" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f451f98ebe9 code=0x7fc00000
[  441.751038][ T8253] netlink: 'syz.4.533': attribute type 23 has an invalid length.
[  443.004145][ T8260] loop5: detected capacity change from 0 to 4096
[  443.501251][ T8235] block nbd0: Disconnected due to user request.
[  443.508073][ T8235] block nbd0: shutting down sockets
[  443.613947][   T24] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  443.839652][   T24] usb 6-1: Using ep0 maxpacket: 16
[  443.892143][   T24] usb 6-1: config index 0 descriptor too short (expected 65, got 36)
[  443.901871][   T24] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  443.913971][   T24] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  443.927241][   T24] usb 6-1: New USB device found, idVendor=1781, idProduct=0898, bcdDevice= 0.00
[  443.936689][   T24] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  444.221175][   T24] usb 6-1: config 0 descriptor??
[  444.302425][   T24] input: PXRC Flight Controller Adapter as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/input/input9
[  445.978098][ T5933] usb 6-1: USB disconnect, device number 4
[  445.990071][   T24] usb 3-1: new high-speed USB device number 17 using dummy_hcd
[  446.199523][   T24] usb 3-1: Using ep0 maxpacket: 16
[  446.244352][   T24] usb 3-1: unable to get BOS descriptor or descriptor too short
[  446.280788][   T24] usb 3-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  446.290380][   T24] usb 3-1: config 1 has an invalid descriptor of length 247, skipping remainder of the config
[  446.301045][   T24] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  446.418069][   T24] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  446.427740][   T24] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  446.435953][   T24] usb 3-1: Product: syz
[  446.441280][   T24] usb 3-1: Manufacturer: syz
[  446.446050][   T24] usb 3-1: SerialNumber: syz
[  446.841117][ T8291] netlink: 16 bytes leftover after parsing attributes in process `syz.2.529'.
[  446.850904][ T8291] bond0: option resend_igmp: invalid value (18446744072065384451)
[  446.859156][ T8291] bond0: option resend_igmp: allowed values 0 - 255
[  446.950198][ T8303] netlink: 12 bytes leftover after parsing attributes in process `syz.2.529'.
[  446.959980][ T8303] tc_dump_action: action bad kind
[  447.079346][   T24] usb 3-1: 0:2 : does not exist
[  447.177150][   T24] usb 3-1: USB disconnect, device number 17
[  447.248878][ T5933] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  447.448455][ T5933] usb 6-1: Using ep0 maxpacket: 8
[  447.485366][ T5933] usb 6-1: unable to get BOS descriptor or descriptor too short
[  447.549870][ T5933] usb 6-1: config 7 has an invalid interface number: 252 but max is 0
[  447.558506][ T5933] usb 6-1: config 7 contains an unexpected descriptor of type 0x2, skipping
[  447.567712][ T5933] usb 6-1: config 7 has an invalid descriptor of length 125, skipping remainder of the config
[  447.578654][ T5933] usb 6-1: config 7 has no interface number 0
[  447.584968][ T5933] usb 6-1: config 7 interface 252 altsetting 9 has a duplicate endpoint with address 0x9, skipping
[  447.597113][ T5933] usb 6-1: config 7 interface 252 altsetting 9 endpoint 0xF has invalid maxpacket 1024, setting to 64
[  447.608822][ T5933] usb 6-1: config 7 interface 252 altsetting 9 has a duplicate endpoint with address 0x7, skipping
[  447.620191][ T5933] usb 6-1: config 7 interface 252 altsetting 9 endpoint 0xB has invalid maxpacket 1024, setting to 64
[  447.631568][ T5933] usb 6-1: config 7 interface 252 altsetting 9 has 6 endpoint descriptors, different from the interface descriptor's value: 11
[  447.645176][ T5933] usb 6-1: config 7 interface 252 has no altsetting 0
[  448.401126][ T8315] loop2: detected capacity change from 0 to 8
[  448.416250][ T5933] usb 6-1: New USB device found, idVendor=0856, idProduct=ac29, bcdDevice=63.d5
[  448.426483][ T5933] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  448.434846][ T5933] usb 6-1: Product: syz
[  448.439438][ T5933] usb 6-1: Manufacturer: syz
[  448.444210][ T5933] usb 6-1: SerialNumber: syz
[  448.553969][ T8315] squashfs image failed sanity check
[  448.612227][ T6072] udevd[6072]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  448.677985][ T8308] loop0: detected capacity change from 0 to 32768
[  448.688704][ T8308] gfs2: statfs_percent mount option requires a numeric argument between 0 and 100
[  448.742523][ T8315] netlink: 'syz.2.551': attribute type 39 has an invalid length.
[  448.801442][ T5861] usb 4-1: new high-speed USB device number 21 using dummy_hcd
[  449.075906][ T5933] mos7840 6-1:7.252: required endpoints missing
[  449.096443][ T5861] usb 4-1: Using ep0 maxpacket: 32
[  449.165644][ T8315] bridge_slave_0 (unregistering): left allmulticast mode
[  449.165739][ T5861] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  449.173138][ T8315] bridge_slave_0 (unregistering): left promiscuous mode
[  449.173438][ T8315] bridge0: port 1(bridge_slave_0) entered disabled state
[  449.199422][ T5861] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  449.209652][ T5861] usb 4-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00
[  449.219057][ T5861] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  449.267216][ T5933] usb 6-1: USB disconnect, device number 5
[  449.377303][ T5861] usb 4-1: config 0 descriptor??
[  449.981406][ T5861] ft260 0003:0403:6030.0016: unknown main item tag 0x7
[  450.179170][ T5861] ft260 0003:0403:6030.0016: failed to retrieve chip version
[  450.188749][ T5861] ft260 0003:0403:6030.0016: probe with driver ft260 failed with error -32
[  450.687403][ T8333] netlink: 52 bytes leftover after parsing attributes in process `syz.5.552'.
[  451.899689][ T5855] usb 4-1: USB disconnect, device number 21
[  452.395159][ T8353] loop5: detected capacity change from 0 to 1024
[  452.499622][ T8353] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  453.497334][ T8371] netlink: 52 bytes leftover after parsing attributes in process `syz.5.565'.
[  454.092844][ T8377] loop5: detected capacity change from 0 to 128
[  454.124763][ T8377] udf: Unknown parameter 'user'
[  454.132513][ T8380] loop3: detected capacity change from 0 to 256
[  454.591403][ T8380] FAT-fs (loop3): Directory bread(block 64) failed
[  454.598602][ T8380] FAT-fs (loop3): Directory bread(block 65) failed
[  454.606753][ T8380] FAT-fs (loop3): Directory bread(block 66) failed
[  454.615254][ T8380] FAT-fs (loop3): Directory bread(block 67) failed
[  454.622344][ T8380] FAT-fs (loop3): Directory bread(block 68) failed
[  454.629372][ T8380] FAT-fs (loop3): Directory bread(block 69) failed
[  454.636235][ T8380] FAT-fs (loop3): Directory bread(block 70) failed
[  454.643235][ T8380] FAT-fs (loop3): Directory bread(block 71) failed
[  454.650808][ T8380] FAT-fs (loop3): Directory bread(block 72) failed
[  454.657703][ T8380] FAT-fs (loop3): Directory bread(block 73) failed
[  455.389617][ T8380] netlink: 8 bytes leftover after parsing attributes in process `syz.3.568'.
[  456.392262][ T8400] netlink: 24 bytes leftover after parsing attributes in process `syz.4.573'.
[  456.585613][ T8404] netlink: 52 bytes leftover after parsing attributes in process `syz.5.577'.
[  457.195339][ T8402] loop0: detected capacity change from 0 to 32768
[  457.210971][ T8402] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.574 (8402)
[  457.268191][ T8402] BTRFS info (device loop0): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  457.280829][ T8402] BTRFS info (device loop0): using blake2b (blake2b-256-generic) checksum algorithm
[  457.291194][ T8402] BTRFS info (device loop0): using free-space-tree
[  457.576277][ T8402] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  457.585485][ T8402] overlayfs: NFS export requires "redirect_dir=nofollow" on non-upper mount, falling back to nfs_export=off.
[  457.597583][ T8402] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  457.653372][   T30] audit: type=1326 audit(1755200675.445:159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8430 comm="syz.4.580" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f49b998ebe9 code=0x7ffc0000
[  457.726819][   T30] audit: type=1326 audit(1755200675.525:160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8430 comm="syz.4.580" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f49b998ebe9 code=0x7ffc0000
[  457.750277][   T30] audit: type=1326 audit(1755200675.525:161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8430 comm="syz.4.580" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f49b998ebe9 code=0x7ffc0000
[  457.773091][   T30] audit: type=1326 audit(1755200675.525:162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8430 comm="syz.4.580" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f49b998ebe9 code=0x7ffc0000
[  458.105729][   T30] audit: type=1326 audit(1755200675.625:163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8430 comm="syz.4.580" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f49b998ebe9 code=0x7ffc0000
[  458.119766][ T5801] BTRFS info (device loop0): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  458.129953][   T30] audit: type=1326 audit(1755200675.635:164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8430 comm="syz.4.580" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f49b998ebe9 code=0x7ffc0000
[  458.161485][   T30] audit: type=1326 audit(1755200675.655:165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8430 comm="syz.4.580" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7f49b998ebe9 code=0x7ffc0000
[  458.184204][   T30] audit: type=1326 audit(1755200675.655:166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8430 comm="syz.4.580" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f49b998ec23 code=0x7ffc0000
[  458.206754][   T30] audit: type=1326 audit(1755200675.655:167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8430 comm="syz.4.580" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f49b998ec23 code=0x7ffc0000
[  458.231260][   T30] audit: type=1326 audit(1755200675.695:168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8430 comm="syz.4.580" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f49b998ebe9 code=0x7ffc0000
[  459.258110][ T5855] usb 4-1: new high-speed USB device number 22 using dummy_hcd
[  459.275867][ T8439] loop4: detected capacity change from 0 to 32768
[  459.508466][ T5855] usb 4-1: Using ep0 maxpacket: 8
[  459.590458][ T5855] usb 4-1: unable to get BOS descriptor or descriptor too short
[  459.710836][ T5855] usb 4-1: config 7 has an invalid interface number: 252 but max is 0
[  459.719515][ T5855] usb 4-1: config 7 contains an unexpected descriptor of type 0x2, skipping
[  459.729137][ T5855] usb 4-1: config 7 has an invalid descriptor of length 125, skipping remainder of the config
[  459.739853][ T5855] usb 4-1: config 7 has no interface number 0
[  459.746193][ T5855] usb 4-1: config 7 interface 252 altsetting 9 has a duplicate endpoint with address 0x9, skipping
[  459.757337][ T5855] usb 4-1: config 7 interface 252 altsetting 9 endpoint 0xF has invalid maxpacket 1024, setting to 64
[  459.769059][ T5855] usb 4-1: config 7 interface 252 altsetting 9 has a duplicate endpoint with address 0x7, skipping
[  459.780719][ T5855] usb 4-1: config 7 interface 252 altsetting 9 endpoint 0xB has invalid maxpacket 1024, setting to 64
[  459.792163][ T5855] usb 4-1: config 7 interface 252 altsetting 9 has 6 endpoint descriptors, different from the interface descriptor's value: 11
[  459.805772][ T5855] usb 4-1: config 7 interface 252 has no altsetting 0
[  460.231983][ T5855] usb 4-1: New USB device found, idVendor=0856, idProduct=ac29, bcdDevice=63.d5
[  460.241736][ T5855] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  460.250355][ T5855] usb 4-1: Product: syz
[  460.254735][ T5855] usb 4-1: Manufacturer: syz
[  460.259749][ T5855] usb 4-1: SerialNumber: syz
[  460.725928][ T5855] mos7840 4-1:7.252: required endpoints missing
[  460.836914][ T5855] usb 4-1: USB disconnect, device number 22
[  461.158551][ T8462] netlink: 52 bytes leftover after parsing attributes in process `syz.5.589'.
[  462.800387][ T8473] loop3: detected capacity change from 0 to 32768
[  462.918095][ T8473] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.591 (8473)
[  462.922501][ T8474] loop5: detected capacity change from 0 to 32768
[  462.950501][ T8473] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  462.963564][ T8473] BTRFS info (device loop3): using crc32c (crc32c-lib) checksum algorithm
[  462.972745][ T8473] BTRFS info (device loop3): using free-space-tree
[  463.035876][ T8474] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.592 (8474)
[  463.077184][ T8474] BTRFS info (device loop5): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  463.088763][ T8474] BTRFS info (device loop5): using blake2b (blake2b-256-generic) checksum algorithm
[  463.099091][ T8474] BTRFS info (device loop5): using free-space-tree
[  463.984976][ T8474] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  463.994528][ T8474] overlayfs: NFS export requires "redirect_dir=nofollow" on non-upper mount, falling back to nfs_export=off.
[  464.006485][ T8474] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  464.526678][ T7709] BTRFS info (device loop5): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  466.348786][ T5804] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  468.351323][ T8539] loop3: detected capacity change from 0 to 32768
[  468.363635][ T8539] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.598 (8539)
[  468.398280][ T8539] BTRFS info (device loop3): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  468.408880][ T8539] BTRFS info (device loop3): using sha256 (sha256-lib) checksum algorithm
[  468.417949][ T8539] BTRFS info (device loop3): disk space caching is enabled
[  468.425383][ T8539] BTRFS warning (device loop3): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  468.658953][ T8543] netlink: 52 bytes leftover after parsing attributes in process `syz.0.602'.
[  468.731207][ T8539] BTRFS info (device loop3): rebuilding free space tree
[  468.790158][ T8539] BTRFS info (device loop3): disabling free space tree
[  468.797759][ T8539] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  468.807807][ T8539] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  469.861148][ T5804] BTRFS info (device loop3): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  471.179774][ T8573] loop4: detected capacity change from 0 to 32768
[  471.219216][ T8573] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.608 (8573)
[  471.281601][ T8575] loop5: detected capacity change from 0 to 256
[  471.289496][ T8573] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  471.300469][ T8573] BTRFS info (device loop4): using crc32c (crc32c-lib) checksum algorithm
[  471.310024][ T8573] BTRFS info (device loop4): using free-space-tree
[  471.362863][ T8575] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  471.593879][ T8575] FAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  473.100361][ T8603] 9pnet_fd: Insufficient options for proto=fd
[  473.118443][ T5813] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  473.218356][ T8603] loop5: detected capacity change from 0 to 512
[  473.473070][ T8603] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  473.473178][ T8603] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended
[  473.473285][ T8603] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
[  473.582740][ T8603] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006]
[  473.781925][ T8603] System zones: 0-2, 18-18, 34-35
[  473.785301][ T8603] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  473.788894][ T8603] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  475.018550][ T8623] netlink: 8 bytes leftover after parsing attributes in process `syz.2.613'.
[  475.369061][ T1287] ieee802154 phy0 wpan0: encryption failed: -22
[  475.375888][ T1287] ieee802154 phy1 wpan1: encryption failed: -22
[  475.998365][ T8622] loop3: detected capacity change from 0 to 32768
[  476.009029][ T8622] gfs2: statfs_percent mount option requires a numeric argument between 0 and 100
[  476.206339][ T8632] loop0: detected capacity change from 0 to 1024
[  476.579924][ T8632] FAULT_INJECTION: forcing a failure.
[  476.579924][ T8632] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[  476.594205][ T8632] CPU: 0 UID: 0 PID: 8632 Comm: syz.0.616 Tainted: G        W           6.17.0-rc1-syzkaller-00038-g0cc53520e68b #0 PREEMPT(none) 
[  476.594391][ T8632] Tainted: [W]=WARN
[  476.594441][ T8632] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  476.594526][ T8632] Call Trace:
[  476.594578][ T8632]  <TASK>
[  476.594653][ T8632]  __dump_stack+0x26/0x30
[  476.594825][ T8632]  dump_stack_lvl+0x1df/0x270
[  476.595001][ T8632]  dump_stack+0x1e/0x25
[  476.595147][ T8632]  should_fail_ex+0x7dc/0x8a0
[  476.595352][ T8632]  should_fail_alloc_page+0x222/0x240
[  476.595525][ T8632]  __alloc_frozen_pages_noprof+0x30f/0xf00
[  476.595723][ T8632]  alloc_pages_mpol+0x328/0x860
[  476.595894][ T8632]  folio_alloc_noprof+0x109/0x360
[  476.596060][ T8632]  filemap_alloc_folio_noprof+0x9d/0x420
[  476.596232][ T8632]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  476.596423][ T8632]  do_read_cache_folio+0x7be/0x1460
[  476.596629][ T8632]  ? kmsan_get_metadata+0xfb/0x160
[  476.596792][ T8632]  ? __pfx_hfsplus_read_folio+0x10/0x10
[  476.596969][ T8632]  ? kmsan_get_metadata+0xfb/0x160
[  476.597138][ T8632]  read_cache_page+0x63/0x1e0
[  476.597342][ T8632]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  476.597524][ T8632]  hfsplus_block_allocate+0x145/0x1580
[  476.597695][ T8632]  ? stack_depot_save_flags+0x35/0x7b0
[  476.597892][ T8632]  ? kmsan_get_metadata+0xfb/0x160
[  476.598056][ T8632]  ? kmsan_internal_set_shadow_origin+0x79/0x110
[  476.598218][ T8632]  ? kmsan_get_metadata+0xfb/0x160
[  476.598389][ T8632]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  476.598556][ T8632]  hfsplus_file_extend+0xfd0/0x1df0
[  476.598712][ T8632]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  476.598855][ T8632]  ? kmsan_get_metadata+0xfb/0x160
[  476.599022][ T8632]  hfsplus_get_block+0xfc3/0x1a20
[  476.599162][ T8632]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  476.599349][ T8632]  ? kmsan_internal_set_shadow_origin+0x79/0x110
[  476.599517][ T8632]  __block_write_begin_int+0xa76/0x3030
[  476.599771][ T8632]  ? kmsan_get_metadata+0xfb/0x160
[  476.599980][ T8632]  ? __pfx_hfsplus_get_block+0x10/0x10
[  476.600186][ T8632]  cont_write_begin+0x10e1/0x1bc0
[  476.600381][ T8632]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  476.600563][ T8632]  ? filter_irq_stacks+0x49/0x190
[  476.600784][ T8632]  ? stack_depot_save_flags+0x35/0x7b0
[  476.600960][ T8632]  ? kmsan_get_metadata+0xfb/0x160
[  476.601139][ T8632]  hfsplus_write_begin+0x85/0x130
[  476.601281][ T8632]  ? __pfx_hfsplus_get_block+0x10/0x10
[  476.601455][ T8632]  ? __pfx_hfsplus_write_begin+0x10/0x10
[  476.601608][ T8632]  cont_write_begin+0x1349/0x1bc0
[  476.601790][ T8632]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  476.601952][ T8632]  ? kmsan_get_metadata+0xfb/0x160
[  476.602121][ T8632]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  476.602333][ T8632]  hfsplus_write_begin+0x85/0x130
[  476.602472][ T8632]  ? __pfx_hfsplus_get_block+0x10/0x10
[  476.602644][ T8632]  ? __pfx_hfsplus_write_begin+0x10/0x10
[  476.602789][ T8632]  generic_perform_write+0x365/0x1050
[  476.603020][ T8632]  ? kmsan_get_metadata+0xfb/0x160
[  476.603188][ T8632]  __generic_file_write_iter+0x213/0x460
[  476.603400][ T8632]  generic_file_write_iter+0x131/0x980
[  476.603608][ T8632]  ? __rcu_read_unlock+0x6d/0xd0
[  476.603748][ T8632]  ? aa_file_perm+0x41c/0x2140
[  476.603902][ T8632]  ? aa_file_perm+0x549/0x2140
[  476.604046][ T8632]  ? kmsan_get_metadata+0xfb/0x160
[  476.604194][ T8632]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  476.604355][ T8632]  ? vfs_iter_read+0x711/0x770
[  476.604510][ T8632]  ? filter_irq_stacks+0x49/0x190
[  476.604709][ T8632]  ? stack_depot_save_flags+0x35/0x7b0
[  476.604878][ T8632]  ? kmsan_get_metadata+0xfb/0x160
[  476.605024][ T8632]  ? kmsan_get_metadata+0xfb/0x160
[  476.605170][ T8632]  ? kmsan_internal_set_shadow_origin+0x79/0x110
[  476.605327][ T8632]  ? __pfx_generic_file_write_iter+0x10/0x10
[  476.605527][ T8632]  do_iter_readv_writev+0x9cd/0xc00
[  476.605711][ T8632]  ? __pfx_generic_file_write_iter+0x10/0x10
[  476.605889][ T8632]  vfs_writev+0x52a/0x1500
[  476.606004][ T8632]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  476.606186][ T8632]  ? kmsan_get_metadata+0xfb/0x160
[  476.606324][ T8632]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  476.606479][ T8632]  __se_sys_pwritev2+0x22f/0x480
[  476.606658][ T8632]  __x64_sys_pwritev2+0xe4/0x150
[  476.606834][ T8632]  x64_sys_call+0x37d0/0x3e20
[  476.606999][ T8632]  do_syscall_64+0xd9/0x210
[  476.607147][ T8632]  ? irqentry_exit+0x16/0x60
[  476.607275][ T8632]  ? clear_bhb_loop+0x40/0x90
[  476.607406][ T8632]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  476.607542][ T8632] RIP: 0033:0x7f6bf338ebe9
[  476.607664][ T8632] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  476.607778][ T8632] RSP: 002b:00007f6bf4116038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
[  476.607903][ T8632] RAX: ffffffffffffffda RBX: 00007f6bf35b5fa0 RCX: 00007f6bf338ebe9
[  476.607999][ T8632] RDX: 0000000000000001 RSI: 0000200000000cc0 RDI: 0000000000000005
[  476.608082][ T8632] RBP: 00007f6bf4116090 R08: 000000000000000c R09: 0000000000000004
[  476.608164][ T8632] R10: 0000000000000fff R11: 0000000000000246 R12: 0000000000000001
[  476.608242][ T8632] R13: 00007f6bf35b6038 R14: 00007f6bf35b5fa0 R15: 00007ffd16bd7048
[  476.608366][ T8632]  </TASK>
[  478.141559][ T3766] hfsplus: b-tree write err: -5, ino 4
[  478.448741][ T8646] kernel profiling enabled (shift: 9)
[  478.921159][ T5861] usb 4-1: new high-speed USB device number 23 using dummy_hcd
[  479.168317][ T5861] usb 4-1: Using ep0 maxpacket: 8
[  479.271592][ T5861] usb 4-1: unable to get BOS descriptor or descriptor too short
[  479.568200][ T5861] usb 4-1: config 4 interface 0 has no altsetting 0
[  480.039588][ T5861] usb 4-1: string descriptor 0 read error: -22
[  480.046285][ T5861] usb 4-1: New USB device found, idVendor=058f, idProduct=6610, bcdDevice=48.05
[  480.056066][ T5861] usb 4-1: New USB device strings: Mfr=2, Product=0, SerialNumber=3
[  480.278319][ T5861] usb 4-1: dvb_usb_v2: found a 'Sigmatek DVB-110' in warm state
[  480.362898][ T5861] usb 4-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  480.392804][ T5861] dvbdev: DVB: registering new adapter (Sigmatek DVB-110)
[  480.407806][ T5861] usb 4-1: media controller created
[  480.497216][ T5861] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  480.561620][ T8653] usb 4-1: dvb_usb_au6610: wlen=0, aborting
[  481.391795][ T8673] loop4: detected capacity change from 0 to 64
[  481.953094][ T5861] usb 4-1: USB disconnect, device number 23
[  484.674797][ T8700] loop0: detected capacity change from 0 to 32768
[  484.691647][ T8700] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.635 (8700)
[  484.717118][ T8700] BTRFS info (device loop0): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  484.728928][ T8700] BTRFS info (device loop0): using blake2b (blake2b-256-generic) checksum algorithm
[  484.739243][ T8700] BTRFS info (device loop0): using free-space-tree
[  485.012409][ T8700] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  485.021717][ T8700] overlayfs: NFS export requires "redirect_dir=nofollow" on non-upper mount, falling back to nfs_export=off.
[  485.033703][ T8700] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  485.335045][ T5801] BTRFS info (device loop0): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  486.060053][ T8733] tipc: Failed to remove unknown binding: 66,1,1/0:2411339385/2411339387
[  486.069217][ T8733] tipc: Failed to remove unknown binding: 66,1,1/0:2411339385/2411339387
[  486.154170][ T8741] IPv6: Can't replace route, no match found
[  486.278366][ T8744] netlink: 8 bytes leftover after parsing attributes in process `syz.3.643'.
[  486.289575][ T8744] netlink: 8 bytes leftover after parsing attributes in process `syz.3.643'.
[  487.631767][ T8767] netlink: 'syz.5.649': attribute type 39 has an invalid length.
[  487.659934][ T8767] bridge0: port 1(bridge_slave_0) entered disabled state
[  487.808872][ T8767] bridge_slave_0 (unregistering): left allmulticast mode
[  487.816254][ T8767] bridge_slave_0 (unregistering): left promiscuous mode
[  487.824103][ T8767] bridge0: port 1(bridge_slave_0) entered disabled state
[  488.735730][ T8770] loop3: detected capacity change from 0 to 32768
[  488.768778][ T8770] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.650 (8770)
[  488.824302][ T8770] BTRFS info (device loop3): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  488.835179][ T8770] BTRFS info (device loop3): using blake2b (blake2b-256-generic) checksum algorithm
[  488.845580][ T8770] BTRFS info (device loop3): using free-space-tree
[  489.038091][ T8770] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  489.047126][ T8770] overlayfs: NFS export requires "redirect_dir=nofollow" on non-upper mount, falling back to nfs_export=off.
[  489.059612][ T8770] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  489.344390][ T8795] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  489.350994][ T8795] Bluetooth: hci0: Error when powering off device on rfkill (-4)
[  489.393610][ T8795] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  489.401017][ T8795] Bluetooth: hci2: Error when powering off device on rfkill (-4)
[  489.458501][ T8795] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  489.464624][ T8795] Bluetooth: hci3: Error when powering off device on rfkill (-4)
[  489.494209][ T8795] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  489.501617][ T8795] Bluetooth: hci4: Error when powering off device on rfkill (-4)
[  489.530825][ T5804] BTRFS info (device loop3): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  489.648565][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  489.652033][    T0] NOHZ tick-stop error: local softirq work is pending, handler #10!!!
[  490.119027][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  490.608446][    C1] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  491.283441][ T8816] netlink: 52 bytes leftover after parsing attributes in process `syz.2.660'.
[  493.076580][ T8826] loop5: detected capacity change from 0 to 32768
[  493.170086][ T8826] (syz.5.662,8826,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  493.185275][ T8826] (syz.5.662,8826,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  493.288879][ T8826] JBD2: Ignoring recovery information on journal
[  493.445933][ T8826] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode.
[  493.981739][ T7709] ocfs2: Unmounting device (7,5) on (node local)
[  494.033565][ T8834] loop4: detected capacity change from 0 to 32768
[  494.046036][ T8834] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.665 (8834)
[  494.138205][ T8834] BTRFS info (device loop4): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  494.149605][ T8834] BTRFS info (device loop4): using blake2b (blake2b-256-generic) checksum algorithm
[  494.159843][ T8834] BTRFS info (device loop4): using free-space-tree
[  494.672590][ T8834] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  494.683374][ T8834] overlayfs: NFS export requires "redirect_dir=nofollow" on non-upper mount, falling back to nfs_export=off.
[  494.696015][ T8834] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  494.950027][ T8859] loop0: detected capacity change from 0 to 256
[  495.046562][ T5813] BTRFS info (device loop4): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  495.230617][ T8859] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x25fbf2c1, utbl_chksum : 0xe619d30d)
[  497.368576][ T8881] netlink: 52 bytes leftover after parsing attributes in process `syz.3.673'.
[  497.795354][ T8878] openvswitch: netlink: IP tunnel dst address not specified
[  499.254095][ T8898] loop3: detected capacity change from 0 to 4096
[  501.433419][ T5861] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  501.491746][ T8918] loop4: detected capacity change from 0 to 256
[  501.706822][ T5861] usb 6-1: config 17 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  501.722763][ T5861] usb 6-1: config 17 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  501.734261][ T5861] usb 6-1: config 17 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  501.745966][ T5861] usb 6-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00
[  501.755385][ T5861] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  501.830485][ T8918] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x25fbf2c1, utbl_chksum : 0xe619d30d)
[  502.031108][ T8914] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22
[  502.407751][ T8926] loop0: detected capacity change from 0 to 256
[  502.763872][ T8918] loop4: detected capacity change from 0 to 32768
[  502.802759][ T8918] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.688 (8918)
[  502.824704][ T8918] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  502.835788][ T8918] BTRFS info (device loop4): using sha256 (sha256-lib) checksum algorithm
[  502.844904][ T8918] BTRFS info (device loop4): using free-space-tree
[  503.152618][ T8926] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x25fbf2c1, utbl_chksum : 0xe619d30d)
[  503.243871][ T8914] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  503.254700][ T8914] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  503.264203][ T8918] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  504.153726][ T8926] loop0: detected capacity change from 0 to 32768
[  504.164786][ T8926] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.690 (8926)
[  504.191929][ T5861] aiptek 6-1:17.0: Aiptek using 400 ms programming speed
[  504.204116][ T5861] input: Aiptek as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:17.0/input/input10
[  504.244913][ T8926] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  504.257097][ T8926] BTRFS info (device loop0): using sha256 (sha256-lib) checksum algorithm
[  504.267111][ T8926] BTRFS info (device loop0): using free-space-tree
[  504.887408][ T8926] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  506.901268][ T8978] comedi comedi3: 8255: I/O port conflict (0x5,4)
[  506.908190][ T8978] comedi comedi3: 8255: I/O port conflict (0x2,4)
[  506.915061][ T8978] comedi comedi3: 8255: I/O port conflict (0x1,4)
[  506.922643][ T8978] comedi comedi3: 8255: I/O port conflict (0x5c952399,4)
[  506.930292][ T8978] comedi comedi3: 8255: I/O port conflict (0x5,4)
[  506.937017][ T8978] comedi comedi3: 8255: I/O port conflict (0x3ff,4)
[  506.944065][ T8978] comedi comedi3: 8255: I/O port conflict (0x2,4)
[  506.951123][ T8978] comedi comedi3: 8255: I/O port conflict (0x1,4)
[  506.957960][ T8978] comedi comedi3: 8255: I/O port conflict (0x1,4)
[  506.964646][ T8978] comedi comedi3: 8255: I/O port conflict (0x9,4)
[  507.375772][ T5855] usb 6-1: USB disconnect, device number 6
[  507.375785][    C0] aiptek 6-1:17.0: aiptek_irq - usb_submit_urb failed with result -19
[  507.619798][ T8982] RDS: rds_bind could not find a transport for fc02::1, load rds_tcp or rds_rdma?
[  508.069715][ T8992] tc_dump_action: action bad kind
[  511.200881][ T9016] loop5: detected capacity change from 0 to 32768
[  511.216289][ T9016] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.709 (9016)
[  511.321810][ T9016] BTRFS info (device loop5): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  511.336941][ T9016] BTRFS info (device loop5): using blake2b (blake2b-256-generic) checksum algorithm
[  511.347360][ T9016] BTRFS info (device loop5): using free-space-tree
[  511.851806][ T9016] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  511.861149][ T9016] overlayfs: NFS export requires "redirect_dir=nofollow" on non-upper mount, falling back to nfs_export=off.
[  511.873800][ T9016] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  511.890184][ T5861] usb 4-1: new high-speed USB device number 24 using dummy_hcd
[  512.135611][ T5861] usb 4-1: device descriptor read/64, error -71
[  512.310874][ T7709] BTRFS info (device loop5): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  512.398981][ T5861] usb 4-1: new high-speed USB device number 25 using dummy_hcd
[  512.594557][ T5861] usb 4-1: device descriptor read/64, error -71
[  512.714831][ T5861] usb usb4-port1: attempt power cycle
[  513.159211][ T5861] usb 4-1: new high-speed USB device number 26 using dummy_hcd
[  513.242854][ T5861] usb 4-1: device descriptor read/8, error -71
[  513.539060][ T5861] usb 4-1: new high-speed USB device number 27 using dummy_hcd
[  513.601192][ T5861] usb 4-1: device descriptor read/8, error -71
[  513.738578][ T5861] usb usb4-port1: unable to enumerate USB device
[  514.165784][ T9063] netlink: 8 bytes leftover after parsing attributes in process `syz.2.719'.
[  514.763118][ T9068] overlayfs: option "volatile" is meaningless in a non-upper mount, ignoring it.
[  514.772923][ T9068] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  515.070405][ T9068] overlayfs: overlapping lowerdir path
[  515.327427][ T9079] loop4: detected capacity change from 0 to 256
[  515.703631][ T9079] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x25fbf2c1, utbl_chksum : 0xe619d30d)
[  516.048578][ T9080] loop3: detected capacity change from 0 to 32768
[  516.113991][ T9080] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.724 (9080)
[  516.129022][ T5861] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  516.378754][ T5861] usb 6-1: Using ep0 maxpacket: 16
[  516.499677][ T5861] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  516.696036][ T9079] loop4: detected capacity change from 0 to 32768
[  516.715393][ T5861] usb 6-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=7b.55
[  516.718802][ T9079] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.723 (9079)
[  516.725851][ T5861] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  516.745768][ T5861] usb 6-1: Product: syz
[  516.750424][ T5861] usb 6-1: Manufacturer: syz
[  516.755207][ T5861] usb 6-1: SerialNumber: syz
[  516.766634][ T9080] BTRFS info (device loop3): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  516.777682][ T9080] BTRFS info (device loop3): using blake2b (blake2b-256-generic) checksum algorithm
[  516.787844][ T9080] BTRFS info (device loop3): using free-space-tree
[  516.817163][ T9079] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  516.828089][ T9079] BTRFS info (device loop4): using sha256 (sha256-lib) checksum algorithm
[  516.837037][ T9079] BTRFS info (device loop4): using free-space-tree
[  516.989511][ T5861] usb 6-1: config 0 descriptor??
[  517.241739][ T5861] usb 6-1: Warning: ath10k USB support is incomplete, don't expect anything to work!
[  517.261893][ T3862] usb 6-1: Failed to submit usb control message: -71
[  517.269032][ T3862] usb 6-1: unable to send the bmi data to the device: -71
[  517.276539][ T3862] usb 6-1: unable to get target info from device
[  517.283337][ T3862] usb 6-1: could not get target info (-71)
[  517.289628][ T3862] usb 6-1: could not probe fw (-71)
[  517.305233][ T5861] usb 6-1: USB disconnect, device number 7
[  517.432021][ T9080] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  517.441102][ T9080] overlayfs: NFS export requires "redirect_dir=nofollow" on non-upper mount, falling back to nfs_export=off.
[  517.453115][ T9080] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  517.512813][ T9079] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  517.912081][ T5804] BTRFS info (device loop3): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  518.923615][ T9139] fuse: Bad value for 'fd'
[  520.019260][ T9142] loop5: detected capacity change from 0 to 4096
[  520.088278][ T9142] ntfs3(loop5): Different NTFS sector size (4096) and media sector size (512).
[  520.558768][ T9142] ntfs3(loop5): Mark volume as dirty due to NTFS errors
[  520.628939][ T9142] ntfs3(loop5): Failed to load $Extend (-22).
[  520.635271][ T9142] ntfs3(loop5): Failed to initialize $Extend.
[  521.168019][ T9161] loop3: detected capacity change from 0 to 256
[  521.420130][ T9161] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x25fbf2c1, utbl_chksum : 0xe619d30d)
[  522.321400][ T9161] loop3: detected capacity change from 0 to 32768
[  522.332112][ T9161] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.740 (9161)
[  522.468397][ T9161] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  522.479133][ T9161] BTRFS info (device loop3): using sha256 (sha256-lib) checksum algorithm
[  522.488320][ T9161] BTRFS info (device loop3): using free-space-tree
[  522.926771][ T9161] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  523.310792][ T9183] loop4: detected capacity change from 0 to 32768
[  523.354461][ T9183] (syz.4.746,9183,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  523.372521][ T9183] (syz.4.746,9183,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  523.393353][ T9183] (syz.4.746,9183,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0x656d756e, computed 0x83128178. Applying ECC.
[  523.444990][ T9183] JBD2: Ignoring recovery information on journal
[  523.550686][ T9183] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  523.876986][    T0] NOHZ tick-stop error: local softirq work is pending, handler #10!!!
[  523.905569][ T9183] ocfs2: Unmounting device (7,4) on (node local)
[  524.822416][ T9199] loop4: detected capacity change from 0 to 8
[  524.870004][ T9199] SQUASHFS error: Unable to read inode 0x127
[  525.089147][ T5861] usb 4-1: new high-speed USB device number 28 using dummy_hcd
[  525.362876][ T5861] usb 4-1: Using ep0 maxpacket: 8
[  525.474382][ T5861] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 42, changing to 9
[  525.487631][ T5861] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  525.497799][ T5861] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  525.508569][ T5861] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 65535, setting to 1024
[  525.520681][ T5861] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024
[  525.531268][ T5861] usb 4-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58
[  525.541049][ T5861] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  526.107218][ T9208] loop5: detected capacity change from 0 to 256
[  526.652885][ T5861] usb 4-1: config 0 descriptor??
[  526.694009][ T9208] exFAT-fs (loop5): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x53fda505, utbl_chksum : 0xe619d30d)
[  526.710108][ T9208] exFAT-fs (loop5): bogus allocation bitmap size(need : 2, cur : 17179869186)
[  526.728298][ T9198] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  527.040308][ T5101] Bluetooth: hci5: Opcode 0x0c03 failed: -71
[  527.205054][ T5861] usb 4-1: USB disconnect, device number 28
[  528.922665][ T9213] loop0: detected capacity change from 0 to 1024
[  529.413863][ T9213] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  530.772718][ T5801] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  531.101983][ T9226] loop0: detected capacity change from 0 to 256
[  531.999547][   T30] kauditd_printk_skb: 29 callbacks suppressed
[  531.999634][   T30] audit: type=1326 audit(1755200749.495:198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9228 comm="syz.4.761" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f49b998ebe9 code=0x7ffc0000
[  532.028675][   T30] audit: type=1326 audit(1755200749.495:199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9228 comm="syz.4.761" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f49b998ebe9 code=0x7ffc0000
[  532.051368][   T30] audit: type=1326 audit(1755200749.495:200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9228 comm="syz.4.761" exe="/root/syz-executor" sig=0 arch=c000003e syscall=448 compat=0 ip=0x7f49b998ebe9 code=0x7ffc0000
[  532.074039][   T30] audit: type=1326 audit(1755200749.505:201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9228 comm="syz.4.761" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f49b998ebe9 code=0x7ffc0000
[  532.096924][   T30] audit: type=1326 audit(1755200749.505:202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9228 comm="syz.4.761" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f49b998ebe9 code=0x7ffc0000
[  532.144203][ T9229] loop3: detected capacity change from 0 to 512
[  532.258105][ T9229] EXT4-fs (loop3): blocks per group (95) and clusters per group (32768) inconsistent
[  532.329417][ T9226] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xd67973f8, utbl_chksum : 0xe619d30d)
[  532.633559][ T9226] exFAT-fs (loop0): error, in sector 160, dentry 12 should be unused, but 0x85
[  532.643091][ T9226] exFAT-fs (loop0): Filesystem has been set read-only
[  533.088816][ T9233] loop5: detected capacity change from 0 to 4096
[  534.924054][   T30] audit: type=1326 audit(1755200752.685:203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9238 comm="syz.4.765" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f49b998ebe9 code=0x0
[  535.014654][ T9233] workqueue: Failed to create a rescuer kthread for wq "ext4-rsv-conversion": -EINTR
[  535.014914][ T9233] EXT4-fs: failed to create workqueue
[  535.030568][ T9233] EXT4-fs (loop5): mount failed
[  536.708918][    T0] NOHZ tick-stop error: local softirq work is pending, handler #0a!!!
[  537.412871][ T1287] ieee802154 phy0 wpan0: encryption failed: -22
[  537.419783][ T1287] ieee802154 phy1 wpan1: encryption failed: -22
[  537.595343][    T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!!
[  537.817707][    T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!!
[  537.902539][    T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!!
[  537.967679][    T0] NOHZ tick-stop error: local softirq work is pending, handler #82!!!
[  538.057746][    T0] NOHZ tick-stop error: local softirq work is pending, handler #82!!!
[  542.000974][ T9258] syz_tun: entered promiscuous mode
[  554.271989][ T9306] loop3: detected capacity change from 0 to 8
[  560.049551][ T9306] SQUASHFS error: lzo decompression failed, data probably corrupt
[  560.057724][ T9306] SQUASHFS error: Failed to read block 0x91: -5
[  560.064083][ T9306] SQUASHFS error: Unable to read metadata cache entry [8f]
[  560.071574][ T9306] SQUASHFS error: Unable to read inode 0x11f
[  560.914466][ T9312] loop0: detected capacity change from 0 to 256
[  561.074858][ T9312] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  561.086231][ T9312] exFAT-fs (loop0): Medium has reported failures. Some data may be lost.
[  561.289604][ T9312] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xe5674ec2, utbl_chksum : 0xe619d30d)
[  561.577100][ T5805] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  561.596821][ T5805] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  561.621336][ T5805] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  561.649381][ T5805] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  561.685341][ T5805] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  561.743037][ T5101] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  561.837847][ T5101] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  561.855437][ T5101] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  561.941149][ T5101] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  561.969314][ T5101] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  562.350653][ T9315] virt_wifi0 speed is unknown, defaulting to 1000
[  564.168601][ T5805] Bluetooth: hci5: command tx timeout
[  565.464848][ T9315] chnl_net:caif_netlink_parms(): no params data found
[  566.211234][ T5805] Bluetooth: hci5: command tx timeout
[  568.297972][ T5805] Bluetooth: hci5: command tx timeout
[  571.477979][ T9361] ptrace attach of "./syz-executor exec"[5813] was attempted by "./syz-executor exec"[9361]
[  576.146355][ T9315] bridge0: port 1(bridge_slave_0) entered blocking state
[  576.154131][ T9315] bridge0: port 1(bridge_slave_0) entered disabled state
[  576.162033][ T9315] bridge_slave_0: entered allmulticast mode
[  576.171844][ T9315] bridge_slave_0: entered promiscuous mode
[  576.543292][ T9315] bridge0: port 2(bridge_slave_1) entered blocking state
[  576.551125][ T9315] bridge0: port 2(bridge_slave_1) entered disabled state
[  576.559054][ T9315] bridge_slave_1: entered allmulticast mode
[  576.568721][ T9315] bridge_slave_1: entered promiscuous mode
[  576.929614][ T5805] Bluetooth: hci5: command tx timeout
[  577.179816][ T9367] loop0: detected capacity change from 0 to 256
[  577.295082][ T9367] exfat: Deprecated parameter 'utf8'
[  577.708798][ T9367] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xd67973f8, utbl_chksum : 0xe619d30d)
[  578.053359][ T9315] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  578.341770][ T9315] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  578.428215][ T5101] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  578.468403][ T5101] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  578.488641][ T5101] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  578.572772][ T5101] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  578.592298][ T5101] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  579.238963][ T9374] exFAT-fs (loop0): error, in sector 160, dentry 12 should be unused, but 0x85
[  580.436949][ T9315] team0: Port device team_slave_0 added
[  580.467008][ T9371] virt_wifi0 speed is unknown, defaulting to 1000
[  580.533719][ T9315] team0: Port device team_slave_1 added
[  580.690302][ T5805] Bluetooth: hci6: command tx timeout
[  581.925896][ T9315] batman_adv: batadv0: Adding interface: batadv_slave_0
[  581.934318][ T9315] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  581.961144][ T9315] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  582.238979][ T9315] batman_adv: batadv0: Adding interface: batadv_slave_1
[  582.246140][ T9315] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  582.272828][ T9315] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  582.798868][ T5101] Bluetooth: hci6: command tx timeout
[  583.760468][ T9315] hsr_slave_0: entered promiscuous mode
[  583.771451][ T9315] hsr_slave_1: entered promiscuous mode
[  583.780975][ T9315] debugfs: 'hsr0' already exists in 'hsr'
[  583.786906][ T9315] Cannot create hsr debugfs directory
[  585.047980][ T5805] Bluetooth: hci6: command tx timeout
[  586.193697][ T9384] netlink: 4 bytes leftover after parsing attributes in process `syz.5.806'.
[  588.048618][ T5805] Bluetooth: hci6: command tx timeout
[  589.096322][ T9371] chnl_net:caif_netlink_parms(): no params data found
[  592.826960][ T3836] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  593.115468][ T9393] loop0: detected capacity change from 0 to 128
[  593.118607][ T3836] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  593.289783][ T9393] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  593.333269][ T3836] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  593.409422][ T9393] ext4 filesystem being mounted at /156/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  593.527362][ T3836] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  593.553808][ T9393] EXT4-fs warning (device loop0): verify_group_input:137: Cannot add at group 1980571463 (only 1 groups)
[  593.934930][ T5101] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  593.952065][ T5101] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  593.989187][ T5101] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  594.022247][ T5101] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  594.042144][ T5101] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  594.091851][ T5801] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  594.216590][ T9315] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  594.631996][ T9371] bridge0: port 1(bridge_slave_0) entered blocking state
[  594.639701][ T9371] bridge0: port 1(bridge_slave_0) entered disabled state
[  594.647767][ T9371] bridge_slave_0: entered allmulticast mode
[  594.657803][ T9371] bridge_slave_0: entered promiscuous mode
[  594.737409][ T9315] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  594.801021][ T3836] bridge_slave_1: left allmulticast mode
[  594.806914][ T3836] bridge_slave_1: left promiscuous mode
[  594.814024][ T3836] bridge0: port 2(bridge_slave_1) entered disabled state
[  595.659883][ T3836] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  595.705722][ T3836] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  595.724221][ T3836] bond0 (unregistering): Released all slaves
[  595.798478][ T9371] bridge0: port 2(bridge_slave_1) entered blocking state
[  595.806030][ T9371] bridge0: port 2(bridge_slave_1) entered disabled state
[  595.814042][ T9371] bridge_slave_1: entered allmulticast mode
[  595.823991][ T9371] bridge_slave_1: entered promiscuous mode
[  595.878234][ T9315] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  596.128858][ T5101] Bluetooth: hci2: command tx timeout
[  596.169719][ T9315] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  596.315719][ T9397] virt_wifi0 speed is unknown, defaulting to 1000
[  598.392131][ T1287] ieee802154 phy0 wpan0: encryption failed: -22
[  598.399171][ T1287] ieee802154 phy1 wpan1: encryption failed: -22
[  598.418064][ T5101] Bluetooth: hci2: command tx timeout
[  601.378039][ T5101] Bluetooth: hci2: command tx timeout
[  601.892488][ T9371] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  602.102698][ T9371] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  602.771527][ T9371] team0: Port device team_slave_0 added
[  602.880113][ T9371] team0: Port device team_slave_1 added
[  603.660935][ T3836] hsr_slave_0: left promiscuous mode
[  603.688567][ T3836] hsr_slave_1: left promiscuous mode
[  603.696622][ T3836] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  603.704858][ T3836] batman_adv: batadv0: Removing interface: batadv_slave_0
[  603.791474][ T3836] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  603.799371][ T3836] batman_adv: batadv0: Removing interface: batadv_slave_1
[  603.809407][ T5805] Bluetooth: hci2: command tx timeout
[  603.871012][ T3836] veth1_macvtap: left promiscuous mode
[  603.876772][ T3836] veth0_macvtap: left promiscuous mode
[  603.883174][ T3836] veth1_vlan: left promiscuous mode
[  603.889061][ T3836] veth0_vlan: left promiscuous mode
[  604.604381][   T35] smc: removing ib device syz1
[  604.741196][ T3836] team0 (unregistering): Port device team_slave_1 removed
[  604.792956][ T3836] team0 (unregistering): Port device team_slave_0 removed
[  605.126046][ T9371] batman_adv: batadv0: Adding interface: batadv_slave_0
[  605.133492][ T9371] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  605.159999][ T9371] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  605.482052][ T5860] virt_wifi0 speed is unknown, defaulting to 1000
[  605.591792][ T9371] batman_adv: batadv0: Adding interface: batadv_slave_1
[  605.599843][ T9371] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  605.626393][ T9371] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  605.805482][ T9315] 8021q: adding VLAN 0 to HW filter on device bond0
[  606.439806][ T9424] loop5: detected capacity change from 0 to 1024
[  607.682270][ T9371] hsr_slave_0: entered promiscuous mode
[  607.692891][ T9371] hsr_slave_1: entered promiscuous mode
[  607.702007][ T9371] debugfs: 'hsr0' already exists in 'hsr'
[  607.708265][ T9371] Cannot create hsr debugfs directory
[  607.875147][ T9424] =====================================================
[  607.882845][ T9424] BUG: KMSAN: uninit-value in __hfsplus_ext_cache_extent+0x7cb/0x990
[  607.891471][ T9424]  __hfsplus_ext_cache_extent+0x7cb/0x990
[  607.897395][ T9424]  hfsplus_file_extend+0x7b5/0x1df0
[  607.903014][ T9424]  hfsplus_get_block+0xfc3/0x1a20
[  607.908435][ T9424]  __block_write_begin_int+0xa76/0x3030
[  607.914214][ T9424]  cont_write_begin+0x10e1/0x1bc0
[  607.919744][ T9424]  hfsplus_write_begin+0x85/0x130
[  607.924960][ T9424]  cont_write_begin+0x35a/0x1bc0
[  607.930330][ T9424]  hfsplus_write_begin+0x85/0x130
[  607.935525][ T9424]  generic_perform_write+0x365/0x1050
[  607.942053][ T9424]  __generic_file_write_iter+0x213/0x460
[  607.948886][ T9424]  generic_file_write_iter+0x131/0x980
[  607.954589][ T9424]  vfs_write+0xbe2/0x15d0
[  607.959333][ T9424]  __x64_sys_pwrite64+0x2ab/0x3b0
[  607.964579][ T9424]  x64_sys_call+0xe77/0x3e20
[  607.969555][ T9424]  do_syscall_64+0xd9/0x210
[  607.974255][ T9424]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  607.980676][ T9424] 
[  607.983118][ T9424] Uninit was created at:
[  607.989577][ T9424]  __kmalloc_noprof+0x95f/0x1310
[  607.994756][ T9424]  hfsplus_find_init+0x90/0x1d0
[  608.000063][ T9424]  hfsplus_file_extend+0x72f/0x1df0
[  608.005451][ T9424]  hfsplus_get_block+0xfc3/0x1a20
[  608.010923][ T9424]  __block_write_begin_int+0xa76/0x3030
[  608.016698][ T9424]  cont_write_begin+0x10e1/0x1bc0
[  608.022131][ T9424]  hfsplus_write_begin+0x85/0x130
[  608.027333][ T9424]  cont_write_begin+0x35a/0x1bc0
[  608.032700][ T9424]  hfsplus_write_begin+0x85/0x130
[  608.038208][ T9424]  generic_perform_write+0x365/0x1050
[  608.043819][ T9424]  __generic_file_write_iter+0x213/0x460
[  608.051142][ T9424]  generic_file_write_iter+0x131/0x980
[  608.056843][ T9424]  vfs_write+0xbe2/0x15d0
[  608.061562][ T9424]  __x64_sys_pwrite64+0x2ab/0x3b0
[  608.066796][ T9424]  x64_sys_call+0xe77/0x3e20
[  608.071738][ T9424]  do_syscall_64+0xd9/0x210
[  608.076469][ T9424]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  608.082741][ T9424] 
[  608.085194][ T9424] CPU: 1 UID: 0 PID: 9424 Comm: syz.5.808 Tainted: G        W           6.17.0-rc1-syzkaller-00038-g0cc53520e68b #0 PREEMPT(none) 
[  608.099241][ T9424] Tainted: [W]=WARN
[  608.103142][ T9424] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  608.113569][ T9424] =====================================================
[  608.120767][ T9424] Disabling lock debugging due to kernel taint
[  608.127044][ T9424] Kernel panic - not syncing: kmsan.panic set ...
[  608.133619][ T9424] CPU: 1 UID: 0 PID: 9424 Comm: syz.5.808 Tainted: G    B   W           6.17.0-rc1-syzkaller-00038-g0cc53520e68b #0 PREEMPT(none) 
[  608.147434][ T9424] Tainted: [B]=BAD_PAGE, [W]=WARN
[  608.152586][ T9424] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  608.162807][ T9424] Call Trace:
[  608.166199][ T9424]  <TASK>
[  608.169229][ T9424]  __dump_stack+0x26/0x30
[  608.173760][ T9424]  dump_stack_lvl+0x53/0x270
[  608.178537][ T9424]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  608.184553][ T9424]  dump_stack+0x1e/0x25
[  608.188924][ T9424]  vpanic+0x361/0xc50
[  608.193143][ T9424]  panic+0x15d/0x160
[  608.197317][ T9424]  kmsan_report+0x31c/0x320
[  608.202020][ T9424]  ? __msan_warning+0x1b/0x30
[  608.206893][ T9424]  ? __hfsplus_ext_cache_extent+0x7cb/0x990
[  608.213043][ T9424]  ? hfsplus_file_extend+0x7b5/0x1df0
[  608.218654][ T9424]  ? hfsplus_get_block+0xfc3/0x1a20
[  608.224075][ T9424]  ? __block_write_begin_int+0xa76/0x3030
[  608.230037][ T9424]  ? cont_write_begin+0x10e1/0x1bc0
[  608.235457][ T9424]  ? hfsplus_write_begin+0x85/0x130
[  608.240831][ T9424]  ? cont_write_begin+0x35a/0x1bc0
[  608.246204][ T9424]  ? hfsplus_write_begin+0x85/0x130
[  608.251588][ T9424]  ? generic_perform_write+0x365/0x1050
[  608.257395][ T9424]  ? __generic_file_write_iter+0x213/0x460
[  608.263447][ T9424]  ? generic_file_write_iter+0x131/0x980
[  608.269341][ T9424]  ? vfs_write+0xbe2/0x15d0
[  608.274046][ T9424]  ? __x64_sys_pwrite64+0x2ab/0x3b0
[  608.279444][ T9424]  ? x64_sys_call+0xe77/0x3e20
[  608.284427][ T9424]  ? do_syscall_64+0xd9/0x210
[  608.289319][ T9424]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  608.295586][ T9424]  ? stack_depot_save_flags+0x615/0x7b0
[  608.301366][ T9424]  ? kmsan_get_metadata+0xfb/0x160
[  608.306761][ T9424]  ? kmsan_internal_set_shadow_origin+0x79/0x110
[  608.313334][ T9424]  ? kmsan_get_metadata+0xfb/0x160
[  608.318696][ T9424]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  608.324738][ T9424]  ? hfsplus_brec_find+0x216/0x9f0
[  608.330089][ T9424]  ? __pfx_hfs_find_rec_by_key+0x10/0x10
[  608.336017][ T9424]  ? __hfsplus_ext_write_extent+0x535/0x620
[  608.342120][ T9424]  ? kmsan_get_metadata+0xfb/0x160
[  608.347413][ T9424]  __msan_warning+0x1b/0x30
[  608.352070][ T9424]  __hfsplus_ext_cache_extent+0x7cb/0x990
[  608.357995][ T9424]  hfsplus_file_extend+0x7b5/0x1df0
[  608.363405][ T9424]  hfsplus_get_block+0xfc3/0x1a20
[  608.368619][ T9424]  ? kmsan_internal_set_shadow_origin+0x79/0x110
[  608.375169][ T9424]  __block_write_begin_int+0xa76/0x3030
[  608.380949][ T9424]  ? kmsan_get_metadata+0xfb/0x160
[  608.386290][ T9424]  ? __pfx_hfsplus_get_block+0x10/0x10
[  608.391957][ T9424]  cont_write_begin+0x10e1/0x1bc0
[  608.397180][ T9424]  ? kmsan_get_metadata+0xfb/0x160
[  608.402454][ T9424]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  608.408459][ T9424]  ? kmsan_get_metadata+0xfb/0x160
[  608.413767][ T9424]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  608.419768][ T9424]  hfsplus_write_begin+0x85/0x130
[  608.424957][ T9424]  ? __pfx_hfsplus_get_block+0x10/0x10
[  608.430596][ T9424]  ? __pfx_hfsplus_write_begin+0x10/0x10
[  608.436390][ T9424]  cont_write_begin+0x35a/0x1bc0
[  608.441608][ T9424]  hfsplus_write_begin+0x85/0x130
[  608.446801][ T9424]  ? __pfx_hfsplus_get_block+0x10/0x10
[  608.452458][ T9424]  ? __pfx_hfsplus_write_begin+0x10/0x10
[  608.458269][ T9424]  generic_perform_write+0x365/0x1050
[  608.463895][ T9424]  ? kmsan_get_metadata+0xfb/0x160
[  608.469197][ T9424]  __generic_file_write_iter+0x213/0x460
[  608.475067][ T9424]  generic_file_write_iter+0x131/0x980
[  608.480756][ T9424]  ? __futex_wait+0x3f6/0x450
[  608.485587][ T9424]  ? kmsan_get_metadata+0xfb/0x160
[  608.490867][ T9424]  ? __x64_sys_pwrite64+0x2ab/0x3b0
[  608.496251][ T9424]  ? __msan_warning+0x1b/0x30
[  608.501064][ T9424]  ? filter_irq_stacks+0x13f/0x190
[  608.506404][ T9424]  ? stack_depot_save_flags+0x35/0x7b0
[  608.512078][ T9424]  ? kmsan_get_metadata+0xfb/0x160
[  608.517352][ T9424]  ? kmsan_get_metadata+0xfb/0x160
[  608.522636][ T9424]  ? kmsan_internal_set_shadow_origin+0x79/0x110
[  608.529180][ T9424]  vfs_write+0xbe2/0x15d0
[  608.533696][ T9424]  ? __pfx_generic_file_write_iter+0x10/0x10
[  608.539898][ T9424]  __x64_sys_pwrite64+0x2ab/0x3b0
[  608.545117][ T9424]  x64_sys_call+0xe77/0x3e20
[  608.549920][ T9424]  do_syscall_64+0xd9/0x210
[  608.554594][ T9424]  ? irqentry_exit+0x16/0x60
[  608.559327][ T9424]  ? clear_bhb_loop+0x40/0x90
[  608.564163][ T9424]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  608.570199][ T9424] RIP: 0033:0x7f451f98ebe9
[  608.574727][ T9424] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  608.594520][ T9424] RSP: 002b:00007f4520828038 EFLAGS: 00000246 ORIG_RAX: 0000000000000012
[  608.603143][ T9424] RAX: ffffffffffffffda RBX: 00007f451fbb5fa0 RCX: 00007f451f98ebe9
[  608.611247][ T9424] RDX: 0000000000000001 RSI: 0000200000000180 RDI: 0000000000000005
[  608.619319][ T9424] RBP: 00007f451fa11e19 R08: 0000000000000000 R09: 0000000000000000
[  608.627394][ T9424] R10: 0000000000200980 R11: 0000000000000246 R12: 0000000000000000
[  608.635491][ T9424] R13: 00007f451fbb6038 R14: 00007f451fbb5fa0 R15: 00007fff4987b438
[  608.643629][ T9424]  </TASK>
[  608.647138][ T9424] Kernel Offset: disabled
[  608.651662][ T9424] Rebooting in 86400 seconds..