last executing test programs:

1m31.524443771s ago: executing program 4 (id=5):
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
tkill(r0, 0x19)

1m31.287990186s ago: executing program 4 (id=17):
r0 = getpid()
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, 0x0, 0x0)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFULNL_MSG_CONFIG(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000009c0)=ANY=[@ANYBLOB="2400000001040102000000c9fd0000000000000008000340000100000500010001"], 0x24}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
sendmsg$NFULNL_MSG_CONFIG(r3, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[@ANYBLOB="340000000104050000000000000000000700000006000640000200000500010002"], 0x34}}, 0x2000004)

1m27.957256166s ago: executing program 4 (id=36):
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000044, &(0x7f0000000680), 0x1, 0x55e, &(0x7f0000001bc0)="$eJzs3d9rW+UbAPDnpM1+f7/rYAwVkcIunMyla+uPCV7MS9HhQO9naM/KaLqMJh1rHbhduBtvZAgiDsR7vfdKhv+Af8VAB0NG0QtvKic9abs1adIuWzrz+cDZ3jfnJO95cs7z9n1zTkgAA2s0+6cQ8WJEfJVEHI6IJF83HPnK0dXtlh9en8qWJFZWPv4zaWyX1Zuv1XzewbzyQkT8+kXEycLmdmuLS7PlSiWdz+tj9bkrY7XFpVOX5soz6Ux6eWJy8sybkxPvvP1Wz2J97fzf33509/0zXx5f/uan+0duJ3E2DuXrNsbxBG5srIzGaP6eFOPsYxuOr/7XizZ3haTfO8CODOV5XoysDzgcQ3nWA/99n0fECjCgEvkPA6o5DmjO7Xs0D35uPHhvdQK0Of7h1c9GYl9jbnRgOXlkZpTNd0d60H7Wxs9/3LmdLdG7zyEAOrpxMyJODw9v7v+SvP/budNdbPN4G/o/eHbuZuOf11uNfwpr459oMf452CJ3d6Jz/hfu96CZtrLx37stx79rF61GhvLa/xpjvmJy8VIlzfq2/0fEiSjuzerjW7RxZvneSrt1G8d/2ZK13xwL5vtxf3jvo8+ZLtfLTxLzRg9uRrzUcvybrB3/pMXxz96P8122cSy980q7dZ3jf7pWfoh4teXxX7+ilWx9fXKscT6MNc+Kzf66dey3du33O/7s+B/YOv6RZOP12tr22/h+3z9pu3WPxB/dn/97kk8a5T35Y9fK9fr8eMSe5MPNj0+sP7dZb26fxX/i+Nb93/r5/8va6+yPiE+7jP/W0R9f3tdN/H06/tPbOv7bL9z74LPv2rXfXf/3RqN0In+km/6vw34VY8dnMwAAAAAAAOxehYg4FEmhtFYuFEql1fs7jsaBQqVaq5+8WF24PB2N78qORLHQvNJ9eMP9EOP5/bDN+sRj9cmIOBIRXw/tb9RLU9XKdL+DBwAAAAAAAAAAAAAAAAAAgF3iYJvv/2d+H+r33gFPnZ/8hsHVMf978UtPwK7k7z8MLvkPg0v+w+CS/zC45D8MLvkPg0v+w+CS/wAAAAAAAAAAAAAAAAAAAAAAAAAAANBT58+dy5aV5YfXp7L69NXFhdnq1VPTaW22NLcwVZqqzl8pzVSrM5W0NFWd6/R6lWr1yvhELFwbq6e1+lhtcenCXHXhcv3CpbnyTHohLT6TqAAAAAAAAAAAAAAAAAAAAOD5Ultcmi1XKum8gsKOCsO7YzcUelzod88EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOv+DQAA//8Kozfs")
r0 = open(&(0x7f0000000000)='./file1\x00', 0x143142, 0x80)
syz_clone(0x80000, 0x0, 0x0, 0x0, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
write$UHID_INPUT(0xffffffffffffffff, &(0x7f0000000000)={0xfc, {"a2e3ad21ed0d1bf91b29550987f70e06d038e7ff7fc6e5539b0d3d0e8b089b3f3b096c060890e0878f0e1ac6e7049b096e959b449a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31070b075d0d36cd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130f91850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f4077fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a81aa1020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b21052010689af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153fae46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c343f7f140f319539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474b0679dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691951264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d984836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a70500be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x8f5}}, 0x1006)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
ioctl$KVM_GET_SUPPORTED_HV_CPUID_cpu(0xffffffffffffffff, 0xc008aec1, 0x0)
ioctl$EXT4_IOC_GET_ES_CACHE(r0, 0xc020662a, &(0x7f0000000040)={0x1000956c, 0xfffffffffffffffa, 0x4, 0xb3})

1m25.650638898s ago: executing program 4 (id=42):
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000280)={'veth0_virt_wifi\x00', &(0x7f0000002240)=@ethtool_sset_info={0x37, 0x5, 0x50a}})
mprotect(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x4)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000280)={'bridge0\x00', 0x0})

1m24.912481458s ago: executing program 4 (id=48):
openat(0xffffffffffffff9c, &(0x7f0000000380)='./file0\x00', 0x40, 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f0000002980)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000000040)={0x50, 0x0, r1, {0x7, 0x1f, 0x2000, 0xa68d7c519f800ff1, 0xffbc, 0x6, 0x1d45, 0x0, 0x0, 0x0, 0x40}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f0000008380)="00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000060000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)={0x20, 0x0, 0x68cc, {0x0, 0x14}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x101001, 0x0)
writev(r2, 0x0, 0x0)
close(r0)

1m24.367552388s ago: executing program 32 (id=48):
openat(0xffffffffffffff9c, &(0x7f0000000380)='./file0\x00', 0x40, 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f0000002980)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000000040)={0x50, 0x0, r1, {0x7, 0x1f, 0x2000, 0xa68d7c519f800ff1, 0xffbc, 0x6, 0x1d45, 0x0, 0x0, 0x0, 0x40}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f0000008380)="00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000060000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)={0x20, 0x0, 0x68cc, {0x0, 0x14}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x101001, 0x0)
writev(r2, 0x0, 0x0)
close(r0)

1m10.940513075s ago: executing program 1 (id=90):
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x2010008, &(0x7f00000001c0), 0x1, 0x53b, &(0x7f0000000b80)="$eJzs3cFvHFcZAPBvNl7HSZzaBQ5QqaWiRUkF2Y1r2locSpEQnCohyj0Ye2NZWXste93GVgXrvwAJIUDiBBcuSPwBSCgSF44IKRKcQSoCIUhBggN00OzO2mY9a2/SjTde/37SZN6b2Znvexu/2Zmdp9kAzq3nI+KNiPggTdOXImImX17Kp2h1pux17z94dymbkkjTt/6WRJIv6+4ryedX8s2mIuJrX4n4ZnI07tbO7p3Fer22mderzbWN6tbO7o3VtcWV2kptfX5+7tWF1xZeWbg5lHZejYjXv/Sn73/np19+/ZeffeePt/5y/VtZWtP5+sPteEgTx63sNL18capng81HDPYkytpT7lYuDbbN3mPMBwCA/rJz/I9ExKci4qWYiQvHn84CAAAAZ1D6hen4TxKRFpvssxwAAAA4Q0rtMbBJqZKPBZiOUqlS6Yzh/VhcLtUbW83P3G5sry93xsrORrl0e7Veu5mPFZ6NcpLV59rlg/rLPfX5iHg6Ir43c6ldryw16suj/vIDAAAAzokrPdf//5zpXP8DAAAAY2Z21AkAAAAAj53rfwAAABh/rv8BAABgrH31zTezKe3+/vXy2zvbdxpv31iubd2prG0vVZYamxuVlUZjpf3MvrWT9ldvNDY+F+vbd6vN2lazenVn99ZaY3u9eWs1pk6lQQAAAMART3/y3u+TiGh9/lJ7ykyOOingVEzsl5J8XtD7//BUZ/7eKSUFnIoLA7zmvYvFy50nwNk20bugT18Hxk951AkAI5ecsL7v4J3fdGalIecDAAAM37VPFN//P/l8vuWUH844nRjOr577/+nMqBIBTl37/v+gA3mcLMBYKQ80AhAYZx/2/v/J0vShEgIAAIZuuj0lpUr+9d50lEqVSsTV9s8ClJPbq/XazYh4KiJ+N1O+mNXn2lsmJ14zAAAAAAAAAAAAAAAAAAAAAAAAAAAdaZpECgAAAIy1iNKfk191nuV/bebF6d7vByaTf7d/EngyIt750Vs/uLvYbG7OZcv/vr+8+cN8+cuj+AYDAAAA6NW9Tm/P/zXqbAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYN+8/eHepOw3w8kvDivvXL0bEbFH8iZhqz6eiHBGX/5HExKHtkoi4MIT4rb2I+HhR/CRLaz9kUfxhvAmtvaSVthXGj9n8XSiKf2UI8eE8u5cdf94o6v+leL49L+5/ExH/V39U/Y9/sX/8u9Cn/18dMMYz939e7Rt/L+KZieLjXzd+0if+CwPG/8bXd3f7rUt/HHGt+/nTPuIdjnBQqjbXNqpbO7s3VtcWV2ortfX5+blXF15beGXhZvX2ar2W/1sY47vP/uKD49p/ufDzL8mz6d/+Fwv2V/SZ9N/7dx98tFtpHY1//YWC+L/+Sf6Ko/FLeZxP5+Vs/bVuudUpH/bcz3773HHtXz5of/lh/v+v99tpryMd5dlB/3QAgMdga2f3zmK9Xtsc20J2lf4EpPEohcl4ItIY38K3s8L9Ye0wTdM061MFq+5FxCD7SWLILS0V53NQ6HsEGPWRCQAAGLaDk/5RZwIAAAAAAAAAAAAAAAAAAADn12k8Za035sEjkJNhPEIbAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAo/hcAAP//Yw3Xfw==")
r0 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='.\x00', 0x0, 0x0)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r0, 0xc0185879, &(0x7f0000000080)={@desc={0x4100, 0x0, @desc3}})

1m9.899319801s ago: executing program 1 (id=95):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="18080000000000000000000000400000851000000600000018020000", @ANYRES32, @ANYBLOB="000000000000000066000000ffffff80180000000000000000000000000000009500000000000000360a000000000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b50a00000000000085000000060000009500000000000000"], &(0x7f0000000000)='GPL\x00', 0x2, 0xde, &(0x7f0000000340)=""/222}, 0x6f)

1m9.547053787s ago: executing program 1 (id=98):
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000001c0)=0x5)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000200)=@file={0x0, './file1\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x12, 0xc, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x7, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0x94)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f00000000c0)='./file1\x00', 0x101880a, &(0x7f0000000400)=ANY=[@ANYBLOB="6e6f646973636172642c6261636b67726f756e645f67633d73796e632c61636c2c6673796e635f6d6f64653d7374726963742c696e6c696e655f78617474722c6673796e635f6d6f64653d706f7369782c646973636172645f756e69743d7365676d656e742c6261636b67726f756e645f67633d6f6e2c6e6f696e6c696e655f78617474722c646973636172645f756e69743d626c6f636b2c6673796e635f6d6f64653d7374726963742c617467632c657874656e745f63616368652c6661756c745f696e6a656374696f6e3d30303030303030303030303030303031343033302c00271d57a599b8b169a579679e220c689eaaec4fa6229021e75c68a687d319b615573b0b0ceefba8e2e2419434463974ef8174b66469344931de0ccad650792761"], 0x1, 0x550b, &(0x7f00000079c0)="$eJzs3M1rI2UYAPAn/dhv1yIevO3AIrSwiU0/Fr1V3cUP7FJWPXjSNElDdpNMadK09uTBo3jwPxEFTx79Gzx49iYeFG+Ckpmpbv0AoWlj298PJs+8b94887xhWXhmSgK4sOaSX34qxc24GhHTEXEjIjsvFUdmLQ/PRcStiJh64igV839MXIqIaxFxc5Q8z1kq3vrszvD26o9v/vz1t5dnrn/+1XeT2zUwac9HRHc7P9/r5jFt5fFRMV8btrPYXRkWMX+j+7gYp3nca25mGfZqh+tqWVxu5evT7d3+KG51avVRbLW3svntXn7B/rB1mCf7wKPaTjZuNDez2O6nWWwd5HXtH+T/tx30B3meRpHvwyx9DAaHMZ9v7jfz/Ww/zmK9Nyjm87xpo7k/isMiFpeLetppZHVsHueb/n97q93b3U+GzZ1+O+0lq5Xqi5Xq3XJ1J200B82Vcq3buLuSzLc6o2XlQbPWXWulaavTrNTT7kIy36rXy9VqMn+vudmu9ZJqtbJcWSyvLhRnd5LXHrybdBrJ/Ci+0u7tDtqdfrKV7iT5JxaSpcrySwvJ7Wry9vpGsvHw/v31jXfev/feg5fX33i1WPS3spL5pcWlpXJ1sbxUXbhA+/+4KHqM+4djKU26AICzR/8PTMLJ9f87DyNOvv8P/f9YnKn+9/z1/3svREx0/3As+n8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAvr+9kvXs9O5vLx9WL+qWLqmWJcioipiPjtH0zHpSM5p4s8s/+yfvYvNXxTiizD6BqXi+NaRKwVx69Pn/S3AAAAAOfXlx/d+jTv1vOXuUkXxGnKb9pM3fhgTPlKETE798OYsk2NXp4dU7Ls3/dM7I8pW3YD68qYkuW33GbGle0/mT4SrjwRSnmYOtVyAACAU3G0EzjdLgQAAIDT9MmkC2AySnH4KPPwWXD2l/d/PhC8emQEAAAAnEGlSRcAAAAAnLis//f7fwAAAHC+5b//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAv7NzP7eJA1EcgJ8NXth/WrTa+7ayNyhjS9jjHiMKSBMUkANpIQ1QA7mlhAgiPA6BiEMkj20l+j7JmYxlfrxBcJgZaQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAu3Vfrxe3V7+u2Obt9O3lGAwAAAFyyrdaL+p9Z6n9t7n9vbv1s+kVElBFxae4+ik9nmaMmp3p5/ub0+epVDXcRdcLhPSbN9SUi/jTX44+uPwUAAAD4uDbL1TzN1tOf2dAF0ae0aFN++5spr4iIavaQKa085P3KFFZ/v8fxP1NavYA1zRSWltzGudLepP65H1ftpidNkZry4suORWYbOwAA0KPRWdPvLAQAAIA+/Ru6AIZRxPNW5nErcJKaZnvv81kPAAAAeIeKoQsAAAAAOlfP/3s6/2/v/D8AAAAYRjr/DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgC5tq/Vis1zN2+bs9u3kGQ0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADyxP+8oEAJhEAZ713cmc//DSoOmpiZVIHz8jcEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAm9/95f/E1DiTzL02lp5HkrVTY+vU2Ds3jv4wvn4NAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMX+vKRACARBFMwZ/zvp+x9WEvQMIkRAw6OKWjQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBFv/vl/8TUOJPMnTaWjkeStavG1lVj70Hj6MF4+zcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMXO/bzGUcUBAP/OzM7WtooxSg4RUfCgF5tua2tv4kEJHvwThJBua+zWH20QW4qYizfJuRfRo4igxFv/h55b6KXeethDBc/KzM5kp23A9dfMNvl84M377jDM+75ZCPnOewkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAtfFb0zgrDguTOK3O3bp/bb3obz/UF25s31kuWhEnbSb9eHih+SFZioij3SUDAADAwZDV9X1E3M13Vos+XSjr/7y+pqj5v31qElf1/Gd1yfpw/V/X/kX75ed7z+0OtDAZp7jpuY3R8PijqfT+rznOu6f/8ope+eTLdy9Z+YWk7249O87L55l8ffPm2/0yPNRGtgDAP3Gs7qug/n2o6AddJgbAgdFrFN51/Z8tdJsTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQBvGW3G0jpOIWO5N48Lt+9fW9+pvbN9Zrtvp69e348vpPYtb5BFxbmM0PN7qbObb5StXL6yNRsNL7QcvRkRXo79ZTf/C+zNcHNHJ8xH8R0Fafdnzks/jEXT4QwkAgH0pr1pR19/Nd1aLc8lixB/fPVj/v9KIY8b6/94Hp281x2rW/4PWZjj/VjYvfrJy+crV1zYurp0fnh9+9PqJwRuDk2dOnTqzUr4rWfHGBAAAgH+nX7Vm/Z8uPrr+f6QRx4z1/6ffDL5ojpWp//c0XfTrOhMAAICD7ZmXfv8t2eN80u/H52ubm5cGk+Pu5xOTYwep/m2Hqtas/7PFrrMCAAAA2jDeSh5Y/z/biGPG9f8nv3/+x+Y9s4g4XK3/H1v/eHS2venMtTb+nLjrOQIAANCtw1Vrrv/n5f7/dHfLQxoRr748iat/AzhT/Z+989UPzbGa+/9PtjfFuZQuTZ5H2S9F9Ja6zggAAID97ImqFcX+r/nO6oc/HXmvb/8/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQNv+DAAA///fxzxy")
r3 = syz_open_procfs(0x0, &(0x7f0000000100)='mountinfo\x00')
sendfile(r3, r3, 0x0, 0x80000000)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x183341, 0x0)
syz_clone(0x0, 0x0, 0x9, 0x0, 0x0, 0x0)
sendmsg$NL80211_CMD_SET_WDS_PEER(r4, &(0x7f0000000580)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000540)={&(0x7f0000000340)={0x94, 0x0, 0x1, 0x70bd28, 0x25dfdbfe, {{}, {@val={0x8}, @val={0xc, 0x99, {0x6, 0x3c}}}}, [@NL80211_ATTR_MAC={0xa, 0x6, @random="dd8e05eee224"}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa, 0x6, @random="9eee3594018f"}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac=@device_b}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa, 0x6, @random="727234e79011"}]}, 0x94}, 0x1, 0x0, 0x0, 0x8000}, 0x200000d0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)

1m4.550843702s ago: executing program 1 (id=104):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000c80)='./file1\x00', 0x210004, &(0x7f0000000240)={[{@dioread_lock}, {@resgid}, {@min_batch_time}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@resgid}, {@errors_remount}, {@grpid}, {@jqfmt_vfsv0}]}, 0xfc, 0x58f, &(0x7f0000002d00)="$eJzs3U1rXFUfAPD/nUzSNu3zNIVS1IUUurBSO2kSXyoI1pWIFgu6r0MyDSWTTslMShMLtgu7cSNFELEgfgD3LotfwE9R0EKREnQhQuRO7qTTZCavE2fS+f3gtufMuTfn/nPuOTln7gw3gL51Mv0nF/FiRHydRBxtKstHVnhyZb+lJ7cm0y2J5eVP/kgiyV5r7J9k/x/OMi9ExC9fRpzJra+3urA4UyyXS3NZfrQ2e320urB49upscbo0Xbo2PjFx/o2J8bfferNjsb566a/vPn7wwfmvTi19+9OjY/eSuBBHsrLmOHbhdnPmZPGfLDUYF9bsONaBynpJ0u0TYEcGsn4+GOkYcDQGsl4PPP++iIhloE8l+j/0qcY8oLG279A6eN94/N7KAqge+1Bz/PmV90biYH1tNLyUPLMySte7Ix2oP63j59/v30u32Ph9iEOb5AG25fadiDiXz68f/5Ns/Nu5c/U3jze2to5++/sD3fQgnf+81mr+l1ud/0SL+c/hFn13Jzbv/7lHHaimrXT+907L+e/q0DUykOX+V5/zDSZXrpZL5yLi/xFxOgYPpPmN7uecX3q43K6sef6Xbmn9jblgdh6P8geePWaqWCtGxNBu4m54fCfipXyr+JPV9k9atH/6+7i0xTpOlO6/3K5s8/j31vKPEa+0bP+nd7SSje9Pjtavh9HGVbHen3dP/Nqu/m7Hn7b/8MbxjyTN92ur26/jh4N/l9qVpfEP7+D6H0o+racbneBmsVabG4sYSj5a//r402Mb+cb+afynT63E/+xkJbfh9Z8uvj7bYvx3j99tu2svtP/Uttp/+4mHH37+fbv6tzb+vV5Pnc5eyca/1rJrZasnuNvfHwAAAAAAAPSSXEQciSRXWE3ncoXCyuc7jsdwrlyp1s5cqcxfm4r6d2VHYjDXuNN9tOnzEGPZ52Eb+fE1+YmIOBYR3wwcqucLk5XyVLeDBwAAAAAAAAAAAAAAAAAAgB5xuM33/1O/DXT77IA9V3+wwYFunwXQDZs+8r8TT3oCetKm/R94bun/0L/0f+hfa/t/R54sDOwL/v5D/9L/oX/p/9C/9H8AAAAAAAAAAAAAAAAAAAAAAAAAAADoqEsXL6bb8tKTW5NpfurGwvxM5cbZqVJ1pjA7P1mYrMxdL0xXKtPlUmGyMrvZzytXKtfHxmP+5mitVK2NVhcWL89W5q/VLl+dLU6XLpcG/5OoAAAAAAAAAAAAAAAAAAAAYH+pLizOFMvl0txqIp+VzK0v6tPEu9ETp7GXAa7Y0eH5XolibxLvD/TEaewmcSdr3u0d1aUBCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABa+DcAAP//Rm0oPg==")
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2000008, 0x4031, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x0, 0x200000005c832, 0xffffffffffffffff, 0x0)
r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
ptrace$poke(0x1, r0, &(0x7f0000000040), 0x8000000000000001)

1m4.194169014s ago: executing program 1 (id=107):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x1000410, &(0x7f0000000000), 0x4, 0x4f2, &(0x7f0000000a40)="$eJzs3c9vVF0ZAOD3Tjttv34DBWWhRgURRUOY/gAaggthozGExEhcuYDaDk3TGabptEgri7J0byKJK/0T3LkwYeXCnTvducGFCSrRUBMXY+6dSzu0HVqk7dDO8yR37j3nXuY9Z4ZzztzDDCeAnnUuItYiYiAi7kfESJ6f5FvcbG3pda9fPZlef/VkOolm8+4/kux8mhdtfyb1af6cQxHxg+9G/DjZHrexsjo/Va1WFvP06FJtYbSxsnp5rpDnTEyOT45dv3JtYt/qerb2m5ffmbv9w9/99ksv/rj2zZ+mxSr97ER2rr0e+6lV9WKU2vL6I+L2QQTrkv787w9HT9raPhMR57P2PxJ92bsJABxnzeZINEfa0wDAcZfe/5ciKZTzuYBSFArlcmsO70wMF6r1xtKlkfryw5nI5rBORbHwYK5aGcvnCk9FMUnT49nxZnpiS/pKRJyOiJ8PfpKly9P16kw3P/gAQA/7dMv4/+/B1vgPABxzQ+95va8IAMDR977jPwBw9Bn/AaD3vMf4b+ofAI4J9/8A0HuM/wDQe3Yd/58eTjkAgEPx/Tt30q25nv//1zOPVpa/VXp0eabSmC/XlqfL0/XFhfJsvT5brZSnm83dnq9ary+MX91INlZW79Xqyw+X7s3VpmYr9yrFA64PALC702ef/zmJiLUbn2RbtK3lYKyG463Q7QIAXdPX7QIAXeP3PNC79nCPbxoAjrkdluh9S8evCD2z+CscVRc/b/4fepX5f+hd/9/8/7f3vRzA4TP/D72r2Uys+Q8APcYcP/BB//4PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPaqUbUmhnK0FvpY+FsrliBMRcSqKyYO5amUsIk5GxJ8Gi4NperzbhQYAPlDhb0m+/tfFkQulrWcHkv8MZvuI+Mkv7/7i8dTS0uJ4mv/PjfylZ3n+xEA3KgAAtLu5Pas1Tuf7thv516+eTL/ZDrOIL2+1FhdN467nW+tMf/Rn+6EoRsTwv5I83ZJ+Xunbh/hrTyPic5v1f9wWoZTNgbRWPt0aP4194gDib77+W+MX3opfyM6l+2L2Wnx2H8oCveb5rVY/mbe9tInl7a8Q57L9zu1/KOuhPtyb/m99W/9X2Oj/+rbFT7I2f24j/e6SvLz6++9ty2yOtM49jfhC/07xk434SYf+98Ie6/iXL375fKdzzV9FXIyd47fUsm52dKm2MNpYWb08V5uarcxWHk5MTI5Pjl2/cm1iNJujbj3+YacYf79x6WSn+Gn9hzvEH9ql/l/bY/1//d/7P/rKO+J/46s7v/9n3hE/HRO/vsf4U8M3Oy7fncaf6VD/3d7/S3uM/+KvqzN7vBQAOASNldX5qWq1srjLQfpZc7drHBzNg1iL+AiKkR8MxEdRjJ4/6HbPBBy0zUbf7ZIAAAAAAAAAAAAAAACdNFZW5wfjYH9O1O06AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcHz9LwAA//9Jt84K")
renameat2(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000140)='./file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)

1m2.310797896s ago: executing program 1 (id=111):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB="24000000190001092bbd70000000000002188000ff"], 0x24}, 0x1, 0x0, 0x0, 0x8000}, 0x0)

1m1.675676838s ago: executing program 33 (id=111):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB="24000000190001092bbd70000000000002188000ff"], 0x24}, 0x1, 0x0, 0x0, 0x8000}, 0x0)

17.450171145s ago: executing program 5 (id=227):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
epoll_create1(0x80000)
r1 = syz_usb_connect$printer(0x0, 0x36, &(0x7f00000001c0)=ANY=[@ANYBLOB="1201000000030020f003176c400000000001090224725100000000090400001207010300090501020000000000090582020002"], 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2)
ioctl$KVM_X86_SET_MCE(r4, 0x4040ae9e, &(0x7f0000000140)={0xe200000000000000, 0x3000, 0xfffffffffffffffd, 0x2, 0x2})
syz_usb_control_io(r1, 0x0, 0x0)
syz_usb_disconnect(0xffffffffffffffff)
syz_open_dev$char_usb(0xc, 0xb4, 0x80000000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x3, 0x402, 0x6, 0xfffa}, 0x3a, [0x8000, 0xc95a, 0xf, 0x8, 0x83, 0x2, 0x3, 0x7f, 0xa9, 0x4d, 0x6, 0x5f, 0x9, 0x15, 0xffff2d37, 0xff7fff01, 0x6, 0x5, 0x7, 0x5, 0xdb, 0x0, 0x7, 0x3c5b, 0x1, 0x24, 0x10, 0x5, 0x0, 0xffffffff, 0xe661, 0x80, 0x5, 0x20003, 0x8, 0x4c74, 0x10000, 0x242, 0x3, 0xe, 0x3, 0x80008071, 0x800, 0x17, 0x0, 0x7, 0x5, 0x3e, 0x18e, 0x200006, 0x6, 0x454f, 0x6, 0x80004, 0x8, 0x3ff, 0x80, 0x0, 0x5, 0x0, 0x8, 0x8000, 0x1, 0x40], [0x10000007, 0x9, 0x8000012f, 0x8004, 0x5, 0xffffbff3, 0x129432f6, 0xc8, 0xf1, 0xe, 0x2bf, 0x6c7, 0x2, 0xfffffffc, 0x5, 0x0, 0x0, 0x9, 0x2f, 0xe, 0x1, 0x66abcbd2, 0xea4, 0x8, 0x4, 0x7, 0x7fff, 0x6, 0x400, 0x401, 0x6, 0x1, 0xff, 0x5, 0xfffff575, 0x5f31, 0xd, 0x4e0, 0x381, 0x4, 0xb, 0x4, 0x9, 0x8, 0x5, 0x6, 0x47, 0x6, 0x1, 0xfe000000, 0x8, 0x2, 0x4, 0x9, 0x3, 0x3, 0x4000009, 0x6, 0x0, 0x3, 0xbc45, 0x48c93690, 0x42, 0x3], [0x7, 0x408, 0x4, 0x5, 0xfffffffd, 0x100, 0x4, 0x9, 0x9, 0x7fff, 0x0, 0x5, 0xb, 0x4, 0x5, 0x5, 0x0, 0x1ef, 0x5, 0x8, 0x86, 0x3, 0x303c, 0xfffffffa, 0xb, 0x5, 0x2, 0x2, 0x400003, 0x20000008, 0x4, 0x6d01, 0x6, 0x38, 0x800003, 0x1ff, 0x80, 0x3, 0x4, 0x2950bfaf, 0x1000, 0xa2, 0x4, 0x1000, 0x5, 0xb1, 0xac8, 0xbf, 0x2, 0x3, 0x7ff, 0x12b, 0x4, 0x1, 0xa, 0xffffffff, 0x5, 0x1c, 0x120000, 0x200807ff, 0x2006, 0x80a2ed, 0x4, 0x25], [0x9, 0xbb33, 0x7, 0xb, 0x5, 0x6, 0x6, 0x6, 0x80000000, 0xb9, 0xce4, 0x1ff, 0x2, 0x4184, 0x5, 0x3, 0x2, 0x10000, 0x4, 0x7fff, 0xffff, 0x100a620, 0x1, 0x5, 0x1, 0x6, 0x14c, 0x60a7, 0x5, 0xa, 0xffffffff, 0x80000000, 0x5, 0x5, 0xc8, 0x1, 0xfffff000, 0xffff, 0x0, 0x7e, 0x102, 0x9622, 0x7, 0xaf, 0x20000008, 0x5, 0x226, 0x2, 0x5, 0x0, 0x30b1d693, 0xa1f, 0xf40, 0x7, 0x530e, 0x6c1b, 0x0, 0x4, 0x5, 0x803, 0xd7, 0x200, 0xb, 0x8]}, 0x45c)
ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0)
epoll_create(0x401)
epoll_pwait(0xffffffffffffffff, &(0x7f0000000600)=[{}], 0x1, 0x6, 0x0, 0x0)
ioctl$FS_IOC_RESVSP(0xffffffffffffffff, 0x40305828, &(0x7f0000000040)={0x0, 0x0, 0xe1d8, 0x5})
close_range(r0, 0xffffffffffffffff, 0x0)

11.903223588s ago: executing program 5 (id=244):
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYBLOB="040804"], 0x7)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
getpgrp(0x0)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000000)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x1b5cb000)
r1 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x1, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
kcmp(r0, r1, 0x4, 0xffffffffffffffff, 0xffffffffffffffff)

10.750119405s ago: executing program 5 (id=246):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
r3 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
futex(&(0x7f000000cffc)=0x1, 0x86, 0x2, 0x0, 0x0, 0xfffffffc)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x9)

10.459015625s ago: executing program 0 (id=247):
socket$nl_route(0x10, 0x3, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
r2 = socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$FS_IOC_READ_VERITY_METADATA(r2, 0xc0286687, &(0x7f0000000300)={0x1, 0x5, 0x1f, &(0x7f0000000280)=""/31})
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x110b, 0x8000000000002})

10.45858915s ago: executing program 3 (id=248):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000200)={'lo\x00', &(0x7f0000000640)=@ethtool_drvinfo={0x3, "59df9bafbcfdb56315f245396a297796990e82b4ae58f23aceb70576cbc23bcf", "2b536027a7994037f51fcc3a0ec483e3792474f83462ba98870aa688d1b5cdb0", "918ccf48820000000000cd231f8ff94845fe17b702610000000000429200", "34f231ce71b6afd5f9585a8787eb6a402f9c0012781f716b2a5ccab61835cc21", "bb500649861d98c16388c83d37d69c38e4bef90c3cb04c56b47c7dc408fa5f7c", "5958dd3d80c1542523c508e5", 0x882c, 0x0, 0xbc, 0x201}})
getpid()
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0a00000001010000ff7f0000cc00000000000000", @ANYBLOB='\x00\x00\x00'], 0x50)

9.991429611s ago: executing program 0 (id=249):
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f0000000b80)=ANY=[@ANYBLOB='iocharset=cp857,time_offset=0x0000000000000003,errors=remount-ro,fmask=00000000000000000000006,iocharset=cp862,allow_utime=00000000000000000077777,namecase=1,dmask=00000000000000000000201,utf8,dmask=000000000000\x00'/224, @ANYRES32=0x0, @ANYRES16, @ANYRES16], 0x1, 0x1548, &(0x7f0000004240)="$eJzs3AuYTlXbOPD7XmvtMSSeJjkMa6178ySHRZLkkCSHJKkkSU4JSZJXEhJDSNKQhOQwJDGE5DAxaZzP50NCk6RJkpCckvW/Jubz9lX/eg9f3uud+3dd+7Lu2Xutfe/nnr2ftfdjnm+6DavdpE6NRkQE/xK88E8CAMQCwCAAyAsAAQBUiKsQl7k+p8SEf20n7N/rgeTLnQG7nLj+2RvXP3vj+mdvXP/sjeufvXH9szeuf/bG9WcsO9s8vdBVvGTfhZ//ZzvpY/+nye///0Uyyoz7Ym2Za7oDxPx8Cv4JMf/XObH/aHz+/9cK/sxGXP/sjeufXf3JCQL7r8bnf3aQ43fXcP2zN64/Y9nZ5X7+fLkXiPyHvQZHcl4ozF91/IwxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHG2F/gtL9EAUBW+3LnxRhjjDHGGGOMsX8fn+NyZ8AYY4wxxhhjjLH/ewgCJCgIIAZyQCzkhFwgAOBKyAN5IQJXQRxcDfngGsgPBaAgFIJ4KAxFQIMBCwQhFIViEIVroThcByWgJJSC0uCgDJSF66Ec3ADl4UaoADdBRbgZKkFlqAJV4RaoBrdCdbgNasDtUBNqQW2oA3dAXbgT6sFdUB/uhgZwD9wL90FDuB8awQPQGB6EJvAQNIWHoRk0hxbQElr9U/2fg17wPPSGPpAAfaEfvAD9YQAMhBdhELwEg+FlGAKvQCIMhWHwKgyH12AEvA4jYRSMhjdgDLwJY2EcjIcJkAQTYRK8BZPhbZgC78BUmAbJMB1mwLswE2bBbHgP5sD7MBfmwXxYACnwASyERZAKH8Ji+AjSYAkshWWwHFbASlgFq2ENrIV1sB42wEbYBJthC2yFbbAddsBO+Bh2wSewG/bAXvgU0uGzf7D/qf/VvzsCAgoUqFBhDMZgLMZiLsyFuTE35sE8GMEIxmEc5sN8mB/zY0EsiPEYj0WwCBo0SEhYFItiFKNYHItjCSyBpbAUOnRYFstiObwBy2N5rIAVsCJWxEpYGStjVayK1bAaVsfqWANrYE2sibWxNt6Bd2BfrIf1sD7WxwbYIOvxFDbCRtgYG2MTbIJNsSk2w2bYAltgK2yFrbE1tsE22A7bYXtsjx2wA3bEjtgJO2Fn7IxdsAt2xa7YDbthd+yBPTKeywH4PD6PfbCm6Iv9sB/2x8QcA/FFfBFfwsH4Mr6Mr2AiDsVh+Cq+iq/hCDyJI3EUjsbRWE28iWNxHJKYgEmYhJNwEk7GyZiZ6Ds4DZNxOs7AGTgTZ+EsfA/n4Pv4Ps7DebgAUzAFF+IiTMVUXIynMA2X4FJchstxBS7HVbgaV+FaXIdrcQNuwE24CbfgFtyG23AH7sCPUQHgJ7gH92AipmM67sN9uB/34wE8gBmYgQfxIB7CQ3gYD+MRPIJH8Rgex2N4Ak/gSTyFp/E0nsWzeA6fif+q8ccl1ySCyKSEEjEiRsSKWJFL5BK5RW6RR+QRERERcSJO5BP5RH6RXxQUBUW8iBdFRBFhhBEkwhgAEFERFcVFcVFClBClRCnhhBNlRVlRTpQT5UV5UUHcJCqKm0UlUVm0dVVFVVFNtHPVxW2ihqghaopaoraoI+qIuqKuqCfqifqivmggGoh7xX2ioeiLA/EBkVmZJmIoNhXDsJloLuTFK1hrMQLbiLainXhMjMKR2EG0dh3Fk6KTGIudxd/EOHxadBUTsJt4VnQXPURP8ZzoJdq43qKPmIJ9RT8xDfuLAWKgeFHMxFriPZyTs7Z4RSSKoWKYeFUswNfECPG6GClGidHiDTFGvCnGinFivJggksREMUm8JSaLt4UQ74ipYppIFtPFDPGumClmidniPTFHvC/minlivlggUsQHYqFYJFLFh2Kx+EikiSViqVgmlosVYqVYJVaLNWKtWCfWiw1io9gkNostYquIhe1ih9gpPha7xCdit9gj9opPRbr4TOwTn4v94gtxQHwpMsRX4qD4WhwS34jD4ltxRHwnjopj4rj4XpwQP4iT4pQ4Lc6Is+JHcU78JM4LL0CiFFJKJQMZI3PIWJlT5pJXyNwyuPjqXiXj5NUyn7xG5pcFZEFZSMbLwrKI1NJIK0mGsqgsJqPyWllcXidLyJKylCwtnSwjy8rrZTl5gywvb5QV5E2yorxZVpKVZRVZVd4iq8lbJUQu7KOmrCVryzryDpkAd8p68i5ZX94tG8h75L3yPtlQ3i8byQdkY/mgbCIfkk3lw7KZbC5byJaylXxEtpaPyjayrWwnH5Pt5eOyg3xCdpRPyk7SX/wVeVp2lc/IbvJZ2V32kD3lT/K89LK37COhL8h+8gXZXw6QA2MBQL4kB8uX5RD5ikyUQ+Uw+aocLl+TI+TrcqQcJUfLN+QY+aYcK8fJ8XKCTJIT5ST5lpws35ZT5Dtyqpwmk+V0OVAO+nmk2VL+Yf+3fqP/kJ/3vklullvkVrlNbpc75E75sdwld8ndcrfcK/fKdJku98l9cr/cLw/IAzJDZsiD8qA8JA/Jw/KwPCKPyKPymDwjv5cn5A/ypDwlT8kz8qw8K89dfA1AoRJKKqUCFaNyqFiVU+VSV6jc6kqVR+VVEXWVilNXq3zqGpVfFVAFVSEVrwqrIkoro6wiFaqiqpiKqmvx4i+MKqVKK6fKqLLq+p/7Z33E8Af9VXF1nSqhSv6if1Z+Cb+TXyvVSrVWrVUb1Ua1U+1Ue9VedVAdVEfVUXVSnVRn1Vl1UV1UV9VVdVPdVHfVXfVUPVUv1Uv1Vr1VgkpQ/dQLqr8aoAaqF9Ug9ZIarAarIWqISlSJapgapoar4WqEGqFGqpFqtBqtxqgxaqwaq8ar8SpJJalJapKarCarKWqKmqqmqmSVrGaoGWqmmqlmq9lqjpqj5qq5ar6ar1JUilqoFqpUlaoWq8UqTS1RS9QytUytUCvUKrVKrVFr1Dq1Tm1QG1Sa2qw2q61qq9qutqudaqfapXap3WK32qv2qnSVrvapfWq/2q8OqAMqQ2Wog+qgOqQOqcPqsDqijqij6qg6ro6rE+qEOqlOqtPqtDqrzqpz6pw6r85nTvsCEYhABSqICWKC2CA2yBXkCnIHuYM8QZ4gEkSCuCAuyBdcE+QPCgQFg0JBfFA4KBLowAQ2EBdrGw2uDYoH1wUlgpJBqaB04IIyQdng+qBccENQPrgxqBDcFFQMbg4qBZWDKkHV4JagWnBrUD24LagR3B7UDGoFtYM6wR1B3eDOoF4sBPWDu4MGwT3BvcF9QcPg/qBR8EDQOHgwaBI8FDQNHg6aBc2DFkHLoNU/M35w1++M7/3JAo+63rqPTtB9dT/9gu6vB+iB+kU9SL+kB+uX9RD9ik7UQ/Uw/aoerl/TI/TreqQepUfrN/QY/aYeq8fp8XqCTtIT9ST9lp6s39ZT9Dt6qp6mk/V0PUO/q2fqWXq2fk/P0e/ruXqenq8X6BT9gV6oF+lU/aFerD/SaXqJXqqX6eV6hV6pV+nVeo1eq9fp9XqD3qg36c16i96qt+nteofeqT/Wu/Qnerfeo/fqT3W6/kzv05/r/foLfUB/qTP0V/qg/lof0t/ow/pbfUR/p4/qY/q4/l6f0D/ok/qUPq3P6LP6R31O/6TPa585uc98ezfKKBNjYkysiTW5TC5THnKbPCaPiZiIiTNxJp/JZ/Kb/KagKWjiTbwpYoqYTGTIFDVFTdRETXFT3JQwJUwpU8o440xZU9aUM+VMeVPeVDAVTEVT0VQylUwVU8XcYm4xt5pbzW3mNnO7ud3UMrVMHVPH1DV1TT1Tz9Q39U0D08Dca+41DU1D08g0Mo1NY9PENDFNTVPTzDQzLUwL08q0Mq1Na9PGtDHtTDvT3rQ3HUwH09F0NJ1MJ9PZdDZdTBfT1XQ13Uw30910Nz1NT9PL9DK9TW+TYBJMP9PP9Df9zUAz0Awyg8xgM9gMMUNMokk0w8wwM9wMNyPMCDPSjDKjMy9y5k0z1owz480Ek2SSzCQzyUw2k80UM8VMNVNNskk2M8wMM9PMNLPNbDPHzDFzzVwz38w3KSbFLDQLTapJNYvNYpNm0sxSs9QsN8vNSrPSrDarzVqz1qyH9Waj2Wg2m81mq9lqtpvtZqfZaXaZXWa32W32mr0m3aSbfWaf2W/2mwPmgMkwGeagOWgOmUPmsDlsjpgj5qg5ao6b4+aEOWFOmpPmtDltzpoCF98vvcm6mOe2V9o8Nq+NtTltLnuFvRBnzbwK2yJW2/y2gC1oC9l4eyE21toStqQtZUtbZ8vYsvb6X8WVbGVbxVa1t9hq9lZb/VdxXXunrWfvsvXt3baOveMXcQN7j82cnTREBLDNbWPb0jaxD9mm9mHbzDa3LWxL294+bjvYJ2xH+6TtZJ/6VbzQLrKr7Rq71q6zu+0ee9qesYfsN/as/dH2tn3sIPuSHWxftkPsKzbRDv1VPNq+YcfYN+1YO86OtxN+FU+102yynW5n2HftTDvrV3GK/cDOsal2rp1n59sFP8eZOaXaD+1i+5FNswEstcvscrvCrrSrsnL1ee0Gu9FusrvsJ3ar3Wa32x12Z1Y57B67135q0+1n9qD92u63X9gD9rDNsF/9HGce32H7rT1iv7NH7TF73H5vT9gfVFbvzGP/3v5kz1tvgZCAJCkKKIZyUCzlpFx0BeWmKykP5aUIXUVxdDXlo2soPxWgglSI4qkwFSFNhiwRhVSUilGUrqWs9EpRaXJUhsrS9VSObqDydCNVoJuoIt1MlagyVaGqdAtVo1upOt1GNeh2qkm1qDbVoTuoLt1J9eguqk93UwO6h+6l+6gh3U+N6AFqTA9SE3qImtLD1IyaUwtqSa3oEWpNj1Ibakvt6DFqT49TB3qCOtKT1Imeos70N+pCT1NXeoa60bPUnXpQT3qOetHz1Jv6UAL1pX70AvWnATSQXqRB9BINppdpCL1CiTSUhtGrNJxeoxH0Oo2kUTSa3qAx9CaNpXE0niZQEk2kSfQWTaa3aQq9Q1NpGiXTdJpB79JMmkWz6T2aQ+/TXJpH82kBpdAHtJAWUSp9SIvpI0qjJbSUltFyWkEraRWtpjW0ltbRetpAG2kTbaYttJW20XbaQTvpY9pFn9Bu2kN76VNKp88I6XPaT1/QAfqSMugrOkhf0yH6hg7Tt74PfUdH6Rgdp+/pBP1AJ+kUnaYzdJZ+pHP0E50nTxBiKEIZqjAIY8IcYWyYM8wVXhHmDq8M84R5w0h4VRgXXh3mC68J84cFwoJhoTA+LBwWCXVoQhtSGIZFw2JhNLw2LB5eF5YIS4alwtKhC8uEZcPrw3LhDWH58MawQnhTWDG8OawUVg4furtqeEtYLbw1rB7eFtYIbw9rhrXC2mGd8I6wbnhnWC+8K6wf3h2WD+8J7w3vCxuG94eNwgfCxuGDYZPwobBp+HDYLGwetghbhq3CR8LW4aNhm7Bt2C58LGwfPh52CJ8IO4ZPhp3Cp35ef8+i31+fEPYN+4UvhC+E3t8l50cXRFOiH0QXRhdFU6MfRhdHP4qmRZdEl0aXRZdHV0RXRldFV0fXRNdG10XXRzdEN0Y3Rb2vkwMcOuGkUy5wMS6Hi3U5XS53hcvtrnR5XF4XcVe5OHe1y+eucfldAVfQFXLxrrAr4rQzzjpyoSvqirmou9YVd9e5Eq6kK+VKO+fKuLKupWvlWrnW7lHXxrV17dxj7jH3uHvcPeGecE+6Tu4p19n9zXVxT7uu7hn3jHvWdXc9XE/3nOvlJua5cE4muH7O5+jv+ruBbqAb5Aa5wW6wG+KGuESX6Ia5YW64G+5GuBFupBvpRrvRbowb48a6sW68G++SXJKb5Ca5yW6ym+KmuKluqkt2yW6Gm+Fmupmu2qwLe5nr5rr5br5LcSluocucM6a6xW6xS3Npbqlb6pa75W6lW+lWu9VurVvr1rv1bqPb6Da7zW6r2+q2u+1up9vpdrldbrfPe2FQl+72uX1uv9vvDrgvXYb7yh10X7tD7ht32H3rjrjv3FF3zB1337sT7gd30p1yp90Zd9b96M65n9x5511SZGJkUuStyOTI25EpkXciUyPTIsmR6ZEZkXcjMyOzIrMj70XmRN6PzI3Mi8yPLIikRD6ILIwsiqRGPowsjnwUSYssiSyNLIssj6yIeF94a+iL+mI+6q/1xf11voQv6Uv50t75Mr6sv96X8zf48v5GX8Hf5Cv6m30lX9lX8Q/7Zr65b+Fb+lb+Ed/aP+rb+La+nX/Mt/eP+w7+Cd/RP+k7+ad8Z/8338U/7bv6Z3w3/6zv7nv4nv4538s/73v7Pj7B9/X9/Au+vx/gB/oX/SD/kh/sX/ZD/Cs+0Q/1w/yrfrh/zY/wr/uRfpQfHfOGH5N1iwwTfJKf6Cf5t/xk/7af4t/xU/00n+yn+xn+XT/Tz/Kz/Xt+jn/fz/Xz/Hy/wKf4D/xCv8in+g/9Yv+RT/NLsh4q+5V+lV/t1/i1fp1f7zf4jX6T3+y3+K1+m9/ud/id/mO/y3/id/s9fq//1Kf7z/w+/7nf77/wB/yXPsN/5Q/6r/0h/40/7L/1R/x3/qg/5o/77/0J/4M/6U/50/6MP+t/9Of8T/48/80aY4wxxtifMvFSU/xyzYUnQH1/o4/4u437AcCV2wpl/P36zBnl+vwX2gNEfPsIADzZp9sDWUvNmgkJCRe3TZMQFJsHkPVJUKYYuBQvgXbwOHSEtlDuN/MfIHqcpT8YP3oTQK6/6xMLl+JL438OgAm/Mf4jj41eWDE8Hff/GX8eQIlil/rkhEvxEmj38/OVtlD+d/Iv0PoP8s/5RRJAm7/rkxsuxZfyLwuPwlPQ8RdbMsYYY4wxxhhjFwwQVbpk3X9m/Y/P37o/j1eX+uSAS/Ef3Z8zxhhjjDHGGGPs8nu6R88nHunYsW2Xf7xR/Y+3UZd+kvsf3UVT+GcT48Y/1fAe4H8KBwD/4oAAmQ35Vx7Flr9kX4kXT53/vWr5GR/Af0Yp/x2Ny3xhYowxxhhjjP3bXZr0//Ln6nIlxBhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMZUP/6ne8wZ/4lr7LfYyMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcbY5fb/AgAA//8Stve0")
ioctl$KDFONTOP_SET_DEF(0xffffffffffffffff, 0x4b72, &(0x7f0000000400)={0x2, 0x1, 0x1b, 0x7, 0x15e, &(0x7f0000000000)="0c603ea12c02fbe3d4d25138b3ea06130080cd4c6e13041efdab409bde000e33ba60724b4c0cc001cfcb81a60dbc6c7f67cb4e055020abd67e2626358f69b26bafa470ee0fe22c62165f060f8b0800501f430f2a86a7949dc661fc5767019cb60e1398d8c4d02d254e14f5f8de2ff8cb0a509ffc3bec76855336833901f71b07b75fbbaa36920ec74c0375efafd0c7ec689fdb6822bfb24cbe5985f0d45976a624b71b6f5af1c6e21fa37f8a86cba99e22f91c480a8717777fac2a77629b3310ccca1a1acfaecac7b243fbd42fde61bb51ad0417f3c4a1d50d972e68da6a05c84ec10f213d584e5948bbed4f25fb46e7c64530fbdedbd3b0e78f301c08e930dc095cc17b610c52299ad49e09b98c0345cd27599fc5ce91d6220cf9bf88ac751bea000f8a039cbc3587c4f8aa094ae04735d81c272d00a0e4e0d27d3218e1722c485dcd44f905d6388dd9eded7dc0863617ec209855181e76b8bfa39b5cc2370a1e0a5322841a2bd0aef7914a202a61ab0935dea6ace9c6b8e66ea4c9b61595a768900913f0e891402ee234965417910aa49957b97785cedef3fbb0607492114670d9c7b1031d1c5b4b014c50112e6d728ad7407dc93d6dc7cc66de238d24917117d1bb927bddf9a105df0a9224ad9630dc434dc60d0168a252bfe33f2274ef1f7f5ae59ea5d31de6a1645c617db9de9d8bc5d56da8ff1a4bfbb4d350f13faa1de8a53a7e632211d2fa0bbe98543eeeba827d49dad28a85d5d2e3aee7b317a471d98ce18d2c834ad9281e915c2c7c1f75be13cd0209f934a6b01dfbad8bf3f3f0bac9b75355495c2658ead567775953c29b770e99cbb672de9af39f40e4f91a9397568e4c9b51fcf3480af7568562d5378aeb56c1368838287bef936f4b2f5e1c0b7b802bb26ceb95846814b1852294fd73b69559339cbe0f675517c4ff078341ae1588669ba3e8e43efa0a3c6975e3308980034e5998bbe2bc4759b352aee47c8623af054df662bbdcc15fbc5285f09bc2b7cef77ff2624cd889190b893fb44d9098ee83581cc8b4a6c8ae920fe96058be5bc2075d5720db40265530baf3600354a734305e6ee239ef7a3e591c9addcc1604ed45057b9a917f24832034874ebb859c9818889c523718ceb7dec514d2f61fdea3d452ce58577157876cc631446e37ce350b5a58527c619e6d20a9d1dab935eac4962e29f944b68807de51a7355d1e5cf36fa51de00db238fd59cce83ee7baf0f5531a2c271eff42ca8003fb7dc0379a765a5df2bec0ed74999cba2c7694f427a3ae2c5351cc67019b2d93f84fdd5b40fb8e5e0ad44ce954429584863e9b2dceaedd7fba19a1a3e29566fea17f023adca28769846869da4d927addb359eeb165c95cef13af4929818b16d1e82d582ccbcabfdf1032912e0d1f6d231b4959e7e751650926fbbcaf57282325202fd1"})
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000100)=ANY=[], 0x32600)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.numa_stat\x00', 0x275a, 0x0)

9.192818426s ago: executing program 3 (id=250):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = dup(r0)
ioctl$TIOCL_SETSEL(r1, 0x541c, &(0x7f0000000100)={0x2, {0x2, 0x13d, 0x0, 0xd6e}})
ioctl$TIOCL_SETSEL(r1, 0x541c, &(0x7f0000001900)={0x2, {0x2, 0x300, 0xfffe, 0xd5f}})

9.009775471s ago: executing program 0 (id=251):
socket$inet6(0xa, 0x802, 0x0)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000044, &(0x7f0000000380)={[{@delalloc}, {@noquota}, {@barrier_val={'barrier', 0x3d, 0x3}}, {@nojournal_checksum}, {@bh}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x4007b1}}, {@data_err_ignore}, {@journal_dev={'journal_dev', 0x3d, 0xb8a5}}, {@max_batch_time={'max_batch_time', 0x3d, 0x200000000008}}, {@user_xattr}, {@usrjquota}, {@usrjquota}]}, 0x1, 0x55e, &(0x7f0000001bc0)="$eJzs3d9rW+UbAPDnpM1+f7/rYAwVkcIunMyla+uPCV7MS9HhQO9naM/KaLqMJh1rHbhduBtvZAgiDsR7vfdKhv+Af8VAB0NG0QtvKic9abs1adIuWzrz+cDZ3jfnJO95cs7z9n1zTkgAA2s0+6cQ8WJEfJVEHI6IJF83HPnK0dXtlh9en8qWJFZWPv4zaWyX1Zuv1XzewbzyQkT8+kXEycLmdmuLS7PlSiWdz+tj9bkrY7XFpVOX5soz6Ux6eWJy8sybkxPvvP1Wz2J97fzf33509/0zXx5f/uan+0duJ3E2DuXrNsbxBG5srIzGaP6eFOPsYxuOr/7XizZ3haTfO8CODOV5XoysDzgcQ3nWA/99n0fECjCgEvkPA6o5DmjO7Xs0D35uPHhvdQK0Of7h1c9GYl9jbnRgOXlkZpTNd0d60H7Wxs9/3LmdLdG7zyEAOrpxMyJODw9v7v+SvP/budNdbPN4G/o/eHbuZuOf11uNfwpr459oMf452CJ3d6Jz/hfu96CZtrLx37stx79rF61GhvLa/xpjvmJy8VIlzfq2/0fEiSjuzerjW7RxZvneSrt1G8d/2ZK13xwL5vtxf3jvo8+ZLtfLTxLzRg9uRrzUcvybrB3/pMXxz96P8122cSy980q7dZ3jf7pWfoh4teXxX7+ilWx9fXKscT6MNc+Kzf66dey3du33O/7s+B/YOv6RZOP12tr22/h+3z9pu3WPxB/dn/97kk8a5T35Y9fK9fr8eMSe5MPNj0+sP7dZb26fxX/i+Nb93/r5/8va6+yPiE+7jP/W0R9f3tdN/H06/tPbOv7bL9z74LPv2rXfXf/3RqN0In+km/6vw34VY8dnMwAAAAAAAOxehYg4FEmhtFYuFEql1fs7jsaBQqVaq5+8WF24PB2N78qORLHQvNJ9eMP9EOP5/bDN+sRj9cmIOBIRXw/tb9RLU9XKdL+DBwAAAAAAAAAAAAAAAAAAgF3iYJvv/2d+H+r33gFPnZ/8hsHVMf978UtPwK7k7z8MLvkPg0v+w+CS/zC45D8MLvkPg0v+w+CS/wAAAAAAAAAAAAAAAAAAAAAAAAAAANBT58+dy5aV5YfXp7L69NXFhdnq1VPTaW22NLcwVZqqzl8pzVSrM5W0NFWd6/R6lWr1yvhELFwbq6e1+lhtcenCXHXhcv3CpbnyTHohLT6TqAAAAAAAAAAAAAAAAAAAAOD5Ultcmi1XKum8gsKOCsO7YzcUelzod88EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOv+DQAA//8Kozfs")
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000000000002)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000300)=@file={0x0, './file1\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r3 = socket(0x1, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r3, 0x10e, 0xc, &(0x7f0000000000)={0xfffffffb}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
getsockopt$sock_buf(r4, 0x1, 0x38, &(0x7f0000000c40)=""/4096, &(0x7f0000000000)=0x1000)

8.783735024s ago: executing program 3 (id=252):
r0 = getpid()
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFULNL_MSG_CONFIG(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000009c0)=ANY=[], 0x24}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000001140), 0x700, 0x2, 0x0)

7.759311095s ago: executing program 3 (id=256):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff)
getresuid(0x0, 0x0, &(0x7f00000003c0))
r1 = getpgrp(0xffffffffffffffff)
syz_pidfd_open(r1, 0x0)
r2 = syz_open_dev$vcsn(0x0, 0x5be9, 0x180)
sendmsg$nl_route(r2, 0x0, 0x4800)
syz_genetlink_get_family_id$ethtool(0x0, r0)
syz_usb_connect$cdc_ecm(0x3, 0x6d, &(0x7f0000003280)={{0x12, 0x1, 0x300, 0x2, 0x0, 0x0, 0x8, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x5b, 0x1, 0x1, 0x4f, 0x10, 0x7, [{{0x9, 0x4, 0x0, 0xd2, 0x2, 0x2, 0x6, 0x0, 0x4, {{0x6, 0x24, 0x6, 0x0, 0x0, "f4"}, {0x5, 0x24, 0x0, 0x7fff}, {0xd, 0x24, 0xf, 0x1, 0x0, 0x7, 0x85e, 0x9}, [@mbim={0xc, 0x24, 0x1b, 0x4, 0x2, 0xdf, 0x66, 0x6, 0x6}, @obex={0x5, 0x24, 0x15, 0x7}, @call_mgmt={0x5, 0x24, 0x1, 0x1, 0x55}]}, {[{{0x9, 0x5, 0x81, 0x3, 0x3a7, 0x1, 0x4d, 0x8}}], {{0x9, 0x5, 0x82, 0x2, 0x400, 0x0, 0x32, 0x8}}, {{0x9, 0x5, 0x3, 0x2, 0x40, 0xc2, 0xbe, 0x8}}}}}]}}]}}, &(0x7f0000003540)={0xa, &(0x7f0000003300)={0xa, 0x6, 0x200, 0x80, 0x3, 0x7, 0x40, 0x10}, 0x1b, &(0x7f0000003340)={0x5, 0xf, 0x1b, 0x2, [@wireless={0xb, 0x10, 0x1, 0xc, 0x81, 0x7a, 0x4, 0x400, 0x4}, @wireless={0xb, 0x10, 0x1, 0x4, 0x40, 0x77, 0x1c, 0xfffd, 0x5}]}, 0x1, [{0x0, 0x0}]})

7.348340791s ago: executing program 5 (id=257):
sendmsg$NFQNL_MSG_CONFIG(0xffffffffffffffff, 0x0, 0x2000c010)
syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x2a0471a, &(0x7f0000000280)={[{}]}, 0x82, 0x499, &(0x7f0000000840)="$eJzs3M1vVFUfAODfvf3gffmsigpItEqMjR8tLags3Gg0cYFRowvUVW0LIRRqaE0sIVCNwY2JIdG1ujTxL3DnxqgrExNXujckRNmAxsWYe+demE47dFqnM4V5nmSYc+acO+ecOffMPfccpgF0rcHsnyRia0T8GhE7qtHFGQarT9eunJ3468rZiSQqldf+SPJ8V6+cnSizlsdtKSJDaUT6YVIUstjs/JkT49PTU6eL+MjcyXdGZufPPHH85PixqWNTp8YOHTp4YPTpp8aebEk7s3Zd3XNuZu/uF9+4+NLEkYtv//B1Vt+tRXptO9akf+lLg1nD/6zk6tMejv//p+I2mm014aS3gxVhVXoiIuuuvmz8VyqV8zVpO+KFD1Y4fMs6Vw9YR9m1adMyrxfXxYVKQ8lNU4FbQRKdrgHQGeX1Prv/LR9tnH503OVnqzdAWbuvFY9qSm+kRZ6+uvvbVhqMiCMLf3+ePaIV6xAAACv4eOKzw/H4cvO/NO6pybe92EMZiIg7IuLOiLgrInZGxN0Red57I2JXM4XWbBDUbw0tnf+kl+qytHR3IZv/PVPsbS2e/5WzvxjoKWLb8vb3JUePT0/tLz6ToejblMVHb1LGt8///EmjtNr5X/bIyi/ngkU9LvXWLdBNjs+N55PSFrj8fsSe3vinUqnUtT+5/kEnEbE7Ivas7q23l4Hjj361t1Gmldu/5O1uaMGZUPky4pFq/y9EXftLydL9yf5tN/YnR/4X01P7R8qzYqkff7rwSqPym2//+sj6f/Pi879I+WK+CAy8VbtfOxsNdi63Nizjwm8fNbynWev535+8nn8flduu743PzZ0ejehPDufxRa+P3Ti2jJf5s/YP7ctSyvaXR6b5d1wU/X9fROwt9svuj4gHiro/GBEPRcS+hq2P+P65xmkbof8na/o/ifrzf9e56nPZ//OrDvSc+O6bRuU31/8H89BQ8Ur+/beCZiu49k8OAAAAbh1pvnKTpMPXw2k6PFz9j707Y3M6PTM799jRmXdPTVZXeAaiLy1XunbUrIeOJgvFO1bjY8VacZl+oFg3/rQn8vjwxMz0ZIfbDt1uS4Pxn/m9p9O1A9bdcvtoY8v8oA24/dSP/3Rx9PzL7awM0FZ+rw3da4Xxn7arHkD7uf5D91pu/J+vi9sLgNuT6z90L+MfupfxD92rbvz3xC+dqgnQRmv4Ob/Ahgm8OryaozZFK0uPdIN8CE0Emv97EOsdeHNjVKOJQKe/mQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFrj3wAAAP//dNXrDA==")
rename(&(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000180)='./file1\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x15)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
write(r0, &(0x7f00000000c0)="dc02cd7433a1", 0x6)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)

6.694101777s ago: executing program 2 (id=260):
sendmmsg(0xffffffffffffffff, &(0x7f0000000480)=[{{0x0, 0x0, &(0x7f0000000440)=[{&(0x7f0000000340)="eec0df01234269e2a4716c87d57a6165099290a22c14ad51e51fdbef21162da7f8", 0x21}], 0x1}}], 0x1, 0x48090)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000540)=[@text32={0x20, 0x0}], 0x1, 0x10, 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000200)="f7790066baa00066b86b4266ef66ba420066b8e20066ef0f29902cbb0000c4e2b1ba8c88d9000000666666440f38826b410f7842280f07b8010000000f01d9c4033921820f47a753fd", 0x49}], 0x1, 0x43, 0x0, 0x0)
ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000000040)=0x1000)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f00000001c0)={@in={{0x2, 0x4e24, @local}}, 0x0, 0x0, 0x22, 0x0, "5077d7e7799872e47fdb7b7aad42bf0d4d00615829353b478827e380c96a100f362bc0c6b5cf8f4b56e999382ce20fe94cf86a39c092c2ab44d2a5f910705c1b57e2879cf59aca5dc2ad0cb2db82afc3"}, 0xd8)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000140)=@x86={0x40, 0x1, 0xc, 0x0, 0x75, 0x0, 0x10, 0x0, 0x0, 0x80, 0x9, 0x0, 0x0, 0x0, 0xfffffff8, 0x0, 0xff, 0xff})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

6.28919141s ago: executing program 6 (id=261):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x1001, 0x1})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000c00)={0x88, 0x0, &(0x7f0000000580)=[@transaction={0x40406300, {0x1, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0xfffffffffffffc85, 0x0, 0x0}}, @transaction={0x40406300, {0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})

5.863643939s ago: executing program 2 (id=262):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = dup(r0)
ioctl$TIOCL_SETSEL(r1, 0x541c, &(0x7f0000001900)={0x2, {0x2, 0x300, 0xfffe, 0xd5f}})

5.612221524s ago: executing program 2 (id=263):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
connect$bt_l2cap(r0, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
syz_open_procfs(0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000000240)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r2=>0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(0xffffffffffffffff, 0xc1105518, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x19, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000001000000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @cgroup_sockopt=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
fsmount(r3, 0x0, 0x80)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_int(r4, 0x0, 0x21, &(0x7f0000000000)=0x2, 0x4)
fcntl$lock(0xffffffffffffffff, 0x25, &(0x7f0000000040)={0x0, 0x0, 0xfd8b, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r2, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[], 0x9)
ioctl$sock_bt_hci(r1, 0x400448cb, 0x0)
r5 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
ioctl$sock_bt_hidp_HIDPGETCONNLIST(r5, 0x800448d2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{@none}]})

5.354674145s ago: executing program 5 (id=264):
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
socket(0xa, 0x1, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000012c0)={0x3, 0x8, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006100000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000140)={r2, 0x27, 0xe, 0x0, &(0x7f0000000040)="52e1119c000000002bf0543788a8", 0x0, 0x4007, 0xf2ffffff, 0x0, 0x0, 0x0, 0x0}, 0x50)

5.231886255s ago: executing program 2 (id=265):
syz_mount_image$udf(&(0x7f0000000240), &(0x7f00000000c0)='./file0\x00', 0x4, &(0x7f0000000100)=ANY=[@ANYBLOB='noadinicb,nostrict,mode=00000000000000000000004,uid=forget,noadinicb,umask=00000000000000040002000,lastblock=00000000000000000013,undelete,partition=00000000000000000005,\x00'], 0x43, 0xc11, &(0x7f0000000d00)="$eJzs3V1oXOl5B/DnnSOtRto00WYTb9Jm04GUxCi18VdsBZcgZxW1AccbIit0r6LRh51h5ZGR5MabtkFtSQu9Cd2b0psimi4t5KJX3V5WabaQUAol5CK9KAiaLHvRC10ECi0bhXPmHWlky7ayXlvS7u+3zP7PnHnO+P0YnzkCvzoBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAER89nOXTp1OB90KAOBxujL5pVNnff8DwLvKVT//AwAAAAAAAAAAAADAYZeiiGORYujVzTRdPe+oX261b92eGp/Y+7DBFClqUVT15aN++szZc586f2G0m/c//u324Xh+8uqlxnOLN24uzS8vz881ptqt2cW5+X2/w8Mef6eRagAaN168NXft2nLjzMmzu16+Pfz6wJPHhi9eOHF+tFs7NT4xMdlT09f/lv/0u9xrhccTUUQzUrw5/EZqRkQtHn4sHvDZedQGq06MVJ2YGp+oOrLQarZXyhdTLVfVIho9B411x+gxzMVDGYtYLZtfNnik7N7kzeZSc2ZhvvHF5tJKa6W12E61TmvL/jSiFqMpYi0iNgbufrv+KOKjkeLlU5tpJiKK7jh8sloY/OD21B5BH/ehbGejP2KtdgTm7BAbiCKuRIqfvXY8Zssxy4/4eMQXynw14pUyPxORyg/GuYif7vE54mjqiyL+PVIsps00V50PuueVy19ufL59bbGntnteOfLfD4/TIT831aOImeqMv5ne+sUOAAAAAAAAAAAAAAAAAG+3wSji25HiT579vWpdcVTr0t93cfQ9L/x275rxZx7wPmXtyYhYre1vTW5/XjqcauV/j6Bj7Es9ivhGXv/3RwfdGAAAAAAAAAAAAAAAAAAAgHe1Il6IFF85cTytRe89xVvt642rzZmFzl1hu/f+7d4zfWtra6uROjmWczrnas61nOs5N3JGLR+fcyzndM7VnGs513Nu5IwiH59zLOd0ztWcaznXc27kjL58fM6xnNM5V3Ou5VzPuZEzDsm9ewEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3klqUcTPI8W3vraZIkXEWMR0dHJ94KBbBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACU6qmIk5Fi/YV69XytFnE1In6+tbXVfUTEZpkP66D7CgAAAAAAAAAAAAAAAAAAAIdWKuJjkeLp/9tMjYi4Pfz6wJPHhi9eOHF+tIgiUlnSW//85NVLjecWb9xcml9enp9rTLVbs4tz8/v94+qXW+1bt6fGJx5JZx5o8BG3f7D+3OLNl5Za17+6sufrQ/VLM8srS83ZvV+OwahFTPfuGakaPDU+UTV6odVsV4em2j0aWIsY229nAAAAAAAAAAAAAAAAAAAAODSGUhGfixQ/+a9zqbtuvK+z5v9XOs+K7dpX/mDndwEs3JFdvb8/YD/bab8NHakW3jemxicmJnt29/XfXVq2KaUinokUn3j5Q9V6+BRDe66NL+veW9bdOJfrhn+trFvdVVUfmRqfaFxZbJ+4tLCwONtcac4szDcmbzZn9/2LAwAAAAAAAAAAAAAAAAAAAOA+hlIRP4oU//P3/5G6953P6//7Os961v//VrWEvlJPu3Nbtbb/vdXa/s72+y6ODn302XvtfxTr/8s2pVTENyPF2R99qLqffnf9//QdtWXdn0WKN579SK6rPVHWNbvd6bzjtdbC/Kmy9q8jxa+/2a2NqvZ6rn16p/Z0WTsYKf5yc3ftV3PtB3Zqz5S1xyPF9/5779oP7tSeLWt/Ein+6e8a3dqhsvb3c+2xndqTs4sLcw8a1nL+vxMp/vbK76Run+85/z2//2H1jtx215zff/vtmv/hnn2reV7/NM9/8wHzfz5SfKf+kVzXGfuZ/PpT1f935v8TkeI//2137bVc+/6d2tP77dZBK+f/25Hiu3/14+0+5/nPI7szQ73z/6t9u3P7U3JA8/9Uz77h3K7ZX3Is3o2WX/r6i82FhfklGzZs2NjeOOgzE49D+f3/55Hi/48VqXsdk7//39N5tnP997/f2Pn+v3hHbjug7//39+y7mK9a+vsi6is3bvY/E1FffunrJ1o3mtfnr8+3z5w+9elPnz996vT5/ie6F3c7W/seu3eCcv5/ECl++A8/3P45Zvf1397X/0N35LYDmv+ne/u067pm30PxrlTO/99Eiqc+++Ptnzfvd/3f/fn/+Md25/bfvwOa/w/07BvO7Wr9kmMBAAAAAAAAAABwlAylIv4iUvzuH/9m6q4h2s+//5u7I7cd0L//Otazb+4xrWvY9yADABwi5fXfByPFP299f3st9+7rv/iNbm3v9d+9HIb7/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwFGXoog/jBRDr26m9YHyeUf9cqt96/bU+MTehw2mSFGLoqovH/XTZ86e+9T5C6PdvP/xb7cPx/OTVy81nlu8cXNpfnl5fq4x1W7NLs7N7/sdHvb4O41UA9C48eKtuWvXlhtnTp7d9fLt4dcHnjw2fPHCifOj3dqp8YmJyZ6avv63/KffJd1j/xNRxPcjxZvDb6TvDkTU4uHH4gGfnUdtsOrESNWJqfGJqiMLrWZ7pXwx1XJVLaLRc9BYd4wew1w8lLGI1bL5ZYNHyu5N3mwuNWcW5htfbC6ttFZai+1U67S27E8jajGaItYiYmPg7rfrjyK+GSlePrWZ/mUgouiOwyevTH7p1NkHt6f2CPq4D2U7G/0Ra7UjMGeH2EAU8Y+R4mevHY/vDUT0RecRH4/4QpmvRrxS5mciUvnBOBfx0z0+RxxNfVHEuUixmDbTawPl+aB7Xrn85cbn29cWe2q755Uj//3wOB3yc1M9ivhBdcbfTP/q7zUAAAAAAAAAAAAAAADAIVLEWqT4yonjqVofvL2muNW+3rjanFnoLOvrrv3rrpne2traaqROjuWczrmacy3nes6NnFHLx+ccyzmdczXnWs71nBs5o8jH5xzLOZ1zNedazvWcGzmjLx+fcyzndM7VnGs513Nu5IxDsnYPAAAAAAAAAAAAAAAAAAB4Z6lFUd3F/Vtf20xbA537S09HJ9fdD/Qd7xcBAAD//0kCdPc=")
setrlimit(0x1, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff})
truncate(&(0x7f0000000200)='./file1\x00', 0x20fffffffc)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x14f541, 0x98)
write$FUSE_NOTIFY_POLL(r0, &(0x7f0000000080)={0x18, 0x1, 0x0, {0x7fffffff}}, 0x18)
truncate(&(0x7f0000000340)='./file1\x00', 0x20fffbfffc)

5.045046882s ago: executing program 0 (id=266):
r0 = syz_mount_image$vfat(&(0x7f0000000340), &(0x7f0000000040)='./file0\x00', 0x2000800, &(0x7f0000000080)=ANY=[@ANYRES64=0x0, @ANYRESOCT, @ANYRES64=0x0], 0x1, 0x296, &(0x7f0000000740)="$eJzs3U9qU0EcB/Bf0rSJ3SSgK+nigRs3hqY3CFJBDAiRLOoqwbYgTSikENCF7c67uPIO3sBjeAGzKETSF03SxuK/+jT5fCDMD+Z9YSaLzCxm8tpbvaP945PDvdufolRKohBx9v48IiIfa5F68CFt1yMiFxsx6ywAgP9Ns9mpZz0Gbla/X++M927FKz2td5kMCAAAAAAAAAAAgN/W3ipeOf8fw4jKzPn/3KTNO/8PAEvB+f/l1+/XO5uT/ds85/8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA7AxHo/Lomk/W4wMA/jzrPwCsHus/AKye4dxanwvrPwAsv2d7z5/UG43dZpKUInpvB61BK23T/vphvIxuHMR2lOM8xvuDibR+9Lixu51cqES7dzrJnw5aa/P5WpSjsjhfS/PJfH49NmfzO1GOO4vzOwvzG3H/XkT+60SrUY6PL+I4urEf4+w0/6aWJA+fNi7lixfPAQAAAAAAAAAAAAAAAAAAwN9QTb5ZeH+/Wv1ef5r/if8HuHS/vhB3C9nOHQAAAAAAAAAAAAAAAAAAAP4VJ69eH3W63YP+wuLz5C7/dc8opsWtH/pWf60oRETmE1SsTJHxDxMAAAAAAAAAAAAAAAAAAKyg6aXfrEcCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANmZvv//5oqs5wgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACshi8BAAD//2dk6nI=")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000200)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
openat$incfs(r0, 0x0, 0x278643, 0x140)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x6, 0x10, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB], 0xa)
r5 = syz_open_dev$usbfs(&(0x7f0000000180), 0x205, 0x2581)
r6 = fcntl$dupfd(r5, 0x406, r5)
ioctl$USBDEVFS_GETDRIVER(r6, 0xc00c5512, 0x0)
getsockname$packet(r6, 0x0, 0x0)

4.775248164s ago: executing program 3 (id=267):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
setrlimit(0xcaee6381e9d3a354, &(0x7f0000000000)={0x1})
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000032680)=""/102400, 0x19000)
rt_sigprocmask(0x0, &(0x7f0000000000)={[0xffffffff7ffffffd]}, 0x0, 0x8)

3.655626921s ago: executing program 3 (id=268):
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2169802, 0x0, 0x0, 0x0, &(0x7f00000003c0))
socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
madvise(&(0x7f00002e5000/0x400000)=nil, 0x400000, 0xf)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000000)=@mangle={'mangle\x00', 0x64, 0x6, 0x580, 0x2e0, 0xd0, 0x2e0, 0xd0, 0xd0, 0x5a0, 0x5a0, 0x5a0, 0x5a0, 0x5a0, 0x6, 0x0, {[{{@uncond, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE2={0x28, 'NFQUEUE\x00', 0x2, {0x0, 0x5}}}, {{@ipv6={@mcast1, @local, [], [], 'macvtap0\x00', 'ip6tnl0\x00', {}, {}, 0x11}, 0x0, 0xa8, 0xe8}, @inet=@TPROXY1={0x40, 'TPROXY\x00', 0x1, {0x0, 0x0, @ipv4=@broadcast}}}, {{@ipv6={@mcast2, @loopback, [], [], 'veth0_to_team\x00', 'syzkaller0\x00'}, 0x0, 0xd0, 0xf8, 0x0, {}, [@common=@inet=@socket1={{0x28}}]}, @common=@unspec=@MARK={0x28}}, {{@uncond, 0x0, 0xf0, 0x118, 0x0, {}, [@common=@hbh={{0x48}}]}, @inet=@DSCP={0x28}}, {{@uncond, 0x0, 0xa8, 0xe8}, @inet=@TPROXY1={0x40, 'TPROXY\x00', 0x1, {0x0, 0x0, @ipv4=@dev}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x5e0)
socket$inet6(0xa, 0x800000000000002, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c0)
r3 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000006c0), 0x2, 0x0)
ioctl$VHOST_SET_FEATURES(r3, 0x4008af00, 0x0)
renameat2(0xffffffffffffff9c, &(0x7f0000000440)='./file1\x00', 0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0)

3.49153574s ago: executing program 6 (id=269):
r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301)
ioctl$USBDEVFS_DISCONNECT_CLAIM(r0, 0x8108551b, 0x0)
ioctl$USBDEVFS_ALLOC_STREAMS(r0, 0x8008551c, &(0x7f0000000080)={0x9632, 0x1, [{0x9, 0x1}]})

3.263494289s ago: executing program 2 (id=270):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x0, &(0x7f0000000300)={[{@grpquota}, {@quota}, {@quota}, {@stripe={'stripe', 0x3d, 0x3}}, {@jqfmt_vfsold}]}, 0xff, 0x4fa, &(0x7f00000005c0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=")
r0 = creat(&(0x7f0000000e40)='./file1\x00', 0x18)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file2\x00', 0xa0c42, 0x100)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
creat(&(0x7f00000000c0)='./bus\x00', 0x182)
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
setresuid(0x0, 0xee01, 0x0)
fallocate(r0, 0x0, 0xbf5, 0x2000402)
exit(0x100000001)
ioctl$EXT4_IOC_MOVE_EXT(r1, 0xc028660f, &(0x7f0000000040)={0xc, r0, 0x0, 0x18, 0x0, 0xfffffffffe000001})

3.219056604s ago: executing program 6 (id=271):
socket$nl_route(0x10, 0x3, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
r2 = socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$FS_IOC_READ_VERITY_METADATA(r2, 0xc0286687, &(0x7f0000000300)={0x1, 0x5, 0x1f, &(0x7f0000000280)=""/31})
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x110b, 0x8000000000002})

2.451171015s ago: executing program 0 (id=272):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r0}, &(0x7f0000000440), &(0x7f0000000140)}, 0x20)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000380)={r0, <r1=>r0}, 0x4)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000003c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000640)={0x11, 0x1c, &(0x7f0000000540)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xa}, {{0x18, 0x1, 0x1, 0x0, r2}, {}, {}, {0x85, 0x0, 0x0, 0x86}}, {}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x6}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r1}}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x3}, {0x85, 0x0, 0x0, 0x2a}}}, &(0x7f0000000080)='GPL\x00', 0x7, 0x1000, &(0x7f0000000cc0)=""/4096, 0x41100, 0x2f}, 0x94)

2.144491461s ago: executing program 6 (id=273):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = dup(r0)
ioctl$TIOCL_SETSEL(r1, 0x541c, &(0x7f0000001900)={0x2, {0x2, 0x300, 0xfffe, 0xd5f}})

1.93318029s ago: executing program 0 (id=274):
syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f0000000700)='./file1\x00', 0x0, &(0x7f0000000000), 0xfe, 0x250, &(0x7f0000000740)="$eJzs3T9oJFUcB/DvzO565m7RUxtB/AMiooFwdoLN2SgcyHGICCqciNgod8J5h11iZWOhtUoqmyB2RktJE2wUwSpqitgIGiwMFlqs7M4G8mc1ZnfdkcznA5OZybyZ3xt2vm+3ebsBGutskvNJWknmk3SSFHsb3FctZ4e7y3Prl5Ne7+lfi0G7ar+ye96ZJEtJHk2yVhZ5tZ3cWH1+6/eNJx9853rngY9Wn5ub6U0ObW9tPrXz4cW3P73wyI2vv/35YpHz6e67r+krRvyvXSS3/xfF/ieKdt094N+49OYn3/Vzf0eS+wf576RM9eK9e+2mtU4e/uDvzn3vl2/ummVfgenr9Tr998ClHtA4ZZJuinIhSbVdlgsL1Wf471uny9euXntj/pWr16+8XPdIBUxLN9l84vNTn505kP+fWlX+gZOrn/9nLq380N/eadXdG2Am7q5W/fzPv7j4UOQfGkf+obnkH5pL/qG55B+aS/6hueQfTrDOPx+Wf2gu+Yfmkn9orr35BwCapXdqnFnDt05/IjIwc3WPPwAAAAAAAAAAAAAAAAAAwGHLc+uXd5dxr1Ecs/2X7yfbjydpj6rfGvwecXLz4O/p34p+s3212uN2dOiFeye8wIQ+rnn29S0/1lv/q3vqrb94JVl6K8m5dvvw81cMn7/x3XbE8c5LExY4poP5fOzZ2dY/6M+Veutf2Ei+6I8/50aNP2XuHKxHjz/do79i+Uiv/zHhBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJiZvwIAAP//1rxsXQ==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101842, 0x1)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000005c0))
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
pwrite64(r1, &(0x7f00000005c0)='\"', 0x1, 0x4fed0)
ioctl$EXT4_IOC_MIGRATE(r0, 0x6609)

1.889126175s ago: executing program 6 (id=275):
syz_usb_connect(0x2, 0x24, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
r1 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
wait4(r1, 0x0, 0x8, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x14, 0x0, 0x0)
ioctl$KVM_GET_MSRS_cpu(0xffffffffffffffff, 0xc008ae88, 0x0)
msgsnd(0x0, 0x0, 0x26, 0x0)

153.012826ms ago: executing program 6 (id=276):
r0 = socket$netlink(0x10, 0x3, 0x4)
writev(r0, &(0x7f0000000300)=[{&(0x7f0000000340)}], 0x1)

148.061447ms ago: executing program 2 (id=277):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x81}, 0x0)
r2 = socket(0x400000000010, 0x3, 0x0)
r3 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000700)=@newtfilter={0x3c, 0x2c, 0xd3f, 0x70b524, 0x25dfdbfb, {0x0, 0x0, 0x0, r4, {0xfff3, 0xffe0}, {}, {0x7, 0xfff2}}, [@filter_kind_options=@f_flow={{0x9}, {0xc, 0x2, [@TCA_FLOW_KEYS={0x8, 0x1, 0x1840}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4008848}, 0xc884)

0s ago: executing program 5 (id=278):
r0 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$sock_linger(r0, 0x1, 0x3c, &(0x7f0000000040)={0x200000000000001}, 0x8)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @dev, 0x5}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4000000)
sendmmsg$inet(r0, &(0x7f0000000ec0)=[{{&(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10, 0x0}}], 0x1, 0x2400c8c4)

kernel console output (not intermixed with test programs):

Warning: Permanently added '10.128.1.144' (ED25519) to the list of known hosts.
[   72.589127][ T5809] cgroup: Unknown subsys name 'net'
[   72.697951][ T5809] cgroup: Unknown subsys name 'cpuset'
[   72.706497][ T5809] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   74.316373][ T5809] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   78.216565][ T5825] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   78.244159][ T5142] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   78.255677][ T5834] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   78.265007][ T5835] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   78.272998][ T5835] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   78.273047][ T5834] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   78.281325][ T5835] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   78.289453][ T5834] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   78.297027][ T5835] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   78.310059][ T5836] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   78.312978][ T5835] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   78.319252][ T5834] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   78.326360][ T5835] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   78.331957][ T5834] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   78.339725][ T5835] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   78.345145][ T5839] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   78.353539][ T5835] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   78.368088][ T5835] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   78.377021][ T5825] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   78.392081][ T5825] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   78.405570][ T5829] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   78.423886][ T5142] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   78.444661][ T5829] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   78.456363][ T5829] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   78.468624][ T5829] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   79.045901][ T5827] chnl_net:caif_netlink_parms(): no params data found
[   79.208025][ T5837] chnl_net:caif_netlink_parms(): no params data found
[   79.312105][ T5823] chnl_net:caif_netlink_parms(): no params data found
[   79.363174][ T5821] chnl_net:caif_netlink_parms(): no params data found
[   79.439719][ T5827] bridge0: port 1(bridge_slave_0) entered blocking state
[   79.447160][ T5827] bridge0: port 1(bridge_slave_0) entered disabled state
[   79.454749][ T5827] bridge_slave_0: entered allmulticast mode
[   79.462204][ T5827] bridge_slave_0: entered promiscuous mode
[   79.498633][ T5822] chnl_net:caif_netlink_parms(): no params data found
[   79.516599][ T5827] bridge0: port 2(bridge_slave_1) entered blocking state
[   79.523864][ T5827] bridge0: port 2(bridge_slave_1) entered disabled state
[   79.531026][ T5827] bridge_slave_1: entered allmulticast mode
[   79.538694][ T5827] bridge_slave_1: entered promiscuous mode
[   79.657593][ T5837] bridge0: port 1(bridge_slave_0) entered blocking state
[   79.664915][ T5837] bridge0: port 1(bridge_slave_0) entered disabled state
[   79.672110][ T5837] bridge_slave_0: entered allmulticast mode
[   79.679736][ T5837] bridge_slave_0: entered promiscuous mode
[   79.710211][ T5827] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   79.739303][ T5837] bridge0: port 2(bridge_slave_1) entered blocking state
[   79.746603][ T5837] bridge0: port 2(bridge_slave_1) entered disabled state
[   79.754482][ T5837] bridge_slave_1: entered allmulticast mode
[   79.761873][ T5837] bridge_slave_1: entered promiscuous mode
[   79.790039][ T5827] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   79.832545][ T5823] bridge0: port 1(bridge_slave_0) entered blocking state
[   79.839841][ T5823] bridge0: port 1(bridge_slave_0) entered disabled state
[   79.847418][ T5823] bridge_slave_0: entered allmulticast mode
[   79.855267][ T5823] bridge_slave_0: entered promiscuous mode
[   79.881536][ T5821] bridge0: port 1(bridge_slave_0) entered blocking state
[   79.889232][ T5821] bridge0: port 1(bridge_slave_0) entered disabled state
[   79.896617][ T5821] bridge_slave_0: entered allmulticast mode
[   79.904197][ T5821] bridge_slave_0: entered promiscuous mode
[   79.924593][ T5823] bridge0: port 2(bridge_slave_1) entered blocking state
[   79.931874][ T5823] bridge0: port 2(bridge_slave_1) entered disabled state
[   79.939389][ T5823] bridge_slave_1: entered allmulticast mode
[   79.946880][ T5823] bridge_slave_1: entered promiscuous mode
[   79.983435][ T5827] team0: Port device team_slave_0 added
[   79.989586][ T5821] bridge0: port 2(bridge_slave_1) entered blocking state
[   79.996924][ T5821] bridge0: port 2(bridge_slave_1) entered disabled state
[   80.004301][ T5821] bridge_slave_1: entered allmulticast mode
[   80.011706][ T5821] bridge_slave_1: entered promiscuous mode
[   80.023070][ T5837] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   80.064785][ T5827] team0: Port device team_slave_1 added
[   80.085291][ T5837] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   80.099051][ T5823] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   80.109829][ T5822] bridge0: port 1(bridge_slave_0) entered blocking state
[   80.117296][ T5822] bridge0: port 1(bridge_slave_0) entered disabled state
[   80.124595][ T5822] bridge_slave_0: entered allmulticast mode
[   80.131973][ T5822] bridge_slave_0: entered promiscuous mode
[   80.179399][ T5823] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   80.202183][ T5822] bridge0: port 2(bridge_slave_1) entered blocking state
[   80.209608][ T5822] bridge0: port 2(bridge_slave_1) entered disabled state
[   80.216979][ T5822] bridge_slave_1: entered allmulticast mode
[   80.224577][ T5822] bridge_slave_1: entered promiscuous mode
[   80.247147][ T5821] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   80.260605][ T5821] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   80.296113][ T5823] team0: Port device team_slave_0 added
[   80.318145][ T5827] batman_adv: batadv0: Adding interface: batadv_slave_0
[   80.325273][ T5827] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   80.351710][ T5827] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   80.379336][ T5837] team0: Port device team_slave_0 added
[   80.388270][ T5823] team0: Port device team_slave_1 added
[   80.418674][ T5827] batman_adv: batadv0: Adding interface: batadv_slave_1
[   80.425722][ T5827] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   80.451720][ T5827] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   80.474964][ T5839] Bluetooth: hci1: command tx timeout
[   80.479302][ T5837] team0: Port device team_slave_1 added
[   80.480645][ T5839] Bluetooth: hci2: command tx timeout
[   80.491910][ T5829] Bluetooth: hci0: command tx timeout
[   80.497668][ T5142] Bluetooth: hci3: command tx timeout
[   80.527086][ T5822] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   80.543708][ T5839] Bluetooth: hci4: command tx timeout
[   80.555307][ T5821] team0: Port device team_slave_0 added
[   80.574243][ T5823] batman_adv: batadv0: Adding interface: batadv_slave_0
[   80.581229][ T5823] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   80.607501][ T5823] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   80.622842][ T5822] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   80.636904][ T5821] team0: Port device team_slave_1 added
[   80.645092][ T5837] batman_adv: batadv0: Adding interface: batadv_slave_0
[   80.652048][ T5837] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   80.678406][ T5837] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   80.691447][ T5823] batman_adv: batadv0: Adding interface: batadv_slave_1
[   80.698521][ T5823] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   80.724477][ T5823] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   80.780260][ T5837] batman_adv: batadv0: Adding interface: batadv_slave_1
[   80.787387][ T5837] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   80.813834][ T5837] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   80.887580][ T5822] team0: Port device team_slave_0 added
[   80.895108][ T5821] batman_adv: batadv0: Adding interface: batadv_slave_0
[   80.902054][ T5821] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   80.928125][ T5821] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   80.946608][ T5827] hsr_slave_0: entered promiscuous mode
[   80.953403][ T5827] hsr_slave_1: entered promiscuous mode
[   80.978766][ T5822] team0: Port device team_slave_1 added
[   80.986095][ T5821] batman_adv: batadv0: Adding interface: batadv_slave_1
[   80.993035][ T5821] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   81.019159][ T5821] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   81.038312][ T5823] hsr_slave_0: entered promiscuous mode
[   81.045190][ T5823] hsr_slave_1: entered promiscuous mode
[   81.051612][ T5823] debugfs: 'hsr0' already exists in 'hsr'
[   81.057462][ T5823] Cannot create hsr debugfs directory
[   81.130096][ T5822] batman_adv: batadv0: Adding interface: batadv_slave_0
[   81.137101][ T5822] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   81.163327][ T5822] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   81.177223][ T5822] batman_adv: batadv0: Adding interface: batadv_slave_1
[   81.184336][ T5822] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   81.211157][ T5822] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   81.274116][ T5837] hsr_slave_0: entered promiscuous mode
[   81.280777][ T5837] hsr_slave_1: entered promiscuous mode
[   81.287544][ T5837] debugfs: 'hsr0' already exists in 'hsr'
[   81.293289][ T5837] Cannot create hsr debugfs directory
[   81.375999][ T5821] hsr_slave_0: entered promiscuous mode
[   81.382667][ T5821] hsr_slave_1: entered promiscuous mode
[   81.389448][ T5821] debugfs: 'hsr0' already exists in 'hsr'
[   81.395250][ T5821] Cannot create hsr debugfs directory
[   81.554866][ T5822] hsr_slave_0: entered promiscuous mode
[   81.561592][ T5822] hsr_slave_1: entered promiscuous mode
[   81.568354][ T5822] debugfs: 'hsr0' already exists in 'hsr'
[   81.574154][ T5822] Cannot create hsr debugfs directory
[   82.087575][ T5827] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   82.100819][ T5827] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   82.120261][ T5827] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   82.131456][ T5827] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   82.187101][ T5823] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   82.207785][ T5823] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   82.231526][ T5823] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   82.241848][ T5823] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   82.311718][ T5821] netdevsim netdevsim4 netdevsim0: renamed from eth0
[   82.339348][ T5821] netdevsim netdevsim4 netdevsim1: renamed from eth1
[   82.363849][ T5821] netdevsim netdevsim4 netdevsim2: renamed from eth2
[   82.375955][ T5821] netdevsim netdevsim4 netdevsim3: renamed from eth3
[   82.506852][ T5837] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   82.517742][ T5837] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   82.531461][ T5837] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   82.543821][ T5839] Bluetooth: hci2: command tx timeout
[   82.543866][ T5825] Bluetooth: hci0: command tx timeout
[   82.549239][ T5839] Bluetooth: hci3: command tx timeout
[   82.554758][ T5825] Bluetooth: hci1: command tx timeout
[   82.575860][ T5837] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   82.623754][ T5825] Bluetooth: hci4: command tx timeout
[   82.698244][ T5822] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   82.711982][ T5822] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   82.742966][ T5827] 8021q: adding VLAN 0 to HW filter on device bond0
[   82.751168][ T5822] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   82.764952][ T5822] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   82.887482][ T5827] 8021q: adding VLAN 0 to HW filter on device team0
[   82.922926][  T152] bridge0: port 1(bridge_slave_0) entered blocking state
[   82.930163][  T152] bridge0: port 1(bridge_slave_0) entered forwarding state
[   82.939694][  T152] bridge0: port 2(bridge_slave_1) entered blocking state
[   82.946877][  T152] bridge0: port 2(bridge_slave_1) entered forwarding state
[   83.017020][ T5823] 8021q: adding VLAN 0 to HW filter on device bond0
[   83.078647][ T5821] 8021q: adding VLAN 0 to HW filter on device bond0
[   83.139254][ T5823] 8021q: adding VLAN 0 to HW filter on device team0
[   83.156634][ T5837] 8021q: adding VLAN 0 to HW filter on device bond0
[   83.192947][ T5821] 8021q: adding VLAN 0 to HW filter on device team0
[   83.209589][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[   83.216795][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[   83.235568][ T5822] 8021q: adding VLAN 0 to HW filter on device bond0
[   83.255729][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[   83.262838][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[   83.290691][  T152] bridge0: port 2(bridge_slave_1) entered blocking state
[   83.297896][  T152] bridge0: port 2(bridge_slave_1) entered forwarding state
[   83.316597][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[   83.323830][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[   83.335870][ T5837] 8021q: adding VLAN 0 to HW filter on device team0
[   83.410149][ T5822] 8021q: adding VLAN 0 to HW filter on device team0
[   83.432450][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[   83.439589][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[   83.450646][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[   83.457768][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[   83.540010][  T152] bridge0: port 1(bridge_slave_0) entered blocking state
[   83.547302][  T152] bridge0: port 1(bridge_slave_0) entered forwarding state
[   83.609432][  T152] bridge0: port 2(bridge_slave_1) entered blocking state
[   83.616626][  T152] bridge0: port 2(bridge_slave_1) entered forwarding state
[   83.839182][ T5827] 8021q: adding VLAN 0 to HW filter on device batadv0
[   84.179986][ T5827] veth0_vlan: entered promiscuous mode
[   84.240893][ T5827] veth1_vlan: entered promiscuous mode
[   84.287948][ T5823] 8021q: adding VLAN 0 to HW filter on device batadv0
[   84.400551][ T5821] 8021q: adding VLAN 0 to HW filter on device batadv0
[   84.509377][ T5827] veth0_macvtap: entered promiscuous mode
[   84.547584][ T5827] veth1_macvtap: entered promiscuous mode
[   84.566968][ T5837] 8021q: adding VLAN 0 to HW filter on device batadv0
[   84.585211][ T5822] 8021q: adding VLAN 0 to HW filter on device batadv0
[   84.624996][ T5825] Bluetooth: hci3: command tx timeout
[   84.625068][ T5142] Bluetooth: hci2: command tx timeout
[   84.630428][ T5825] Bluetooth: hci1: command tx timeout
[   84.636202][ T5839] Bluetooth: hci0: command tx timeout
[   84.667087][ T5823] veth0_vlan: entered promiscuous mode
[   84.709084][ T5839] Bluetooth: hci4: command tx timeout
[   84.738888][ T5827] batman_adv: batadv0: Interface activated: batadv_slave_0
[   84.756850][ T5823] veth1_vlan: entered promiscuous mode
[   84.788192][ T5827] batman_adv: batadv0: Interface activated: batadv_slave_1
[   84.839211][   T77] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   84.849318][   T77] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   84.872959][   T77] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   84.882933][   T77] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   84.921561][ T5837] veth0_vlan: entered promiscuous mode
[   84.995551][ T5823] veth0_macvtap: entered promiscuous mode
[   85.012091][ T5837] veth1_vlan: entered promiscuous mode
[   85.063461][ T5823] veth1_macvtap: entered promiscuous mode
[   85.090133][ T5822] veth0_vlan: entered promiscuous mode
[   85.115883][ T5821] veth0_vlan: entered promiscuous mode
[   85.137384][ T5823] batman_adv: batadv0: Interface activated: batadv_slave_0
[   85.162482][ T5821] veth1_vlan: entered promiscuous mode
[   85.172596][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   85.177894][ T5822] veth1_vlan: entered promiscuous mode
[   85.188355][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   85.205613][ T5823] batman_adv: batadv0: Interface activated: batadv_slave_1
[   85.274742][   T13] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   85.284747][   T13] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   85.296515][   T13] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   85.305410][   T13] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   85.340028][  T152] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   85.351017][ T5837] veth0_macvtap: entered promiscuous mode
[   85.357069][  T152] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   85.393503][ T5821] veth0_macvtap: entered promiscuous mode
[   85.414226][ T5837] veth1_macvtap: entered promiscuous mode
[   85.436837][ T5821] veth1_macvtap: entered promiscuous mode
[   85.489732][ T5827] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   85.527927][ T5822] veth0_macvtap: entered promiscuous mode
[   85.580301][ T5837] batman_adv: batadv0: Interface activated: batadv_slave_0
[   85.600572][ T5822] veth1_macvtap: entered promiscuous mode
[   85.647210][ T5837] batman_adv: batadv0: Interface activated: batadv_slave_1
[   85.671993][ T5821] batman_adv: batadv0: Interface activated: batadv_slave_0
[   85.685727][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   85.689660][ T5821] batman_adv: batadv0: Interface activated: batadv_slave_1
[   85.706382][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   85.740300][ T5822] batman_adv: batadv0: Interface activated: batadv_slave_0
[   85.784585][ T5946] capability: warning: `syz.2.6' uses 32-bit capabilities (legacy support in use)
[   85.794870][   T12] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   85.804448][   T12] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   85.824357][ T5822] batman_adv: batadv0: Interface activated: batadv_slave_1
[   85.859101][   T12] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   85.871412][   T12] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   85.889094][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   85.913681][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   85.933945][   T12] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   85.946517][   T12] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   86.007276][   T12] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   86.017605][   T12] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   86.075198][   T12] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   86.085154][   T12] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   86.129065][   T12] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   86.185594][   T12] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   86.312794][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   86.339394][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   86.537214][ T5957] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[   86.985127][ T5839] Bluetooth: hci0: command tx timeout
[   86.990576][ T5839] Bluetooth: hci2: command tx timeout
[   86.996087][ T5142] Bluetooth: hci3: command tx timeout
[   86.996106][ T5825] Bluetooth: hci1: command tx timeout
[   87.001482][ T5142] Bluetooth: hci4: command tx timeout
[   87.039948][   T24] cfg80211: failed to load regulatory.db
[   87.298590][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   87.323583][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   87.343431][ T5964] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   87.412904][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   87.427591][   T33] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   87.433839][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   87.454608][   T33] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   87.641037][  T801] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   87.688399][  T801] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   87.730545][   T77] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   87.790037][   T77] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   88.198954][ T5984] netlink: 'syz.0.18': attribute type 1 has an invalid length.
[   88.878863][ T5999] netlink: 16 bytes leftover after parsing attributes in process `syz.4.17'.
[   88.939637][ T5996] loop2: detected capacity change from 0 to 2048
[   89.108655][ T5996] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   89.163886][ T5996] ext4 filesystem being mounted at /10/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   89.356331][ T5827] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   89.433855][ T6011] Illegal XDP return value 4294967294 on prog  (id 3) dev syz_tun, expect packet loss!
[   89.649895][ T6017] netlink: 32 bytes leftover after parsing attributes in process `syz.0.29'.
[   89.698491][ T6017] netlink: 32 bytes leftover after parsing attributes in process `syz.0.29'.
[   89.724070][ T6017] Zero length message leads to an empty skb
[   89.791779][ T6019] loop2: detected capacity change from 0 to 2048
[   89.888308][ T5955]  loop2: p3 p4 < >
[   89.899279][ T5955] loop2: p3 start 4284289 is beyond EOD, truncated
[   89.920221][ T6021] loop1: detected capacity change from 0 to 128
[   89.957444][ T6019]  loop2: p3 p4 < >
[   89.970987][ T6019] loop2: p3 start 4284289 is beyond EOD, truncated
[   89.981617][ T6021] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   90.002998][ T6021] ext4 filesystem being mounted at /4/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   90.280510][ T5955] udevd[5955]: inotify_add_watch(7, /dev/loop2p4, 10) failed: No such file or directory
[   91.233406][ T5955] udevd[5955]: inotify_add_watch(7, /dev/loop2p4, 10) failed: No such file or directory
[   91.240164][ T5822] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   91.463184][ T6035] loop4: detected capacity change from 0 to 1024
[   91.494054][   T10] usb 3-1: new full-speed USB device number 2 using dummy_hcd
[   91.503920][ T6035] =======================================================
[   91.503920][ T6035] WARNING: The mand mount option has been deprecated and
[   91.503920][ T6035]          and is ignored by this kernel. Remove the mand
[   91.503920][ T6035]          option from the mount to silence this warning.
[   91.503920][ T6035] =======================================================
[   91.714790][ T6035] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   91.796260][   T10] usb 3-1: unable to get BOS descriptor or descriptor too short
[   91.805985][   T10] usb 3-1: not running at top speed; connect to a high speed hub
[   92.497525][   T10] usb 3-1: config 1 has an invalid interface number: 138 but max is 0
[   92.506638][   T10] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   92.516876][   T10] usb 3-1: config 1 has no interface number 0
[   92.523329][   T10] usb 3-1: config 1 interface 138 altsetting 252 endpoint 0xC has invalid wMaxPacketSize 0
[   92.533450][   T10] usb 3-1: config 1 interface 138 has no altsetting 0
[   92.724051][   T10] usb 3-1: New USB device found, idVendor=0cb8, idProduct=c90b, bcdDevice= d.ae
[   92.779924][   T10] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   92.836606][   T10] usb 3-1: Product: syz
[   92.840827][   T10] usb 3-1: Manufacturer: syz
[   92.873204][ T6048] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4224: comm syz.4.36: Allocating blocks 497-513 which overlap fs metadata
[   92.884558][   T10] usb 3-1: SerialNumber: syz
[   92.903071][ T6051] loop1: detected capacity change from 0 to 4096
[   92.950069][ T6054] capability: warning: `syz.0.38' uses deprecated v2 capabilities in a way that may be insecure
[   93.271311][ T6048] EXT4-fs (loop4): pa ffff888035d2bd98: logic 256, phys. 385, len 8
[   93.280100][ T6048] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:5467: group 0, free 0, pa_free 1
[   93.504374][ T6051] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   93.692838][ T5821] EXT4-fs error (device loop4): ext4_lookup:1785: inode #16: comm syz-executor: iget: bad extended attribute block 8
[   93.717112][ T5822] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   93.720034][ T5821] EXT4-fs error (device loop4): ext4_lookup:1785: inode #16: comm syz-executor: iget: bad extended attribute block 8
[   93.792128][   T10] usb 3-1: Quirk or no altset; falling back to MIDI 1.0
[   94.002605][   T10] usb 3-1: USB disconnect, device number 2
[   94.171872][ T6068] udevd[6068]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.138/sound/card3/controlC3/../uevent} for writing: No such file or directory
[   94.206038][ T6072] xt_hashlimit: size too large, truncated to 1048576
[   94.312571][ T5821] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   94.334549][   T13] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   94.516045][   T13] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   94.675995][   T13] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   94.806310][   T13] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   95.066724][ T6083] loop1: detected capacity change from 0 to 1024
[   95.077184][ T6083] EXT4-fs: inline encryption not supported
[   95.095841][ T6083] EXT4-fs: Ignoring removed oldalloc option
[   95.105508][ T6088] netlink: 16 bytes leftover after parsing attributes in process `syz.2.47'.
[   95.182145][   T13] bridge_slave_1: left allmulticast mode
[   95.210557][   T13] bridge_slave_1: left promiscuous mode
[   95.221453][   T13] bridge0: port 2(bridge_slave_1) entered disabled state
[   95.233129][ T6083] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   95.929908][   T13] bridge_slave_0: left allmulticast mode
[   96.128544][ T5839] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   96.138521][ T5839] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   96.147452][ T5839] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   96.155573][ T5839] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   96.163393][ T5839] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   96.193439][   T13] bridge_slave_0: left promiscuous mode
[   96.199580][   T13] bridge0: port 1(bridge_slave_0) entered disabled state
[   96.317276][ T5822] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   96.615690][ T6104] loop1: detected capacity change from 0 to 256
[   96.779615][ T6104] FAT-fs (loop1): Directory bread(block 64) failed
[   96.819558][ T6104] FAT-fs (loop1): Directory bread(block 65) failed
[   96.835897][ T6104] FAT-fs (loop1): Directory bread(block 66) failed
[   96.842476][ T6104] FAT-fs (loop1): Directory bread(block 67) failed
[   96.903348][   T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   96.925088][ T6104] FAT-fs (loop1): Directory bread(block 68) failed
[   96.931920][ T6104] FAT-fs (loop1): Directory bread(block 69) failed
[   97.899442][   T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   97.908538][ T6104] FAT-fs (loop1): Directory bread(block 70) failed
[   97.936222][   T13] bond0 (unregistering): Released all slaves
[   98.564294][ T5142] Bluetooth: hci0: command tx timeout
[   98.585456][ T6104] FAT-fs (loop1): Directory bread(block 71) failed
[   98.658736][ T6104] FAT-fs (loop1): Directory bread(block 72) failed
[   98.747714][ T6104] FAT-fs (loop1): Directory bread(block 73) failed
[   98.901467][ T6117] loop3: detected capacity change from 0 to 40427
[   98.937958][ T6117] F2FS-fs (loop3): build fault injection rate: 771
[   98.949705][ T6117] F2FS-fs (loop3): invalid crc value
[   99.214754][ T6117] F2FS-fs (loop3): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[   99.249003][ T6117] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  100.032952][ T5837] syz-executor: attempt to access beyond end of device
[  100.032952][ T5837] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  100.055897][ T6126] loop1: detected capacity change from 0 to 4096
[  100.075397][ T6126] EXT4-fs (loop1): Test dummy encryption mode enabled
[  100.088313][ T5837] CPU: 1 UID: 0 PID: 5837 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[  100.088338][ T5837] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  100.088349][ T5837] Call Trace:
[  100.088357][ T5837]  <TASK>
[  100.088364][ T5837]  dump_stack_lvl+0xe8/0x150
[  100.088398][ T5837]  f2fs_handle_critical_error+0x37c/0x540
[  100.088436][ T5837]  f2fs_write_end_io+0xcdb/0xff0
[  100.088480][ T5837]  __submit_merged_bio+0x256/0x700
[  100.088517][ T5837]  __submit_merged_write_cond+0x3c3/0x4e0
[  100.088553][ T5837]  ? __pfx___submit_merged_write_cond+0x10/0x10
[  100.088610][ T5837]  f2fs_write_data_pages+0x2975/0x35e0
[  100.088676][ T5837]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  100.088712][ T5837]  ? unwind_get_return_address+0x4d/0x90
[  100.088738][ T5837]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  100.088791][ T5837]  ? check_noncircular+0xda/0x150
[  100.088829][ T5837]  ? lockdep_unlock+0x5d/0xd0
[  100.088847][ T5837]  ? __lock_acquire+0x146e/0x2cf0
[  100.088894][ T5837]  ? do_raw_spin_lock+0x12b/0x2f0
[  100.088928][ T5837]  ? do_raw_spin_unlock+0xf5/0x210
[  100.088947][ T5837]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  100.088968][ T5837]  do_writepages+0x32e/0x550
[  100.089008][ T5837]  ? do_raw_spin_unlock+0xf5/0x210
[  100.089033][ T5837]  filemap_fdatawrite+0x1e9/0x2f0
[  100.089061][ T5837]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  100.089160][ T5837]  ? do_raw_spin_unlock+0xf5/0x210
[  100.089186][ T5837]  f2fs_sync_dirty_inodes+0x30e/0x860
[  100.089225][ T5837]  f2fs_write_checkpoint+0x9cf/0x2680
[  100.089246][ T5837]  ? lockdep_hardirqs_on+0x7a/0x110
[  100.089311][ T5837]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  100.089381][ T5837]  ? kfree+0x1c1/0x630
[  100.089404][ T5837]  ? f2fs_stop_gc_thread+0x7f/0xb0
[  100.089439][ T5837]  kill_f2fs_super+0x314/0x720
[  100.089469][ T5837]  ? __pfx_kill_f2fs_super+0x10/0x10
[  100.089508][ T5837]  ? lockdep_hardirqs_on+0x7a/0x110
[  100.089549][ T5837]  deactivate_locked_super+0xbc/0x130
[  100.089580][ T5837]  cleanup_mnt+0x437/0x4d0
[  100.089600][ T5837]  ? _raw_spin_unlock_irq+0x23/0x50
[  100.089630][ T5837]  task_work_run+0x1d9/0x270
[  100.089655][ T5837]  ? __pfx_task_work_run+0x10/0x10
[  100.089690][ T5837]  exit_to_user_mode_loop+0xed/0x480
[  100.089711][ T5837]  ? rcu_is_watching+0x15/0xb0
[  100.089743][ T5837]  do_syscall_64+0x32d/0xf80
[  100.089769][ T5837]  ? trace_irq_disable+0x3b/0x150
[  100.089794][ T5837]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  100.089813][ T5837]  ? clear_bhb_loop+0x40/0x90
[  100.089838][ T5837]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  100.089855][ T5837] RIP: 0033:0x7fdf7ff9d1d7
[  100.089875][ T5837] Code: a2 c7 05 bc e3 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8
[  100.089889][ T5837] RSP: 002b:00007ffd9fa7dfe8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  100.089911][ T5837] RAX: 0000000000000000 RBX: 00007fdf80031c3b RCX: 00007fdf7ff9d1d7
[  100.089923][ T5837] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd9fa7e0a0
[  100.089934][ T5837] RBP: 00007ffd9fa7e0a0 R08: 00007ffd9fa7f0a0 R09: 00000000ffffffff
[  100.089946][ T5837] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffd9fa7f130
[  100.089957][ T5837] R13: 00007fdf80031c3b R14: 0000000000018536 R15: 00007ffd9fa7f170
[  100.089993][ T5837]  </TASK>
[  100.090002][ T5837] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  100.127323][ T6126] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c018, mo2=0103]
[  100.456913][ T6126] System zones: 0-5
[  100.516628][ T6126] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  100.628135][ T6126] fscrypt: AES-256-XTS using implementation "xts-aes-aesni-avx"
[  100.638085][ T5142] Bluetooth: hci0: command tx timeout
[  100.997331][ T5822] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  102.500673][ T6143] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -4
[  102.510258][ T6143] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -4
[  102.520196][ T6143] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db
[  102.530285][   T30] audit: type=1800 audit(1770822901.561:2): pid=6143 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.66" name="regulatory.db" dev="sda1" ino=448 res=0 errno=0
[  102.704022][ T5142] Bluetooth: hci0: command tx timeout
[  102.743965][ T6124] loop0: detected capacity change from 0 to 40427
[  102.907217][   T13] hsr_slave_0: left promiscuous mode
[  102.971461][   T13] hsr_slave_1: left promiscuous mode
[  102.994086][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  103.033035][   T13] batman_adv: batadv0: Removing interface: batadv_slave_0
[  103.081170][ T6164] loop2: detected capacity change from 0 to 4096
[  103.100030][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  103.124166][ T6164] EXT4-fs: inline encryption not supported
[  103.141427][   T13] batman_adv: batadv0: Removing interface: batadv_slave_1
[  103.174310][ T6164] EXT4-fs (loop2): Test dummy encryption mode enabled
[  103.182250][   T13] veth1_macvtap: left promiscuous mode
[  103.211887][   T13] veth0_macvtap: left promiscuous mode
[  103.218799][ T6124] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  103.230815][   T13] veth1_vlan: left promiscuous mode
[  103.239715][ T6164] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c018, mo2=0003]
[  103.278111][   T13] veth0_vlan: left promiscuous mode
[  103.302596][ T6164] System zones: 0-5
[  103.376869][ T6164] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  103.511100][ T6171] netlink: 16 bytes leftover after parsing attributes in process `syz.3.73'.
[  103.551508][ T5827] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  104.015216][ T6175] loop1: detected capacity change from 0 to 16
[  104.057361][ T6175] erofs: Unknown parameter '0177777777777777777777701777777777777777777777ÿÿÿÿ'
[  104.653163][ T6184] loop3: detected capacity change from 0 to 256
[  104.804376][ T5142] Bluetooth: hci0: command tx timeout
[  104.988984][ T6184] exFAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  105.116970][ T6184] exFAT-fs (loop3): Medium has reported failures. Some data may be lost.
[  105.143815][ T6184] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  105.188650][ T6184] exFAT-fs (loop3): failed to load alloc-bitmap
[  105.203651][ T6184] exFAT-fs (loop3): failed to recognize exfat type
[  105.437248][   T13] team0 (unregistering): Port device team_slave_1 removed
[  105.496983][   T13] team0 (unregistering): Port device team_slave_0 removed
[  105.527430][ T6194] loop3: detected capacity change from 0 to 512
[  105.732653][ T6194] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  105.757439][ T6194] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[  105.769108][ T6194] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem
[  105.787011][ T6194] EXT4-fs (loop3): warning: mounting unchecked fs, running e2fsck is recommended
[  105.798271][ T6194] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01d, mo2=0006]
[  105.853205][ T6194] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  105.873206][ T6201] loop0: detected capacity change from 0 to 256
[  106.117924][ T5837] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  106.413019][ T6097] chnl_net:caif_netlink_parms(): no params data found
[  106.734016][ T6213] netlink: 16 bytes leftover after parsing attributes in process `syz.1.88'.
[  106.897824][ T6224] loop3: detected capacity change from 0 to 128
[  107.081974][ T6224] syz.3.87: attempt to access beyond end of device
[  107.081974][ T6224] loop3: rw=8390659, sector=104, nr_sectors = 25 limit=128
[  108.472288][ T6097] bridge0: port 1(bridge_slave_0) entered blocking state
[  108.535760][ T6097] bridge0: port 1(bridge_slave_0) entered disabled state
[  108.596274][ T6097] bridge_slave_0: entered allmulticast mode
[  108.610648][ T6233] loop1: detected capacity change from 0 to 512
[  108.654509][ T6097] bridge_slave_0: entered promiscuous mode
[  108.714857][ T6097] bridge0: port 2(bridge_slave_1) entered blocking state
[  108.783353][ T6097] bridge0: port 2(bridge_slave_1) entered disabled state
[  108.819322][ T6233] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.90: bg 0: block 248: padding at end of block bitmap is not set
[  108.847814][ T6097] bridge_slave_1: entered allmulticast mode
[  108.895326][ T6233] loop1: lost filesystem error report for type 5 error -117
[  108.903567][    C0] EXT4-fs (loop1): error count since last fsck: 1
[  108.917634][    C0] EXT4-fs (loop1): last error at time 1770822907: ext4_validate_block_bitmap:441
[  108.927033][ T6097] bridge_slave_1: entered promiscuous mode
[  108.967509][   T49] kworker/u8:3: attempt to access beyond end of device
[  108.967509][   T49] loop3: rw=1, sector=145, nr_sectors = 896 limit=128
[  108.984701][ T6233] Quota error (device loop1): write_blk: dquota write failed
[  109.014148][ T6233] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota
[  109.063629][ T6233] EXT4-fs error (device loop1): ext4_acquire_dquot:7003: comm syz.1.90: Failed to acquire dquot type 1
[  109.103854][ T6233] loop1: lost filesystem error report for type 5 error -117
[  109.110829][ T6233] EXT4-fs (loop1): 1 truncate cleaned up
[  109.195412][ T6233] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  109.212715][ T6097] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  109.248992][ T6233] ext4 filesystem being mounted at /19/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  109.271387][ T6097] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  109.414930][ T5822] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  109.449904][ T6097] team0: Port device team_slave_0 added
[  109.520897][ T6097] team0: Port device team_slave_1 added
[  109.669356][ T6221] loop0: detected capacity change from 0 to 40427
[  110.003983][ T6097] batman_adv: batadv0: Adding interface: batadv_slave_0
[  110.011020][ T6097] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  110.111582][ T6097] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  110.153024][ T6097] batman_adv: batadv0: Adding interface: batadv_slave_1
[  110.180939][ T6097] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  110.302871][ T6097] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  113.267933][ T6274] binder: 6272:6274 ioctl c0306201 2000000003c0 returned -14
[  114.838923][ T6097] hsr_slave_0: entered promiscuous mode
[  114.876875][ T6097] hsr_slave_1: entered promiscuous mode
[  114.892313][ T6287] netlink: 4 bytes leftover after parsing attributes in process `syz.0.105'.
[  114.901670][ T6097] debugfs: 'hsr0' already exists in 'hsr'
[  114.910888][ T6097] Cannot create hsr debugfs directory
[  114.917294][ T6289] loop1: detected capacity change from 0 to 1024
[  114.979661][ T6289] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  115.047211][ T6291] netlink: 'syz.3.106': attribute type 1 has an invalid length.
[  115.139304][ T5822] EXT4-fs warning (device loop1): ext4_expand_extra_isize_ea:2858: Unable to expand inode 11. Delete some EAs or run e2fsck.
[  115.339950][ T6302] loop3: detected capacity change from 0 to 1024
[  115.426389][ T6305] loop0: detected capacity change from 0 to 1024
[  115.441167][ T6302] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-001000000000 r/w without journal. Quota mode: writeback.
[  115.546912][ T6302] EXT4-fs (loop3): shut down requested (0)
[  115.562779][ T6305] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  115.682125][ T5837] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-001000000000.
[  116.267117][   T10] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[  116.273699][ T6297] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  116.644619][ T6319] loop3: detected capacity change from 0 to 40427
[  116.692207][ T6319] F2FS-fs (loop3): Image doesn't support compression
[  116.699289][ T6319] F2FS-fs (loop3): build fault injection rate: 684
[  116.705983][ T6319] F2FS-fs (loop3): build fault injection type: 0x35f7
[  116.717137][ T6319] F2FS-fs (loop3): invalid crc value
[  116.874156][   T10] usb 1-1: Using ep0 maxpacket: 16
[  116.882955][   T10] usb 1-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  116.896997][   T10] usb 1-1: config 1 has an invalid descriptor of length 115, skipping remainder of the config
[  116.908125][   T10] usb 1-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  116.917279][   T10] usb 1-1: config 1 has no interface number 1
[  116.921300][ T6319] F2FS-fs (loop3): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  116.935734][   T10] usb 1-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  116.935850][ T6319] F2FS-fs (loop3): Start checkpoint disabled!
[  116.955764][   T10] usb 1-1: config 1 interface 2 altsetting 1 has an endpoint descriptor with address 0x76, changing to 0x6
[  116.976455][ T6319] F2FS-fs (loop3): f2fs_disable_checkpoint() finish, err:0
[  116.991252][ T6319] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6
[  117.080188][   T10] usb 1-1: config 1 interface 2 altsetting 1 endpoint 0x6 has an invalid bInterval 44, changing to 7
[  117.107113][   T10] usb 1-1: config 1 interface 2 altsetting 1 endpoint 0x6 has invalid maxpacket 24946, setting to 1024
[  117.126975][ T6318] bridge0: port 1(bridge_slave_0) entered disabled state
[  117.135245][   T10] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  117.138658][ T6318] bridge0: port 2(bridge_slave_1) entered disabled state
[  117.146508][   T10] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  117.175377][   T10] usb 1-1: Product: syz
[  117.256773][   T10] usb 1-1: Manufacturer: syz
[  117.261451][   T10] usb 1-1: SerialNumber: syz
[  117.465511][ T1037] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  117.504947][ T6305] EXT4-fs (loop0): shut down requested (2)
[  117.544849][   T10] usb 1-1: 2:1 : no or invalid class specific endpoint descriptor
[  117.574355][   T10] usb 1-1: found format II with max.bitrate = 0, frame size=0
[  117.581882][   T10] usb 1-1: 2:1 : invalid UAC_FORMAT_TYPE desc
[  117.655216][ T1037] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  117.799444][   T10] usb 1-1: USB disconnect, device number 2
[  117.895858][ T6063] udevd[6063]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  119.613149][ T6331] loop2: detected capacity change from 0 to 40427
[  119.758409][ T5839] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  119.772685][ T5839] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  119.801562][ T1037] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  119.816533][ T5839] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  119.828052][ T5839] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  119.841658][ T5839] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  119.915137][ T6331] F2FS-fs (loop2): build fault injection rate: 771
[  119.927960][ T6331] F2FS-fs (loop2): invalid crc value
[  120.340683][ T6331] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  120.355128][ T6331] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  121.003016][ T5823] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  121.052671][ T6097] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  121.125216][ T1037] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  121.209665][ T6097] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  121.454165][ T6097] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  121.572406][ T6351] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  121.967614][ T6344] bridge1: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[  122.034470][ T5839] Bluetooth: hci2: command tx timeout
[  122.136567][ T5827] syz-executor: attempt to access beyond end of device
[  122.136567][ T5827] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  122.165819][ T5827] CPU: 0 UID: 0 PID: 5827 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[  122.165847][ T5827] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  122.165858][ T5827] Call Trace:
[  122.165866][ T5827]  <TASK>
[  122.165875][ T5827]  dump_stack_lvl+0xe8/0x150
[  122.165908][ T5827]  f2fs_handle_critical_error+0x37c/0x540
[  122.165946][ T5827]  f2fs_write_end_io+0xcdb/0xff0
[  122.165989][ T5827]  __submit_merged_bio+0x256/0x700
[  122.166024][ T5827]  __submit_merged_write_cond+0x3c3/0x4e0
[  122.166064][ T5827]  ? __pfx___submit_merged_write_cond+0x10/0x10
[  122.166119][ T5827]  f2fs_write_data_pages+0x2975/0x35e0
[  122.166181][ T5827]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  122.166219][ T5827]  ? css_rstat_updated+0x23a/0x530
[  122.166269][ T5827]  ? rcu_is_watching+0x15/0xb0
[  122.166296][ T5827]  ? mod_memcg_lruvec_state+0x1a7/0x360
[  122.166328][ T5827]  ? __lock_acquire+0x6b5/0x2cf0
[  122.166370][ T5827]  ? __lock_acquire+0x6b5/0x2cf0
[  122.166400][ T5827]  ? do_raw_spin_lock+0x12b/0x2f0
[  122.166432][ T5827]  ? do_raw_spin_unlock+0xf5/0x210
[  122.166452][ T5827]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  122.166474][ T5827]  do_writepages+0x32e/0x550
[  122.166510][ T5827]  ? do_raw_spin_unlock+0xf5/0x210
[  122.166533][ T5827]  filemap_fdatawrite+0x1e9/0x2f0
[  122.166562][ T5827]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  122.166635][ T5827]  ? do_raw_spin_unlock+0xf5/0x210
[  122.166660][ T5827]  f2fs_sync_dirty_inodes+0x30e/0x860
[  122.166698][ T5827]  f2fs_write_checkpoint+0x9cf/0x2680
[  122.166765][ T5827]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  122.166830][ T5827]  ? kfree+0x1c1/0x630
[  122.166855][ T5827]  ? f2fs_stop_gc_thread+0x7f/0xb0
[  122.166888][ T5827]  kill_f2fs_super+0x314/0x720
[  122.166916][ T5827]  ? __pfx_kill_f2fs_super+0x10/0x10
[  122.166952][ T5827]  ? lockdep_hardirqs_on+0x7a/0x110
[  122.166994][ T5827]  deactivate_locked_super+0xbc/0x130
[  122.167024][ T5827]  cleanup_mnt+0x437/0x4d0
[  122.167043][ T5827]  ? _raw_spin_unlock_irq+0x23/0x50
[  122.167072][ T5827]  task_work_run+0x1d9/0x270
[  122.167096][ T5827]  ? __pfx_task_work_run+0x10/0x10
[  122.167129][ T5827]  exit_to_user_mode_loop+0xed/0x480
[  122.167150][ T5827]  ? rcu_is_watching+0x15/0xb0
[  122.167180][ T5827]  do_syscall_64+0x32d/0xf80
[  122.167207][ T5827]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  122.167225][ T5827]  ? clear_bhb_loop+0x40/0x90
[  122.167249][ T5827]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  122.167266][ T5827] RIP: 0033:0x7feaec39d1d7
[  122.167285][ T5827] Code: a2 c7 05 bc e3 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8
[  122.167300][ T5827] RSP: 002b:00007ffdcfb88878 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  122.167320][ T5827] RAX: 0000000000000000 RBX: 00007feaec431c3b RCX: 00007feaec39d1d7
[  122.167332][ T5827] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffdcfb88930
[  122.167343][ T5827] RBP: 00007ffdcfb88930 R08: 00007ffdcfb89930 R09: 00000000ffffffff
[  122.167355][ T5827] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffdcfb899c0
[  122.167365][ T5827] R13: 00007feaec431c3b R14: 000000000001d83a R15: 00007ffdcfb89a00
[  122.167398][ T5827]  </TASK>
[  122.167406][ T5827] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  122.419882][ T6097] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  122.601706][ T6355] loop0: detected capacity change from 0 to 512
[  122.685090][ T6355] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  122.745077][ T6355] ext4 filesystem being mounted at /30/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  122.917339][   T30] audit: type=1326 audit(1770822921.971:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6369 comm="syz.2.116" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7feaec395d97 code=0x7ffc0000
[  122.920018][ T6371] fuse: Bad value for 'user_id'
[  122.970177][ T6371] fuse: Bad value for 'user_id'
[  122.975918][   T30] audit: type=1326 audit(1770822921.971:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6369 comm="syz.2.116" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7feaec33d399 code=0x7ffc0000
[  123.008236][   T30] audit: type=1326 audit(1770822921.971:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6369 comm="syz.2.116" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7feaec395d97 code=0x7ffc0000
[  123.009623][ T5823] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  123.053721][   T30] audit: type=1326 audit(1770822921.971:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6369 comm="syz.2.116" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7feaec33d399 code=0x7ffc0000
[  123.139595][   T30] audit: type=1326 audit(1770822921.971:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6369 comm="syz.2.116" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7feaec395d97 code=0x7ffc0000
[  123.224972][   T30] audit: type=1326 audit(1770822921.971:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6369 comm="syz.2.116" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7feaec33d399 code=0x7ffc0000
[  123.257584][   T30] audit: type=1326 audit(1770822921.971:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6369 comm="syz.2.116" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7feaec395d97 code=0x7ffc0000
[  123.340961][   T30] audit: type=1326 audit(1770822921.971:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6369 comm="syz.2.116" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7feaec33d399 code=0x7ffc0000
[  123.380558][   T30] audit: type=1326 audit(1770822921.971:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6369 comm="syz.2.116" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7feaec395d97 code=0x7ffc0000
[  123.413759][   T30] audit: type=1326 audit(1770822921.971:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6369 comm="syz.2.116" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7feaec33d399 code=0x7ffc0000
[  123.437211][ T1037] bridge_slave_1: left allmulticast mode
[  123.444652][ T1037] bridge_slave_1: left promiscuous mode
[  123.459778][ T1037] bridge0: port 2(bridge_slave_1) entered disabled state
[  124.092641][ T5839] Bluetooth: hci2: command tx timeout
[  124.386491][ T1037] bridge_slave_0: left allmulticast mode
[  124.386537][ T1037] bridge_slave_0: left promiscuous mode
[  124.386807][ T1037] bridge0: port 1(bridge_slave_0) entered disabled state
[  124.761117][ T1037] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  124.942761][ T1037] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  125.102906][ T1037] bond0 (unregistering): Released all slaves
[  125.778395][ T6390] loop0: detected capacity change from 0 to 1024
[  125.826432][ T6390] EXT4-fs: Ignoring removed bh option
[  126.111110][ T6390] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  126.152205][ T5839] Bluetooth: hci2: command tx timeout
[  127.127923][ T6097] 8021q: adding VLAN 0 to HW filter on device bond0
[  127.317927][ T5823] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  127.404339][ T6332] chnl_net:caif_netlink_parms(): no params data found
[  128.223945][ T5839] Bluetooth: hci2: command tx timeout
[  128.574306][ T1037] hsr_slave_0: left promiscuous mode
[  128.613090][ T1037] hsr_slave_1: left promiscuous mode
[  128.639699][ T1037] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  128.699664][ T1037] batman_adv: batadv0: Removing interface: batadv_slave_0
[  128.773717][ T1037] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  128.806595][ T1037] batman_adv: batadv0: Removing interface: batadv_slave_1
[  128.926608][ T1037] veth1_macvtap: left promiscuous mode
[  128.934646][ T1037] veth0_macvtap: left promiscuous mode
[  128.940896][ T1037] veth1_vlan: left promiscuous mode
[  129.943165][ T1037] veth0_vlan: left promiscuous mode
[  130.062794][ T6441] loop0: detected capacity change from 0 to 1024
[  130.095674][ T6441] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  130.155232][ T6441] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  130.215000][ T6441] EXT4-fs (loop0): can't mount with journal_checksum, fs mounted w/o journal
[  130.787717][ T1037] team0 (unregistering): Port device team_slave_1 removed
[  130.841840][ T1037] team0 (unregistering): Port device team_slave_0 removed
[  131.089249][ T6443] loop2: detected capacity change from 0 to 256
[  131.125764][ T6443] exfat: Deprecated parameter 'utf8'
[  131.131145][ T6443] exfat: Deprecated parameter 'utf8'
[  131.154211][ T6443] exfat: Deprecated parameter 'utf8'
[  131.204637][ T6443] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x11bbdf60, utbl_chksum : 0xe619d30d)
[  131.409373][ T6097] 8021q: adding VLAN 0 to HW filter on device team0
[  131.596561][   T49] bridge0: port 1(bridge_slave_0) entered blocking state
[  131.603905][   T49] bridge0: port 1(bridge_slave_0) entered forwarding state
[  131.727323][ T6456] netlink: 'syz.2.135': attribute type 1 has an invalid length.
[  131.895887][ T6456] 8021q: adding VLAN 0 to HW filter on device bond1
[  131.948981][   T77] bridge0: port 2(bridge_slave_1) entered blocking state
[  131.956281][   T77] bridge0: port 2(bridge_slave_1) entered forwarding state
[  132.011087][ T6332] bridge0: port 1(bridge_slave_0) entered blocking state
[  132.018758][ T6332] bridge0: port 1(bridge_slave_0) entered disabled state
[  132.026756][ T6332] bridge_slave_0: entered allmulticast mode
[  132.036318][ T6332] bridge_slave_0: entered promiscuous mode
[  132.059891][ T6332] bridge0: port 2(bridge_slave_1) entered blocking state
[  132.076278][ T6332] bridge0: port 2(bridge_slave_1) entered disabled state
[  132.114533][ T6332] bridge_slave_1: entered allmulticast mode
[  132.140241][ T6332] bridge_slave_1: entered promiscuous mode
[  132.306636][ T6332] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  132.349082][ T6332] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  132.656805][ T6097] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  132.667349][ T6097] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  132.936001][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  132.946839][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  133.414299][ T6332] team0: Port device team_slave_0 added
[  133.518836][ T6332] team0: Port device team_slave_1 added
[  133.811496][ T6332] batman_adv: batadv0: Adding interface: batadv_slave_0
[  133.818755][ T6332] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  133.841329][ T6486] loop0: detected capacity change from 0 to 512
[  133.857307][ T6332] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  133.876762][ T6486] EXT4-fs: Ignoring removed bh option
[  133.926920][ T6486] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  134.007101][ T6332] batman_adv: batadv0: Adding interface: batadv_slave_1
[  134.611542][ T6332] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  134.681051][ T6486] EXT4-fs (loop0): 1 truncate cleaned up
[  134.742639][ T6486] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  134.754922][ T6332] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  135.007137][ T6332] hsr_slave_0: entered promiscuous mode
[  135.031142][ T6332] hsr_slave_1: entered promiscuous mode
[  135.051039][ T6332] debugfs: 'hsr0' already exists in 'hsr'
[  135.075135][ T6332] Cannot create hsr debugfs directory
[  135.226362][ T5823] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  135.513892][ T6514] loop0: detected capacity change from 0 to 1024
[  135.522431][ T6514] EXT4-fs: Ignoring removed bh option
[  135.535435][ T6514] ext4: Bad value for 'max_batch_time'
[  135.760111][   T10] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[  135.779542][ T6097] 8021q: adding VLAN 0 to HW filter on device batadv0
[  136.614828][   T10] usb 4-1: Using ep0 maxpacket: 16
[  136.679227][   T10] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  136.706786][   T10] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  136.737072][   T10] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  136.758426][   T10] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  136.776651][   T10] usb 4-1: Product: syz
[  136.800915][   T10] usb 4-1: Manufacturer: syz
[  136.805560][   T10] usb 4-1: SerialNumber: syz
[  136.861780][ T6332] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  136.958733][ T6332] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  136.998235][ T6332] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  137.022452][ T6332] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  137.085340][   T10] usb 4-1: 0:2 : does not exist
[  137.114061][   T10] usb 4-1: 5:0: failed to get current value for ch 0 (-22)
[  137.252851][   T10] usb 4-1: USB disconnect, device number 2
[  137.391678][ T6063] udevd[6063]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  137.787105][ T6097] veth0_vlan: entered promiscuous mode
[  138.490109][ T6097] veth1_vlan: entered promiscuous mode
[  138.604392][ T6332] 8021q: adding VLAN 0 to HW filter on device bond0
[  138.778655][ T6097] veth0_macvtap: entered promiscuous mode
[  138.819924][ T6332] 8021q: adding VLAN 0 to HW filter on device team0
[  138.852783][ T6097] veth1_macvtap: entered promiscuous mode
[  138.877187][ T6339] bridge0: port 1(bridge_slave_0) entered blocking state
[  138.884466][ T6339] bridge0: port 1(bridge_slave_0) entered forwarding state
[  138.946642][ T6339] bridge0: port 2(bridge_slave_1) entered blocking state
[  138.953919][ T6339] bridge0: port 2(bridge_slave_1) entered forwarding state
[  139.040940][ T6097] batman_adv: batadv0: Interface activated: batadv_slave_0
[  139.081227][ T6097] batman_adv: batadv0: Interface activated: batadv_slave_1
[  139.151446][ T6339] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  139.214223][ T6339] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  139.244383][ T6339] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  139.325671][ T6339] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  140.353161][ T6560] syz.0.158 (6560): /proc/6559/oom_adj is deprecated, please use /proc/6559/oom_score_adj instead.
[  140.698867][ T6580] loop3: detected capacity change from 0 to 512
[  140.727328][ T6580] EXT4-fs: Ignoring removed mblk_io_submit option
[  140.769845][ T6580] EXT4-fs (loop3): Test dummy encryption mode enabled
[  140.805369][ T6580] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  140.882399][ T6580] EXT4-fs (loop3): 1 truncate cleaned up
[  140.897916][ T6580] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  140.908389][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  140.973616][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  141.147611][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  141.162559][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  141.328154][ T5837] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  141.353935][ T6332] 8021q: adding VLAN 0 to HW filter on device batadv0
[  141.561880][ T6600] input: syz1 as /devices/virtual/input/input5
[  141.618687][ T6601] loop5: detected capacity change from 0 to 1024
[  141.718822][ T6601] EXT4-fs (loop5): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  141.817301][ T6601] ext4 filesystem being mounted at /0/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  142.098979][ T6097] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  142.561629][ T6623] loop5: detected capacity change from 0 to 512
[  142.906054][ T6623] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  143.116229][ T6623] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  143.166090][ T6623] ext4 filesystem being mounted at /1/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  143.259166][ T6332] veth0_vlan: entered promiscuous mode
[  143.338685][ T6332] veth1_vlan: entered promiscuous mode
[  143.360549][ T6634] loop2: detected capacity change from 0 to 256
[  143.386772][ T6097] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  143.513676][ T6634] FAT-fs (loop2): Directory bread(block 64) failed
[  143.520295][ T6634] FAT-fs (loop2): Directory bread(block 65) failed
[  143.592143][ T6634] FAT-fs (loop2): Directory bread(block 66) failed
[  143.604410][ T6332] veth0_macvtap: entered promiscuous mode
[  143.624917][ T6638] loop5: detected capacity change from 0 to 1024
[  143.641401][ T6634] FAT-fs (loop2): Directory bread(block 67) failed
[  143.658865][ T6634] FAT-fs (loop2): Directory bread(block 68) failed
[  143.682576][ T6634] FAT-fs (loop2): Directory bread(block 69) failed
[  143.684382][ T6638] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  143.699740][ T6634] FAT-fs (loop2): Directory bread(block 70) failed
[  143.711920][ T6634] FAT-fs (loop2): Directory bread(block 71) failed
[  143.737573][ T6332] veth1_macvtap: entered promiscuous mode
[  143.757242][ T6638] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:4224: comm syz.5.173: Allocating blocks 449-513 which overlap fs metadata
[  143.770688][ T6332] batman_adv: batadv0: Interface activated: batadv_slave_0
[  143.779442][ T6634] FAT-fs (loop2): Directory bread(block 72) failed
[  143.786489][ T6634] FAT-fs (loop2): Directory bread(block 73) failed
[  143.842633][ T6332] batman_adv: batadv0: Interface activated: batadv_slave_1
[  143.925806][   T13] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  143.987362][   T13] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  144.012528][   T13] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  144.040506][   T13] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  144.204984][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  144.238640][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  144.284314][ T6619] loop3: detected capacity change from 0 to 40427
[  144.317619][ T6619] F2FS-fs (loop3): invalid crc value
[  144.324197][ T6648] loop0: detected capacity change from 0 to 1024
[  144.337198][ T6648] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem
[  144.357334][ T6648] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  144.373831][ T6648] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (59422!=20869)
[  144.387773][ T6648] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  144.397012][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  144.443850][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  144.465935][ T6648] EXT4-fs error (device loop0): ext4_get_journal_inode:5865: inode #17: comm syz.0.174: iget: bad i_size value: 4398046511204
[  144.466072][ T6097] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  144.598185][ T6648] loop0: lost file I/O error report for ino 17 type 5 pos 0x0 len 0x0 error -117
[  144.606488][ T6648] EXT4-fs (loop0): no journal found
[  144.615746][    C1] EXT4-fs (loop0): error count since last fsck: 1
[  144.615785][    C1] EXT4-fs (loop0): initial error at time 1771347231: ext4_get_journal_inode:5865: inode 17
[  144.615820][    C1] EXT4-fs (loop0): last error at time 1771347231: ext4_get_journal_inode:5865: inode 17
[  144.748867][ T6656] loop5: detected capacity change from 0 to 256
[  144.933384][ T6619] F2FS-fs (loop3): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  144.981095][ T6619] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  145.280286][ T6665] loop0: detected capacity change from 0 to 4096
[  145.359350][ T6665] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  146.558878][ T6677] loop6: detected capacity change from 0 to 512
[  146.654116][ T5823] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  146.664801][   T30] kauditd_printk_skb: 2115 callbacks suppressed
[  146.664820][   T30] audit: type=1326 audit(1771347234.029:2128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6678 comm="syz.5.181" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc93d79bf79 code=0x7ffc0000
[  146.734958][   T30] audit: type=1326 audit(1771347234.029:2129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6678 comm="syz.5.181" exe="/root/syz-executor" sig=0 arch=c000003e syscall=37 compat=0 ip=0x7fc93d79bf79 code=0x7ffc0000
[  146.773265][ T6677] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  146.803692][   T30] audit: type=1326 audit(1771347234.029:2130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6678 comm="syz.5.181" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc93d79bf79 code=0x7ffc0000
[  146.834338][   T30] audit: type=1326 audit(1771347234.029:2131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6678 comm="syz.5.181" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc93d79bf79 code=0x7ffc0000
[  146.859371][   T30] audit: type=1326 audit(1771347234.029:2132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6678 comm="syz.5.181" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fc93d75c84e code=0x7ffc0000
[  146.891362][   T30] audit: type=1326 audit(1771347234.039:2133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6678 comm="syz.5.181" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fc93d79bc0b code=0x7ffc0000
[  146.914688][   T30] audit: type=1326 audit(1771347234.039:2134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6678 comm="syz.5.181" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fc93d79bc0b code=0x7ffc0000
[  146.943483][ T6685] netlink: 16 bytes leftover after parsing attributes in process `syz.2.176'.
[  146.966755][  T797] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  147.011664][   T30] audit: type=1326 audit(1771347234.039:2135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6678 comm="syz.5.181" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fc93d79bc0b code=0x7ffc0000
[  147.026110][ T6687] binder: 6686:6687 ioctl c0306201 2000000003c0 returned -14
[  147.089121][ T6332] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  147.106998][   T30] audit: type=1326 audit(1771347234.039:2136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6678 comm="syz.5.181" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fc93d79bc0b code=0x7ffc0000
[  147.144512][  T797] usb 6-1: Using ep0 maxpacket: 16
[  147.184832][  T797] usb 6-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7
[  147.203732][   T30] audit: type=1326 audit(1771347234.201:2137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6678 comm="syz.5.181" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fc93d79bc0b code=0x7ffc0000
[  147.215986][  T797] usb 6-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0
[  147.297590][  T797] usb 6-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  147.358207][  T797] usb 6-1: config 1 interface 2 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[  147.428399][ T6695] loop0: detected capacity change from 0 to 1024
[  147.433707][  T797] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  147.463391][  T797] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  147.466285][ T6695] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  147.491694][ T6695] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4224: comm syz.0.184: Allocating blocks 449-513 which overlap fs metadata
[  147.508464][  T797] usb 6-1: Product: syz
[  147.521112][  T797] usb 6-1: Manufacturer: syz
[  147.525757][  T797] usb 6-1: SerialNumber: syz
[  147.944029][ T6707] loop3: detected capacity change from 0 to 512
[  147.956989][ T6707] EXT4-fs: Ignoring removed orlov option
[  147.963108][ T6707] ext4: Unknown parameter 'smackfsfloor'
[  148.956045][ T5823] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  150.285430][  T797] usb 6-1: USB disconnect, device number 2
[  150.405945][ T5872] udevd[5872]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  150.741387][ T6741] loop2: detected capacity change from 0 to 256
[  150.862838][ T6741] FAT-fs (loop2): Directory bread(block 64) failed
[  150.902276][ T6741] FAT-fs (loop2): Directory bread(block 65) failed
[  150.914820][ T6741] FAT-fs (loop2): Directory bread(block 66) failed
[  150.931953][ T6741] FAT-fs (loop2): Directory bread(block 67) failed
[  150.941832][ T6741] FAT-fs (loop2): Directory bread(block 68) failed
[  150.954308][ T6741] FAT-fs (loop2): Directory bread(block 69) failed
[  150.971141][ T6741] FAT-fs (loop2): Directory bread(block 70) failed
[  151.020079][ T6741] FAT-fs (loop2): Directory bread(block 71) failed
[  151.050348][ T6741] FAT-fs (loop2): Directory bread(block 72) failed
[  151.078666][ T6741] FAT-fs (loop2): Directory bread(block 73) failed
[  151.183521][ T5966] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  152.783648][ T6749] loop5: detected capacity change from 0 to 40427
[  152.825696][ T5839] Bluetooth: hci5: command 0x1003 tx timeout
[  152.847990][ T5142] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  152.880174][ T6749] F2FS-fs (loop5): build fault injection rate: 771
[  152.890251][ T6749] F2FS-fs (loop5): invalid crc value
[  153.310830][ T6749] F2FS-fs (loop5): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  153.357404][ T5966] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  153.469774][ T6749] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  154.128696][ T5966] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  154.182304][ T5966] usb 1-1: New USB device found, idVendor=0fc5, idProduct=b080, bcdDevice= 0.00
[  154.402157][ T5966] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  154.456125][ T5966] usb 1-1: config 0 descriptor??
[  154.503295][ T5966] usb 1-1: can't set config #0, error -71
[  154.533121][ T5966] usb 1-1: USB disconnect, device number 3
[  154.638433][ T6763] loop3: detected capacity change from 0 to 1024
[  154.825194][ T6763] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  155.106314][ T5837] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  156.361257][ T6794] loop5: detected capacity change from 0 to 512
[  156.577548][ T6799] netlink: 16 bytes leftover after parsing attributes in process `syz.0.204'.
[  156.819938][ T6794] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  156.932776][ T6794] EXT4-fs error (device loop5): ext4_orphan_get:1417: comm syz.5.200: bad orphan inode 18
[  156.977024][ T6794] loop5: lost filesystem error report for type 5 error -117
[  156.978173][    C1] EXT4-fs (loop5): error count since last fsck: 1
[  156.992072][    C1] EXT4-fs (loop5): initial error at time 1771347244: ext4_orphan_get:1417
[  157.000745][    C1] EXT4-fs (loop5): last error at time 1771347244: ext4_orphan_get:1417
[  157.009762][ T6794] ext4_test_bit(bit=17, block=4) = 0
[  157.016934][ T6794] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  157.053490][ T6794] EXT4-fs error (device loop5): ext4_append:79: inode #2: comm syz.5.200: Logical block already allocated
[  157.195858][ T6097] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  157.558066][ T6812] loop5: detected capacity change from 0 to 512
[  157.843376][ T6815] loop0: detected capacity change from 0 to 1024
[  158.453533][ T6815] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  158.470659][ T6815] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4224: comm syz.0.210: Allocating blocks 449-513 which overlap fs metadata
[  158.649016][ T5823] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  158.726898][ T6823] loop5: detected capacity change from 0 to 256
[  158.779358][ T6823] exfat: Deprecated parameter 'utf8'
[  158.795336][ T6823] exfat: Deprecated parameter 'utf8'
[  158.810672][ T6823] exfat: Deprecated parameter 'utf8'
[  158.922396][ T6827] hub 8-0:1.0: USB hub found
[  158.929572][ T6827] hub 8-0:1.0: 1 port detected
[  159.547432][ T6823] exFAT-fs (loop5): failed to load upcase table (idx : 0x00011f3f, chksum : 0x96b62a4c, utbl_chksum : 0xe619d30d)
[  159.846273][ T6836] exFAT-fs (loop5): error, exfat_zeroed_cluster: out of range(sect:248 len:8)
[  159.873407][ T6839] loop3: detected capacity change from 0 to 1024
[  159.880819][ T6839] EXT4-fs: Ignoring removed mblk_io_submit option
[  159.931473][ T6836] exFAT-fs (loop5): Filesystem has been set read-only
[  159.995574][ T6839] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  160.212374][   T10] usb 1-1: new full-speed USB device number 4 using dummy_hcd
[  160.284285][ T6839] EXT4-fs error (device loop3): ext4_xattr_inode_iget:441: comm syz.3.216: inode #117440512: comm syz.3.216: iget: illegal inode #
[  160.363580][ T6839] EXT4-fs error (device loop3): ext4_xattr_inode_iget:446: comm syz.3.216: error while reading EA inode 117440512 err=-117
[  160.489032][   T10] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64
[  160.542814][   T10] usb 1-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00
[  160.585692][   T10] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  160.651468][   T10] usb 1-1: config 0 descriptor??
[  160.672228][ T5837] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  160.747831][ T6842] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  160.921001][ T6863] loop3: detected capacity change from 0 to 512
[  160.931760][ T6863] EXT4-fs: Ignoring removed nobh option
[  161.070275][ T6863] EXT4-fs error (device loop3): ext4_xattr_inode_iget:441: inode #11: comm syz.3.222: iget: bad extra_isize 90 (inode size 256)
[  161.136983][ T6863] loop3: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117
[  161.145426][    C1] EXT4-fs (loop3): error count since last fsck: 1
[  161.161106][    C1] EXT4-fs (loop3): initial error at time 1771347248: ext4_xattr_inode_iget:441: inode 11
[  161.171005][    C1] EXT4-fs (loop3): last error at time 1771347248: ext4_xattr_inode_iget:441: inode 11
[  161.264043][ T6863] EXT4-fs error (device loop3): ext4_xattr_inode_iget:446: comm syz.3.222: error while reading EA inode 11 err=-117
[  161.587195][ T6863] loop3: lost filesystem error report for type 5 error -117
[  161.589052][ T6863] EXT4-fs error (device loop3): ext4_xattr_inode_iget:441: inode #11: comm syz.3.222: iget: bad extra_isize 90 (inode size 256)
[  161.623466][ T6869] loop2: detected capacity change from 0 to 1024
[  161.698209][ T6869] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  161.717721][ T6869] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4224: comm syz.2.223: Allocating blocks 449-513 which overlap fs metadata
[  161.747185][ T6863] loop3: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117
[  161.759507][ T6863] EXT4-fs error (device loop3): ext4_xattr_inode_iget:446: comm syz.3.222: error while reading EA inode 11 err=-117
[  161.812726][   T10] elan 0003:04F3:0755.0001: unknown main item tag 0x1
[  161.835146][   T10] elan 0003:04F3:0755.0001: hidraw0: USB HID v1.01 Device [HID 04f3:0755] on usb-dummy_hcd.0-1/input0
[  161.851747][ T6863] loop3: lost filesystem error report for type 5 error -117
[  161.852384][ T5827] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  161.872134][ T6863] EXT4-fs error (device loop3): ext4_xattr_inode_iget:441: inode #18: comm syz.3.222: iget: bad extra_isize 90 (inode size 256)
[  161.931067][ T6863] loop3: lost file I/O error report for ino 18 type 5 pos 0x0 len 0x0 error -117
[  161.931862][ T6863] EXT4-fs error (device loop3): ext4_xattr_inode_iget:446: comm syz.3.222: error while reading EA inode 18 err=-117
[  161.978628][ T6863] loop3: lost filesystem error report for type 5 error -117
[  161.979210][ T6863] EXT4-fs error (device loop3): ext4_xattr_inode_iget:441: inode #18: comm syz.3.222: iget: bad extra_isize 90 (inode size 256)
[  161.985900][ T6878] loop6: detected capacity change from 0 to 512
[  162.047116][ T6863] loop3: lost file I/O error report for ino 18 type 5 pos 0x0 len 0x0 error -117
[  162.053484][ T6863] EXT4-fs error (device loop3): ext4_xattr_inode_iget:446: comm syz.3.222: error while reading EA inode 18 err=-117
[  162.071218][ T6878] EXT4-fs: Ignoring removed i_version option
[  162.133830][ T6878] EXT4-fs: Ignoring removed bh option
[  162.166909][ T6863] loop3: lost filesystem error report for type 5 error -117
[  162.176037][ T6863] EXT4-fs (loop3): 1 orphan inode deleted
[  162.213175][   T10] usb 1-1: USB disconnect, device number 4
[  162.249580][ T6878] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  162.318411][ T6863] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  162.359909][ T5966] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  162.384740][ T6878] ext4 filesystem being mounted at /9/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  162.494590][ T6863] EXT4-fs error (device loop3): htree_dirblock_to_tree:1080: inode #2: block 13: comm syz.3.222: bad entry in directory: directory entry overrun - offset=76, inode=0, rec_len=1024, size=1024 fake=0
[  162.562446][ T6332] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  162.580467][ T5966] usb 6-1: Using ep0 maxpacket: 32
[  162.590388][ T5966] usb 6-1: config index 0 descriptor too short (expected 29220, got 36)
[  162.623932][ T5966] usb 6-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  162.632804][ T5966] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 81
[  162.641531][ T5837] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  162.642111][ T5966] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  162.663137][ T5966] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  162.683345][ T5966] usb 6-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  162.711980][ T5966] usb 6-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  162.762279][ T5966] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  162.829036][ T5966] usb 6-1: config 0 descriptor??
[  162.991417][ T6905] loop3: detected capacity change from 0 to 4096
[  163.028414][ T6905] EXT4-fs: Ignoring removed mblk_io_submit option
[  163.095593][ T6905] EXT4-fs (loop3): Test dummy encryption mode enabled
[  163.110277][ T5966] usblp 6-1:0.0: usblp0: USB Bidirectional printer dev 3 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  163.153636][ T6905] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  163.160002][ T6902] loop0: detected capacity change from 0 to 8192
[  163.213813][ T6912] loop2: detected capacity change from 0 to 512
[  163.261677][ T6912] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  164.920606][ T6936] loop0: detected capacity change from 0 to 512
[  164.940392][ T6936] EXT4-fs: Ignoring removed mblk_io_submit option
[  164.964877][   T91] usb 6-1: USB disconnect, device number 3
[  164.966226][ T6936] EXT4-fs (loop0): Test dummy encryption mode enabled
[  165.009894][ T6936] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  165.016964][   T91] usblp0: removed
[  165.073596][ T6936] EXT4-fs (loop0): 1 truncate cleaned up
[  165.108112][ T6936] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  165.370007][ T5823] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  165.495108][ T6905] fscrypt: AES-256-CBC-CTS using implementation "cts-cbc-aes-aesni"
[  165.686296][ T6952] loop0: detected capacity change from 0 to 256
[  165.734395][    T0] NOHZ tick-stop error: local softirq work is pending, handler #10!!!
[  165.744886][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  165.753681][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  166.250205][    T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!!
[  166.250362][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  166.352350][    T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!!
[  166.424731][    T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!!
[  166.425495][    T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!!
[  166.433084][    T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!!
[  166.454362][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  167.150128][ T6952] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  167.213281][ T5837] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  167.231388][ T6952] exFAT-fs (loop0): Medium has reported failures. Some data may be lost.
[  167.286301][ T6952] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000ff98, chksum : 0xc64c1d22, utbl_chksum : 0xe619d30d)
[  167.347905][ T6952] exFAT-fs (loop0): failed to load alloc-bitmap
[  167.378414][ T6952] exFAT-fs (loop0): failed to recognize exfat type
[  168.631397][ T5827] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  169.468193][ T6982] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  169.582082][ T6984] loop2: detected capacity change from 0 to 128
[  169.598804][ T6985] loop0: detected capacity change from 0 to 256
[  169.649850][ T6985] exfat: Deprecated parameter 'namecase'
[  169.708489][ T6985] exfat: Deprecated parameter 'utf8'
[  169.742286][   T30] kauditd_printk_skb: 27 callbacks suppressed
[  169.742305][   T30] audit: type=1804 audit(1771347257.245:2165): pid=6982 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.245" name="/newroot/59/file0/bus" dev="loop2" ino=1048621 res=1 errno=0
[  169.876369][ T6985] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x22785e93, utbl_chksum : 0xe619d30d)
[  170.526154][ T6995] loop0: detected capacity change from 0 to 1024
[  170.609948][ T6995] EXT4-fs: Ignoring removed bh option
[  170.646845][ T6995] ext4: Bad value for 'max_batch_time'
[  170.656649][ T7001] loop6: detected capacity change from 0 to 1024
[  170.859434][ T7001] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  171.244871][ T6332] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  172.522824][ T7029] loop5: detected capacity change from 0 to 512
[  172.593697][ T7029] EXT4-fs (loop5): 1 truncate cleaned up
[  172.669161][ T7029] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  172.798822][   T30] audit: type=1800 audit(1771347260.312:2166): pid=7029 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.257" name="file1" dev="loop5" ino=13 res=0 errno=0
[  172.816573][ T5912] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  172.935626][ T7043] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.257: bg 0: block 465: padding at end of block bitmap is not set
[  172.987912][ T5912] usb 4-1: Using ep0 maxpacket: 8
[  173.028682][ T7043] EXT4-fs (loop5): Delayed block allocation failed for inode 13 at logical offset 2 with max blocks 2 with error 28
[  173.053897][ T7043] EXT4-fs (loop5): This should not happen!! Data will be lost
[  173.053897][ T7043] 
[  173.055490][ T5912] usb 4-1: config 1 interface 0 altsetting 210 bulk endpoint 0x82 has invalid maxpacket 1024
[  173.124798][ T7043] EXT4-fs (loop5): Total free blocks count 0
[  173.141036][ T7043] EXT4-fs (loop5): Free/Dirty block details
[  173.159805][ T5912] usb 4-1: config 1 interface 0 altsetting 210 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  173.176922][ T7043] EXT4-fs (loop5): free_blocks=0
[  173.196768][ T7043] EXT4-fs (loop5): dirty_blocks=2
[  173.205683][ T5912] usb 4-1: config 1 interface 0 has no altsetting 0
[  173.232942][ T7043] EXT4-fs (loop5): Block reservation details
[  173.245821][ T7043] EXT4-fs (loop5): i_reserved_data_blocks=2
[  173.318362][ T7047] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #13: comm syz.5.257: invalid indirect mapped block 234881024 (level 0)
[  173.560470][ T5912] usb 4-1: string descriptor 0 read error: -22
[  173.575422][ T5912] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  173.584505][ T5912] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  173.617240][ T7026] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  173.654625][ T7026] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  173.679083][ T5912] cdc_ether 4-1:1.0: probe with driver cdc_ether failed with error -22
[  173.928114][ T5912] usb 4-1: USB disconnect, device number 3
[  173.948918][ T7059] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  173.986706][ T6097] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  174.113019][ T7049] binder_alloc: 7048: binder_alloc_buf size -888 failed, no address space
[  174.134096][ T7049] binder_alloc: allocated: 0 (num: 0 largest: 0), free: 12288 (num: 1 largest: 12288)
[  174.286535][ T7067] loop2: detected capacity change from 0 to 2048
[  174.350966][ T7069] loop0: detected capacity change from 0 to 512
[  174.394146][ T7067] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  174.418020][ T7069] FAT-fs (loop0): Directory bread(block 199916) failed
[  174.440691][ T7069] FAT-fs (loop0): Directory bread(block 199917) failed
[  174.512157][ T7069] FAT-fs (loop0): Directory bread(block 199918) failed
[  174.552845][ T7069] FAT-fs (loop0): Directory bread(block 199919) failed
[  174.567470][ T7069] FAT-fs (loop0): Directory bread(block 199920) failed
[  175.825005][ T7069] FAT-fs (loop0): Directory bread(block 199921) failed
[  175.852597][ T7069] FAT-fs (loop0): Directory bread(block 199922) failed
[  175.859531][ T7069] FAT-fs (loop0): Directory bread(block 199923) failed
[  177.102051][ T7089] loop2: detected capacity change from 0 to 512
[  177.193403][ T7089] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  177.291155][ T7089] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  177.418528][ T7089] ext4 filesystem being mounted at /67/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  177.466241][ T7100] loop0: detected capacity change from 0 to 128
[  178.677718][ T7100] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  179.165095][ T7100] ext4 filesystem being mounted at /73/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  179.210988][ T5827] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  179.307003][ T7100] 
[  179.309393][ T7100] ======================================================
[  179.316429][ T7100] WARNING: possible circular locking dependency detected
[  179.323466][ T7100] syzkaller #0 Not tainted
[  179.327894][ T7100] ------------------------------------------------------
[  179.335094][ T7100] syz.0.274/7100 is trying to acquire lock:
[  179.340981][ T7100] ffff888052f7c610 (sb_internal){++++}-{0:0}, at: ext4_evict_inode+0x274/0xeb0
[  179.349954][ T7100] 
[  179.349954][ T7100] but task is already holding lock:
[  179.357311][ T7100] ffff888056a80b98 (&sbi->s_writepages_rwsem){++++}-{0:0}, at: ext4_ext_migrate+0x308/0x1140
[  179.367489][ T7100] 
[  179.367489][ T7100] which lock already depends on the new lock.
[  179.367489][ T7100] 
[  179.377885][ T7100] 
[  179.377885][ T7100] the existing dependency chain (in reverse order) is:
[  179.386892][ T7100] 
[  179.386892][ T7100] -> #1 (&sbi->s_writepages_rwsem){++++}-{0:0}:
[  179.395319][ T7100]        percpu_down_read_internal+0x48/0x1c0
[  179.401390][ T7100]        ext4_writepages+0x205/0x3b0
[  179.406677][ T7100]        do_writepages+0x32e/0x550
[  179.411805][ T7100]        __writeback_single_inode+0x133/0x11a0
[  179.418005][ T7100]        writeback_single_inode+0x4ac/0xdc0
[  179.423913][ T7100]        write_inode_now+0x1c2/0x290
[  179.429292][ T7100]        iput+0x8c1/0xe80
[  179.433629][ T7100]        ext4_xattr_block_set+0x1fd4/0x2ad0
[  179.439523][ T7100]        ext4_expand_extra_isize_ea+0x12cf/0x1ea0
[  179.445943][ T7100]        __ext4_expand_extra_isize+0x30d/0x400
[  179.452099][ T7100]        __ext4_mark_inode_dirty+0x45c/0x730
[  179.458080][ T7100]        ext4_evict_inode+0x7a1/0xeb0
[  179.463455][ T7100]        evict+0x61e/0xb10
[  179.467867][ T7100]        ext4_orphan_cleanup+0xc38/0x1470
[  179.473590][ T7100]        ext4_fill_super+0x59ff/0x6320
[  179.479049][ T7100]        get_tree_bdev_flags+0x431/0x4f0
[  179.484682][ T7100]        vfs_get_tree+0x92/0x2a0
[  179.489620][ T7100]        do_new_mount+0x341/0xd30
[  179.494651][ T7100]        __se_sys_mount+0x31d/0x420
[  179.499859][ T7100]        do_syscall_64+0x14d/0xf80
[  179.505409][ T7100]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  179.511827][ T7100] 
[  179.511827][ T7100] -> #0 (sb_internal){++++}-{0:0}:
[  179.519128][ T7100]        __lock_acquire+0x15a5/0x2cf0
[  179.524511][ T7100]        lock_acquire+0xf0/0x2e0
[  179.529450][ T7100]        percpu_down_read_internal+0x48/0x1c0
[  179.535523][ T7100]        ext4_evict_inode+0x274/0xeb0
[  179.540911][ T7100]        evict+0x61e/0xb10
[  179.545328][ T7100]        ext4_ext_migrate+0xe2a/0x1140
[  179.550785][ T7100]        ext4_ioctl+0x234c/0x4b30
[  179.555812][ T7100]        __se_sys_ioctl+0xfc/0x170
[  179.560923][ T7100]        do_syscall_64+0x14d/0xf80
[  179.566066][ T7100]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  179.572477][ T7100] 
[  179.572477][ T7100] other info that might help us debug this:
[  179.572477][ T7100] 
[  179.582697][ T7100]  Possible unsafe locking scenario:
[  179.582697][ T7100] 
[  179.590141][ T7100]        CPU0                    CPU1
[  179.595506][ T7100]        ----                    ----
[  179.601062][ T7100]   lock(&sbi->s_writepages_rwsem);
[  179.606263][ T7100]                                lock(sb_internal);
[  179.612852][ T7100]                                lock(&sbi->s_writepages_rwsem);
[  179.620578][ T7100]   rlock(sb_internal);
[  179.624825][ T7100] 
[  179.624825][ T7100]  *** DEADLOCK ***
[  179.624825][ T7100] 
[  179.632971][ T7100] 3 locks held by syz.0.274/7100:
[  179.637998][ T7100]  #0: ffff888052f7c420 (sb_writers#4){++++}-{0:0}, at: mnt_want_write_file+0x60/0x200
[  179.647671][ T7100]  #1: ffff88806d98b3d8 (&sb->s_type->i_mutex_key#12){++++}-{4:4}, at: ext4_ioctl+0x2344/0x4b30
[  179.658122][ T7100]  #2: ffff888056a80b98 (&sbi->s_writepages_rwsem){++++}-{0:0}, at: ext4_ext_migrate+0x308/0x1140
[  179.668755][ T7100] 
[  179.668755][ T7100] stack backtrace:
[  179.674644][ T7100] CPU: 0 UID: 0 PID: 7100 Comm: syz.0.274 Not tainted syzkaller #0 PREEMPT(full) 
[  179.674661][ T7100] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  179.674670][ T7100] Call Trace:
[  179.674676][ T7100]  <TASK>
[  179.674682][ T7100]  dump_stack_lvl+0xe8/0x150
[  179.674703][ T7100]  print_circular_bug+0x2e1/0x300
[  179.674728][ T7100]  check_noncircular+0x12e/0x150
[  179.674751][ T7100]  __lock_acquire+0x15a5/0x2cf0
[  179.674772][ T7100]  ? __asan_memset+0x22/0x50
[  179.674793][ T7100]  ? __dquot_initialize+0x21b/0xd30
[  179.674813][ T7100]  lock_acquire+0xf0/0x2e0
[  179.674829][ T7100]  ? ext4_evict_inode+0x274/0xeb0
[  179.674852][ T7100]  percpu_down_read_internal+0x48/0x1c0
[  179.674868][ T7100]  ? ext4_evict_inode+0x274/0xeb0
[  179.674887][ T7100]  ext4_evict_inode+0x274/0xeb0
[  179.674906][ T7100]  ? inode_wait_for_writeback+0x16d/0x3b0
[  179.674921][ T7100]  ? __pfx_inode_wait_for_writeback+0x10/0x10
[  179.674934][ T7100]  ? do_raw_spin_lock+0x12b/0x2f0
[  179.674949][ T7100]  ? __pfx_ext4_evict_inode+0x10/0x10
[  179.674968][ T7100]  ? do_raw_spin_unlock+0xf5/0x210
[  179.674982][ T7100]  ? __pfx_ext4_evict_inode+0x10/0x10
[  179.675001][ T7100]  evict+0x61e/0xb10
[  179.675018][ T7100]  ? __pfx_evict+0x10/0x10
[  179.675033][ T7100]  ? _raw_spin_unlock+0x28/0x50
[  179.675051][ T7100]  ? iput+0xb25/0xe80
[  179.675071][ T7100]  ext4_ext_migrate+0xe2a/0x1140
[  179.675092][ T7100]  ? __pfx_ext4_ext_migrate+0x10/0x10
[  179.675109][ T7100]  ? __pfx_down_write+0x10/0x10
[  179.675122][ T7100]  ? sb_start_write+0x114/0x1c0
[  179.675136][ T7100]  ? mnt_want_write_file+0x164/0x200
[  179.675150][ T7100]  ext4_ioctl+0x234c/0x4b30
[  179.675178][ T7100]  ? __pfx_ext4_ioctl+0x10/0x10
[  179.675196][ T7100]  ? is_bpf_text_address+0x292/0x2b0
[  179.675211][ T7100]  ? is_bpf_text_address+0x26/0x2b0
[  179.675225][ T7100]  ? kernel_text_address+0xa5/0xe0
[  179.675240][ T7100]  ? __kernel_text_address+0xd/0x30
[  179.675253][ T7100]  ? unwind_get_return_address+0x4d/0x90
[  179.675273][ T7100]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  179.675288][ T7100]  ? arch_stack_walk+0xfb/0x150
[  179.675311][ T7100]  ? stack_trace_save+0xa9/0x100
[  179.675324][ T7100]  ? __pfx_stack_trace_save+0x10/0x10
[  179.675336][ T7100]  ? kasan_save_free_info+0x46/0x50
[  179.675356][ T7100]  ? stack_depot_save_flags+0x33/0x810
[  179.675371][ T7100]  ? format_decode+0xa0/0xe10
[  179.675387][ T7100]  ? kasan_save_track+0x4f/0x80
[  179.675399][ T7100]  ? kasan_save_track+0x3e/0x80
[  179.675492][ T7100]  ? kasan_save_free_info+0x46/0x50
[  179.675518][ T7100]  ? __kasan_slab_free+0x5c/0x80
[  179.675533][ T7100]  ? kfree+0x1c1/0x630
[  179.675552][ T7100]  ? tomoyo_path_number_perm+0x501/0x630
[  179.675574][ T7100]  ? security_file_ioctl+0xc3/0x2a0
[  179.675595][ T7100]  ? __se_sys_ioctl+0x47/0x170
[  179.675609][ T7100]  ? do_syscall_64+0x14d/0xf80
[  179.675628][ T7100]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  179.675650][ T7100]  ? file_ioctl+0x273/0x860
[  179.675665][ T7100]  ? __pfx_file_ioctl+0x10/0x10
[  179.675684][ T7100]  ? kasan_quarantine_put+0xbb/0x1f0
[  179.675711][ T7100]  ? tomoyo_path_number_perm+0x219/0x630
[  179.675733][ T7100]  ? tomoyo_path_number_perm+0x219/0x630
[  179.675766][ T7100]  ? do_vfs_ioctl+0x1166/0x1530
[  179.675782][ T7100]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  179.675807][ T7100]  ? do_futex+0x395/0x420
[  179.675830][ T7100]  ? __fget_files+0x2a/0x420
[  179.675849][ T7100]  ? __fget_files+0x2a/0x420
[  179.675867][ T7100]  ? __fget_files+0x3a0/0x420
[  179.675914][ T7100]  ? __fget_files+0x2a/0x420
[  179.675946][ T7100]  ? bpf_lsm_file_ioctl+0x9/0x20
[  179.675971][ T7100]  ? __pfx_ext4_ioctl+0x10/0x10
[  179.675991][ T7100]  __se_sys_ioctl+0xfc/0x170
[  179.676008][ T7100]  do_syscall_64+0x14d/0xf80
[  179.676027][ T7100]  ? trace_irq_disable+0x3b/0x150
[  179.676058][ T7100]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  179.676072][ T7100]  ? clear_bhb_loop+0x40/0x90
[  179.676088][ T7100]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  179.676102][ T7100] RIP: 0033:0x7f4c3839bf79
[  179.676117][ T7100] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  179.676129][ T7100] RSP: 002b:00007f4c39312028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  179.676145][ T7100] RAX: ffffffffffffffda RBX: 00007f4c38615fa0 RCX: 00007f4c3839bf79
[  179.676157][ T7100] RDX: 0000000000000000 RSI: 0000000000006609 RDI: 0000000000000004
[  179.676166][ T7100] RBP: 00007f4c384327e0 R08: 0000000000000000 R09: 0000000000000000
[  179.676175][ T7100] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  179.676183][ T7100] R13: 00007f4c38616038 R14: 00007f4c38615fa0 R15: 00007ffdd98bfbc8
[  179.676213][ T7100]  </TASK>
[  180.354898][ T5823] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.