last executing test programs:

15.445447152s ago: executing program 4:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000ff850000007100000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000000000000850000000500000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000400)='ext4_es_find_extent_range_enter\x00', r1}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x8, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b400000000000000dd0a0000000000006301a200000800009500000000000000"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x19, &(0x7f0000000000), 0xb5, 0x10, &(0x7f0000000000), 0x7}, 0x48)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'macvlan0\x00', <r3=>0x0})
setsockopt$MRT6_DEL_MIF(0xffffffffffffffff, 0x29, 0xc8, 0x0, 0xc000000)
ioctl$BTRFS_IOC_DEV_REPLACE(r2, 0xca289435, &(0x7f00000003c0)={0x0, 0x80000001, @status={[0x7, 0x1000, 0x2, 0x3, 0x7, 0xbea9]}, [0x4d8, 0x100000001, 0xfff, 0x2, 0x4, 0xcda, 0xf3a, 0x1ff, 0x4, 0x6fa6, 0x24, 0x20, 0x1, 0x8000000000000000, 0x2, 0x4, 0x3, 0x9, 0x7fff, 0xa41, 0x0, 0x287d, 0x1, 0x2, 0x0, 0x9, 0x7, 0x9, 0xffff, 0x0, 0x4, 0x0, 0x5acc, 0x6, 0x2, 0x2, 0x80000001, 0x8, 0x20000000200, 0x5, 0x8, 0x6, 0x3b, 0x0, 0x0, 0x71, 0x5a, 0x4, 0x8, 0x4, 0x8, 0x1, 0xe93, 0x21, 0x5, 0x2, 0x3, 0x1, 0x1, 0xffffffffffffff4b, 0x2, 0x7, 0x1c00000000000000, 0x7]})
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
syz_emit_ethernet(0x36, &(0x7f0000001800)=ANY=[@ANYBLOB="010d856aea454c8a48f680c20000ffaaaaaaaaaa03080045000028000000000002907800000000ffffffff11e09078000000000001"], 0x0)
sendmsg$NFT_MSG_GETFLOWTABLE(r4, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000000c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="64000000170a05000000000000000000000000000900020073797a31000002000c00054000000000000000030c000540000000000000000304000400000007400000000014000380080001400000000008000240000001010900010073"], 0x64}}, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
r6 = socket(0x10, 0x2, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000140), 0x24}}, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000380)=@newsa={0x154, 0x10, 0x633, 0x0, 0x0, {{@in=@broadcast, @in=@multicast2}, {@in6=@empty, 0x0, 0x32}, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, {0x0, 0x4000000000000}, {}, {}, 0x0, 0x0, 0xa, 0x1}, [@algo_crypt={0x48, 0x2, {{'ecb(cipher_null)\x00'}}}, @encap={0x1c, 0x4, {0x7}}]}, 0x154}}, 0x20004044)
getsockname$packet(r6, &(0x7f0000000200)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
r8 = socket(0xa, 0x3, 0x3a)
ioctl$ifreq_SIOCGIFINDEX_vcan(r8, 0x8933, &(0x7f0000000040)={'vxcan1\x00', <r9=>0x0})
setsockopt$MRT6_ADD_MIF(r8, 0x29, 0xca, &(0x7f0000000000)={0x2, 0x1}, 0xc)
setsockopt$MRT6_ADD_MIF(r8, 0x29, 0xca, &(0x7f00000000c0)={0x0, 0x0, 0x0, r9}, 0xc)
connect$can_j1939(r6, &(0x7f0000000080)={0x1d, r3, 0x1, {0x0, 0xf0, 0x2}, 0x1}, 0x18)
sendmsg$nl_route_sched(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000540)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {0x0, 0x4}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000001840)=@newtfilter={0x9c4, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {}, {}, {0xe}}, [@filter_kind_options=@f_u32={{0x8}, {0x998, 0x2, [@TCA_U32_SEL={0x644, 0x5, {0x5, 0x18, 0x0, 0x4f, 0x3, 0xff, 0x1000, 0x7, [{0x5, 0x8, 0x1ff, 0x400}, {0x63, 0x7, 0x5, 0x3f}, {0x5, 0x6, 0x1, 0xff}, {0x8001, 0x1f, 0x128c45f3, 0x8}, {0xdbc, 0x4, 0x2, 0xffffff34}, {0x3, 0x80000000, 0x7e25be85, 0x9}, {0xfff, 0x101, 0x0, 0x100}, {0x2, 0x5, 0x2, 0x5}, {0x6, 0x4, 0x0, 0xa0}, {0x3f, 0x1, 0x10001, 0x20}, {0x1, 0xd1, 0x400, 0x80000000}, {0x7, 0x7fff, 0x8, 0x9}, {0x6, 0x2, 0x40, 0x7}, {0x3, 0x8c, 0x81}, {0x10001, 0x2, 0x3, 0x9}, {0x3c, 0x1, 0x2, 0x8}, {0x1, 0x0, 0x4, 0xcca6}, {0x2, 0xfff, 0x8, 0x7e0}, {0x6, 0x9a5, 0x2, 0xce0}, {0x20, 0x7fff, 0x3}, {0x5, 0x4, 0x7ff, 0xff}, {0x1ff, 0x3, 0x849, 0x2}, {0x7fffffff, 0xd59, 0xb2af, 0x1f}, {0x5, 0x1ff, 0x9, 0x2}, {0x4, 0x0, 0x7fffffff, 0x8}, {0xff, 0x0, 0x40, 0x8001}, {0x400, 0x0, 0x0, 0x1ff}, {0x101, 0x4, 0x6, 0x9}, {0x0, 0x1ff, 0xfffffff7, 0x8}, {0x0, 0x7, 0x4, 0x1}, {0x7, 0x1, 0x401, 0x7}, {0x3, 0x0, 0x100, 0xea6}, {0x9, 0x8, 0x80000000, 0xc689}, {0x1, 0x2f3, 0x3, 0x9}, {0x3, 0x7f, 0x1, 0x10001}, {0x80000001, 0x10000, 0x8, 0xffff}, {0x8000, 0x7, 0x3, 0x3}, {0x5, 0x8, 0x4, 0x1}, {0x0, 0x1419, 0x3, 0x631b}, {0x3c, 0x4, 0x7fffffff, 0x7f}, {0x40, 0x53, 0x8, 0x5}, {0x6, 0x9, 0x200, 0x4}, {0x40, 0x64f, 0x9, 0x6}, {0x6, 0xffffffff, 0x1, 0x401}, {0x80000000, 0x3, 0x0, 0x7}, {0x180000, 0x400, 0x0, 0x400}, {0x5, 0x1000, 0x7, 0x1}, {0x2, 0x10000, 0x1ff, 0xffffffff}, {0x0, 0x200, 0xbf3, 0x7fffffff}, {0xf0c, 0x8000, 0xf26, 0x36}, {0xa, 0x8003, 0xfffffff7, 0x4}, {0x200, 0x835, 0x5, 0x8}, {0x0, 0x7}, {0xff, 0x400, 0x7, 0x2}, {0x8001, 0x2, 0x5, 0xfff}, {0x4, 0x1, 0x180, 0x6}, {0x7, 0x4, 0x63, 0x8}, {0x7fff, 0x1, 0x9, 0x5}, {0x2, 0x3, 0x57, 0x5}, {0x401, 0x1, 0x2, 0x7}, {0x2, 0x29ea, 0x2, 0x6}, {0x4, 0x8a4, 0x5, 0x2}, {0x101, 0x1, 0xff, 0x7}, {0xffff4130, 0xa50, 0x4, 0x7}, {0x5, 0x28, 0x3ff, 0x37c0}, {0xff, 0x4, 0x0, 0x2}, {0x3528f3b, 0x10001, 0x1, 0xfffffa2a}, {0x86, 0x20, 0xbf1, 0x9}, {0xff, 0x5bb, 0x42, 0x6}, {0x4, 0x6, 0x9, 0x1700000}, {0x10000, 0x1, 0x0, 0x8000}, {0x1f, 0x84a8, 0x101, 0x7}, {0x6, 0x8c, 0x5e32, 0x6}, {0xfffffffe, 0x401, 0xa99b, 0xff}, {0x1, 0x101, 0x8, 0x5}, {0x1, 0x3, 0x4, 0x3f}, {0x7, 0x9, 0xffff, 0x4}, {0x0, 0x80000001, 0x1, 0x4d}, {0x80, 0x8, 0x8, 0x200}, {0xcdf, 0x3, 0xfffffff7}, {0x5, 0x0, 0xb0, 0x8}, {0x0, 0x100, 0x2, 0x20}, {0x1, 0x4, 0x0, 0x7}, {0x6, 0xfffffff8, 0x4, 0x2}, {0x9, 0x80, 0x0, 0x7f}, {0x62, 0xc4000000, 0x7, 0x4}, {0xfff, 0xfffffffc, 0x1, 0x101}, {0x0, 0x7, 0xfffffbff, 0xd72e}, {0x6f, 0x9, 0xfffffffd, 0x7fff}, {0x2, 0x10001, 0x3}, {0x2, 0x10001, 0x4, 0x3}, {0x5, 0xa4e, 0x400, 0x81}, {0x66e, 0x80000000, 0x7, 0x1}, {0x8, 0x81, 0x80000000, 0x2}, {0x5, 0xdf5d, 0x430, 0x8}, {0x50, 0x7, 0x81, 0x9}, {0x0, 0x8e, 0x1, 0xf}, {0x0, 0x9, 0x3, 0x6}, {0x8e, 0xc, 0x2, 0x6}]}}, @TCA_U32_MARK={0x10, 0xa, {0xffffff7b, 0x3}}, @TCA_U32_LINK={0x8, 0x3, 0xc52}, @TCA_U32_MARK={0x10, 0xa, {0x60d, 0x1ff}}, @TCA_U32_ACT={0x314, 0x7, [@m_vlan={0x150, 0x0, 0x0, 0x0, {{0x9}, {0x48, 0x2, 0x0, 0x1, [@TCA_VLAN_PUSH_VLAN_ID={0x6, 0x3, 0x280}, @TCA_VLAN_PARMS={0x1c, 0x2, {{0x3ff, 0x7, 0x10000000, 0x74, 0x1}, 0x1}}, @TCA_VLAN_PUSH_VLAN_ID={0x6, 0x3, 0xa95}, @TCA_VLAN_PUSH_VLAN_PROTOCOL={0x6, 0x4, 0x88a8}, @TCA_VLAN_PUSH_VLAN_PRIORITY={0x5, 0x6, 0x4}, @TCA_VLAN_PUSH_VLAN_ID={0x6, 0x3, 0xeff}]}, {0xe0, 0x6, "1b61b720e1ca1644a1e6002380cc72927d91efa590298168e9f9a7f667e099e1151c0705c2f05205f328346e708c498266affafb1b00fe585e3a2de8311e409087d94550ca1172451bd2a48c13320166ccf83c8163830bc16daaf995762bdbc632e600876b8f77e7db73d8c85908bdfa67f7216adb7c17fc300bd63f91a6fa2c9c9d4662685872ae6f38cad9f81f4c1c4988058199f567e14a530da09ed6835e6f59e1cee6a23cfaf7177e20202cb0ab8552bfdc7d8f8bfdadf727418ed33998045de06d83bbfad0c03c6231667f73d96051eb2706a716e72f20b7ed"}, {0xc}, {0xc, 0x8, {0x2, 0x1}}}}, @m_csum={0x1c0, 0x16, 0x0, 0x0, {{0x9}, {0x100, 0x2, 0x0, 0x1, [@TCA_CSUM_PARMS={0x1c, 0x1, {{0x2, 0xc50, 0xffffffffffffffff, 0x6, 0x8}, 0x6d}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0x5, 0x800, 0x2, 0x74, 0x5}, 0x72}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0x4, 0xff, 0x3, 0xb, 0xf7}, 0x71}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0xffffffdd, 0x42d, 0x20000000, 0xb77e, 0x40}, 0x53}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0x1, 0x3, 0x20000000, 0x7, 0x5}, 0x19}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0x7b, 0x1ff, 0x8, 0x8, 0x7fff}, 0x61}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0x7, 0x1, 0x8, 0x4, 0x9a5}, 0x6d}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0x1, 0x9e, 0x10000000, 0x1, 0xfffffab8}, 0xc}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0x2, 0x7fff, 0x4, 0xff, 0x5}, 0x71}}]}, {0x96, 0x6, "ab8f059a226ae84317d0bddb27c2d19f87bba9babeb2fb153fc50fe781f5fb17d40267d4f679acb1709ff9c8ea94041e24badd2e2920e1638076d2c37768421cf0197ef454792b2b4c3a5ddfba6462e454a96a1f577ab67a92a65a69760ca47f22fa1c00ca3e95cb58fb7f6bcf4dcc14f781dcee7fffdebf10a28d6068e6e2d32e812be5ed0ce4cc8f6db382ab090d30f5ad"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x1, 0x2}}}}]}, @TCA_U32_INDEV={0x14, 0x8, 'vlan1\x00'}]}}]}, 0x9c4}}, 0x0)
r10 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r10, &(0x7f00000002c0), 0x40000000000009f, 0x0)

15.193077766s ago: executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x0, 0x0, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
r2 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r2, 0x40045532, &(0x7f0000000580))
syz_open_dev$sndpcmp(&(0x7f0000000b00), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
read$msr(0xffffffffffffffff, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$igmp6(0xa, 0x3, 0x2)
r3 = socket$inet6(0xa, 0x3, 0x8000000003c)
connect$inet6(r3, &(0x7f0000000140)={0xa, 0x0, 0x0, @local, 0x4}, 0x1c)
sendmsg(r3, &(0x7f00000000c0)={0x0, 0x952c, &(0x7f0000000100)=[{&(0x7f0000000000)="2b10", 0xffbd}], 0x1, 0x0, 0x0, 0x2c}, 0x4)
close_range(r1, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0xd, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x1, 0x0, 0x3, 0x9, 0x1, 0x64}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0x98, &(0x7f00000000c0)=""/152}, 0x80)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000680)={0x6, 0x1a, &(0x7f0000000480)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0xaf20, 0x0, 0x0, 0x0, 0x2}, {}, {}, [@initr0={0x18, 0x0, 0x0, 0x0, 0x4}, @cb_func={0x18, 0xb, 0x4, 0x0, 0xfffffffffffffffe}, @generic={0x7f, 0xb, 0xa, 0x1ff, 0x10000}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x3}, @call={0x85, 0x0, 0x0, 0x6c}, @ldst={0x0, 0x1, 0x3, 0x3, 0x2, 0xffffffffffffffec}, @map_fd={0x18, 0xb}, @call={0x85, 0x0, 0x0, 0x32}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}}}, &(0x7f0000000040)='syzkaller\x00', 0x81, 0x89, &(0x7f00000005c0)=""/137, 0x41100, 0xb, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000180)={0x1, 0x5}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], 0x0, 0x10, 0x20}, 0x90)

14.861160092s ago: executing program 4:
prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000500)={0x0, 0x0})
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
r2 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000240), 0x8000, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="140000001000010000000004000000000000000a20000000000a05000000000000000000000000000900010073797a300000000014000000030a010200000000000000000100000180000000060a0104003f0000000000000100000008000b400000000009000100737901000000000008d54e32000a40"], 0x8c}}, 0x0)
ioctl$SNDCTL_TMR_STOP(r2, 0x5403)
connect$pppl2tp(r0, &(0x7f0000000040)=@pppol2tpv3={0x18, 0x1, {0x3, r1, {0x2, 0x0, @multicast2}}}, 0x2e)
setsockopt$pppl2tp_PPPOL2TP_SO_DEBUG(r0, 0x111, 0x1, 0x20000000, 0x4)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000003040)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, 0x0, 0x0)
sendmsg$NFNL_MSG_CTHELPER_NEW(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB], 0x58}}, 0x0)
pipe(&(0x7f0000000000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
pipe(&(0x7f0000000080)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
write$binfmt_script(r6, 0x0, 0xb)
splice(r7, 0x0, 0xffffffffffffffff, 0x0, 0xf3e, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000340)={'wlan1\x00'})
sendmsg$NL80211_CMD_DEL_PMKSA(r8, &(0x7f0000000580)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000440)={&(0x7f00000003c0)=ANY=[@ANYBLOB='d\x00\x00', @ANYRES16, @ANYBLOB="0002287f7000fedbdf25350000080c009900ff0700006f00000014005500428149eab7db9357054bdd85c1a961791400fe001392000000000000000000000000000005002001340000772125945ca9ec183d9e2afbb8000a00060093ddba45"], 0x64}, 0x1, 0x0, 0x0, 0x8000}, 0x20008040)
write$binfmt_misc(r8, &(0x7f00000000c0)=ANY=[], 0xfdef)
r9 = socket$nl_route(0x10, 0x3, 0x0)
r10 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r10, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB="34000000100001f8ffffff000000000000000000", @ANYRES32=0x0, @ANYBLOB="00000000000000000c002b8008000100", @ANYRES32, @ANYBLOB="08001b"], 0x34}}, 0x0)
sendmsg$nl_route(r9, &(0x7f0000000140)={0x0, 0x41, &(0x7f0000000080)={&(0x7f0000000100)=@newlink={0x34, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x40}, [@IFLA_XDP={0xc, 0x2b, 0x0, 0x1, [@IFLA_XDP_FD={0x8}]}, @IFLA_GROUP={0x8}]}, 0x34}, 0x1, 0x0, 0x0, 0x2000c884}, 0x0)

11.722771028s ago: executing program 4:
timer_create(0x0, &(0x7f0000000680)={0x0, 0x21}, &(0x7f0000000040))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
r0 = syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0x0)
ioctl$CEC_DQEVENT(r0, 0xc0506107, 0x0)
ioctl$CEC_DQEVENT(r0, 0xc0506107, &(0x7f0000000080))
ioctl$IOC_PR_PREEMPT(r0, 0x40046109, &(0x7f0000000040)={0xd0})

10.607175304s ago: executing program 0:
msgget$private(0x0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x0, 0x0)
msgsnd(0x0, &(0x7f0000000140)={0x3}, 0x8, 0x0)

10.221389293s ago: executing program 0:
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000380)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=[{0x10}, {0x10}], 0x20}})
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f00000001c0)={0xa, 0x4e22}, 0x1c)
sendto$inet6(r0, 0x0, 0x0, 0x200008d4, &(0x7f000072e000)={0xa, 0x4e22, 0x0, @loopback}, 0x1c)
r1 = socket$nl_audit(0x10, 0x3, 0x9)
sendmsg$AUDIT_TRIM(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000080)={0x10}, 0x10}}, 0x0)
recvmmsg(r1, &(0x7f00000021c0)=[{{&(0x7f0000000240)=@pppol2tp={0x18, 0x1, {0x0, <r2=>0xffffffffffffffff, {0x2, 0x0, @initdev}}}, 0x80, 0x0}}], 0x1, 0x0, 0x0)
r3 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r3, &(0x7f00000014c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[@ANYBLOB="020d00001400000000000000000000000800120000000200b56b6e000000000006002b00000000000000000000000000e0000002000000000000000000000000ff020000000000000000882025a4000105000500000000000a00000000000000fe8000000000000000000000000000aa00"], 0xa0}}, 0x0)
close_range(r2, 0xffffffffffffffff, 0x0)

10.098732097s ago: executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r1, &(0x7f00000021c0)={0x2020, 0x0, <r2=>0x0}, 0x2020)
write$FUSE_INIT(r1, &(0x7f0000000040)={0x50, 0x0, r2, {0x7, 0x1f}}, 0x50)
syz_fuse_handle_req(r1, &(0x7f000000e3c0)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000d838aae8c05dd22d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x20c01, 0x0)
io_setup(0x202, &(0x7f0000000200)=<r4=>0x0)
io_submit(r4, 0x1, &(0x7f0000000700)=[&(0x7f0000000440)={0x18, 0x7000000, 0x4, 0x1, 0x0, r3, &(0x7f0000000180)='\x00', 0x1}])
dup3(r0, r1, 0x0)

9.695153047s ago: executing program 0:
syz_emit_ethernet(0x7a, &(0x7f0000000000)={@broadcast, @link_local={0x1, 0x80, 0xc2, 0x0, 0x5}, @void, {@ipv6={0x86dd, @gre_packet={0x0, 0x6, "280100", 0x44, 0x2f, 0x0, @private0, @mcast2, {[], {{0x0, 0x0, 0x1, 0x0, 0x2, 0x0, 0x0, 0x1, 0x88be}, {0x0, 0x0, 0x0, 0x0, 0x100}}}}}}}, 0x0)

9.497543828s ago: executing program 0:
socket$nl_generic(0x10, 0x3, 0x10)
pipe(&(0x7f0000000080))
r0 = epoll_create1(0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r2, &(0x7f0000000100)={0x20000014})
epoll_wait(r0, &(0x7f0000000040)=[{}], 0x1, 0xfffff001)

6.849453675s ago: executing program 4:
syz_mount_image$bcachefs(&(0x7f0000000000), &(0x7f0000000100)='./file2\x00', 0x800090, &(0x7f0000005f80)=ANY=[@ANYRESDEC, @ANYBLOB="7ab40d920812b31712aebf5d8db36327ff98becda5e07962faff8215a30ec62916b4074a1c15b53809722b4dcb2f0c724259112bb70e9bad005ab1742f042ae13d0ae29e68cdbd7982672640d6d7dc1d6203b0f5b5274363136c7676a31b14808229ff6d8f5c399c914ad00c1439e8fcfad24246037d39f9ed8b", @ANYRES64], 0x1, 0x5bd7, &(0x7f000000bc00)="$eJzs3Q+MXXW9IPBz7p1p73TaMkWBWv50gNItrMCU4gINhoGNgKtFBC0qSFvptAz2D3RaC1XsQCIaZN0ma5Q10RCiCRtCdJes6581xSxiVtbYjcsrvvd8GNA8eS9Yg6B9lNiXmXvOnblnzu+eO/feKS18Pknnzjnzu9/f9/u7vzlzzu/e3hsBAADwlvDU50b+fM2i9/zs3qFXd1/9g833RL3l8f2VtEFfcnvnG5UhR9LsroXjt9l5sWdw1lOXPfD+Z7/+8W89/8KCZcu/eduVh+6Yu+r++wd/edGhn//17qK46Xw6e2I7fimOolN/sewr9/3k6ZPG9sVRFJXjvtEoWhCXfrwgzoQYeC2KovW1POt/+PirKzaM3Y5+cXbd/uMyQcz3t7ZKMs8+/6Otp/z+vCuf3furK14dqLy2bXSiSVyZNJ+iaP7ayffvjqKoJ/k3Jp1tC9M7J7fXRlE0Z9L9Li7I64wm8z83sL0ouZ2V3PYWxEl/fnpmu7vJPLoyt5Um79eq0gzHT6WP39wZ7j97cMv2syC5/W5ye/Y045fTf3FUiqOuWneb4ok5Ek163OIoHn/sJ7ZLdXMhzsyNOIrizHYps13uztQ13m8y0cpxXL8/bZfZ35/s70r2n14w164P7H9HWm/yi3owU382aO+Ub2p1jUvz+k2DXI6E0qRjUN7+NN9K8mD0Jvt64+On3OdwjvRXfPULX/r287u+saQvkEf8nTiJH083/rhnNl+yf+muXx9YGIq/tpTEL7UUf+S8lx978bqfnhSMvyeNX24p/nMXLv3qD3fvPBgcnz+m49PVUvzyynMOLb93YHUw/4fS+JWW4j98xaNfm/+uJx8L5j+Qjk9Pa+MzvOP1Gx854UAwfpTGn9NS/MtfOfGslVsf3RiM/0Q6Pr0txX96ZHjVfbcu3tkfir8vjT+vpfhn/PamG/fuH3oumP9gOj59LcV/95LLr111YMsDoWNnPHqk/sICvDm9LTnH+kKy3ep1ZrsmXS882BdXz/nmJv/mlTvZU72xfubPXHgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3qIe7ls/9Nfvn/Z6V7I9O/nmtHL1Nt0/K4riniiKRrav27Z9eMvG/tu27ti2Zd2m/nXb+4e2bN92V/+F7+zfNnT7pnV3jf104NwV1fsdH8XV2/jUKX0fPnz4cKmvfl/a3ycv+s+P95+2/2+jaOCEX57WFcz/A3cv+vcLcr5mxIOHN/2ns25+ce7/2VHd0Zfk1RfIKwrkdekjL638/Q96/mMUDZzYKK9/XHbVT+oSGt8xESdRmh2Vxr+ZHc/JzaOWdZJPOl5dG4Y3DQ0Uj285UMfvDv73D+8cuWW0Or6VYB1Njm/P4OG/bPneE7dcuuva6o6j9XEvGu+0ijS/dPwqyXjPT+qaH6irK1DXfWed/g9/8182vzQaDXT9afHUvovq6k4mQHf8jqb6TXuYE9ePSSVpnz7i6f3O37759vNH7tp17vDmdRvHfvdXrFhx8YUrLrjogn93/njp1a8dqz/t/980Wf+RmU9bLxocTr82N5+K8ioaj7G8isdjckah37+3f+iqv7vnf+y5rrqjaJ6nrWvHk+R2ztjDvDyaNN+mjlVeXUXj0B0Yh43X9/7XV/q3/kvRcWjyIzP5a0Y8ePhPw//3srl7z7y5uuOIHOcnJ9Ticb6WdZJP9+TjzvKjd3xnR+Wkrt7cvM689+WP/P/vx/21/GbNiu5ct337tuXVr0eorrdf/5nO1nXx0n++Y9faexZMqeuC6te5SaZz45Nz88ruTetaPDr2tRwlw5LeRJVSfn3dUTW/7N+F9H7ZUe1NftYbH59bV1b6s9UvfOnbz+/6xpLQSMffqfbYE82r3sanBFpuytyxXEs4r/+i+RFF0drJ+9JxfOJ7X+7f+7MFmwvnR3VmTPmaLW/w8Gcvmfu7kRv2raruODLHlUkJtXhcqWU9kc/4eI0fVy44eupo4XEeuxzpwONc94sVDx7ee8o7N674X9uTX/ui8a21zhvfFVFUdBxYnNnuqtvfueNAtp+J9vnx+jPbvVG5pePGcxcu/eoPd+88GDxu/LHZ48Zn6rbKbR434sBxY/9n/9tfPr3/mfd27rjx3qXlj/394hXJgB4tv2+VZF5XAvO6lnWSTzx5Xp93y9ZN66v7j97z3+S24Pon/fs9cteuT67btGlo20hzdTV7XpL2kx3lVs9L0t++4wvqSh+vibpm7ptmxqvZ37c0//XZ8Wrx9w3y9EZxS3/Pntl8yf6lu359oC8QN15bSuKXWoo/ct7Lj7143U9PCsbfk8bvail+eeU5h5bfO7A6GP+hOIlfaSn+w1c8+rX573rysWD8gTT/ntbOJ4Z3vH7jIyeExz9K4/e2FP/pkeFV9926eGcw/r446Wfs3C6KHn91xYbqdhx1J8fhNI/uuryi7Hac2S5ltsuTt0vVNfhaB+U4rt+ftkv2nz4plzw3RFG0b/bU/enZY2Vh9fZguh1lv2m8/2hTmnROkLe/6PwaAN5M0uf/03ON9Pn/xckfxEnP/1dv41l191+YnE8tnNg1fp13T3/1D+nEdeFjT2f7PpyzrpfmkV3XS+MvO7M+RqvrekXrcmdkttO8FiejkubT4LxhbtTEutzUfhqvy2XKL1436/9CZkfX+Npe6HHrTlYq8p5nzuQ7dyxCu+fZC/Ozrp1nh+Zddr0jfZ4+njLvmntdRPr4Zl8XkcZflFlAa/V1Ee3Ou3RZo8G8G6+seD116ryIGozrxLzIj5adF9OYR33VeTSzz0sd+9f7M7H+/uXa+vsxt56QPi8y3fWEaLR+fJpcTzjar/fT/enxoavJdYDVgf2dWgdIDxdpXr9pkMuRYB0AACau/9NzirHr/7G/1f2Z8/yi65bsVUYaL/g6lnJ+PkXXv1NfzzanpfPKy1858ayVWx/dGLxueKLZ16XcXrc1p+B1KUXjuCSzXTiOgZeCFK07LM20743mtTSOZ/z2phv37h96LjiOg9UTqeJx3FO3Na/NcVyW2S4cx+78rIrGMdtP0fw9O7Pdm7wiaLrj/u4ll1+76sCWB4LjPtrsuD9Ut9VXMO6u0wPxZ/Q6PTp2r9PT+MfI8/5F65Fv2DpAsm49U+sA1wf2T3cdoHfKN7W6xh1z6wCBvwsAcCxLr/9rr5dPrv//d6Zdu9eHwfO2wc68njV43lY7r23vvDyYf+28vL3romD82nVRe9ctwfGpXbe0d90VjF+77mpvnSY4Pk+k4zP1vH93E/HT8/7QfxdIz/uP/euimV1n6PR1UeS66A3huggA4M0tvf5PT1fT1/8/mWxnz41n/jp3pq9DZ/o6eqbXGWZ6neRYv8498usMzcRvfp1hmutsyetUm19n69A6wOH6F/DM1DqA50ffGNYBAADeHN6T3N7cZPuuqPpGm5+45dYL1qwf+tSaDduGhkZuX3fL0JrhLcPba+26x6+8pr5OOtRf0euk89rPadB+TTB+fT5XBtqHtFt/qL+i+vPaN6p/bTB+fT5XBdqHtFt/qL+i+ie3v6yJ+tcF49fnc3WgfUi79Yf6K6o/r32j+j8RjF+fz3sD7UParT/UX1H9ee0b1X9LMH59Pv8h0D6kYf25+TXXX1H9ee0b1Z99v8xQ/e8LtA9p9/EP9VdUf177RvUPBePX5/P+QPuQdusP9VdUf177RvVvCMavz2dVoH1Iu/WH+iuqP699o/o3BuPX53NNoH1Iu/WH+iuqP699o/pvDcavz+cDgfYh7dYf6q+o/rz2jeofDsavz+faQPs6kxaO260/1F9R/XntG9V/WzB+fT4fDLSv11P7rt36Q/0V1Z/XvlH9nwzGr8/nukD7kHbrD/VXVH9e+0b1bwrGr8/n+kD7kHbrD/VXVH9e+0b1bw7Gr8/nQ4H2Ie3WH+qvqP689o3q3xKMX5/PhwPtQ9qtP9RfUf157RvVvzUYvz6f1YH2Ie3WH+qvqP689o3qvz0Yvz6fGwLtQ9qtP9RfUf157RvVf0cwfn0+H5naPh7NDzmu3fpz+svk13w9jerfFoxfn89HA+1D2q0/1F9R/XntG9U/Eoxfn8/HAu1D2q0/1F9R/XntG9W/PRi/Pp8bA+1D2q0/1F9R/XntG9W/Ixi/Pp+bAu1D2q0/1F9R/XntG9X/qWD8+nw+Hmgf0m79of6K6s9r36j+ncH49fncHGgf0m79of6K6s9r36j+O4Px6/NZE2gfUqt/+7ahoTU7bl+/bvtQd7R1/dDImp3bhrdvH0pO1Np9XWLw/5clr0vsjroa1r8os31c8v5AxwXeHyjbPg178vg3U98fKNttV8H75BQ9Xtn+i95nKK993nwLPb5Fx4Nm50NW3e9HdZIMbxkZ2jb1+N3TcDwmz4lo/GVzPdn38G7YPtsy0E2h5uupNKwnu3t28kLA2fEJTbWPAp8HN13N1xMH68nLY7qfY5eGndbn2GW+TJEzPerq3TAyfpAeXrdpeNfQ1PznHAX5NzOOox3PozQlj6LHP86Mx4IkkwWhz3sLjN/O7/7Tw3/4w/98XxQNnFA+pa3xiwcPrz144id+cens88fyLzXMv9Yy/Vzlgs8/zLZP6+natHVk+7/dsHXHlvxn0NLXO5dq2zP0euekznKTr18Ovd5juq9fjqd8c3Rq9vXLAAAAbxXp//9Pr1cXJv8HdUFmiSBvHXjNlrx14Pb+f3RwHXhfc+vA2dWI46Ku/xc1WAfOtk/LbnYduHf2xA9aWQfO9h9apy01aN/oeZdm14E/Fmg/Xc3Pk/beByA4T5KRKpon2f+HX/R8Qbb9dOdJT5vPF2T7L5onee0bPT/d7Dy5IdA+pPn50ML7TvRPvO9EcD4MNDcfsp+rWTQfsu2nOx8qbc6HbP9F8yGvfaPX6zQ7Hz4UaN+s6Rwvqlp7X5jg/Fjb3PzIfl5K0fzItp/u/IjbnB/Z/hvNjzjQvtHrGZudHx8MtE81//i39749wcd/T3OPf/ZzW4oe/2z76T7+pTYf/2z/RceHvPaNXs/d7ON/TaB9qv7xH3vgxx/3oTU7t26b/Bromf7clpDm85vZz61pVfP5z+z7Ps18/jP7vlIzn397103B/Pe190xX8/nP7OcSteqIPR+b/J+hovefKnqe9qOB/dN9nnbWlG+OTp6nBQAAgJmXPv+fvpt3+v7wX0xuAx/T37Jj//O9q+tccf1/yyiMf8x+/na6ANPq529Xmsu/2XVM63kNOjsKWM8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADojNldC8dvn/rcyJ+vWfSen9079Oruq3+w+Z49g7OeuuyB9z/79Y9/6/kXFixb/s3brjx0x9xV998/+MuLDv38r3cXBu6r3pydbFaiKH4pjqJTf7HsK/f95OmTxvbFURSV477RKFoQl34cZyMMvBZF0fpanvU/fPzVFRvGbke/OLtu/3GZINm6ot5ymk9dntGdhRVxDKok8+zzP9p6yu/Pu/LZvb+64tWBymvbRieaxJVJ8ymK5q+dfP/uKIp6kn9j0tm2ML1zcnttFEVzJt3v4oK8zmgy/3MD24uS21nJbW9BnPTnp2e2u5vMoytzW2nyfq0qzXD8VPr4zZ3h/qcc3TL9LEhuv5vcnj3N+OX0XxyV4qir1t2meGKORJMetziKxx/7ie1S3VyIM3MjjqI4s13KbJe7M3WN95tMtHIc1+9P22X29yf7u5L9pxfMtesD+9+R1pv8oh7M1J8N2jvlm1pd49K8ftMglyOhNOkYlLc/zbeSPBi9yb7e+Pgp9zmcI/3Z6he+9O3nd31jSV+gv/g7cRI/bin+M5sv2b90168PLKyPOvHd2lISv9RS/JHzXn7sxet+etLCnNzH4+9J45dbiv/chUu/+sPdOw/2heL/MR2frpbil1eec2j5vQOrg/k/lMavtBT/4Sse/dr8dz35WDD/gXR8elobn+Edr9/4yAkHgvGjNP6cluJf/sqJZ63c+ujGYPwn0vHpbSn+0yPDq+67dfHO/lD8fWn8eS3FP+O3N924d//Qc8H8B9Px6Wsp/ruXXH7tqgNbHggdO+PRI/UXFuDN6W3JOdYXku1WrzPbNel64cG+uHomNTf5N6+THWWM9TN/BuMDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDmNHTVg7uv2rfm6q44iuJAm8M50p+VZw0O9rfQb3nlOYeW3zuwevK+hS3EAQAAAIqVV8ZxFA2sLtX2VKKF0c64Jzo5t326RnByuhXX78+uIfRMtOxInFKH4pQ7FKerQ3G6OxRnVofizO5QnEpBnErd/sXBOD0N45SazmdOh+L0NohTydkfijO3Q/nM61Cc+dk4ldbiHNehfPoaxml+Hi7oUJzjpxcnO/1rcd7WoXze3qE4J3QozokdinNSh+Jk15SnOw/nJS0XheKMf1MujNMVl2s/yFtPT/s5NXO/0jT76W2yn+ya/XT76WmynzPb7KfSZD9L2+wnbrKfs9vsp1TQTzpv78zml/aTbjU5/+/qUJxdHYrz6Q7F+UyH4tzdoTif7VCc3W3GaSx7dgi8laXPw08cGfqi2V2XRnOSI052FSC93l1cvfeU41Ele4GeSOOdktk/qyhe9kI9E29xh/M7I7M/uS4fXZxET8+bGsTrmxxvSeaHhfVmFxQy+S2bbrzswgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAzKChqx7c/a/s2l2MXGX5APD37MzODNvCf/oP1IEUOlJaMSItXZSP1HDQi1liUAL4EdDuljLUTbe7yLYprMhaL4gXKiSauHphDFcYQowaBJWkXGgMSsImik0EJVGJogESIGlNTMbszjnzxczOMiBb8PcLOR/v+zzvc84safK8M5XF8bEQhaX/uqp1kc5lcnFcHqDuJ//y9R/8ee6757WO5bMDLAQAAAD0lfbhw42RQshnt4dclGuLKyT7AIXkPlOsn6Py0PJ5JNqwYnw2id9+8MCt22fvmHv/5IE9+6r7qtOjo6OXXjy685KdH9x+y+RUdUf9GPJ91htO1pu9Y27/nqmp6m2z9fvO5y4leaXm0MTS4Ujy3P/fp06UxDfr/Pcu+v+1AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgbVUrC/OVxfGxkSiEqEdMrYt0LpOL4/IAda98dePWy2ce2Nc6ls8OsBAAAADQV9qHDzdGCiGfzYRMOHP57txmaDGEZt8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD876lWFuYri+Nj66IQoh4xtS7SuUwujssD1P3N7OTVd39u8+HWsdIA6wAAAAD9pX34UGOkEEphSxiOzmyLS/cGzurI74xL1zl7lXGdewe94rasEBeFqBG3bZXrvbdP3MeS8+3101NXBAAAAHj7Svv/bGOkGPLZU3v2/z36+oc74zZ3xGWS8yC/FQAAAADemLT/zzVGSiGfLTX69X7f46f9/rkdcWn+St/bt+b3+94+jTu/R53O7/MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgJNXtbIwX1kcH8tEIUQ9YmpdpHOZXByXB6j77MXbvvXz+cMnWsfy2QEWAgAAAPpK+/Bm610I+exIGA7rlvv+S7f98/NzE0c2DBeT6Vwu3L7n4MHbdtaPadyWL7/86d/9NCq/Ju6i+nFNXg4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHhTVSsL85XF8bFTohCiHjG1LtK5TC6OywPUfXby0L9vvP+Ml1rHSgOsAwAAAHQ31HKd9uHN3r8QSiEXcmHj8l1rr9+Zu6TXngEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwzjF7x9z+PVNT1dveyEX5jaW72L9nanqVwcfX/lFdvCUXh09b08dY63+ZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAk0W1sjBfWRwfK0QhRD1ial2kc5lcHJcHqHvfhx/4zmkf+MWDrWOllRI+mxugCgAAABBa+vBm718IpTAchsMZy3fd9gSW+//iW/iQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADASaFaWZivLI6PnRqFEPWIqXWRzmVycVweoO65f/3MjUePVZ9tHctnB1gIAAAA6Cvtw3ONkULIZy8K+bApuZ9qT4gyybn7vkAz79a2tJFV593ZlpdZdd5XOt4sm7xNPa+Qrlesnxt55dfmlUMIpSSv1JyYaMsL97Zlnbrq5/xeW16xT14AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAk1C1sjBfWRwfi6IQoh4xtS7SuUwujssD1H3qwGXHts398aXWsdIA6wAAAAD9pX14s/cvhFI4O5wWzl7u+0NxebCWT2bTuF33v3D53392ytdC2LHxt+dke67/t/Mrv+w8hDDUHjQUwv8l9aJi+1Ra7/BP/nHfiy8+/NEQdpyR2fR667UvGdcmTmy86cld+e39Ph0AAAB4Z0j7/+HGSDHks9Od/X9D2nm/rv5/5vTr7tyQHJOOvCNjqJjUG+pRb/8l3/hx+Zxjf1jq/1eq9/EvnvWRDWHmkngyPdZHOkRxbeqerbufX//4ofSt6/UzHfXTz+W5Ez/6xOHZvV+q1y+EQjJ+VrZb/dceO5wS145PP/LY3l1z17TXz/Z4/7u3vvtPv//2gReW6r+yeaRR/z0rvP/K9U+/vvL0kYfuvba9/nCP+vuuW/f9V8sz/+p8/5GOhZNPvv4Hb/krdIji2iuTT1yx/uiW3e31QwgTrYHp5//YI98sH/31hgNp/fS3Iudv6ajf8r9a67FjzymKa0c3XbBv9NGD69rrRx310/c/dtcPj3/h2FNXdb7/zZ3v37N+5/tftS1zwzObRwf58QwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwNtAtbIwX1kcHwuZEKIeMbUu0rlMLo7LA9T90HlXXnP1S9NfbR3LZwdYCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHjTVCsL85XF8bGhKISoR0yti3Quk4vj8gB1Zy98+cHnr/3Vu1rHSgOsAwAAAPSX9uHN3r8QSiEXcmFkue+fOLHxpid35beHYn02Ss7ZqZnZg++7ZebQ9M1r9OQAAADAaqX9f7YxUgz57HlhOOn/j266YN/oowfXpf1/CGFi6VC4ZXKqOhoa+wRXbcvc8Mzm0XJjn6A17sK9M1PJNkG67l2XrX9u9lOLV3ddd2cz7pXJJ65Yf3TL7jRuODkvx13UjJu6Z+vu59c/fiiNG0r3KZbidjTjjk8/8tjeXXPXpPOZ1vVa4k6/vvL0kYfuvbaxTnIeSeoCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwH3bgQAAAAAAAyP+1EaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwX0chUlVxHIDPmZnV0dFttigXKVIx0SBZqaiEaBWSHtqQAl8s8CErI5NawhBiNyELk/CpIigiCgKRgqCHIiwogyQKIrSHMLSHeoiNaEPcqJjZe2dnrt5muzUJy/fBcPaeO/d3/ufcMzN7AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC6s+ZXBZnv0qdHf7hgLn+3dPjl223s7nzw4PO/oLQduP/HyPW+cOj2wet3rD26aemTRyP79w1/dMPX5H090DX58ulmTHFZDiD/FEK74YvXz+z45tqTRF0MI5VgfD2Eglj4aiJmEobMhhHtbdXaefGfy2vsa7fiz8zv6L8qENOe19NbWvEKtnNYzrd5ZL3NLNdlnT3+w6/If1m46ceSbjZND1bOPjs+8JVbb9lMI/dvar+8LISxIXg3pbhtML07azSGEhW3X3dilrhWzrP+anOOlSTsvaWtdctLzyzPHfbOso9Jqpz851VleV1Spx/mp9P4t6vH42S+37DgDSftu0q75h/nl9BVDKYZKa7iH4sweCW33LYbYvPczx6WOvRAzeyOGEPvaJhJDKGXOl/sy82qOm2y0coyd/en7Mv3Lkv5K0r+8y1676+8WpXFt8kE9k5l/NrR2zh+teTWldX3XZbxeK7V9B52vP623mtyMWtJXixefc82f55Ge23L6ubdO7XllZT2njvh2TPJjofyvd950fNWebycG8/K3lZL8UqH80bW/HP7xzk+X5OYfTPPLhfJPXrfqhffHdp/JXZ+f0/WpFMovr796at3eoS259b+a5lcL5b+28dBL/dd/fDi3/qF0fRYUW58dj/2+9c1LJ3LzQ5q/sFD+hl8vu2r9rkP35+Z/mK5PrVD+sdEdI/seuHL3srz8L2Pzg1ULiwvlr/j+7q1Hjm8/mVv/cLo+9UL5N6/csHlk4uEDed+dcfz/+oUFmJsuSf7HeiY5Lvqc+W+1PS+8WJ/+aWo+0zRei//LgTIa4/T3MB8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4C924IAEAAAAQND/1+0IFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICnAgAA///KRVpu")
truncate(&(0x7f0000000340)='./file2\x00', 0x4)

6.65977174s ago: executing program 3:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/partitions\x00', 0x0, 0x0)
chdir(&(0x7f0000000100)='./file1\x00')
sendfile(0xffffffffffffffff, r0, &(0x7f0000002080)=0x64, 0x23b)

6.488147421s ago: executing program 3:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40841, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
socket$kcm(0x2, 0xa, 0x2)
write$tun(r0, &(0x7f00000001c0)=ANY=[@ANYBLOB="00001b1de4356c052e79aaaaaaaaaaaa88a800008100000086dd6017785c00182f0000000000000000000000000000000000fe80000000000000000000000000000e800008"], 0xfdef)

6.238822363s ago: executing program 3:
syz_emit_ethernet(0x0, 0x0, 0x0)

6.061919402s ago: executing program 3:
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x88, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x3ffffffffffffda, 0x0)
recvmmsg(r2, 0x0, 0x0, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000000)='kfree\x00'}, 0x10)
r4 = add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f0000000080)={'fscrypt:', @desc2}, &(0x7f00000000c0)={0x0, "f1a117462d3589e67197f90bf6e423ceb0ab4912f9f6a31854ec98e950cfed21fcad7ff0fbcb566a0982f8938caa52dd8d00000020000000009300", 0x24}, 0x48, 0xffffffffffffffff)
add_key$fscrypt_v1(&(0x7f0000000400), &(0x7f0000000440)={'fscrypt:', @desc1}, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$KEYCTL_MOVE(0x4, r4, r4, 0x0, 0x0)

5.506952319s ago: executing program 0:
connect$unix(0xffffffffffffffff, 0x0, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f00000000c0)=0x1, 0x4)
r0 = syz_io_uring_setup(0x24f5, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000100), &(0x7f0000000000))
io_uring_enter(r0, 0x0, 0x400000, 0x1, 0x0, 0x0)
io_uring_enter(r0, 0x52e, 0x0, 0x0, 0x0, 0x0)

5.052792692s ago: executing program 3:
mkdir(&(0x7f0000000580)='./file0\x00', 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
r1 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
getpid()
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
io_setup(0x0, &(0x7f00000000c0)=<r5=>0x0)
r6 = socket$inet_smc(0x2b, 0x1, 0x0)
io_submit(r5, 0x1, &(0x7f00000001c0)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x5, 0x0, r6, 0x0}])
sendto$inet(r6, 0x0, 0x4d, 0x200047ee, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x5, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="8a591000fcffffff1862000008000000000000d674f9c873c9d4b2000500000085100000f8ffffff"], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x8, '\x00', 0x0, 0x23, r0, 0x8, &(0x7f00000004c0)={0x0, 0x3}, 0x8, 0x10, &(0x7f0000000500)={0x0, 0x7, 0x4, 0x401}, 0x10, 0x0, r2, 0xa, 0x0, &(0x7f00000006c0)=[{0x2, 0x1, 0x5, 0x8}, {0x3, 0x5, 0x1, 0x8}, {0x1, 0x4, 0x6, 0x2}, {0xfffffffe, 0x4, 0x5, 0xa}, {0x0, 0x2, 0xf, 0x3}, {0x3, 0x2, 0x1, 0x1}, {0x1, 0x4, 0x6, 0xc}, {0x5, 0x5, 0x6, 0x9}, {0x3, 0x3, 0x5, 0xb}, {0x2, 0x1, 0xd, 0x5}], 0x10, 0xffffff8d}, 0x90)
accept4$x25(r1, &(0x7f0000000080)={0x9, @remote}, &(0x7f0000000100)=0xffffffffffffffd0, 0x80000)

5.051908828s ago: executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_emit_ethernet(0x36, &(0x7f0000000000)=ANY=[@ANYBLOB], 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0)
mount(&(0x7f0000000000)=@nbd={'/dev/nbd', 0x0}, 0x0, &(0x7f0000000200)='omfs\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$MEDIA_IOC_G_TOPOLOGY(0xffffffffffffffff, 0xc0487c04, 0x0)
sched_setaffinity(0x0, 0xffffffffffffffca, &(0x7f0000000040)=0x10001)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
fanotify_init(0x0, 0x0)
socket$can_j1939(0x1d, 0x2, 0x7)
creat(0x0, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x80383, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x40, 0x0)
r2 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_int(r2, 0x107, 0x11, &(0x7f0000005640)=0x42, 0x4)
setsockopt$packet_tx_ring(r2, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x0, 0x6}, 0x1c)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000600)={0x14}, 0x14}}, 0x0)
r4 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0)
sendmsg$TIPC_NL_MON_SET(r0, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000300)={0xa4, 0x0, 0x0, 0x0, 0x25dfdbff, {}, [@TIPC_NLA_PUBL={0x2c, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0xd81f}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x7}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x3d}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x10000}, @TIPC_NLA_PUBL_TYPE={0x8}]}, @TIPC_NLA_SOCK={0x14, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x2}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x119}]}, @TIPC_NLA_MEDIA={0x50, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_PROP={0x1c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x8000}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x9}]}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x1}, 0x8010)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r4, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
syz_mount_image$nilfs2(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x3200c00, &(0x7f0000000100)=ANY=[@ANYRES8=0x0, @ANYRES16], 0x3, 0xa73, &(0x7f0000003cc0)="$eJzs3U2MG1cBAOA33vUmm6TEKQldktAm/LTlp7vNZgk/ETRVcyFqKm6VKi5RmpaINCBSCVpVIsmJG62qcIUiTuVQAUJqLyjqiUslGolLT4UDB6IgVeIAhcRove95xy92x/uTtb3+Punt85s39nszOzMez8x7LwBjq9b6u7AwU4Rw5a1Xj//j/r9PL055pD1Ho/V3spSqhxCKmJ7MPu/9iaX45gcvne4WF2G+9TelwxM32u/dHkK4GA6Eq6ER9l659so784+fvHTi8sF3Xz96/c4sPQAAjJdvXz26sOevf96368M37j0WtrSnp/PzRkzviOf9x+KJfzr/r4XOdFEKZVPZfJMx1LL5JrrMVy6nns032aP8qexz6+38fR3zbakof6I0rdtywyhL23EjFLXZjnStNju79Js8tH7XTxWz58+ee+bCgCoKrLt/3RdCOCCsNDSbzZ+0VuAQ1EUQVhuaOwd9BAJYkt8vvM3F/MrC2rQ/bbK/8m88Wuv+flgHG739K3+0yv/1JUcc1s9m3ZrScqX9aEdM5/cR8ueXVrr/p8/L70fU+6xnr/sIo3J/oVc9Jza4HqvVq/75drFZfSPGaT18M8sv7z/5/3RU/sdAd//eqOv/r00P/FrnYjgwBHXY1KE+BHUQ+g7NQR+AgKG1/NzckmaU8vPn+vL8LRX5Wyvypyvyt1Xkb6/Ih3H2++d/Fl4uln/n57/pV3o9LF1nuyvGH1thffLrkSstP3/ud6XWWn7+PDEMszdPPXnmq08/dW3p+f+ivf3fitv7gZhuxH3rapwhXS/Mr6u3n/1vdJZT6zHf3Vl97rpt/uZSibs75yt2L39OKB1nbqvHTOf7dvaab3/nfI1svukYtmb1zc9PtmXvS+cf6bia1tdktrz1bDmmsnqk48quGOf1gNVI22Ov5//T9jkT6sUzZ8+deTim03b6p4n6lsXph8of+puNqTuwNv22/5kJne1/drSn12vl48LO5elF+bjQyKbPLyXbt8nT9MMxnb7nvjsx3Zo+e/r7555e74WHMXfhhRe/d+rcuTM/9CK9mLZavPCi6sixWZ8chPEx9/xzP5i78MKLD5197tSzZ549c/7wkSOH5+ePfO3wwlzrvH6ufHYPbCbLX/qDrgkAAAAAAAAAAADQrx+dOH7tL29/5b2l9v/L7f9S+//05G9q///TrP1/3k4+tQpI7QB3dclvjbv3Zmc9prL56jF8PKvv7qycPdn7PhHj9jh+sf1/am+f9+ua6nNPNj3vvzfNl3UncFt/KVNZHyTt8QJjg/1Px/TlGP8qwAAV090nx7iqf+u0raf+KfRLMZrS/y1tDakfk9T+u1e/Tun4v2sD6sj624jmhINeRqC7fw79+J+lM/GB1+UjQ7M5+DqsPQz/ehbWMTSbRvEAhsOgx/9M1z1TfP6P39q6GNJsNx7tPF7m/ZfCWgz7+JPK31zjf7bHv+vr+Neld/WOfp77H13hP7+4/l6p2LC33+NvvvypH+jd1WWWfRjLT8v/QOiv/OZrWfn5DaE+/Tcrf1uf5d+2/PtXV/7/YvlptT34mX7LX6pxUeusR37dON3/y68bJzez5U99e654+Vc5UOOtWD6Ms97jzPY7gu1wGpXxf3vJn8P4ckynA2F6ziH/Rl5p/dPzFel7YE/2+UXF99uojFPcy7iP//v1GFftD2n837Q9Nrqka6V0vcu6HfVtBTab94f+/t+IhYtDUAdhSMNwjIFdDs1mc6AdeetFfLAGvf4Hffd50OUPev1Xycf/zc/h8/F/a9kPiHz83/z9+fi/eX4+vl6en4//m6/PfPzfPP+e7HPzK9gzFfmfrMjfW5G/bzl/ulv+/or3f6oi/2BF/r0V+fdV5N9dkT9Rkf/ZivzPVeTfX5H/YEX+5yvyN7tWe5TSTjVuyw/jLG+fZ/+H8ZHu//Ta/3dX5AOj6+dvHHrsqd99p7HU/n+q/Xst3cc7FtP1+Nv5xzGd3/cOpfRi3tsx/bcsf9ivd8A4yfvPyL/fH6jIB0ZXes7L/g1jqOjeY09+v61Xv1W9zvMZLV+I8Rdj/KUYPxTj2RjPxfhQjOc3qH7cGY/99g9HXy6Wf+/vzPL7fZ48bw+U9xN1uM/65NcHVvo8e96P30qttfxVNgcDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYmFrr78LCTBHClbdePf7kybNzi1Meac/RaP2dLKXq7feF8HCMJ2L8y/ji5gcvnS7Ht2JchPlQhKI9PTxxo13S9hDCxXAgXA2NsPfKtVfemX/85KUTlw+++/rR63duDQAAAMDm9/8AAAD//6ZSGwg=")
mkdir(&(0x7f0000000240)='./file0/file0\x00', 0x0)
read$FUSE(r4, &(0x7f000000c3c0)={0x2020, 0x0, <r5=>0x0}, 0x2020)
write$FUSE_INIT(r4, &(0x7f0000000240)={0x50, 0x0, r5, {0x7, 0x1f}}, 0x50)
syz_fuse_handle_req(r4, &(0x7f00000041c0)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea2105600000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000170000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x1e9000, 0x5)

4.683211815s ago: executing program 2:
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000dc0)='rcu_utilization\x00', r0}, 0x5e)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
pipe(&(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
splice(0xffffffffffffffff, 0x0, r3, 0x0, 0x8000f28, 0x0)
splice(r2, 0x0, r1, 0x0, 0x7f, 0x0)

3.594064361s ago: executing program 4:
syz_mount_image$hfs(&(0x7f0000000140), &(0x7f0000000280)='./bus\x00', 0x0, &(0x7f0000002700)=ANY=[], 0x1, 0x275, &(0x7f0000000980)="$eJzs3T9v00AYx/HfOaEEWhX3D6qEmAqVmFBbFsSChPIOWJgQ0ASpIioSFAmYCjPiBbDzFngRTIgZiY2JF5At6M7nxgl2bKKmF5fvR0rqxPfYz8W++h5XVQTgv3Wv/fPzrV/2YaSGGpLuSJGkltSUdFkbrVcHh/uHvW5n0oYaLsI+jJJI81ebvYNuXqiNcxFebF81tZR9D7PR+hE6A8wDN/pzRNJ5Pzrd+tapZzYbR6ETCMz01ddrLYfOAwAQlr/+R/46v+Tn71EkbfnL/uj1v+YX0H7oBALLXP9dlTUw9vhecquG9Z4r4ez6KK0Sp9nXgpIza2SCacqqSpdLdOHpfq97c+95rxPpve56w61o3f3sJKduKpvtu+N3N9KFzZzadILp+77o+nDO9mE3N39p7WT3WM58Nd/MQxPrkzrH87/mwNjD5I5UPHakkvy3i7foehknrQp6ueJ2csXvwZvYy4YKKhKlZ9SKRm8QxGV5uqjVsaikdzslUWu5UbslUevjUcOzuThy1sxH88Bs6re+qJ2Z/0f2095SlZFp27iW/syY2J+maxm7sepH3dHV3JZRee5xeRNU80FPdFvLL9+8ffa41+u+qNVCOqrmJZ+6LaQnwbzkU6uFBVVvbD/kIKmmI2T67QT5rYRTNjzo/xjI32bOCjvvMkn9l6lXtt1kzT7FE+bpg7KNZ7a4U1AbrLrni8UV3Ajjbj0sFldwVWuuazek61X2mIh9nmeEaeu7HnH/HwAAAAAAAAAAAAAAAAAAoG5O7l8OWipaFbqPAAAAAAAAAAAAAAAAAAAAAADU3dx9/+99Ja/4/l9g5v4EAAD//9G4ctM=")
socket$netlink(0x10, 0x3, 0x0)
bind$netlink(0xffffffffffffffff, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x4)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x9ad}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x0, 0x0)
sched_setscheduler(0x0, 0x0, &(0x7f0000000080)=0x7)
mkdir(&(0x7f0000000400)='./file1\x00', 0x0)
r3 = openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0)
symlinkat(&(0x7f0000000140)='./file0\x00', r3, &(0x7f0000000000)='./file0\x00')
syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0)
r4 = syz_open_dev$dri(&(0x7f00000008c0), 0xd21, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r4, 0xc04064a0, &(0x7f00000001c0)={0x0, &(0x7f00000000c0)=[0x0], 0x0, 0x0, 0x0, 0x1})

3.583113994s ago: executing program 2:
socket$nl_xfrm(0x10, 0x3, 0x6)
r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000001380)=0xa0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000040)={@hyper})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
sendmsg$netlink(0xffffffffffffffff, 0x0, 0x0)
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r0, 0x7a8, &(0x7f00000000c0)={{@hyper}, @any, 0x0, 0x0, 0x3})
ioctl$IOCTL_VMCI_QUEUEPAIR_SETPF(r0, 0x7a9, &(0x7f00000001c0)={{@hyper}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x400})
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_GET(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x24, 0x4, 0x8, 0x101, 0x0, 0x0, {}, [@CTA_TIMEOUT_L3PROTO={0x6}, @CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x11}]}, 0x24}}, 0x0)

2.532440901s ago: executing program 1:
mkdir(&(0x7f0000000180)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
socket$netlink(0x10, 0x3, 0x0)
bind$netlink(0xffffffffffffffff, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x4)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x9ad}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x0, &(0x7f0000000080)=0x7)
mkdir(&(0x7f0000000400)='./file1\x00', 0x0)
r3 = openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0)
symlinkat(&(0x7f0000000140)='./file0\x00', r3, &(0x7f0000000000)='./file0\x00')
r4 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0)
r5 = syz_open_dev$dri(&(0x7f00000008c0), 0xd21, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r5, 0xc04064a0, &(0x7f00000001c0)={0x0, &(0x7f00000000c0)=[<r6=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCRTC(r5, 0xc06864a1, &(0x7f00000003c0)={0x0, 0x0, r6, <r7=>0x0})
ioctl$DRM_IOCTL_MODE_GETFB2(r5, 0xc06864ce, &(0x7f0000000440)={r7})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r4, 0xc02064b2, &(0x7f0000000040)={0x3ff, 0x2, 0xb5})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r4, 0xc00c642d, &(0x7f0000000080)={0x0, 0x0, <r8=>0xffffffffffffffff})
ioctl$DRM_IOCTL_MODE_GETFB2(r8, 0xc06864ce, &(0x7f0000000280)={r7, 0x0, 0x0, 0x0, 0x1, [<r9=>0x0], [], [], [0x0, 0x0, 0x3]})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r5, 0xc00c642d, &(0x7f0000000100)={r9})
ioctl$DRM_IOCTL_MODE_GETFB2(r5, 0xc06864ce, &(0x7f0000000340)={r7, 0x0, 0x0, 0x81, 0x0, [], [0x0, 0x0, 0x80000], [], [0x0, 0x8000000000000, 0x5c17, 0x1]})
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r5, 0xc00c642e, &(0x7f0000000300))

2.456047257s ago: executing program 2:
accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8001, 0x20000008f}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_procfs(0x0, 0x0)
write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000000c0)=0x4)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.throttle.io_service_bytes_recursive\x00', 0x275a, 0x0)
quotactl_fd$Q_SETINFO(r3, 0x0, 0x0, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x5})
fanotify_init(0x0, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
fsopen(&(0x7f0000000100)='devtmpfs\x00', 0x0)
r4 = socket(0x1d, 0x3, 0x1)
getsockopt$nfc_llcp(r4, 0x65, 0x0, 0x0, 0x200000b1)
r5 = syz_open_dev$dmmidi(&(0x7f0000000200), 0x2, 0x0)
ioctl$SNDRV_RAWMIDI_IOCTL_PARAMS(r5, 0xc0305710, &(0x7f0000000000)={0x1, 0x1, 0x8000000000000000})
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
syz_open_dev$tty20(0xc, 0x4, 0x1)
r6 = socket$nl_rdma(0x10, 0x3, 0x14)
ioctl$TIOCSPGRP(0xffffffffffffffff, 0x5410, 0x0)
sendmsg$RDMA_NLDEV_CMD_RES_CQ_GET(r6, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x0)

1.475947974s ago: executing program 2:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_emit_ethernet(0x36, &(0x7f0000000000)=ANY=[@ANYBLOB], 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0)
mount(&(0x7f0000000000)=@nbd={'/dev/nbd', 0x0}, 0x0, &(0x7f0000000200)='omfs\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$MEDIA_IOC_G_TOPOLOGY(0xffffffffffffffff, 0xc0487c04, 0x0)
sched_setaffinity(0x0, 0xffffffffffffffca, &(0x7f0000000040)=0x10001)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
fanotify_init(0x0, 0x0)
socket$can_j1939(0x1d, 0x2, 0x7)
creat(0x0, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x80383, 0x0)
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0)
r2 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_int(r2, 0x107, 0x11, &(0x7f0000005640)=0x42, 0x4)
setsockopt$packet_tx_ring(r2, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x0, 0x6}, 0x1c)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000600)={0x14}, 0x14}}, 0x0)
r4 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0)
sendmsg$TIPC_NL_MON_SET(r0, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000300)={0x9c, 0x0, 0x0, 0x0, 0x25dfdbff, {}, [@TIPC_NLA_PUBL={0x2c, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0xd81f}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x7}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x3d}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x10000}, @TIPC_NLA_PUBL_TYPE={0x8}]}, @TIPC_NLA_SOCK={0x14, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x2}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x119}]}, @TIPC_NLA_MEDIA={0x48, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_PROP={0x14, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x9}]}]}]}, 0x9c}, 0x1, 0x0, 0x0, 0x1}, 0x8010)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r4, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
syz_mount_image$nilfs2(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x3200c00, &(0x7f0000000100)=ANY=[@ANYRES8=0x0, @ANYRES16], 0x3, 0xa73, &(0x7f0000003cc0)="$eJzs3U2MG1cBAOA33vUmm6TEKQldktAm/LTlp7vNZgk/ETRVcyFqKm6VKi5RmpaINCBSCVpVIsmJG62qcIUiTuVQAUJqLyjqiUslGolLT4UDB6IgVeIAhcRove95xy92x/uTtb3+Punt85s39nszOzMez8x7LwBjq9b6u7AwU4Rw5a1Xj//j/r9PL055pD1Ho/V3spSqhxCKmJ7MPu/9iaX45gcvne4WF2G+9TelwxM32u/dHkK4GA6Eq6ER9l659so784+fvHTi8sF3Xz96/c4sPQAAjJdvXz26sOevf96368M37j0WtrSnp/PzRkzviOf9x+KJfzr/r4XOdFEKZVPZfJMx1LL5JrrMVy6nns032aP8qexz6+38fR3zbakof6I0rdtywyhL23EjFLXZjnStNju79Js8tH7XTxWz58+ee+bCgCoKrLt/3RdCOCCsNDSbzZ+0VuAQ1EUQVhuaOwd9BAJYkt8vvM3F/MrC2rQ/bbK/8m88Wuv+flgHG739K3+0yv/1JUcc1s9m3ZrScqX9aEdM5/cR8ueXVrr/p8/L70fU+6xnr/sIo3J/oVc9Jza4HqvVq/75drFZfSPGaT18M8sv7z/5/3RU/sdAd//eqOv/r00P/FrnYjgwBHXY1KE+BHUQ+g7NQR+AgKG1/NzckmaU8vPn+vL8LRX5Wyvypyvyt1Xkb6/Ih3H2++d/Fl4uln/n57/pV3o9LF1nuyvGH1thffLrkSstP3/ud6XWWn7+PDEMszdPPXnmq08/dW3p+f+ivf3fitv7gZhuxH3rapwhXS/Mr6u3n/1vdJZT6zHf3Vl97rpt/uZSibs75yt2L39OKB1nbqvHTOf7dvaab3/nfI1svukYtmb1zc9PtmXvS+cf6bia1tdktrz1bDmmsnqk48quGOf1gNVI22Ov5//T9jkT6sUzZ8+deTim03b6p4n6lsXph8of+puNqTuwNv22/5kJne1/drSn12vl48LO5elF+bjQyKbPLyXbt8nT9MMxnb7nvjsx3Zo+e/r7555e74WHMXfhhRe/d+rcuTM/9CK9mLZavPCi6sixWZ8chPEx9/xzP5i78MKLD5197tSzZ549c/7wkSOH5+ePfO3wwlzrvH6ufHYPbCbLX/qDrgkAAAAAAAAAAADQrx+dOH7tL29/5b2l9v/L7f9S+//05G9q///TrP1/3k4+tQpI7QB3dclvjbv3Zmc9prL56jF8PKvv7qycPdn7PhHj9jh+sf1/am+f9+ua6nNPNj3vvzfNl3UncFt/KVNZHyTt8QJjg/1Px/TlGP8qwAAV090nx7iqf+u0raf+KfRLMZrS/y1tDakfk9T+u1e/Tun4v2sD6sj624jmhINeRqC7fw79+J+lM/GB1+UjQ7M5+DqsPQz/ehbWMTSbRvEAhsOgx/9M1z1TfP6P39q6GNJsNx7tPF7m/ZfCWgz7+JPK31zjf7bHv+vr+Neld/WOfp77H13hP7+4/l6p2LC33+NvvvypH+jd1WWWfRjLT8v/QOiv/OZrWfn5DaE+/Tcrf1uf5d+2/PtXV/7/YvlptT34mX7LX6pxUeusR37dON3/y68bJzez5U99e654+Vc5UOOtWD6Ms97jzPY7gu1wGpXxf3vJn8P4ckynA2F6ziH/Rl5p/dPzFel7YE/2+UXF99uojFPcy7iP//v1GFftD2n837Q9Nrqka6V0vcu6HfVtBTab94f+/t+IhYtDUAdhSMNwjIFdDs1mc6AdeetFfLAGvf4Hffd50OUPev1Xycf/zc/h8/F/a9kPiHz83/z9+fi/eX4+vl6en4//m6/PfPzfPP+e7HPzK9gzFfmfrMjfW5G/bzl/ulv+/or3f6oi/2BF/r0V+fdV5N9dkT9Rkf/ZivzPVeTfX5H/YEX+5yvyN7tWe5TSTjVuyw/jLG+fZ/+H8ZHu//Ta/3dX5AOj6+dvHHrsqd99p7HU/n+q/Xst3cc7FtP1+Nv5xzGd3/cOpfRi3tsx/bcsf9ivd8A4yfvPyL/fH6jIB0ZXes7L/g1jqOjeY09+v61Xv1W9zvMZLV+I8Rdj/KUYPxTj2RjPxfhQjOc3qH7cGY/99g9HXy6Wf+/vzPL7fZ48bw+U9xN1uM/65NcHVvo8e96P30qttfxVNgcDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYmFrr78LCTBHClbdePf7kybNzi1Meac/RaP2dLKXq7feF8HCMJ2L8y/ji5gcvnS7Ht2JchPlQhKI9PTxxo13S9hDCxXAgXA2NsPfKtVfemX/85KUTlw+++/rR63duDQAAAMDm9/8AAAD//6ZSGwg=")
mkdir(&(0x7f0000000240)='./file0/file0\x00', 0x0)
read$FUSE(r4, &(0x7f000000c3c0)={0x2020, 0x0, <r5=>0x0}, 0x2020)
write$FUSE_INIT(r4, &(0x7f0000000240)={0x50, 0x0, r5, {0x7, 0x1f}}, 0x50)
syz_fuse_handle_req(r4, &(0x7f00000041c0)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea2105600000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000170000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x1e9000, 0x5)

1.158872176s ago: executing program 1:
gettid()
timer_create(0x0, &(0x7f0000533fa0), 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
r1 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r1, 0x40045532, &(0x7f0000000580))
syz_open_dev$sndpcmp(&(0x7f0000000b00), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
read$msr(0xffffffffffffffff, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$igmp6(0xa, 0x3, 0x2)
r2 = socket$inet6(0xa, 0x3, 0x8000000003c)
connect$inet6(r2, &(0x7f0000000140)={0xa, 0x0, 0x0, @local, 0x4}, 0x1c)
sendmsg(r2, &(0x7f00000000c0)={0x0, 0x952c, &(0x7f0000000100)=[{&(0x7f0000000000)="2b10", 0xffbd}], 0x1, 0x0, 0x0, 0x2c}, 0x4)
close_range(r0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0xd, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x1, 0x0, 0x3, 0x9, 0x1, 0x64}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0x98, &(0x7f00000000c0)=""/152}, 0x80)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000680)={0x6, 0x1a, &(0x7f0000000480)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0xaf20, 0x0, 0x0, 0x0, 0x2}, {}, {}, [@initr0={0x18, 0x0, 0x0, 0x0, 0x4}, @cb_func={0x18, 0xb, 0x4, 0x0, 0xfffffffffffffffe}, @generic={0x7f, 0xb, 0xa, 0x1ff, 0x10000}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x3}, @call={0x85, 0x0, 0x0, 0x6c}, @ldst={0x0, 0x1, 0x3, 0x3, 0x2, 0xffffffffffffffec}, @map_fd={0x18, 0xb}, @call={0x85, 0x0, 0x0, 0x32}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}}}, &(0x7f0000000040)='syzkaller\x00', 0x81, 0x89, &(0x7f00000005c0)=""/137, 0x41100, 0xb, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000180)={0x1, 0x5}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], 0x0, 0x10, 0x20}, 0x90)

982.8859ms ago: executing program 1:
r0 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f00000000c0)={'vxcan1\x00', <r1=>0x0})
bind$can_j1939(r0, &(0x7f0000000100)={0x1d, r1, 0x0, {}, 0xfe}, 0x18)
sendmsg$can_j1939(r0, &(0x7f0000005cc0)={&(0x7f00000009c0), 0x18, &(0x7f0000000d40)={&(0x7f0000004cc0)="0ddceb6a8ee63590325b46f2e04295621cfc5a4f8ee8fb24b27d1153389daaead8b1e623db192c792fd78a394874c019f8c3b110f1c9b70803749e629d2f4c4a7078e209e0113f32aefa91c65c88c072adc25dc2f4c262cd4835d777c05f6a7c2c38453a8ffa09660dd7b25a35a1008d67af807eda553a1361303a39d05d13cf11f2678b4e158db0dac90a63c7fa78c6434359caa4fe2ca96c57d2e2950ed8cc631e9fe94535a861140550c91a194747a29102d7d7523a76280f00a6734f3996759f774188cb7a826ac7f15917f6bc483b6ed07e047978796966c430b908172f668780e81d3575c21ad1a6f81cc5ceefcdeaa0c91e77d4f72b83d3ce3fdcbff0a0e1f4a97ed676346b1ffcfb1a9aa63026ddf6325da89c22b92169eb0331901f94c7dde58aab112312da739a22e6cc978f8667eda56d03778bbd58a302a02611d1a33836d73e1241dd4ede7991feac00fe64025f41991a502dbc28f175eaf6e9ddfed661b41873f064ee17a8b2cdc879d129587d2b636ebd2779fb25b7c7797d99f0e9059201d7286e9e8ab51c223c5cbf9c68882e3064558bc4315d26f44e6e8c5a764f9ef3c3556dc5678f42938205a68e271f78af91e89fb2e9d486640114663b839c05ca8a29620b4125e98213cd346c2472a1df75e1dd032eb856132b73c4d68ad4dc06c340e03ea75d077fed6f2e41a616c9d9ecedf46204537a35bedf2978d5812c469e07443f7ecedc3697084f98019ccb9d9fbd6a034ee45753838380aa39fe143b2dd49a32052fd399c0b34742bac7af796e3e021b6343e7b612b9c6922635a4f582c0589dfa339923e7146016d8d654e087e2f7bb19a3c74942baddeace9046772a4dab73ae09340b4c12e5384e644aaf3c266d75414f465db8a02bb84c349757dc9e95b2b2439a78e172404a01dbce4909db9c0d0027e5686cacd5a1a649996d6213501c8a8ee5e666fb31e91c6b1100c00c8b453d28efac0fae3eecc8b71a81169ebf510c1f7587f268c3e7b95df23fdeec599c441282fc5125c09bf872872f8f50abe866f5b3cfd96eb61da12fd208b02f98b2213d6cdf4c518dce2beb4c713b00f3452b1f6dc27c60712b50add466bcc61745e6f11e16cd0da8c6d98967462009845b5d65da139bbef151283d778cb5973a5f63bf37ebc9263ac82ad7fc253c8910a8147f08b5a5e0a4675b44ad78ecad432c6c3910581387f654bf56accb14f202f4b7343d6d796898d31c2c39e299e46e145eb23ac52ae1d9c31ed9105cd34f00e110633612f4472793a5f2a19bce685bed55b5e4c08ab2167981d919e18be7297a87922592696a11d700e7e3b4bd8fd0790e0078dbcf44f9074bd08385f125faa2eeeff5b726e0d8966af31b883f3d18ba76c4e6ef058c59adec4c5fca684c8ae4526134be5811c2292426a3ec841b15dc458ce9013d65c92d6c3f22965d1ef5ff4263d0eee5f2dfb5eda39add59dab3dd1ab2846ed6e39bf4c855785e8f1fd1586acf7332e3027acc387b68dd27fd0cb314b378068660957c2605443acd96d6e2bc6a3f255bf868e0dff3b1e91231eb15fc8fb4c695ce5879e9878b4b8031edc2fa4870a8616220f8f08bf44b887ff650d80e87c1f0fa12d1d2316767b634167444324cfb787123948acd527e9ad56a6424f71a49ccbbda4dc94ae7245b27055521efd8cbd5eac9ee4fd6b9a0c383a3431d4edb684c4655e068465e0d0269027f82420bc5eeb57c476c9580bfac5e9a3cf2344dad57519824cb014af827d4f0cbfe113cc86145d75b88bb9669a5045a8b0b38c9a06b2eb26872be930500d4379f6a2a7250fd6e4fe6987e40e3a3e96332273110df9d23dea86d0725b17b182bbffc903a77d799cb5552ba95564ae9bb166aecccc557a39e723fc0aaf82dd2e672a9c88252753d7d36abf90df46a6549f71f28498b77e9c793cb2b65ecea067717356a51312706f9a927bdee47119876d4b3195e3eb50a28fa8158d114550dda53b5b321237fe24b3b0f49be1dfef19379337c1d1521b23a4e6c87f28f07aa7e7ee32dacbf297023359276c3d4d29f53718f3148eb53cc3f8845fca1ce93c5775a775bbb55d0e41a710ca229f8f1707e6131bd0735a6c8789a207cf2540eac3faaa0284742f57fe53e166c9c196082c24680e2d2c77a77be5934a19d2151cf7ee11d31ca320b7c05b35055725194d04d45a0e3064294f7769ab71b0431089d8b52221de936c075ba489b889064ee94d3a283e37f3f033146b7a2b185fda3d5cd0e779eab24d61accc299e2ac2f1343ae2cff92c9bfb83e6bea76ce906b1360658c5bf0172f7e569eb4376608bec69de391cab9d92715c3fbc2fe9f1c7d66e2f0e0a4274b424030d66176ea35f81261c1ef072eb9a883155e724054848bb4d5d44fe372a2790e8a9219411d7105c1f3c07b0d98f3428e82ea0cbd1dc14405bf614eba00d9a94e73c42f133a482a4d8a155068ff1cab4fe3b6eca3740ae02c08e5c2937db880a7ca5c036773fb8c2a791164a2ba7214fecfccae89fe90f84065d8e33559aea7b143660e2fee4260a5f4129b2ff8991679605d6efaae6274ba974fd088aba8f4f7103ee23037dbb090a3da7e876fcb41885999854ae680b739df5fd1b3c0abe184db8ccf73381b2a01fd60d946413f165289823f802ce7ad044be3195672e3c72e07240368b6b2335477928cbe6bd0b4525dfe0cbc5d1784d7f25ddf210530b0c0e0184d7d94f5676722f95bcc70eda3e6dfa3162121e363caf8d46ab789802fe6004c096b4e49eff1fdcdf4782dfe1962d61e5e44a60a5b0b380bf5e55fca1b48882b11caab64d2dc7c941567183e8fb3776e4688e54f9d3828ddcb038a229c8d9b1fc536619208d2bf82183fb193da32e218c88a5a030337a8f8f4914e7a9b8421055e254dd2629894d768147d440173f0ccac0bd1bcd6261c4f8af6ea4d6afb93d26a1024a754e538f8818d90e14fbc70ab5f5f228bea5dd04e7aa7ceb1c0c06d98b0f1e700e03afb25e0b4858726594334c171115a6cf980de7d0b10744b93583cd294f37d7c7d519183fc5db477bea4a2db1f6ce8bbd0e0c9b4aaa7a2902a0da59a944cc10618aa94e1c3a14434e10798bbff0291993c343071fa7895c3bdb2a13cf8ce50f7a67924d3fd8149396d51eac2d7fbb95c4f568928e48f5c7c6f018b55c44d65d0f9efc9d6aebf86dfde444a2ab1e628cbb5cd5c383cb35b7fbf8ad8e430bedd61fff917e4f9bd33a6b1ec0d5f19bbec46dea70f668be12aa264c4fb5ae6fb5fc4f7f724068d8591081d6f2ec27be692d822f9e29168ee2793753820e0e753fb0a603c6cb88912969d4db18075de1a04d45ccbfb8cfe45108919197312d35bafb5646e34f03519e2af908c1c22ae82e0414612de5a39622d396ac05264afb371ff610c1b0e76a427edabf1c73781f7683814cd221a2fa452ac88fd87d213fa1d785eab5f512475e82aeac492f0801504fbe5787c48a16e82c9106ed70cf31a2c93969c0e77b33a8fe84c40f22169e07b544289927b46e048774092555379892e0ed3e1e34794b443afd96e0d47b2dcd23cc256cfebdbdf6f47c0f792c7bea64e90eeaf2929a92956415e62a0f9051421a85ad363ce6e7aec1aa6fef578ad62aade43ab9b879489fa8c7883234001f0576bfc02ec0a6557a0d9904881f86de0b96f54b60e4aaaa67ddb0ae37ea8c536f034323e076f43acaf24396c76b6d67023d794dfe43a3d921f436b32e2fe6dd65ee65e5c62c63fafb467d195eb416f81e578d51d7af3d87e64a129366c5d356b8a981bb09612f9c40f22807e5bd85b294b4e710d4eafaa11f30f1d335de7f59ee57a48ad25061fd635a898837484d781f53ef60b5831cd2994db0d452f481d4d872613751a19872785224189138615e75df8a6d40d8fd9fb58061ce36d74c06245ffee9d968def36456ebc7f08a19474e2eae75738928c1f14514f59b291c950408ac41e2023a13fed14f4ff9f99c7560bc8217ea76150b7b35a6b91c1cd7367bffa34cdd47f17f0066a8d03d9e78d66c1515ac6d89bc9ec377e1ddb7332df96ac6e3cb0ef4bfd05263c65e2c8af66a297f02d4a22012d7752601046cc9072c3b6027ea3456f1c67348407678cc8facc9a55de8363f04cd0b8d2d7ff58672801590772b8afe2e1ff11d9d94a1653b03176ead48868202590615dd301f339f360fda8196c994df5bb9a0d2891463042a45449e87d9e5a1f0286c635b4a52307b8c23c51d5659193fb63ff9b5fa9defc8f4de8322f8490beae14301408c1957d7d1f72c6c8ee3c332ba7e004a4b6816fdddaa3aa4deebb02d76130324f6f89b6986fc862649fda000fe925bf2665a6acf6e3d627d295d35e30273a55e621097a43ab4e52b4faee42982ff4ecc1e53b57a27592db171568345ba0dfd89a4b8bc360a383a82ab1b37b3933f776b0a231d92e269a1d66da98755447849f06dccec3884bf1c49118917b1a91f95f06bf7af31ca1faad192bd9f917f4ad072ba78db952389758cb8dc847ecaa491b59f8c547e170adbe80025a895eda1cbd57f3dc8aa165a828dbf8acccd4b59bca4ab7caaa17379187fda7d7e015fe063f0a8fb307a08bb2a54b44dd0ad46a585c21f614a4ec30975accc83e0ff89c8c3508bcdf4a86276898c9417d54cdd195af6fe01cbec9cc917f1578994d273ac414618cab1f55572351cf540e923880f9b3a7d4470aacd766d3bb956d0395eaf66aee6f82f3331cf74c41eb1dfbe35368c4686c37f0d73b52225f43d3e99a9f4cd75a36a59d9ca1643072a5049f7ac95d5fe13cdf00a64a8bdbe0bc3ed3908a835128416c8119b8ebb93e8a7cd763683b843fa0a424ce516d706cf269492e74fd8b20d333e1b216d5c7819942caff8181b0e01235f47aa3935d306757b47f6bc8248e8cd85cf350ad5eadcc0060af9b40fe8507597f219193f24bdc25231e35c6e196da298d6019b535cd6dc43f1499066dccd38a80a1f66a35093b90aec2a74157b4881f16fdf4a24f09afaa3d20d276d74c5c6d10", 0x6fffff9}}, 0x0)
connect$can_j1939(r0, &(0x7f00000002c0)={0x1d, r1}, 0x18)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=@getchain={0x24, 0x11, 0x1}, 0x24}}, 0x0)

728.268123ms ago: executing program 3:
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x88, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x3ffffffffffffda, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000000)='kfree\x00'}, 0x10)
r4 = add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f0000000080)={'fscrypt:', @desc2}, &(0x7f00000000c0)={0x0, "f1a117462d3589e67197f90bf6e423ceb0ab4912f9f6a31854ec98e950cfed21fcad7ff0fbcb566a0982f8938caa52dd8d00000020000000009300", 0x24}, 0x48, 0xffffffffffffffff)
add_key$fscrypt_v1(&(0x7f0000000400), &(0x7f0000000440)={'fscrypt:', @desc1}, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$KEYCTL_MOVE(0x4, r4, r4, 0x0, 0x0)

303.53325ms ago: executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB, @ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r1, &(0x7f00000021c0)={0x2020, 0x0, <r2=>0x0}, 0x2020)
write$FUSE_INIT(r1, &(0x7f0000000040)={0x50, 0x0, r2, {0x7, 0x1f}}, 0x50)
syz_fuse_handle_req(r1, &(0x7f000000e3c0)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000d838aae8c05dd22d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x20c01, 0x0)
io_setup(0x202, &(0x7f0000000200)=<r4=>0x0)
io_submit(r4, 0x1, &(0x7f0000000700)=[&(0x7f0000000440)={0x18, 0x7000000, 0x4, 0x1, 0x0, r3, &(0x7f0000000180)='\x00', 0x1}])
dup3(r0, r1, 0x0)

202.604822ms ago: executing program 2:
syz_open_dev$ttys(0xc, 0x2, 0x0)
r0 = socket$inet6_dccp(0xa, 0x6, 0x0)
syz_open_dev$sndmidi(&(0x7f0000000300), 0x2, 0x0)
r1 = syz_io_uring_setup(0x5169, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000240), &(0x7f0000000000)=<r2=>0x0)
syz_io_uring_setup(0x5e2, &(0x7f0000000280), &(0x7f0000000040)=<r3=>0x0, &(0x7f0000000140))
syz_io_uring_submit(r3, r2, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xfffffffffffffe54})
io_uring_enter(r1, 0xb15, 0x0, 0x0, 0x0, 0x0)
syz_open_dev$ptys(0xc, 0x3, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

47.189706ms ago: executing program 2:
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000380)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=[{0x10}, {0x10}], 0x20}})
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f00000001c0)={0xa, 0x4e22}, 0x1c)
sendto$inet6(r0, 0x0, 0x0, 0x200008d4, &(0x7f000072e000)={0xa, 0x4e22, 0x0, @loopback}, 0x1c)
r1 = socket$nl_audit(0x10, 0x3, 0x9)
sendmsg$AUDIT_TRIM(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000080)={0x10}, 0x10}}, 0x0)
recvmmsg(r1, &(0x7f00000021c0)=[{{&(0x7f0000000240)=@pppol2tp={0x18, 0x1, {0x0, <r2=>0xffffffffffffffff, {0x2, 0x0, @initdev}}}, 0x80, 0x0}}], 0x1, 0x0, 0x0)
r3 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r3, &(0x7f00000014c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[@ANYBLOB="020d00001400000000000000000000000800120000000200b56b6e000000000006002b00000000000000000000000000e0000002000000000000000000000000ff020000000000000000882025a4000105000500000000000a00000000000000fe8000000000000000000000000000aa000000000000000005"], 0xa0}}, 0x0)
close_range(r2, 0xffffffffffffffff, 0x0)

0s ago: executing program 1:
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000dc0)='rcu_utilization\x00', r0}, 0x5e)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
pipe(&(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
splice(0xffffffffffffffff, 0x0, r3, 0x0, 0x8000f28, 0x0)
splice(r2, 0x0, r1, 0x0, 0x7f, 0x0)

kernel console output (not intermixed with test programs):

dge_slave_1) entered disabled state
[  362.168157][ T2911] bridge_slave_0: left allmulticast mode
[  362.174165][ T2911] bridge_slave_0: left promiscuous mode
[  362.180040][ T2911] bridge0: port 1(bridge_slave_0) entered disabled state
[  362.588295][ T2911] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  362.601077][ T2911] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  362.614751][ T2911] bond0 (unregistering): Released all slaves
[  362.992513][ T8905] loop3: detected capacity change from 0 to 256
[  362.997006][ T8902] loop1: detected capacity change from 0 to 128
[  363.040626][ T8902] VFS: Found a Xenix FS (block size = 512) on device loop1
[  363.079702][ T8905] exFAT-fs (loop3): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x53fda505, utbl_chksum : 0xe619d30d)
[  363.104254][ T8905] exFAT-fs (loop3): bogus allocation bitmap size(need : 2, cur : 17179869186)
[  363.123835][ T8902] sysv_free_block: trying to free block not in datazone
[  363.289380][   T29] audit: type=1804 audit(1719023882.287:30): pid=8902 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir601426156/syzkaller.Pw4Qjf/0/file0" dev="loop1" ino=2 res=1 errno=0
[  363.332099][ T8911] loop2: detected capacity change from 0 to 256
[  363.392434][ T8911] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x53fda505, utbl_chksum : 0xe619d30d)
[  363.449423][ T8911] exFAT-fs (loop2): bogus allocation bitmap size(need : 2, cur : 17179869186)
[  363.656194][ T5102] Bluetooth: hci2: command tx timeout
[  363.790488][ T2911] hsr_slave_0: left promiscuous mode
[  363.828813][ T2911] hsr_slave_1: left promiscuous mode
[  363.835205][ T8466] sysv_free_inode: inode 0,1,2 or nonexistent inode
[  363.849776][ T2911] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  363.883786][ T2911] batman_adv: batadv0: Removing interface: batadv_slave_0
[  363.907718][ T2911] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  363.952101][ T2911] batman_adv: batadv0: Removing interface: batadv_slave_1
[  364.039329][ T2911] veth1_macvtap: left promiscuous mode
[  364.093419][ T2911] veth0_macvtap: left promiscuous mode
[  364.099381][ T2911] veth1_vlan: left promiscuous mode
[  364.104893][ T2911] veth0_vlan: left promiscuous mode
[  365.733247][ T5102] Bluetooth: hci2: command tx timeout
[  367.041985][   T29] audit: type=1326 audit(1719023886.037:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8952 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fbe6b47d0a9 code=0x0
[  367.761937][ T8983] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.4'.
[  367.799678][ T2911] team0 (unregistering): Port device team_slave_1 removed
[  367.814069][ T5102] Bluetooth: hci2: command tx timeout
[  367.880161][ T2911] team0 (unregistering): Port device team_slave_0 removed
[  368.517151][ T8982] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
[  368.629643][ T8881] chnl_net:caif_netlink_parms(): no params data found
[  368.685379][ T8989] loop3: detected capacity change from 0 to 128
[  368.698470][ T8989] VFS: Found a Xenix FS (block size = 512) on device loop3
[  368.818584][ T8989] sysv_free_block: trying to free block not in datazone
[  368.881001][   T29] audit: type=1804 audit(1719023887.847:32): pid=8989 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir3187535921/syzkaller.PCUV3h/38/file0" dev="loop3" ino=2 res=1 errno=0
[  368.905239][    C1] vkms_vblank_simulate: vblank timer overrun
[  369.432369][ T8881] bridge0: port 1(bridge_slave_0) entered blocking state
[  369.472241][ T8881] bridge0: port 1(bridge_slave_0) entered disabled state
[  369.497713][ T8881] bridge_slave_0: entered allmulticast mode
[  369.526228][ T8881] bridge_slave_0: entered promiscuous mode
[  369.595778][ T7947] sysv_free_inode: inode 0,1,2 or nonexistent inode
[  369.675586][ T8881] bridge0: port 2(bridge_slave_1) entered blocking state
[  369.682815][ T8881] bridge0: port 2(bridge_slave_1) entered disabled state
[  369.733339][ T8881] bridge_slave_1: entered allmulticast mode
[  369.769477][ T8881] bridge_slave_1: entered promiscuous mode
[  369.894291][ T5102] Bluetooth: hci2: command tx timeout
[  370.030238][ T8881] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  370.089433][ T8881] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  370.179654][ T9021] Context (ID=0x0) not attached to queue pair (handle=0x0:0x0)
[  370.809517][ T8881] team0: Port device team_slave_0 added
[  370.867210][ T8881] team0: Port device team_slave_1 added
[  371.285361][ T5115] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  371.620051][ T5115] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  371.630366][ T5115] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  371.657170][ T5115] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  371.675601][ T5115] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  371.692119][ T5115] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  371.978295][ T2911] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  372.229632][ T8881] batman_adv: batadv0: Adding interface: batadv_slave_0
[  372.268900][ T8881] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  372.294881][    C0] vkms_vblank_simulate: vblank timer overrun
[  372.313380][ T8881] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  372.326177][ T8881] batman_adv: batadv0: Adding interface: batadv_slave_1
[  372.333323][ T8881] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  372.362082][ T8881] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  372.629909][ T9042] usb usb9: usbfs: process 9042 (syz-executor.3) did not claim interface 0 before use
[  372.640385][ T9042] vhci_hcd: invalid port number 129
[  372.645717][ T9042] vhci_hcd: default hub control req: 0200 v0000 i0081 l0
[  373.225345][ T2911] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  373.437704][   T29] audit: type=1326 audit(1719023892.437:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9043 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff5d2e7d0a9 code=0x0
[  373.447597][ T2911] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  373.551640][ T8881] hsr_slave_0: entered promiscuous mode
[  373.562153][ T8881] hsr_slave_1: entered promiscuous mode
[  373.569293][ T8881] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  373.592858][ T8881] Cannot create hsr debugfs directory
[  373.648650][ T2911] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  373.813646][ T5115] Bluetooth: hci0: command tx timeout
[  374.609900][ T2911] bridge_slave_1: left allmulticast mode
[  374.636613][ T2911] bridge_slave_1: left promiscuous mode
[  374.642414][ T2911] bridge0: port 2(bridge_slave_1) entered disabled state
[  374.830291][ T2911] bridge_slave_0: left allmulticast mode
[  374.852724][ T2911] bridge_slave_0: left promiscuous mode
[  374.863761][ T2911] bridge0: port 1(bridge_slave_0) entered disabled state
[  375.858046][ T9093] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.2'.
[  375.894495][ T5115] Bluetooth: hci0: command tx timeout
[  377.327764][ T2911] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  377.345145][ T2911] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  377.362606][ T2911] bond0 (unregistering): Released all slaves
[  377.407065][ T9090] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[  377.442699][ T9104] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.3'.
[  377.505693][ T9103] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'.
[  377.973417][ T5115] Bluetooth: hci0: command tx timeout
[  378.527190][ T9117] loop3: detected capacity change from 0 to 2048
[  378.813333][ T9122] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  378.836079][ T9033] chnl_net:caif_netlink_parms(): no params data found
[  378.855698][ T1244] ieee802154 phy0 wpan0: encryption failed: -22
[  378.862000][ T1244] ieee802154 phy1 wpan1: encryption failed: -22
[  378.973440][ T2911] hsr_slave_0: left promiscuous mode
[  378.991100][ T2911] hsr_slave_1: left promiscuous mode
[  379.001729][ T2911] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  379.027869][ T2911] batman_adv: batadv0: Removing interface: batadv_slave_0
[  379.056951][ T2911] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  379.068316][   T29] audit: type=1326 audit(1719023898.067:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9123 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fbe6b47d0a9 code=0x0
[  379.076826][ T2911] batman_adv: batadv0: Removing interface: batadv_slave_1
[  379.156180][ T2911] veth1_macvtap: left promiscuous mode
[  379.161742][ T2911] veth0_macvtap: left promiscuous mode
[  379.180108][ T2911] veth1_vlan: left promiscuous mode
[  379.193399][ T2911] veth0_vlan: left promiscuous mode
[  379.209964][ T9129] loop4: detected capacity change from 0 to 256
[  380.053493][ T5115] Bluetooth: hci0: command tx timeout
[  380.747368][ T2911] team0 (unregistering): Port device team_slave_1 removed
[  380.820217][ T2911] team0 (unregistering): Port device team_slave_0 removed
[  380.861302][ T9149] loop4: detected capacity change from 0 to 2048
[  380.941800][ T9150] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  381.101613][ T9146] loop3: detected capacity change from 0 to 32768
[  381.121277][ T9146] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz-executor.3 (9146)
[  381.161162][ T9146] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  381.172728][ T9146] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm
[  381.184482][ T9146] BTRFS info (device loop3): using free-space-tree
[  382.459246][ T7947] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  382.826955][   T29] audit: type=1804 audit(1719023901.827:35): pid=9174 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir3187535921/syzkaller.PCUV3h/53/bus" dev="sda1" ino=1950 res=1 errno=0
[  383.052092][ T9033] bridge0: port 1(bridge_slave_0) entered blocking state
[  383.078745][ T9033] bridge0: port 1(bridge_slave_0) entered disabled state
[  383.115848][ T9033] bridge_slave_0: entered allmulticast mode
[  383.125562][ T9033] bridge_slave_0: entered promiscuous mode
[  383.148882][ T9033] bridge0: port 2(bridge_slave_1) entered blocking state
[  383.162118][ T9033] bridge0: port 2(bridge_slave_1) entered disabled state
[  383.169559][ T9033] bridge_slave_1: entered allmulticast mode
[  383.184580][ T9033] bridge_slave_1: entered promiscuous mode
[  383.203622][ T8881] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  383.289654][ T8881] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  383.339319][ T8881] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  383.448199][ T9033] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  383.476592][ T9033] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  383.623865][ T8881] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  383.940163][ T9033] team0: Port device team_slave_0 added
[  383.976962][ T9033] team0: Port device team_slave_1 added
[  383.992566][ T9194] netlink: 'syz-executor.2': attribute type 4 has an invalid length.
[  384.151683][ T9033] batman_adv: batadv0: Adding interface: batadv_slave_0
[  384.172530][ T9174] loop3: detected capacity change from 0 to 512
[  384.181062][ T9033] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  384.230267][ T9174] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem
[  384.269195][ T9033] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  384.273563][ T9174] EXT4-fs error (device loop3): ext4_orphan_get:1420: comm syz-executor.3: bad orphan inode 15
[  384.312624][ T9203] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.2'.
[  384.342617][ T9204] loop4: detected capacity change from 0 to 2048
[  384.369531][ T9174] ext4_test_bit(bit=14, block=18) = 1
[  384.375325][ T9174] is_bad_inode(inode)=0
[  384.379589][ T9174] NEXT_ORPHAN(inode)=1023
[  384.384239][ T9174] max_ino=32
[  384.390050][ T9174] i_nlink=0
[  384.397715][ T9174] EXT4-fs error (device loop3): ext4_xattr_delete_inode:2972: inode #15: comm syz-executor.3: corrupted xattr block 19: e_value size too large
[  384.424890][ T9174] EXT4-fs warning (device loop3): ext4_evict_inode:271: xattr delete (err -117)
[  384.461262][ T9210] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  384.472732][ T9174] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  384.497305][ T9174] ext2 filesystem being mounted at /root/syzkaller-testdir3187535921/syzkaller.PCUV3h/53/éq‰Y’3aK supports timestamps until 2038-01-19 (0x7fffffff)
[  384.527861][ T9033] batman_adv: batadv0: Adding interface: batadv_slave_1
[  384.543048][ T9033] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  384.570850][ T9033] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  386.694823][ T7947] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  386.745831][ T9033] hsr_slave_0: entered promiscuous mode
[  386.772919][ T9033] hsr_slave_1: entered promiscuous mode
[  386.788129][ T9033] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  386.799344][ T9033] Cannot create hsr debugfs directory
[  387.105251][ T8881] 8021q: adding VLAN 0 to HW filter on device bond0
[  387.336354][ T8881] 8021q: adding VLAN 0 to HW filter on device team0
[  387.466193][ T5154] bridge0: port 1(bridge_slave_0) entered blocking state
[  387.473408][ T5154] bridge0: port 1(bridge_slave_0) entered forwarding state
[  387.549887][ T9233] vhci_hcd: invalid port number 129
[  387.558558][ T5154] bridge0: port 2(bridge_slave_1) entered blocking state
[  387.565764][ T5154] bridge0: port 2(bridge_slave_1) entered forwarding state
[  387.588570][ T9233] vhci_hcd: default hub control req: 0200 v0000 i0081 l0
[  387.678053][ T8881] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  388.066082][   T29] audit: type=1326 audit(1719023907.067:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9240 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff5d2e7d0a9 code=0x0
[  388.192159][ T9225] loop2: detected capacity change from 0 to 32768
[  388.234826][ T9225] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 (7:2) scanned by syz-executor.2 (9225)
[  388.267380][ T9225] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  388.284501][ T9225] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm
[  388.316483][ T9225] BTRFS info (device loop2): using free-space-tree
[  388.317031][ T8881] 8021q: adding VLAN 0 to HW filter on device batadv0
[  388.367707][ T9033] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  388.406549][ T9033] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  388.432850][ T9033] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  388.461181][ T9033] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  389.567427][ T8881] veth0_vlan: entered promiscuous mode
[  389.671956][ T8881] veth1_vlan: entered promiscuous mode
[  389.700147][ T5619] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  390.040729][ T8881] veth0_macvtap: entered promiscuous mode
[  390.126568][ T8881] veth1_macvtap: entered promiscuous mode
[  390.308179][ T9033] 8021q: adding VLAN 0 to HW filter on device bond0
[  390.324437][ T8881] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  390.363216][ T8881] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  390.385546][ T8881] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  390.416365][ T8881] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  390.438933][ T8881] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  390.452228][ T8881] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  390.469587][ T8881] batman_adv: batadv0: Interface activated: batadv_slave_0
[  390.490983][ T8881] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  390.509164][ T8881] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  390.552706][ T8881] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  390.564348][ T8881] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  390.577057][ T8881] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  390.596766][ T8881] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  390.644986][ T8881] batman_adv: batadv0: Interface activated: batadv_slave_1
[  390.718337][ T8881] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  390.781984][ T8881] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  390.811506][ T9297] loop2: detected capacity change from 0 to 2048
[  390.821413][ T8881] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  390.891568][ T8881] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  391.385899][ T9033] 8021q: adding VLAN 0 to HW filter on device team0
[  391.451926][ T9312] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  391.508918][ T9309] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.3'.
[  391.548609][ T5153] bridge0: port 1(bridge_slave_0) entered blocking state
[  391.555835][ T5153] bridge0: port 1(bridge_slave_0) entered forwarding state
[  391.668637][ T5153] bridge0: port 2(bridge_slave_1) entered blocking state
[  391.675822][ T5153] bridge0: port 2(bridge_slave_1) entered forwarding state
[  391.821010][   T29] audit: type=1804 audit(1719023910.817:37): pid=9317 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir3187535921/syzkaller.PCUV3h/58/bus" dev="sda1" ino=1940 res=1 errno=0
[  391.913649][   T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  391.956436][   T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  392.674595][ T2884] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  394.897255][ T2884] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  397.917278][ T9033] 8021q: adding VLAN 0 to HW filter on device batadv0
[  398.023429][ T9350] usb usb9: usbfs: process 9350 (syz-executor.3) did not claim interface 0 before use
[  398.033920][ T9350] vhci_hcd: invalid port number 129
[  398.039190][ T9350] vhci_hcd: default hub control req: 0200 v0000 i0081 l0
[  398.648181][ T9347] loop0: detected capacity change from 0 to 128
[  398.693770][ T9347] VFS: Found a Xenix FS (block size = 512) on device loop0
[  398.771323][ T9347] syz-executor.0: attempt to access beyond end of device
[  398.771323][ T9347] loop0: rw=0, sector=8767744, nr_sectors = 1 limit=128
[  398.787215][ T9347] Buffer I/O error on dev loop0, logical block 8767744, async page read
[  398.796965][ T9347] syz-executor.0: attempt to access beyond end of device
[  398.796965][ T9347] loop0: rw=0, sector=13269809, nr_sectors = 1 limit=128
[  398.812208][ T9347] Buffer I/O error on dev loop0, logical block 13269809, async page read
[  398.835795][ T9033] veth0_vlan: entered promiscuous mode
[  398.896169][   T29] audit: type=1804 audit(1719023917.897:38): pid=9358 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir4238717511/syzkaller.oMaqce/1/file0" dev="loop0" ino=2 res=1 errno=0
[  398.903541][ T9362] netlink: 36 bytes leftover after parsing attributes in process `syz-executor.3'.
[  398.927709][ T9033] veth1_vlan: entered promiscuous mode
[  398.952752][ T9347] syz-executor.0: attempt to access beyond end of device
[  398.952752][ T9347] loop0: rw=0, sector=1157, nr_sectors = 1 limit=128
[  398.966835][ T9347] Buffer I/O error on dev loop0, logical block 1157, async page read
[  398.982595][ T9347] syz-executor.0: attempt to access beyond end of device
[  398.982595][ T9347] loop0: rw=0, sector=3211264, nr_sectors = 1 limit=128
[  398.999077][ T9347] Buffer I/O error on dev loop0, logical block 3211264, async page read
[  399.009075][ T9347] syz-executor.0: attempt to access beyond end of device
[  399.009075][ T9347] loop0: rw=0, sector=8768635, nr_sectors = 1 limit=128
[  399.023246][ T9347] Buffer I/O error on dev loop0, logical block 8768635, async page read
[  399.036824][ T9347] syz-executor.0: attempt to access beyond end of device
[  399.036824][ T9347] loop0: rw=0, sector=13466417, nr_sectors = 1 limit=128
[  399.051364][ T9347] Buffer I/O error on dev loop0, logical block 13466417, async page read
[  399.060208][ T9347] syz-executor.0: attempt to access beyond end of device
[  399.060208][ T9347] loop0: rw=0, sector=209285, nr_sectors = 1 limit=128
[  399.076211][ T9347] Buffer I/O error on dev loop0, logical block 209285, async page read
[  399.124235][ T9347] syz-executor.0: attempt to access beyond end of device
[  399.124235][ T9347] loop0: rw=0, sector=8767744, nr_sectors = 1 limit=128
[  399.138205][ T9347] Buffer I/O error on dev loop0, logical block 8767744, async page read
[  399.152246][ T9347] syz-executor.0: attempt to access beyond end of device
[  399.152246][ T9347] loop0: rw=0, sector=13269809, nr_sectors = 1 limit=128
[  399.189806][ T9347] Buffer I/O error on dev loop0, logical block 13269809, async page read
[  399.199911][ T9347] syz-executor.0: attempt to access beyond end of device
[  399.199911][ T9347] loop0: rw=0, sector=1157, nr_sectors = 1 limit=128
[  399.216186][ T9347] Buffer I/O error on dev loop0, logical block 1157, async page read
[  399.224907][   T29] audit: type=1800 audit(1719023918.227:39): pid=9347 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz-executor.0" name="/" dev="loop0" ino=2 res=0 errno=0
[  399.244669][ T9033] veth0_macvtap: entered promiscuous mode
[  399.287902][ T9033] veth1_macvtap: entered promiscuous mode
[  399.312579][   T29] audit: type=1800 audit(1719023918.237:40): pid=9358 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz-executor.0" name="/" dev="loop0" ino=2 res=0 errno=0
[  399.345549][ T9033] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  399.374374][ T9033] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  399.409344][ T9347] syz-executor.0 (9347) used greatest stack depth: 18864 bytes left
[  399.423536][ T9033] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  399.472880][ T9033] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  399.591133][ T9033] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  399.628344][ T9033] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  399.666481][ T9033] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  399.697564][ T9033] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  399.720943][ T8881] sysv_free_block: trying to free block not in datazone
[  399.722039][ T9033] batman_adv: batadv0: Interface activated: batadv_slave_0
[  399.743969][ T8881] sysv_free_inode: inode 0,1,2 or nonexistent inode
[  399.793464][ T9033] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  399.804358][ T9033] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  399.820593][ T9033] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  399.831488][ T9033] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  399.859589][ T9033] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  399.887036][ T9033] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  399.925893][ T9033] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  399.964949][ T9033] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  400.002261][ T9354] loop4: detected capacity change from 0 to 32768
[  400.010480][ T9033] batman_adv: batadv0: Interface activated: batadv_slave_1
[  400.032839][ T9354] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz-executor.4 (9354)
[  400.065999][ T9033] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  400.085938][ T9354] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  400.123039][ T9033] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  400.145619][ T9033] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  400.161906][ T9354] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm
[  400.175370][ T9033] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  400.229889][ T9354] BTRFS info (device loop4): using free-space-tree
[  400.238166][ T9381] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.0'.
[  401.311905][ T9404] loop2: detected capacity change from 0 to 2048
[  401.352458][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  401.424577][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  401.494770][ T8380] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  401.528392][ T9415] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  401.599129][ T1051] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  401.672925][ T1051] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  402.413060][   T29] audit: type=1804 audit(1719023921.397:41): pid=9422 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir3187535921/syzkaller.PCUV3h/61/bus" dev="sda1" ino=1966 res=1 errno=0
[  402.489384][ T9423] netlink: 60 bytes leftover after parsing attributes in process `syz-executor.1'.
[  403.970271][ T9441] usb usb9: usbfs: process 9441 (syz-executor.1) did not claim interface 0 before use
[  403.980810][ T9441] vhci_hcd: invalid port number 129
[  403.986177][ T9441] vhci_hcd: default hub control req: 0200 v0000 i0081 l0
[  408.712160][ T9456] loop1: detected capacity change from 0 to 1024
[  408.912712][ T9463] loop0: detected capacity change from 0 to 256
[  408.949940][ T9466] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.1'.
[  409.439044][ T9470] loop2: detected capacity change from 0 to 256
[  409.441736][ T9463] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x53fda505, utbl_chksum : 0xe619d30d)
[  409.468835][ T9463] exFAT-fs (loop0): bogus allocation bitmap size(need : 2, cur : 17179869186)
[  409.594374][ T9470] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x53fda505, utbl_chksum : 0xe619d30d)
[  409.652602][ T9470] exFAT-fs (loop2): bogus allocation bitmap size(need : 2, cur : 17179869186)
[  411.061019][ T9488] usb usb9: usbfs: process 9488 (syz-executor.2) did not claim interface 0 before use
[  411.071579][ T9488] vhci_hcd: invalid port number 129
[  411.076935][ T9488] vhci_hcd: default hub control req: 0200 v0000 i0081 l0
[  411.585170][ T9478] loop4: detected capacity change from 0 to 2048
[  411.689287][   T29] audit: type=1804 audit(1719023930.687:42): pid=9492 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir1943652706/syzkaller.WfCiPi/179/bus" dev="sda1" ino=1967 res=1 errno=0
[  411.880970][ T9494] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  413.248022][ T9513] loop0: detected capacity change from 0 to 256
[  413.278025][ T9513] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x53fda505, utbl_chksum : 0xe619d30d)
[  413.311406][ T9513] exFAT-fs (loop0): bogus allocation bitmap size(need : 2, cur : 17179869186)
[  413.470738][ T9520] loop3: detected capacity change from 0 to 256
[  413.514322][ T9520] exFAT-fs (loop3): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x53fda505, utbl_chksum : 0xe619d30d)
[  413.552373][ T9520] exFAT-fs (loop3): bogus allocation bitmap size(need : 2, cur : 17179869186)
[  414.750511][ T9500] loop2: detected capacity change from 0 to 512
[  414.786199][ T9533] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'.
[  414.807207][ T9533] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.3'.
[  414.846221][ T9500] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem
[  414.885952][ T9500] workqueue: Failed to create a rescuer kthread for wq "ext4-rsv-conversion": -EINTR
[  414.896560][ T9500] EXT4-fs: failed to create workqueue
[  415.103228][ T9500] EXT4-fs (loop2): mount failed
[  416.822182][ T5115] Bluetooth: hci4: command 0x0406 tx timeout
[  416.915733][ T9560] loop1: detected capacity change from 0 to 2048
[  417.043672][ T9566] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  418.629841][ T9583] netlink: 60 bytes leftover after parsing attributes in process `syz-executor.0'.
[  419.754710][ T9570] loop2: detected capacity change from 0 to 32768
[  419.765308][ T9570] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 (7:2) scanned by syz-executor.2 (9570)
[  419.786491][ T9570] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  419.832570][ T9570] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm
[  419.863378][ T9570] BTRFS info (device loop2): using free-space-tree
[  419.885187][   T29] audit: type=1800 audit(1719023938.887:43): pid=9596 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="sda1" ino=1965 res=0 errno=0
[  421.114541][ T5619] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  422.906008][   T29] audit: type=1800 audit(1719023941.907:44): pid=9650 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="sda1" ino=1968 res=0 errno=0
[  423.518064][ T9666] netlink: 60 bytes leftover after parsing attributes in process `syz-executor.1'.
[  425.631270][ T9691] usb usb9: usbfs: process 9691 (syz-executor.0) did not claim interface 0 before use
[  425.641730][ T9691] vhci_hcd: invalid port number 129
[  425.647090][ T9691] vhci_hcd: default hub control req: 0200 v0000 i0081 l0
[  427.210435][ T9706] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[  427.249689][ T9706] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.1'.
[  428.440807][ T9729] loop3: detected capacity change from 0 to 256
[  429.326736][ T9746] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.
[  429.529866][ T9749] loop4: detected capacity change from 0 to 256
[  429.571030][ T9749] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x53fda505, utbl_chksum : 0xe619d30d)
[  429.639849][ T9749] exFAT-fs (loop4): bogus allocation bitmap size(need : 2, cur : 17179869186)
[  432.127417][ T9762] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'.
[  432.138449][ T9762] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.3'.
[  434.208021][ T9797] loop1: detected capacity change from 0 to 256
[  434.746700][ T9800] loop2: detected capacity change from 0 to 256
[  434.943924][ T9800] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x53fda505, utbl_chksum : 0xe619d30d)
[  435.868214][ T9800] exFAT-fs (loop2): bogus allocation bitmap size(need : 2, cur : 17179869186)
[  436.138301][ T9808] loop3: detected capacity change from 0 to 128
[  436.274244][ T9808] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  436.325673][ T9808] ext4 filesystem being mounted at /root/syzkaller-testdir3187535921/syzkaller.PCUV3h/78/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  436.361967][    C1] vkms_vblank_simulate: vblank timer overrun
[  436.507692][ T9821] loop2: detected capacity change from 0 to 256
[  437.082369][ T9827] netlink: 124 bytes leftover after parsing attributes in process `syz-executor.3'.
[  437.097528][ T9827] netlink: 124 bytes leftover after parsing attributes in process `syz-executor.3'.
[  437.468414][ T7947] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  437.671020][ T9839] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.0'.
[  437.819259][ T9846] xt_HMARK: proto mask must be zero with L3 mode
[  438.894704][ T9851] loop0: detected capacity change from 0 to 256
[  439.050665][ T9854] loop4: detected capacity change from 0 to 256
[  439.087744][ T9854] exfat: Deprecated parameter 'namecase'
[  439.126747][ T9854] exfat: Deprecated parameter 'utf8'
[  439.301809][ T9859] loop3: detected capacity change from 0 to 256
[  439.301943][ T9854] exfat: Deprecated parameter 'namecase'
[  439.678944][ T9859] exFAT-fs (loop3): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x53fda505, utbl_chksum : 0xe619d30d)
[  439.697195][ T9859] exFAT-fs (loop3): bogus allocation bitmap size(need : 2, cur : 17179869186)
[  439.710136][ T9854] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xdc42f586, utbl_chksum : 0xe619d30d)
[  440.049794][ T9864] loop2: detected capacity change from 0 to 128
[  440.077104][ T9864] VFS: Found a Xenix FS (block size = 512) on device loop2
[  440.089374][ T9864] bio_check_eod: 11 callbacks suppressed
[  440.089443][ T9864] syz-executor.2: attempt to access beyond end of device
[  440.089443][ T9864] loop2: rw=0, sector=8767744, nr_sectors = 1 limit=128
[  440.109676][ T9864] buffer_io_error: 11 callbacks suppressed
[  440.109742][ T9864] Buffer I/O error on dev loop2, logical block 8767744, async page read
[  440.124334][ T9864] syz-executor.2: attempt to access beyond end of device
[  440.124334][ T9864] loop2: rw=0, sector=13269809, nr_sectors = 1 limit=128
[  440.146444][ T9864] Buffer I/O error on dev loop2, logical block 13269809, async page read
[  440.155904][ T9864] syz-executor.2: attempt to access beyond end of device
[  440.155904][ T9864] loop2: rw=0, sector=1157, nr_sectors = 1 limit=128
[  440.172057][ T9864] Buffer I/O error on dev loop2, logical block 1157, async page read
[  440.181359][ T9864] syz-executor.2: attempt to access beyond end of device
[  440.181359][ T9864] loop2: rw=0, sector=3211264, nr_sectors = 1 limit=128
[  440.195432][ T9864] Buffer I/O error on dev loop2, logical block 3211264, async page read
[  440.207808][ T9864] syz-executor.2: attempt to access beyond end of device
[  440.207808][ T9864] loop2: rw=0, sector=8768635, nr_sectors = 1 limit=128
[  440.223101][ T9864] Buffer I/O error on dev loop2, logical block 8768635, async page read
[  440.231579][ T9864] syz-executor.2: attempt to access beyond end of device
[  440.231579][ T9864] loop2: rw=0, sector=13466417, nr_sectors = 1 limit=128
[  440.514132][ T9864] Buffer I/O error on dev loop2, logical block 13466417, async page read
[  440.525498][ T1244] ieee802154 phy0 wpan0: encryption failed: -22
[  440.531860][ T1244] ieee802154 phy1 wpan1: encryption failed: -22
[  440.747943][ T9864] syz-executor.2: attempt to access beyond end of device
[  440.747943][ T9864] loop2: rw=0, sector=209285, nr_sectors = 1 limit=128
[  440.962203][ T9864] Buffer I/O error on dev loop2, logical block 209285, async page read
[  441.202699][ T9864] syz-executor.2: attempt to access beyond end of device
[  441.202699][ T9864] loop2: rw=0, sector=8767744, nr_sectors = 1 limit=128
[  441.253433][ T9864] Buffer I/O error on dev loop2, logical block 8767744, async page read
[  441.344139][ T9864] syz-executor.2: attempt to access beyond end of device
[  441.344139][ T9864] loop2: rw=0, sector=13269809, nr_sectors = 1 limit=128
[  441.413976][ T9864] Buffer I/O error on dev loop2, logical block 13269809, async page read
[  441.448016][ T9864] syz-executor.2: attempt to access beyond end of device
[  441.448016][ T9864] loop2: rw=0, sector=1157, nr_sectors = 1 limit=128
[  441.478491][ T9876] loop3: detected capacity change from 0 to 128
[  441.492182][ T9864] Buffer I/O error on dev loop2, logical block 1157, async page read
[  441.527641][   T29] audit: type=1800 audit(1719023960.517:45): pid=9864 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz-executor.2" name="/" dev="loop2" ino=2 res=0 errno=0
[  441.585929][ T5619] sysv_free_block: trying to free block not in datazone
[  441.699795][ T5619] sysv_free_inode: inode 0,1,2 or nonexistent inode
[  441.724673][ T9876] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  441.798591][ T9876] ext4 filesystem being mounted at /root/syzkaller-testdir3187535921/syzkaller.PCUV3h/82/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  442.437613][ T9887] netlink: 124 bytes leftover after parsing attributes in process `syz-executor.3'.
[  442.458689][ T9887] netlink: 124 bytes leftover after parsing attributes in process `syz-executor.3'.
[  443.683963][ T9894] usb usb9: usbfs: process 9894 (syz-executor.2) did not claim interface 0 before use
[  443.694318][ T9894] vhci_hcd: invalid port number 129
[  443.699578][ T9894] vhci_hcd: default hub control req: 0200 v0000 i0081 l0
[  444.340665][ T7947] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  444.865513][ T9885] loop1: detected capacity change from 0 to 32768
[  445.598423][ T9885] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz-executor.1 (9885)
[  446.298535][ T9885] BTRFS error (device loop1): open_ctree failed
[  446.308057][ T9911] loop2: detected capacity change from 0 to 256
[  446.349699][ T9911] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x53fda505, utbl_chksum : 0xe619d30d)
[  446.388575][ T9911] exFAT-fs (loop2): bogus allocation bitmap size(need : 2, cur : 17179869186)
[  446.574697][   T29] audit: type=1804 audit(1719023965.567:46): pid=9919 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir185849640/syzkaller.x90pSJ/22/bus" dev="sda1" ino=1943 res=1 errno=0
[  446.891636][ T9926] loop2: detected capacity change from 0 to 128
[  446.930891][ T9926] VFS: Found a Xenix FS (block size = 512) on device loop2
[  446.985850][ T9926] bio_check_eod: 4 callbacks suppressed
[  446.986477][ T9926] syz-executor.2: attempt to access beyond end of device
[  446.986477][ T9926] loop2: rw=0, sector=8767744, nr_sectors = 1 limit=128
[  447.010727][ T9926] buffer_io_error: 4 callbacks suppressed
[  447.010743][ T9926] Buffer I/O error on dev loop2, logical block 8767744, async page read
[  447.028690][ T9926] syz-executor.2: attempt to access beyond end of device
[  447.028690][ T9926] loop2: rw=0, sector=13269809, nr_sectors = 1 limit=128
[  447.048135][ T9929] loop4: detected capacity change from 0 to 256
[  447.079157][ T9926] Buffer I/O error on dev loop2, logical block 13269809, async page read
[  447.092370][ T9926] syz-executor.2: attempt to access beyond end of device
[  447.092370][ T9926] loop2: rw=0, sector=1157, nr_sectors = 1 limit=128
[  447.096695][ T9927] loop1: detected capacity change from 0 to 512
[  447.118921][ T9926] Buffer I/O error on dev loop2, logical block 1157, async page read
[  447.139860][ T9926] syz-executor.2: attempt to access beyond end of device
[  447.139860][ T9926] loop2: rw=0, sector=3211264, nr_sectors = 1 limit=128
[  447.153426][ T9929] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x53fda505, utbl_chksum : 0xe619d30d)
[  447.169184][ T9926] Buffer I/O error on dev loop2, logical block 3211264, async page read
[  447.184069][ T9926] syz-executor.2: attempt to access beyond end of device
[  447.184069][ T9926] loop2: rw=0, sector=8768635, nr_sectors = 1 limit=128
[  447.198425][ T9926] Buffer I/O error on dev loop2, logical block 8768635, async page read
[  447.198704][ T9927] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  447.217549][ T9926] syz-executor.2: attempt to access beyond end of device
[  447.217549][ T9926] loop2: rw=0, sector=13466417, nr_sectors = 1 limit=128
[  447.229668][ T9929] exFAT-fs (loop4): bogus allocation bitmap size(need : 2, cur : 17179869186)
[  447.246612][ T9926] Buffer I/O error on dev loop2, logical block 13466417, async page read
[  447.259896][ T9926] syz-executor.2: attempt to access beyond end of device
[  447.259896][ T9926] loop2: rw=0, sector=209285, nr_sectors = 1 limit=128
[  447.285037][ T9926] Buffer I/O error on dev loop2, logical block 209285, async page read
[  447.301493][ T9926] syz-executor.2: attempt to access beyond end of device
[  447.301493][ T9926] loop2: rw=0, sector=8767744, nr_sectors = 1 limit=128
[  447.317161][ T9926] Buffer I/O error on dev loop2, logical block 8767744, async page read
[  447.325731][ T9926] syz-executor.2: attempt to access beyond end of device
[  447.325731][ T9926] loop2: rw=0, sector=13269809, nr_sectors = 1 limit=128
[  447.345847][ T9926] Buffer I/O error on dev loop2, logical block 13269809, async page read
[  447.355870][ T9926] syz-executor.2: attempt to access beyond end of device
[  447.355870][ T9926] loop2: rw=0, sector=1157, nr_sectors = 1 limit=128
[  447.369803][ T9926] Buffer I/O error on dev loop2, logical block 1157, async page read
[  447.380148][   T29] audit: type=1800 audit(1719023966.377:47): pid=9926 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz-executor.2" name="/" dev="loop2" ino=2 res=0 errno=0
[  447.414273][ T9927] EXT4-fs error (device loop1): ext4_orphan_get:1420: comm syz-executor.1: bad orphan inode 15
[  447.452138][ T9927] ext4_test_bit(bit=14, block=18) = 1
[  447.659986][ T5115] Bluetooth: hci1: command 0x0406 tx timeout
[  447.678709][ T9927] is_bad_inode(inode)=0
[  447.682907][ T9927] NEXT_ORPHAN(inode)=1023
[  447.775206][ T9927] max_ino=32
[  448.035918][ T5619] sysv_free_block: trying to free block not in datazone
[  448.043541][ T9927] i_nlink=0
[  448.049310][ T9927] EXT4-fs error (device loop1): ext4_xattr_delete_inode:2972: inode #15: comm syz-executor.1: corrupted xattr block 19: e_value size too large
[  448.234503][ T9927] EXT4-fs warning (device loop1): ext4_evict_inode:271: xattr delete (err -117)
[  448.266288][ T5619] sysv_free_inode: inode 0,1,2 or nonexistent inode
[  448.296090][ T9927] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  448.323378][ T9927] ext2 filesystem being mounted at /root/syzkaller-testdir185849640/syzkaller.x90pSJ/22/éq‰Y’3aK supports timestamps until 2038-01-19 (0x7fffffff)
[  448.347508][ T9940] loop4: detected capacity change from 0 to 128
[  448.423587][ T9940] VFS: Found a Xenix FS (block size = 512) on device loop4
[  448.474480][ T9940] sysv_free_block: trying to free block not in datazone
[  448.565035][   T29] audit: type=1804 audit(1719023967.527:48): pid=9940 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir1048712914/syzkaller.KGT2fE/58/file0" dev="loop4" ino=2 res=1 errno=0
[  448.715793][ T9033] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  448.757108][ T9949] loop2: detected capacity change from 0 to 256
[  449.201782][ T8380] sysv_free_inode: inode 0,1,2 or nonexistent inode
[  449.218445][ T9957] loop1: detected capacity change from 0 to 256
[  449.261387][ T9957] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x53fda505, utbl_chksum : 0xe619d30d)
[  449.303152][ T9957] exFAT-fs (loop1): bogus allocation bitmap size(need : 2, cur : 17179869186)
[  449.629473][ T9963] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[  449.653441][ T9964] xt_HMARK: proto mask must be zero with L3 mode
[  449.860902][ T9951] loop3: detected capacity change from 0 to 32768
[  449.872717][ T9969] loop2: detected capacity change from 0 to 256
[  449.908108][ T9951] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz-executor.3 (9951)
[  449.930452][ T9969] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x53fda505, utbl_chksum : 0xe619d30d)
[  449.959652][ T9969] exFAT-fs (loop2): bogus allocation bitmap size(need : 2, cur : 17179869186)
[  449.986954][ T9951] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  450.038424][ T9951] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm
[  450.077025][ T9951] BTRFS info (device loop3): using free-space-tree
[  451.293789][ T7947] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  451.702071][T10004] loop0: detected capacity change from 0 to 128
[  451.723387][T10004] VFS: Found a Xenix FS (block size = 512) on device loop0
[  451.734145][T10004] sysv_free_block: trying to free block not in datazone
[  451.775126][   T29] audit: type=1804 audit(1719023970.747:49): pid=10004 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir4238717511/syzkaller.oMaqce/39/file0" dev="loop0" ino=2 res=1 errno=0
[  452.074671][T10006] loop1: detected capacity change from 0 to 256
[  452.364354][ T8881] sysv_free_inode: inode 0,1,2 or nonexistent inode
[  452.418139][T10012] loop4: detected capacity change from 0 to 256
[  452.477835][T10006] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x53fda505, utbl_chksum : 0xe619d30d)
[  452.523397][T10006] exFAT-fs (loop1): bogus allocation bitmap size(need : 2, cur : 17179869186)
[  452.598495][T10016] loop0: detected capacity change from 0 to 256
[  452.703781][T10016] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x53fda505, utbl_chksum : 0xe619d30d)
[  452.743411][T10016] exFAT-fs (loop0): bogus allocation bitmap size(need : 2, cur : 17179869186)
[  452.966735][T10026] pim6reg1: entered promiscuous mode
[  452.972101][T10026] pim6reg1: entered allmulticast mode
[  453.921618][T10036] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[  453.961238][T10037] loop4: detected capacity change from 0 to 1024
[  453.981702][T10036] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.1'.
[  454.614854][T10042] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.4'.
[  456.349443][T10054] loop1: detected capacity change from 0 to 1024
[  456.637811][T10055] loop3: detected capacity change from 0 to 128
[  456.682912][T10055] VFS: Found a Xenix FS (block size = 512) on device loop3
[  456.690416][T10029] loop2: detected capacity change from 0 to 32768
[  456.736536][T10055] sysv_free_block: trying to free block not in datazone
[  456.802291][T10060] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.1'.
[  457.238882][   T29] audit: type=1804 audit(1719023975.787:50): pid=10055 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir3187535921/syzkaller.PCUV3h/88/file0" dev="loop3" ino=2 res=1 errno=0
[  457.368978][T10066] loop4: detected capacity change from 0 to 256
[  457.505340][T10066] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x53fda505, utbl_chksum : 0xe619d30d)
[  457.518847][ T7947] sysv_free_inode: inode 0,1,2 or nonexistent inode
[  457.563448][T10066] exFAT-fs (loop4): bogus allocation bitmap size(need : 2, cur : 17179869186)
[  458.044033][T10077] loop2: detected capacity change from 0 to 256
[  461.317938][T10116] loop0: detected capacity change from 0 to 256
[  461.380755][T10116] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x53fda505, utbl_chksum : 0xe619d30d)
[  461.406675][T10112] loop1: detected capacity change from 0 to 128
[  461.415696][T10116] exFAT-fs (loop0): bogus allocation bitmap size(need : 2, cur : 17179869186)
[  461.454318][T10112] VFS: Found a Xenix FS (block size = 512) on device loop1
[  461.468120][T10112] sysv_free_block: trying to free block not in datazone
[  461.511195][T10112] netlink: 596 bytes leftover after parsing attributes in process `syz-executor.1'.
[  461.534969][   T29] audit: type=1804 audit(1719023980.537:51): pid=10112 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir185849640/syzkaller.x90pSJ/33/file0" dev="loop1" ino=2 res=1 errno=0
[  461.677212][T10124] fuse: Unknown parameter 'group_i00000000000000000000'
[  461.832066][   T29] audit: type=1804 audit(1719023980.827:52): pid=10124 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz-executor.3" name="/root/syzkaller-testdir3187535921/syzkaller.PCUV3h/91/file0" dev="sda1" ino=1961 res=1 errno=0
[  461.855953][    C1] vkms_vblank_simulate: vblank timer overrun
[  463.636125][ T9033] sysv_free_inode: inode 0,1,2 or nonexistent inode
[  463.918377][T10109] loop2: detected capacity change from 0 to 32768
[  463.979613][T10109] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 (7:2) scanned by syz-executor.2 (10109)
[  464.852741][T10150] Bluetooth: MGMT ver 1.22
[  465.100872][T10157] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.2'.
[  465.215711][T10163] loop1: detected capacity change from 0 to 128
[  465.238985][T10160] pim6reg: entered allmulticast mode
[  465.303334][T10160] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'.
[  465.347652][T10163] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  465.399320][T10163] ext4 filesystem being mounted at /root/syzkaller-testdir185849640/syzkaller.x90pSJ/37/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  465.435547][    C1] vkms_vblank_simulate: vblank timer overrun
[  465.505192][T10167] warning: `syz-executor.3' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  465.529398][T10174] loop0: detected capacity change from 0 to 128
[  465.569836][T10174] VFS: Found a Xenix FS (block size = 512) on device loop0
[  465.606224][T10174] sysv_free_block: trying to free block not in datazone
[  465.639144][T10174] netlink: 596 bytes leftover after parsing attributes in process `syz-executor.0'.
[  465.646132][T10177] netlink: 124 bytes leftover after parsing attributes in process `syz-executor.1'.
[  465.652057][   T29] audit: type=1804 audit(1719023984.647:53): pid=10174 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir4238717511/syzkaller.oMaqce/52/file0" dev="loop0" ino=2 res=1 errno=0
[  465.696603][T10177] netlink: 124 bytes leftover after parsing attributes in process `syz-executor.1'.
[  466.102609][ T9033] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  466.296206][T10200] netlink: 32 bytes leftover after parsing attributes in process `syz-executor.1'.
[  466.307036][ T8881] sysv_free_inode: inode 0,1,2 or nonexistent inode
[  466.468670][T10208] netlink: 'syz-executor.3': attribute type 1 has an invalid length.
[  466.526603][T10208] bond1: entered promiscuous mode
[  466.541353][T10215] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for ip6gretap1
[  466.616639][T10215] bond1: (slave ip6gretap1): making interface the new active one
[  466.670467][T10215] ip6gretap1: entered promiscuous mode
[  466.717308][T10215] bond1: (slave ip6gretap1): Enslaving as an active interface with an up link
[  466.793312][ T5100] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  466.830809][T10223] loop2: detected capacity change from 0 to 128
[  466.882061][T10223] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  466.913998][T10223] ext4 filesystem being mounted at /root/syzkaller-testdir1943652706/syzkaller.WfCiPi/212/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  467.003179][ T5100] usb 1-1: Using ep0 maxpacket: 8
[  467.009872][ T5100] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  467.026351][ T5100] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  467.047647][ T5100] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8D has invalid wMaxPacketSize 0
[  467.062323][ T5100] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  467.081751][T10235] netlink: 124 bytes leftover after parsing attributes in process `syz-executor.2'.
[  467.098609][ T5100] usb 1-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58
[  467.118876][ T5100] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  467.147963][ T5100] usb 1-1: config 0 descriptor??
[  467.196532][T10235] netlink: 124 bytes leftover after parsing attributes in process `syz-executor.2'.
[  467.372819][ T5100] usb 1-1: USB disconnect, device number 5
[  467.581913][T10244] loop1: detected capacity change from 0 to 128
[  467.623241][T10244] VFS: Found a Xenix FS (block size = 512) on device loop1
[  467.640898][T10244] sysv_free_block: trying to free block not in datazone
[  467.690301][T10244] netlink: 596 bytes leftover after parsing attributes in process `syz-executor.1'.
[  467.710518][T10246] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.4'.
[  467.731292][ T5619] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  467.769799][   T29] audit: type=1804 audit(1719023986.767:54): pid=10244 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir185849640/syzkaller.x90pSJ/43/file0" dev="loop1" ino=2 res=1 errno=0
[  468.285225][ T5154] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[  468.392615][T10270] syz-executor.0 uses obsolete (PF_INET,SOCK_PACKET)
[  468.405268][ T9033] sysv_free_inode: inode 0,1,2 or nonexistent inode
[  468.503139][ T5154] usb 3-1: Using ep0 maxpacket: 8
[  468.514178][T10270] can: request_module (can-proto-0) failed.
[  468.535171][ T5154] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 42, changing to 9
[  468.585351][ T5154] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  468.611070][ T5154] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  468.621325][ T5154] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 12336, setting to 1024
[  468.648705][ T5154] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024
[  468.675175][ T5154] usb 3-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58
[  468.688227][ T5154] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  468.708118][ T5154] usb 3-1: config 0 descriptor??
[  468.720007][T10256] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  468.736224][T10280] loop0: detected capacity change from 0 to 128
[  468.774295][T10280] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  468.961264][ T5115] Bluetooth: hci5: Opcode 0x0c03 failed: -71
[  468.970028][ T5154] usb 3-1: USB disconnect, device number 2
[  468.978733][T10280] ext4 filesystem being mounted at /root/syzkaller-testdir4238717511/syzkaller.oMaqce/56/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  470.014589][ T8881] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  470.376591][T10303] pimreg: entered allmulticast mode
[  470.380114][T10305] tipc: Started in network mode
[  470.380151][T10305] tipc: Node identity ac1414aa, cluster identity 4711
[  470.395017][T10305] tipc: Enabled bearer <udp:syz2>, priority 10
[  470.399526][T10305] tipc: Disabling bearer <udp:syz2>
[  470.461441][T10308] Illegal XDP return value 4294967294 on prog  (id 125) dev N/A, expect packet loss!
[  470.652829][    C0] TCP: request_sock_TCP: Possible SYN flooding on port [::]:2. Sending cookies.
[  470.685208][T10317] loop2: detected capacity change from 0 to 128
[  470.783488][T10317] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  470.813783][T10317] ext4 filesystem being mounted at /root/syzkaller-testdir1943652706/syzkaller.WfCiPi/217/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  470.966626][T10327] __nla_validate_parse: 5 callbacks suppressed
[  470.966735][T10327] netlink: 124 bytes leftover after parsing attributes in process `syz-executor.2'.
[  470.985732][T10327] netlink: 124 bytes leftover after parsing attributes in process `syz-executor.2'.
[  471.235615][T10338] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'.
[  471.264201][T10341] tipc: Enabled bearer <udp:syz2>, priority 10
[  471.330583][T10341] tipc: Disabling bearer <udp:syz2>
[  471.536955][ T5619] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  472.702577][T10377] loop2: detected capacity change from 0 to 128
[  472.732572][T10377] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  472.761369][T10377] ext4 filesystem being mounted at /root/syzkaller-testdir1943652706/syzkaller.WfCiPi/219/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  472.797689][    C1] vkms_vblank_simulate: vblank timer overrun
[  472.842846][T10383] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'.
[  472.915443][T10387] netlink: 124 bytes leftover after parsing attributes in process `syz-executor.2'.
[  472.930780][T10387] netlink: 124 bytes leftover after parsing attributes in process `syz-executor.2'.
[  473.498147][T10400] loop1: detected capacity change from 0 to 2048
[  473.581937][ T5619] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  473.596721][T10400]  loop1: p1 < > p3 < > p4 < >
[  473.605474][T10400] loop1: partition table partially beyond EOD, truncated
[  473.636714][T10400] loop1: p3 start 4284289 is beyond EOD, truncated
[  474.063130][ T5100] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  474.252156][ T5100] usb 1-1: config 0 has no interfaces?
[  474.266962][ T5100] usb 1-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  474.286443][ T5100] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  474.306714][ T5100] usb 1-1: config 0 descriptor??
[  474.508875][T10437] loop3: detected capacity change from 0 to 128
[  474.546538][ T5154] usb 1-1: USB disconnect, device number 6
[  474.604418][T10437] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  474.665614][T10437] ext4 filesystem being mounted at /root/syzkaller-testdir3187535921/syzkaller.PCUV3h/107/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  474.701889][    C1] vkms_vblank_simulate: vblank timer overrun
[  474.714631][T10447] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[  474.780822][T10448] netlink: 124 bytes leftover after parsing attributes in process `syz-executor.3'.
[  474.812511][T10448] netlink: 124 bytes leftover after parsing attributes in process `syz-executor.3'.
[  475.260936][T10457] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.1'.
[  475.356011][T10461] pim6reg: entered allmulticast mode
[  475.392350][ T7947] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  475.739896][T10472] loop2: detected capacity change from 0 to 512
[  475.879812][T10472] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  475.903291][T10472] ext4 filesystem being mounted at /root/syzkaller-testdir1943652706/syzkaller.WfCiPi/227/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  475.985130][T10482] __nla_validate_parse: 2 callbacks suppressed
[  475.985148][T10482] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.
[  476.006869][ T5154] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  476.017155][T10472] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback.
[  476.050904][T10472] EXT4-fs error (device loop2): ext4_xattr_block_get:596: inode #15: comm syz-executor.2: corrupted xattr block 19: ea_inode specified without ea_inode feature enabled
[  476.076623][T10472] EXT4-fs error (device loop2): ext4_xattr_block_get:596: inode #15: comm syz-executor.2: corrupted xattr block 19: ea_inode specified without ea_inode feature enabled
[  476.102945][T10472] EXT4-fs error (device loop2): ext4_xattr_block_get:596: inode #15: comm syz-executor.2: corrupted xattr block 19: ea_inode specified without ea_inode feature enabled
[  476.152342][T10472] EXT4-fs error (device loop2): ext4_validate_block_bitmap:432: comm syz-executor.2: bg 0: block 18: invalid block bitmap
[  476.167084][T10477] loop1: detected capacity change from 0 to 32768
[  476.175398][T10472] Quota error (device loop2): write_blk: dquota write failed
[  476.184348][T10477] btrfs: Deprecated parameter 'usebackuproot'
[  476.184573][T10477] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  476.199673][T10472] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota
[  476.203925][ T5154] usb 5-1: Using ep0 maxpacket: 8
[  476.219956][ T5154] usb 5-1: config index 0 descriptor too short (expected 301, got 45)
[  476.222075][T10472] EXT4-fs error (device loop2): ext4_acquire_dquot:6860: comm syz-executor.2: Failed to acquire dquot type 1
[  476.228743][ T5154] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  476.250368][T10477] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop1 (7:1) scanned by syz-executor.1 (10477)
[  476.264069][ T5154] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  476.278084][ T5154] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  476.297190][T10477] BTRFS info (device loop1): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  476.308373][ T5154] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  476.322540][T10477] BTRFS info (device loop1): using blake2b (blake2b-256-generic) checksum algorithm
[  476.328431][ T5619] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  476.334076][ T5154] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  476.356628][T10477] BTRFS info (device loop1): disk space caching is enabled
[  476.366919][ T5154] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  476.520833][T10477] BTRFS info (device loop1 state M): disabling free space tree
[  476.563135][T10477] BTRFS info (device loop1 state M): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  476.598446][ T5154] usb 5-1: GET_CAPABILITIES returned 0
[  476.604195][ T5154] usbtmc 5-1:16.0: can't read capabilities
[  476.621331][T10477] BTRFS info (device loop1 state M): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  476.688976][T10477] BTRFS info (device loop1 state M): use  compression, level 0
[  476.764180][ T9033] BTRFS info (device loop1): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  476.806224][   T25] usb 5-1: USB disconnect, device number 2
[  477.012193][T10518] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.3'.
[  477.135968][T10520] pim6reg: entered allmulticast mode
[  477.167045][T10520] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'.
[  477.415041][T10526] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'.
[  478.882595][T10552] trusted_key: syz-executor.2 sent an empty control message without MSG_MORE.
[  479.120218][T10524] loop1: detected capacity change from 0 to 32768
[  479.448998][T10537] loop0: detected capacity change from 0 to 40427
[  479.484889][T10524] bcachefs (loop1): mounting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,nojournal_transaction_names
[  479.501824][T10524] bcachefs (loop1): recovering from clean shutdown, journal seq 8
[  479.540353][T10537] F2FS-fs (loop0): invalid crc value
[  479.598584][T10537] F2FS-fs (loop0): Found nat_bits in checkpoint
[  479.669790][T10524] bcachefs (loop1): alloc_read... done
[  479.712205][T10524] bcachefs (loop1): stripes_read...
[  479.717682][T10577] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[  479.746435][T10524]  done
[  479.749250][T10524] bcachefs (loop1): snapshots_read... done
[  479.802066][T10575] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.4'.
[  479.855353][T10575] pim6reg: entered allmulticast mode
[  479.862615][T10537] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  479.871431][T10524] bcachefs (loop1): going read-write
[  479.877696][T10575] vxcan1: entered allmulticast mode
[  479.884931][T10575] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.4'.
[  479.919939][T10524] bcachefs (loop1): journal_replay... done
[  480.136703][T10524] bcachefs (loop1): resume_logged_ops... done
[  480.143528][T10524] bcachefs (loop1): delete_dead_inodes... done
[  480.157446][T10524] bcachefs (loop1): done starting filesystem
[  480.755795][ T8881] bio_check_eod: 4 callbacks suppressed
[  480.755844][ T8881] syz-executor.0: attempt to access beyond end of device
[  480.755844][ T8881] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  480.940699][ T8881] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  481.047544][T10524] bucket 0:34 gen 0 data type user sector count overflow: 0 + -24 > U32_MAX
[  481.047607][T10524] while marking u64s 6 type extent 1610612736:24:U32_MAX len 24 ver 0: durability: 1 ptr: 0:34:8 gen 0, shutting down
[  481.254055][ T1621] bcachefs (loop1): going read-only
[  481.273140][T10524] bcachefs (loop1): inconsistency detected - emergency read only at journal seq 11
[  481.336522][ T1621] bcachefs (loop1): flushing journal and stopping allocators, journal seq 11
[  481.370109][T10524] bucket 0:34 gen 0 data type user sector count overflow: 0 + -24 > U32_MAX
[  481.371016][ T1621] bcachefs (loop1): flushing journal and stopping allocators complete, journal seq 11
[  481.371932][ T1621] bcachefs (loop1): unshutdown complete, journal seq 11
[  481.373666][T10524] while marking u64s 6 type extent 1610612736:24:U32_MAX len 24 ver 0: durability: 1 ptr: 0:34:8 gen 0, shutting down
[  481.468781][T10524] bcachefs (loop1): incorrect key when clearing freespace:0:34:0 (got deleted should be set)
[  481.468781][T10524]   for u64s 5 type deleted 0:34:0 len 0 ver 0
[  481.517705][T10524] transaction updates for bch2_write_index_default journal seq 0
[  481.517741][T10524]   update: btree=extents cached=0 bch2_trans_update+0x1e29/0x2550
[  481.517749][T10524]     old u64s 5 type deleted 1610612736:8:U32_MAX len 0 ver 0
[  481.517756][T10524]     new u64s 6 type inline_data 1610612736:8:U32_MAX len 8 ver 0: datalen 8: 0000000000000000
[  481.517763][T10524]   update: btree=extents cached=0 bch2_trans_update+0x186f/0x2550
[  481.517770][T10524]     old u64s 6 type extent 1610612736:24:U32_MAX len 24 ver 0: durability: 1 ptr: 0:34:8 gen 0
[  481.517778][T10524]     new u64s 6 type extent 1610612736:24:U32_MAX len 16 ver 0: durability: 1 ptr: 0:34:16 gen 0
[  481.517786][T10524]   update: btree=inodes cached=1 bch2_extent_update_i_size_sectors+0xcc9/0x11d0
[  481.517793][T10524]     old u64s 18 type inode_v3 0:1610612736:U32_MAX len 0 ver 0:   mode=100755
[  481.517800][T10524]     flags= (15300000)
[  481.517806][T10524]     journal_seq=5
[  481.517812][T10524]     bi_size=9000
[  481.517818][T10524]     bi_sectors=24
[  481.517823][T10524]     bi_version=0
[  481.517829][T10524]     bi_atime=2346883235
[  481.517835][T10524]     bi_ctime=2346883235
[  481.517841][T10524]     bi_mtime=2346883235
[  481.517846][T10524]     bi_otime=2346883235
[  481.517852][T10524]     bi_uid=0
[  481.517858][T10524]     bi_gid=0
[  481.517863][T10524]     bi_nlink=1
[  481.517868][T10524]     bi_generation=0
[  481.517874][T10524]     bi_dev=0
[  481.517879][T10524]     bi_data_checksum=0
[  481.517885][T10524]     bi_compression=0
[  481.517891][T10524]     bi_project=0
[  481.517897][T10524]     bi_background_compression=0
[  481.517902][T10524]     bi_data_replicas=0
[  481.517908][T10524]     bi_promote_target=0
[  481.517914][T10524]     bi_foreground_target=0
[  481.517920][T10524]     bi_background_target=0
[  481.517926][T10524]     bi_erasure_code=0
[  481.517931][T10524]     bi_fields_set=0
[  481.517937][T10524]     bi_dir=4096
[  481.517943][T10524]     bi_dir_offset=825491560675941567
[  481.517949][T10524]     bi_subvol=0
[  481.517955][T10524]     bi_parent_subvol=0
[  481.517960][T10524]     bi_nocow=0
[  481.517966][T10524]   
[  481.517971][T10524]     new u64s 18 type inode_v3 0:1610612736:U32_MAX len 0 ver 0:   mode=100755
[  481.517978][T10524]     flags= (15300000)
[  481.517984][T10524]     journal_seq=5
[  481.517990][T10524]     bi_size=9000
[  481.517995][T10524]     bi_sectors=24
[  481.518001][T10524]     bi_version=0
[  481.518007][T10524]     bi_atime=2346883235
[  481.518012][T10524]     bi_ctime=2346883235
[  481.518018][T10524]     bi_mtime=2346883235
[  481.518024][T10524]     bi_otime=2346883235
[  481.518030][T10524]     bi_uid=0
[  481.518035][T10524]     bi_gid=0
[  481.518041][T10524]     bi_nlink=1
[  481.518046][T10524]     bi_generation=0
[  481.518052][T10524]     bi_dev=0
[  481.518057][T10524]     bi_data_checksum=0
[  481.518063][T10524]     bi_compression=0
[  481.518069][T10524]     bi_project=0
[  481.518075][T10524]     bi_background_compression=0
[  481.518081][T10524]     bi_data_replicas=0
[  481.518086][T10524]     bi_promote_target=0
[  481.518092][T10524]     bi_foreground_target=0
[  481.518098][T10524]     bi_background_target=0
[  481.518104][T10524]     bi_erasure_code=0
[  481.518110][T10524]     bi_fields_set=0
[  481.518115][T10524]     bi_dir=4096
[  481.518121][T10524]     bi_dir_offset=825491560675941567
[  481.518127][T10524]     bi_subvol=0
[  481.518133][T10524]     bi_parent_subvol=0
[  481.518138][T10524]     bi_nocow=0
[  481.518144][T10524]   
[  481.518149][T10524]   update: btree=alloc cached=0 bch2_trans_start_alloc_update+0x9ef/0xe20
[  481.518156][T10524]     old u64s 5 type deleted 0:34:0 len 0 ver 0
[  481.518162][T10524]     new u64s 12 type alloc_v4 0:34:0 len 0 ver 0: 
[  481.518169][T10524]     gen 0 oldest_gen 0 data_type user
[  481.518175][T10524]     journal_seq       0
[  481.518181][T10524]     need_discard      1
[  481.518187][T10524]     need_inc_gen      1
[  481.518193][T10524]     dirty_sectors     16
[  481.518198][T10524]     cached_sectors    0
[  481.518204][T10524]     stripe            0
[  481.518210][T10524]     stripe_redundancy 0
[  481.518216][T10524]     io_time[READ]     1
[  481.518221][T10524]     io_time[WRITE]    1288
[  481.518227][T10524]     fragmentation     0
[  481.518233][T10524]     bp_start          7
[  481.518239][T10524]   
[  481.518244][T10524]   update: btree=alloc cached=1 bch2_trans_start_alloc_update+0x9ef/0xe20
[  481.518251][T10524]     old u64s 5 type deleted 0:34:0 len 0 ver 0
[  481.518257][T10524]     new u64s 12 type alloc_v4 0:34:0 len 0 ver 0: 
[  481.518264][T10524]     gen 0 oldest_gen 0 data_type user
[  481.518270][T10524]     journal_seq       0
[  481.518276][T10524]     need_discard      1
[  481.518282][T10524]     need_inc_gen      1
[  481.518287][T10524]     dirty_sectors     16
[  481.518293][T10524]     cached_sectors    0
[  481.518299][T10524]     stripe            0
[  481.518305][T10524]     stripe_redundancy 0
[  481.518310][T10524]     io_time[READ]     1
[  481.518316][T10524]     io_time[WRITE]    1288
[  481.518322][T10524]     fragmentation     0
[  481.518328][T10524]     bp_start          7
[  481.518334][T10524]   
[  481.518339][T10524]   write_buffer_keys: btree=backpointers l=0 u64s 5 type deleted 0:8921088:0 len 0 ver 0write_buffer_keys: btree=backpointers l=0 u64s 9 type backpointer 0:8929280:0 len 0 ver 0: bucket=0:34:0 btree=extents l=0 offset=16:0 len=16 pos=1610612736:24:U32_MAX
[  483.157124][T10626] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.0'.
[  483.180699][T10524] bcachefs (loop1 inum 1610612736 offset 4096): user write error while doing btree update: EIO
[  483.430392][ T1621] bcachefs (loop1): finished waiting for writes to stop
[  483.437482][ T1621] bcachefs (loop1): done going read-only, filesystem not clean
[  483.449669][T10630] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[  483.512904][T10524] syz-executor.1 (10524) used greatest stack depth: 13848 bytes left
[  483.565178][T10632] pim6reg: entered allmulticast mode
[  483.586307][ T9033] bcachefs (loop1): shutting down
[  483.604913][T10626] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'.
[  483.660755][ T9033] bcachefs (loop1): shutdown complete
[  483.955988][T10652] fuse: Unknown parameter '00000000000000000000007'
[  483.993898][   T29] audit: type=1800 audit(1719024002.997:55): pid=10652 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="sda1" ino=1964 res=0 errno=0
[  484.113684][T10655] tipc: Enabled bearer <eth:geneve1>, priority 10
[  484.817839][T10651] block nbd2: shutting down sockets
[  485.244279][ T1621] tipc: Node number set to 2886997162
[  485.886966][T10689] team0: Device wlan1 is up. Set it down before adding it as a team port
[  486.038819][T10695] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.3'.
[  486.082461][T10674] loop4: detected capacity change from 0 to 32768
[  486.137082][T10702] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'.
[  486.225220][T10674] bcachefs (loop4): mounting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,nojournal_transaction_names
[  486.239784][T10674] bcachefs (loop4): recovering from clean shutdown, journal seq 8
[  486.283845][T10674] bcachefs (loop4): alloc_read... done
[  486.289412][T10674] bcachefs (loop4): stripes_read... done
[  486.301198][T10674] bcachefs (loop4): snapshots_read... done
[  486.316863][T10674] bcachefs (loop4): going read-write
[  486.333590][T10674] bcachefs (loop4): journal_replay... done
[  486.362158][T10674] bcachefs (loop4): resume_logged_ops... done
[  486.368751][T10674] bcachefs (loop4): delete_dead_inodes... done
[  486.393104][T10674] bcachefs (loop4): done starting filesystem
[  486.428821][ T5102] Bluetooth: hci4: Malformed LE Event: 0x1d
[  486.451569][T10674] bucket 0:34 gen 0 data type user sector count overflow: 0 + -24 > U32_MAX
[  486.451588][T10674] while marking u64s 6 type extent 1610612736:24:U32_MAX len 24 ver 0: durability: 1 ptr: 0:34:8 gen 0, shutting down
[  486.486549][  T784] bcachefs (loop4): going read-only
[  486.491846][T10674] bcachefs (loop4): inconsistency detected - emergency read only at journal seq 11
[  486.501827][  T784] bcachefs (loop4): flushing journal and stopping allocators, journal seq 11
[  486.511781][T10674] bucket 0:34 gen 0 data type user sector count overflow: 0 + -24 > U32_MAX
[  486.511875][T10674] while marking u64s 6 type extent 1610612736:24:U32_MAX len 24 ver 0: durability: 1 ptr: 0:34:8 gen 0, shutting down
[  486.520734][  T784] bcachefs (loop4): flushing journal and stopping allocators complete, journal seq 11
[  486.520844][  T784] bcachefs (loop4): unshutdown complete, journal seq 11
[  486.562783][T10674] bcachefs (loop4): incorrect key when clearing freespace:0:34:0 (got deleted should be set)
[  486.562783][T10674]   for u64s 5 type deleted 0:34:0 len 0 ver 0
[  486.581799][T10674] transaction updates for bch2_write_index_default journal seq 0
[  486.581816][T10674]   update: btree=extents cached=0 bch2_trans_update+0x1e29/0x2550
[  486.581829][T10674]     old u64s 5 type deleted 1610612736:8:U32_MAX len 0 ver 0
[  486.581841][T10674]     new u64s 6 type inline_data 1610612736:8:U32_MAX len 8 ver 0: datalen 8: 0000000000000000
[  486.581855][T10674]   update: btree=extents cached=0 bch2_trans_update+0x186f/0x2550
[  486.581867][T10674]     old u64s 6 type extent 1610612736:24:U32_MAX len 24 ver 0: durability: 1 ptr: 0:34:8 gen 0
[  486.583250][T10674]     new u64s 6 type extent 1610612736:24:U32_MAX len 16 ver 0: durability: 1 ptr: 0:34:16 gen 0
[  486.583269][T10674]   update: btree=inodes cached=1 bch2_extent_update_i_size_sectors+0xcc9/0x11d0
[  486.583282][T10674]     old u64s 18 type inode_v3 0:1610612736:U32_MAX len 0 ver 0:   mode=100755
[  486.583294][T10674]     flags= (15300000)
[  486.583304][T10674]     journal_seq=5
[  486.583315][T10674]     bi_size=9000
[  486.583325][T10674]     bi_sectors=24
[  486.583336][T10674]     bi_version=0
[  486.583347][T10674]     bi_atime=2346883235
[  486.583358][T10674]     bi_ctime=2346883235
[  486.583369][T10674]     bi_mtime=2346883235
[  486.583380][T10674]     bi_otime=2346883235
[  486.583391][T10674]     bi_uid=0
[  486.583401][T10674]     bi_gid=0
[  486.583411][T10674]     bi_nlink=1
[  486.583419][T10674]     bi_generation=0
[  486.583430][T10674]     bi_dev=0
[  486.583440][T10674]     bi_data_checksum=0
[  486.583451][T10674]     bi_compression=0
[  486.583462][T10674]     bi_project=0
[  486.583473][T10674]     bi_background_compression=0
[  486.583484][T10674]     bi_data_replicas=0
[  486.583495][T10674]     bi_promote_target=0
[  486.583505][T10674]     bi_foreground_target=0
[  486.583516][T10674]     bi_background_target=0
[  486.583527][T10674]     bi_erasure_code=0
[  486.583538][T10674]     bi_fields_set=0
[  486.583549][T10674]     bi_dir=4096
[  486.583560][T10674]     bi_dir_offset=825491560675941567
[  486.583571][T10674]     bi_subvol=0
[  486.583582][T10674]     bi_parent_subvol=0
[  486.583593][T10674]     bi_nocow=0
[  486.583603][T10674]   
[  486.583613][T10674]     new u64s 18 type inode_v3 0:1610612736:U32_MAX len 0 ver 0:   mode=100755
[  486.583627][T10674]     flags= (15300000)
[  486.583636][T10674]     journal_seq=5
[  486.583647][T10674]     bi_size=9000
[  486.583657][T10674]     bi_sectors=24
[  486.583668][T10674]     bi_version=0
[  486.583678][T10674]     bi_atime=2346883235
[  486.583689][T10674]     bi_ctime=2346883235
[  486.583701][T10674]     bi_mtime=2346883235
[  486.583712][T10674]     bi_otime=2346883235
[  486.583723][T10674]     bi_uid=0
[  486.583733][T10674]     bi_gid=0
[  486.583743][T10674]     bi_nlink=1
[  486.583754][T10674]     bi_generation=0
[  486.583763][T10674]     bi_dev=0
[  486.583771][T10674]     bi_data_checksum=0
[  486.583779][T10674]     bi_compression=0
[  486.583789][T10674]     bi_project=0
[  486.583800][T10674]     bi_background_compression=0
[  486.583812][T10674]     bi_data_replicas=0
[  486.583823][T10674]     bi_promote_target=0
[  486.583834][T10674]     bi_foreground_target=0
[  486.583845][T10674]     bi_background_target=0
[  486.583856][T10674]     bi_erasure_code=0
[  486.583867][T10674]     bi_fields_set=0
[  486.583877][T10674]     bi_dir=4096
[  486.583886][T10674]     bi_dir_offset=825491560675941567
[  486.583897][T10674]     bi_subvol=0
[  486.583908][T10674]     bi_parent_subvol=0
[  486.583919][T10674]     bi_nocow=0
[  486.583929][T10674]   
[  486.583940][T10674]   update: btree=alloc cached=0 bch2_trans_start_alloc_update+0x9ef/0xe20
[  486.583952][T10674]     old u64s 5 type deleted 0:34:0 len 0 ver 0
[  486.583964][T10674]     new u64s 12 type alloc_v4 0:34:0 len 0 ver 0: 
[  486.583977][T10674]     gen 0 oldest_gen 0 data_type user
[  486.583988][T10674]     journal_seq       0
[  486.583999][T10674]     need_discard      1
[  486.584019][T10674]     need_inc_gen      1
[  486.584030][T10674]     dirty_sectors     16
[  486.584041][T10674]     cached_sectors    0
[  486.584052][T10674]     stripe            0
[  486.584063][T10674]     stripe_redundancy 0
[  486.584074][T10674]     io_time[READ]     1
[  486.584085][T10674]     io_time[WRITE]    1288
[  486.584096][T10674]     fragmentation     0
[  486.584106][T10674]     bp_start          7
[  486.584117][T10674]   
[  486.584127][T10674]   update: btree=alloc cached=1 bch2_trans_start_alloc_update+0x9ef/0xe20
[  486.584140][T10674]     old u64s 5 type deleted 0:34:0 len 0 ver 0
[  486.584152][T10674]     new u64s 12 type alloc_v4 0:34:0 len 0 ver 0: 
[  486.584164][T10674]     gen 0 oldest_gen 0 data_type user
[  486.584176][T10674]     journal_seq       0
[  486.584187][T10674]     need_discard      1
[  486.584197][T10674]     need_inc_gen      1
[  486.584208][T10674]     dirty_sectors     16
[  486.584219][T10674]     cached_sectors    0
[  486.584229][T10674]     stripe            0
[  486.584240][T10674]     stripe_redundancy 0
[  486.584251][T10674]     io_time[READ]     1
[  486.584262][T10674]     io_time[WRITE]    1288
[  486.584348][T10674]     fragmentation     0
[  486.584361][T10674]     bp_start          7
[  486.584371][T10674]   
[  486.584382][T10674]   write_buffer_keys: btree=backpointers l=0 u64s 5 type deleted 0:8921088:0 len 0 ver 0write_buffer_keys: btree=backpointers l=0 u64s 9 type backpointer 0:8929280:0 len 0 ver 0: bucket=0:34:0 btree=extents l=0 offset=16:0 len=16 pos=1610612736:24:U32_MAX
[  487.181643][T10723] team0: Port device wlan1 added
[  488.455748][ T5102] Bluetooth: hci2: command 0x0406 tx timeout
[  489.121664][    C1] vkms_vblank_simulate: vblank timer overrun
[  489.171981][T10674] bcachefs (loop4 inum 1610612736 offset 4096): user write error while doing btree update: EIO
[  489.192835][  T784] bcachefs (loop4): finished waiting for writes to stop
[  489.234773][  T784] bcachefs (loop4): done going read-only, filesystem not clean
[  489.283306][ T8380] bcachefs (loop4): shutting down
[  489.371131][ T8380] bcachefs (loop4): shutdown complete
[  490.537998][T10766] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.
[  490.707809][T10768] loop2: detected capacity change from 0 to 256
[  490.769739][T10764] loop1: detected capacity change from 0 to 4096
[  490.865232][T10764] ntfs3: loop1: Failed to load $Extend (-22).
[  490.871503][T10764] ntfs3: loop1: Failed to initialize $Extend.
[  491.114738][T10764] ntfs3: loop1: ino=1f, "file2" attr_set_size
[  492.166893][T10782] loop4: detected capacity change from 0 to 128
[  492.565907][T10782] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  492.715028][T10782] ext4 filesystem being mounted at /root/syzkaller-testdir1048712914/syzkaller.KGT2fE/101/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  492.899048][T10791] netlink: 124 bytes leftover after parsing attributes in process `syz-executor.4'.
[  492.944320][T10791] netlink: 124 bytes leftover after parsing attributes in process `syz-executor.4'.
[  493.145085][ T8380] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  493.608168][T10789] loop1: detected capacity change from 0 to 32768
[  493.668718][T10803] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[  493.810564][T10789] bcachefs (loop1): mounting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,nojournal_transaction_names
[  493.889162][T10789] bcachefs (loop1): recovering from clean shutdown, journal seq 8
[  493.969780][  T784] IPVS: starting estimator thread 0...
[  493.993615][T10789] bcachefs (loop1): alloc_read... done
[  494.011330][T10789] bcachefs (loop1): stripes_read... done
[  494.096196][T10789] bcachefs (loop1): snapshots_read... done
[  494.114747][T10813] IPVS: using max 17 ests per chain, 40800 per kthread
[  494.635232][T10789] bcachefs (loop1): going read-write
[  494.707965][T10789] bcachefs (loop1): journal_replay... done
[  494.844964][T10789] bcachefs (loop1): resume_logged_ops... done
[  494.851118][T10789] bcachefs (loop1): delete_dead_inodes... done
[  494.883097][T10789] bcachefs (loop1): done starting filesystem
[  495.018342][T10789] bucket 0:34 gen 0 data type user sector count overflow: 0 + -24 > U32_MAX
[  495.018366][T10789] while marking u64s 6 type extent 1610612736:24:U32_MAX len 24 ver 0: durability: 1 ptr: 0:34:8 gen 0, shutting down
[  495.082350][   T25] bcachefs (loop1): going read-only
[  495.087964][T10789] bcachefs (loop1): inconsistency detected - emergency read only at journal seq 12
[  495.114972][T10789] bucket 0:34 gen 0 data type user sector count overflow: 0 + -24 > U32_MAX
[  495.114995][T10789] while marking u64s 6 type extent 1610612736:24:U32_MAX len 24 ver 0: durability: 1 ptr: 0:34:8 gen 0, shutting down
[  495.125271][   T25] bcachefs (loop1): flushing journal and stopping allocators, journal seq 12
[  495.125352][   T25] bcachefs (loop1): flushing journal and stopping allocators complete, journal seq 12
[  495.132880][   T25] bcachefs (loop1): unshutdown complete, journal seq 12
[  495.179439][T10834] loop2: detected capacity change from 0 to 2048
[  495.225403][T10837] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  495.598890][T10789] bcachefs (loop1): incorrect key when clearing freespace:0:34:0 (got deleted should be set)
[  495.598890][T10789]   for u64s 5 type deleted 0:34:0 len 0 ver 0
[  495.642579][T10789] transaction updates for bch2_write_index_default journal seq 0
[  495.642600][T10789]   update: btree=extents cached=0 bch2_trans_update+0x1e29/0x2550
[  495.642614][T10789]     old u64s 5 type deleted 1610612736:8:U32_MAX len 0 ver 0
[  495.642626][T10789]     new u64s 6 type inline_data 1610612736:8:U32_MAX len 8 ver 0: datalen 8: 0000000000000000
[  495.642640][T10789]   update: btree=extents cached=0 bch2_trans_update+0x186f/0x2550
[  495.642653][T10789]     old u64s 6 type extent 1610612736:24:U32_MAX len 24 ver 0: durability: 1 ptr: 0:34:8 gen 0
[  495.642667][T10789]     new u64s 6 type extent 1610612736:24:U32_MAX len 16 ver 0: durability: 1 ptr: 0:34:16 gen 0
[  495.642681][T10789]   update: btree=inodes cached=1 bch2_extent_update_i_size_sectors+0xcc9/0x11d0
[  495.642695][T10789]     old u64s 18 type inode_v3 0:1610612736:U32_MAX len 0 ver 0:   mode=100755
[  495.642707][T10789]     flags= (15300000)
[  495.642718][T10789]     journal_seq=5
[  495.642728][T10789]     bi_size=9000
[  495.642739][T10789]     bi_sectors=24
[  495.642750][T10789]     bi_version=0
[  495.642761][T10789]     bi_atime=2346883235
[  495.642771][T10789]     bi_ctime=2346883235
[  495.642782][T10789]     bi_mtime=2346883235
[  495.642793][T10789]     bi_otime=2346883235
[  495.642804][T10789]     bi_uid=0
[  495.642814][T10789]     bi_gid=0
[  495.642825][T10789]     bi_nlink=1
[  495.642835][T10789]     bi_generation=0
[  495.642846][T10789]     bi_dev=0
[  495.642856][T10789]     bi_data_checksum=0
[  495.642866][T10789]     bi_compression=0
[  495.642877][T10789]     bi_project=0
[  495.642887][T10789]     bi_background_compression=0
[  495.642898][T10789]     bi_data_replicas=0
[  495.642909][T10789]     bi_promote_target=0
[  495.642921][T10789]     bi_foreground_target=0
[  495.642932][T10789]     bi_background_target=0
[  495.642943][T10789]     bi_erasure_code=0
[  495.642994][T10789]     bi_fields_set=0
[  495.643005][T10789]     bi_dir=4096
[  495.643015][T10789]     bi_dir_offset=825491560675941567
[  495.643025][T10789]     bi_subvol=0
[  495.643035][T10789]     bi_parent_subvol=0
[  495.643045][T10789]     bi_nocow=0
[  495.643055][T10789]   
[  495.643064][T10789]     new u64s 18 type inode_v3 0:1610612736:U32_MAX len 0 ver 0:   mode=100755
[  495.643077][T10789]     flags= (15300000)
[  495.643087][T10789]     journal_seq=5
[  495.643097][T10789]     bi_size=9000
[  495.643114][T10789]     bi_sectors=24
[  495.643125][T10789]     bi_version=0
[  495.643136][T10789]     bi_atime=2346883235
[  495.643147][T10789]     bi_ctime=2346883235
[  495.643157][T10789]     bi_mtime=2346883235
[  495.643168][T10789]     bi_otime=2346883235
[  495.643179][T10789]     bi_uid=0
[  495.643189][T10789]     bi_gid=0
[  495.643200][T10789]     bi_nlink=1
[  495.643210][T10789]     bi_generation=0
[  495.643221][T10789]     bi_dev=0
[  495.643231][T10789]     bi_data_checksum=0
[  495.643242][T10789]     bi_compression=0
[  495.643253][T10789]     bi_project=0
[  495.643263][T10789]     bi_background_compression=0
[  495.643275][T10789]     bi_data_replicas=0
[  495.643286][T10789]     bi_promote_target=0
[  495.643297][T10789]     bi_foreground_target=0
[  495.643308][T10789]     bi_background_target=0
[  495.643318][T10789]     bi_erasure_code=0
[  495.643329][T10789]     bi_fields_set=0
[  495.643340][T10789]     bi_dir=4096
[  495.643349][T10789]     bi_dir_offset=825491560675941567
[  495.643361][T10789]     bi_subvol=0
[  495.643372][T10789]     bi_parent_subvol=0
[  495.643382][T10789]     bi_nocow=0
[  495.643392][T10789]   
[  495.643402][T10789]   update: btree=alloc cached=0 bch2_trans_start_alloc_update+0x9ef/0xe20
[  495.643414][T10789]     old u64s 5 type deleted 0:34:0 len 0 ver 0
[  495.643426][T10789]     new u64s 12 type alloc_v4 0:34:0 len 0 ver 0: 
[  495.643438][T10789]     gen 0 oldest_gen 0 data_type user
[  495.643449][T10789]     journal_seq       0
[  495.643594][T10789]     need_discard      1
[  495.643717][T10789]     need_inc_gen      1
[  495.643886][T10789]     dirty_sectors     16
[  495.644332][T10789]     cached_sectors    0
[  495.644721][T10789]     stripe            0
[  495.644881][T10789]     stripe_redundancy 0
[  495.644894][T10789]     io_time[READ]     1
[  495.644906][T10789]     io_time[WRITE]    1288
[  495.644917][T10789]     fragmentation     0
[  495.644928][T10789]     bp_start          7
[  495.644939][T10789]   
[  495.644949][T10789]   update: btree=alloc cached=1 bch2_trans_start_alloc_update+0x9ef/0xe20
[  495.644962][T10789]     old u64s 5 type deleted 0:34:0 len 0 ver 0
[  495.644975][T10789]     new u64s 12 type alloc_v4 0:34:0 len 0 ver 0: 
[  495.644987][T10789]     gen 0 oldest_gen 0 data_type user
[  495.644998][T10789]     journal_seq       0
[  495.645009][T10789]     need_discard      1
[  495.645020][T10789]     need_inc_gen      1
[  495.645031][T10789]     dirty_sectors     16
[  495.645042][T10789]     cached_sectors    0
[  495.645052][T10789]     stripe            0
[  495.645063][T10789]     stripe_redundancy 0
[  495.645074][T10789]     io_time[READ]     1
[  495.645085][T10789]     io_time[WRITE]    1288
[  495.645096][T10789]     fragmentation     0
[  495.645107][T10789]     bp_start          7
[  495.645123][T10789]   
[  495.645134][T10789]   write_buffer_keys: btree=backpointers l=0 u64s 5 type deleted 0:8921088:0 len 0 ver 0write_buffer_keys: btree=backpointers l=0 u64s 9 type backpointer 0:8929280:0 len 0 ver 0: bucket=0:34:0 btree=extents l=0 offset=16:0 len=16 pos=1610612736:24:U32_MAX
[  496.576306][T10789] bcachefs (loop1 inum 1610612736 offset 4096): user write error while doing btree update: EIO
[  496.607348][   T25] bcachefs (loop1): finished waiting for writes to stop
[  496.635018][   T25] bcachefs (loop1): done going read-only, filesystem not clean
[  496.668559][ T9033] bcachefs (loop1): shutting down
[  496.800872][ T9033] bcachefs (loop1): shutdown complete
[  497.056548][ T5115] Bluetooth: hci1: Malformed LE Event: 0x1d
[  497.443124][   T25] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  497.658436][   T25] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  497.682482][   T25] usb 4-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  497.713106][   T25] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  497.757540][   T25] usb 4-1: config 0 descriptor??
[  498.209097][   T25] keytouch 0003:0926:3333.0001: fixing up Keytouch IEC report descriptor
[  498.255858][   T25] input: HID 0926:3333 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:0926:3333.0001/input/input9
[  498.427480][   T25] keytouch 0003:0926:3333.0001: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.3-1/input0
[  498.642105][T10897] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[  498.650631][T10878] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  498.661627][T10878] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  498.694169][ T5115] Bluetooth: hci0: command 0x0406 tx timeout
[  498.738872][    C1] Mem-Info:
[  498.742414][    C1] active_anon:529 inactive_anon:27793 isolated_anon:0
[  498.742414][    C1]  active_file:4309 inactive_file:42758 isolated_file:0
[  498.742414][    C1]  unevictable:768 dirty:37 writeback:0
[  498.742414][    C1]  slab_reclaimable:10305 slab_unreclaimable:98025
[  498.742414][    C1]  mapped:18406 shmem:7568 pagetables:648
[  498.742414][    C1]  sec_pagetables:0 bounce:0
[  498.742414][    C1]  kernel_misc_reclaimable:0
[  498.742414][    C1]  free:1370719 free_pcp:3285 free_cma:0
[  498.787586][    C1] Node 0 active_anon:2116kB inactive_anon:111072kB active_file:17168kB inactive_file:171032kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:73624kB dirty:144kB writeback:0kB shmem:28736kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:9888kB pagetables:2492kB sec_pagetables:0kB all_unreclaimable? no
[  498.820065][    C1] Node 1 active_anon:0kB inactive_anon:0kB active_file:68kB inactive_file:0kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  498.850104][    C1] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  498.877110][    C1] lowmem_reserve[]: 0 2571 2571 0 0
[  498.882327][    C1] Node 0 DMA32 free:1523472kB boost:0kB min:35108kB low:43884kB high:52660kB reserved_highatomic:0KB active_anon:2112kB inactive_anon:111040kB active_file:16904kB inactive_file:170972kB unevictable:1536kB writepending:144kB present:3129332kB managed:2659868kB mlocked:0kB bounce:0kB free_pcp:10260kB local_pcp:9484kB free_cma:0kB
[  498.913082][    C1] lowmem_reserve[]: 0 0 0 0 0
[  498.917807][    C1] Node 0 Normal free:0kB boost:0kB min:4kB low:4kB high:4kB reserved_highatomic:0KB active_anon:4kB inactive_anon:32kB active_file:264kB inactive_file:60kB unevictable:0kB writepending:0kB present:1048576kB managed:360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  498.944557][    C1] lowmem_reserve[]: 0 0 0 0 0
[  498.949263][    C1] Node 1 Normal free:3945160kB boost:0kB min:54788kB low:68484kB high:82180kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:68kB inactive_file:0kB unevictable:1536kB writepending:4kB present:4194304kB managed:4109120kB mlocked:0kB bounce:0kB free_pcp:2264kB local_pcp:0kB free_cma:0kB
[  498.978176][    C1] lowmem_reserve[]: 0 0 0 0 0
[  498.982871][    C1] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  498.995564][    C1] Node 0 DMA32: 1204*4kB (ME) 770*8kB (ME) 626*16kB (UME) 475*32kB (UME) 147*64kB (UME) 95*128kB (UME) 49*256kB (UME) 24*512kB (UME) 15*1024kB (UM) 6*2048kB (UME) 345*4096kB (UM) = 1523360kB
[  499.014393][    C1] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  499.025857][    C1] Node 1 Normal: 3*4kB (U) 12*8kB (UM) 13*16kB (UM) 10*32kB (UM) 8*64kB (U) 3*128kB (U) 1*256kB (M) 2*512kB (UM) 2*1024kB (U) 2*2048kB (U) 961*4096kB (UM) = 3945212kB
[  499.042605][    C1] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  499.052134][    C1] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  499.061409][    C1] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  499.070934][    C1] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  499.080195][    C1] 54485 total pagecache pages
[  499.084854][    C1] 0 pages in swap cache
[  499.088987][    C1] Free swap  = 124588kB
[  499.093122][    C1] Total swap = 124996kB
[  499.097255][    C1] 2097051 pages RAM
[  499.101041][    C1] 0 pages HighMem/MovableOnly
[  499.105696][    C1] 400874 pages reserved
[  499.109832][    C1] 0 pages cma reserved
[  499.404564][ T5158] usb 4-1: USB disconnect, device number 6
acpid: input device has been disconnected, fd 10
[  499.662822][T10909] loop2: detected capacity change from 0 to 32768
[  499.671910][T10915] netlink: 'syz-executor.0': attribute type 4 has an invalid length.
[  499.890976][T10928] netlink: 36 bytes leftover after parsing attributes in process `syz-executor.0'.
[  499.902138][T10928] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.0'.
[  499.907281][T10909] bcachefs (loop2): mounting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,nojournal_transaction_names
[  499.952429][T10928] random: crng reseeded on system resumption
[  500.015233][T10909] bcachefs (loop2): recovering from clean shutdown, journal seq 8
[  500.184040][T10909] bcachefs (loop2): alloc_read... done
[  500.196375][T10909] bcachefs (loop2): stripes_read... done
[  500.222643][T10909] bcachefs (loop2): snapshots_read... done
[  500.266014][T10909] bcachefs (loop2): going read-write
[  500.274227][T10942] fuse: Bad value for 'fd'
[  500.281580][T10909] bcachefs (loop2): journal_replay... done
[  500.309871][   T29] audit: type=1804 audit(1719024019.307:56): pid=10942 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz-executor.4" name="/root/syzkaller-testdir1048712914/syzkaller.KGT2fE/109/file0" dev="sda1" ino=1965 res=1 errno=0
[  500.351365][T10909] bcachefs (loop2): resume_logged_ops... done
[  500.358175][T10909] bcachefs (loop2): delete_dead_inodes... done
[  500.375954][T10909] bcachefs (loop2): done starting filesystem
[  500.435563][T10909] bucket 0:34 gen 0 data type user sector count overflow: 0 + -24 > U32_MAX
[  500.436177][T10909] while marking u64s 6 type extent 1610612736:24:U32_MAX len 24 ver 0: durability: 1 ptr: 0:34:8 gen 0, shutting down
[  500.495924][ T5158] bcachefs (loop2): going read-only
[  500.502472][T10909] bcachefs (loop2): inconsistency detected - emergency read only at journal seq 11
[  500.524288][ T5158] bcachefs (loop2): flushing journal and stopping allocators, journal seq 11
[  500.544265][T10909] bucket 0:34 gen 0 data type user sector count overflow: 0 + -24 > U32_MAX
[  500.544285][T10909] while marking u64s 6 type extent 1610612736:24:U32_MAX len 24 ver 0: durability: 1 ptr: 0:34:8 gen 0, shutting down
[  500.558226][ T5158] bcachefs (loop2): flushing journal and stopping allocators complete, journal seq 11
[  500.563543][ T5158] bcachefs (loop2): unshutdown complete, journal seq 11
[  501.027920][T10909] bcachefs (loop2): incorrect key when clearing freespace:0:34:0 (got deleted should be set)
[  501.027920][T10909]   for u64s 5 type deleted 0:34:0 len 0 ver 0
[  501.673199][T10909] transaction updates for bch2_write_index_default journal seq 0
[  501.673220][T10909]   update: btree=extents cached=0 bch2_trans_update+0x1e29/0x2550
[  501.673234][T10909]     old u64s 5 type deleted 1610612736:8:U32_MAX len 0 ver 0
[  501.673247][T10909]     new u64s 6 type inline_data 1610612736:8:U32_MAX len 8 ver 0: datalen 8: 0000000000000000
[  501.673261][T10909]   update: btree=extents cached=0 bch2_trans_update+0x186f/0x2550
[  501.673273][T10909]     old u64s 6 type extent 1610612736:24:U32_MAX len 24 ver 0: durability: 1 ptr: 0:34:8 gen 0
[  501.673287][T10909]     new u64s 6 type extent 1610612736:24:U32_MAX len 16 ver 0: durability: 1 ptr: 0:34:16 gen 0
[  501.673300][T10909]   update: btree=inodes cached=1 bch2_extent_update_i_size_sectors+0xcc9/0x11d0
[  501.673313][T10909]     old u64s 18 type inode_v3 0:1610612736:U32_MAX len 0 ver 0:   mode=100755
[  501.673326][T10909]     flags= (15300000)
[  501.673336][T10909]     journal_seq=5
[  501.673347][T10909]     bi_size=9000
[  501.673357][T10909]     bi_sectors=24
[  501.673367][T10909]     bi_version=0
[  501.673376][T10909]     bi_atime=2346883235
[  501.673387][T10909]     bi_ctime=2346883235
[  501.673397][T10909]     bi_mtime=2346883235
[  501.673408][T10909]     bi_otime=2346883235
[  501.673419][T10909]     bi_uid=0
[  501.673429][T10909]     bi_gid=0
[  501.673439][T10909]     bi_nlink=1
[  501.673449][T10909]     bi_generation=0
[  501.673459][T10909]     bi_dev=0
[  501.673470][T10909]     bi_data_checksum=0
[  501.673480][T10909]     bi_compression=0
[  501.673492][T10909]     bi_project=0
[  501.673502][T10909]     bi_background_compression=0
[  501.673513][T10909]     bi_data_replicas=0
[  501.673523][T10909]     bi_promote_target=0
[  501.673533][T10909]     bi_foreground_target=0
[  501.673552][T10909]     bi_background_target=0
[  501.673562][T10909]     bi_erasure_code=0
[  501.673573][T10909]     bi_fields_set=0
[  501.673584][T10909]     bi_dir=4096
[  501.673594][T10909]     bi_dir_offset=825491560675941567
[  501.673604][T10909]     bi_subvol=0
[  501.673615][T10909]     bi_parent_subvol=0
[  501.673626][T10909]     bi_nocow=0
[  501.673636][T10909]   
[  501.673646][T10909]     new u64s 18 type inode_v3 0:1610612736:U32_MAX len 0 ver 0:   mode=100755
[  501.673659][T10909]     flags= (15300000)
[  501.673670][T10909]     journal_seq=5
[  501.673679][T10909]     bi_size=9000
[  501.673689][T10909]     bi_sectors=24
[  501.673698][T10909]     bi_version=0
[  501.673708][T10909]     bi_atime=2346883235
[  501.673718][T10909]     bi_ctime=2346883235
[  501.673728][T10909]     bi_mtime=2346883235
[  501.673738][T10909]     bi_otime=2346883235
[  501.673748][T10909]     bi_uid=0
[  501.673758][T10909]     bi_gid=0
[  501.673768][T10909]     bi_nlink=1
[  501.673778][T10909]     bi_generation=0
[  501.673789][T10909]     bi_dev=0
[  501.673798][T10909]     bi_data_checksum=0
[  501.673809][T10909]     bi_compression=0
[  501.673819][T10909]     bi_project=0
[  501.673829][T10909]     bi_background_compression=0
[  501.673841][T10909]     bi_data_replicas=0
[  501.673851][T10909]     bi_promote_target=0
[  501.673862][T10909]     bi_foreground_target=0
[  501.673873][T10909]     bi_background_target=0
[  501.673883][T10909]     bi_erasure_code=0
[  501.673893][T10909]     bi_fields_set=0
[  501.673904][T10909]     bi_dir=4096
[  501.673914][T10909]     bi_dir_offset=825491560675941567
[  501.673926][T10909]     bi_subvol=0
[  501.673936][T10909]     bi_parent_subvol=0
[  501.673947][T10909]     bi_nocow=0
[  501.673957][T10909]   
[  501.673967][T10909]   update: btree=alloc cached=0 bch2_trans_start_alloc_update+0x9ef/0xe20
[  501.673980][T10909]     old u64s 5 type deleted 0:34:0 len 0 ver 0
[  501.673992][T10909]     new u64s 12 type alloc_v4 0:34:0 len 0 ver 0: 
[  501.674003][T10909]     gen 0 oldest_gen 0 data_type user
[  501.674015][T10909]     journal_seq       0
[  501.674024][T10909]     need_discard      1
[  501.674035][T10909]     need_inc_gen      1
[  501.674046][T10909]     dirty_sectors     16
[  501.674057][T10909]     cached_sectors    0
[  501.674067][T10909]     stripe            0
[  501.674077][T10909]     stripe_redundancy 0
[  501.674088][T10909]     io_time[READ]     1
[  501.674099][T10909]     io_time[WRITE]    1288
[  501.674110][T10909]     fragmentation     0
[  501.674121][T10909]     bp_start          7
[  501.674132][T10909]   
[  501.674142][T10909]   update: btree=alloc cached=1 bch2_trans_start_alloc_update+0x9ef/0xe20
[  501.674155][T10909]     old u64s 5 type deleted 0:34:0 len 0 ver 0
[  501.674168][T10909]     new u64s 12 type alloc_v4 0:34:0 len 0 ver 0: 
[  501.674180][T10909]     gen 0 oldest_gen 0 data_type user
[  501.674191][T10909]     journal_seq       0
[  501.674202][T10909]     need_discard      1
[  501.674212][T10909]     need_inc_gen      1
[  501.674223][T10909]     dirty_sectors     16
[  501.674234][T10909]     cached_sectors    0
[  501.674244][T10909]     stripe            0
[  501.674255][T10909]     stripe_redundancy 0
[  501.674265][T10909]     io_time[READ]     1
[  501.674276][T10909]     io_time[WRITE]    1288
[  501.674287][T10909]     fragmentation     0
[  501.674297][T10909]     bp_start          7
[  501.674307][T10909]   
[  501.674318][T10909]   write_buffer_keys: btree=backpointers l=0 u64s 5 type deleted 0:8921088:0 len 0 ver 0write_buffer_keys: btree=backpointers l=0 u64s 9 type backpointer 0:8929280:0 len 0 ver 0: bucket=0:34:0 btree=extents l=0 offset=16:0 len=16 pos=1610612736:24:U32_MAX
[  501.709830][T10956] fuse: Unknown parameter '00000000000000000000007'
[  501.721882][T10909] bcachefs (loop2 inum 1610612736 offset 4096): user write error while doing btree update: EIO
[  501.758111][ T1244] ieee802154 phy0 wpan0: encryption failed: -22
[  501.776117][T10909] syz-executor.2 (10909) used greatest stack depth: 13776 bytes left
[  501.783373][ T5158] bcachefs (loop2): finished waiting for writes to stop
[  501.810333][ T1244] ieee802154 phy1 wpan1: encryption failed: -22
[  502.190334][   T29] audit: type=1800 audit(1719024020.797:57): pid=10951 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.4" name="bus" dev="sda1" ino=1966 res=0 errno=0
[  502.303050][ T5158] bcachefs (loop2): done going read-only, filesystem not clean
[  502.312791][ T5619] bcachefs (loop2): shutting down
[  502.325625][T10955] team0: Port device wlan1 added
[  502.389740][T10948] block nbd4: shutting down sockets
[  502.424671][ T5619] bcachefs (loop2): shutdown complete
[  502.723910][T10973] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
[  503.697611][T10992] netlink: 36 bytes leftover after parsing attributes in process `syz-executor.3'.
[  503.759654][T10993] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.3'.
[  503.856894][T10992] random: crng reseeded on system resumption
[  503.875322][T10978] syz-executor.4 (10978): drop_caches: 2
[  504.087903][T11001] fuse: Bad value for 'fd'
[  504.198856][T11001] loop2: detected capacity change from 0 to 2048
[  504.260385][T11006] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  505.273539][ T5153] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  505.475212][ T5153] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  505.501590][ T5153] usb 5-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  505.543338][ T5153] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  505.584649][ T5153] usb 5-1: config 0 descriptor??
[  505.882408][T11028] vlan2: entered promiscuous mode
[  505.912904][T11028] syz_tun: entered promiscuous mode
[  505.984801][T11028] syz_tun: left promiscuous mode
[  506.025611][ T5153] keytouch 0003:0926:3333.0002: fixing up Keytouch IEC report descriptor
[  506.108325][ T5153] input: HID 0926:3333 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:0926:3333.0002/input/input10
[  506.270670][ T5153] keytouch 0003:0926:3333.0002: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.4-1/input0
[  506.500223][T11004] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  506.539481][T11004] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  506.616165][    C0] Mem-Info:
[  506.619322][    C0] active_anon:467 inactive_anon:29077 isolated_anon:0
[  506.619322][    C0]  active_file:4187 inactive_file:42917 isolated_file:0
[  506.619322][    C0]  unevictable:812 dirty:0 writeback:0
[  506.619322][    C0]  slab_reclaimable:10349 slab_unreclaimable:97164
[  506.619322][    C0]  mapped:18923 shmem:9022 pagetables:621
[  506.619322][    C0]  sec_pagetables:0 bounce:0
[  506.619322][    C0]  kernel_misc_reclaimable:0
[  506.619322][    C0]  free:1372357 free_pcp:2350 free_cma:0
[  506.664428][    C0] Node 0 active_anon:1868kB inactive_anon:116508kB active_file:16680kB inactive_file:171668kB unevictable:1712kB isolated(anon):0kB isolated(file):0kB mapped:75692kB dirty:0kB writeback:0kB shmem:34552kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:9884kB pagetables:2584kB sec_pagetables:0kB all_unreclaimable? no
[  506.696727][    C0] Node 1 active_anon:0kB inactive_anon:0kB active_file:68kB inactive_file:0kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  506.726793][    C0] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  506.753801][    C0] lowmem_reserve[]: 0 2571 2571 0 0
[  506.759016][    C0] Node 0 DMA32 free:1527656kB boost:0kB min:35108kB low:43884kB high:52660kB reserved_highatomic:0KB active_anon:1864kB inactive_anon:116476kB active_file:16416kB inactive_file:171608kB unevictable:1712kB writepending:0kB present:3129332kB managed:2659868kB mlocked:176kB bounce:0kB free_pcp:7524kB local_pcp:7112kB free_cma:0kB
[  506.789668][    C0] lowmem_reserve[]: 0 0 0 0 0
[  506.794381][    C0] Node 0 Normal free:0kB boost:0kB min:4kB low:4kB high:4kB reserved_highatomic:0KB active_anon:4kB inactive_anon:32kB active_file:264kB inactive_file:60kB unevictable:0kB writepending:0kB present:1048576kB managed:360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  506.821175][    C0] lowmem_reserve[]: 0 0 0 0 0
[  506.825872][    C0] Node 1 Normal free:3945712kB boost:0kB min:54788kB low:68484kB high:82180kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:68kB inactive_file:0kB unevictable:1536kB writepending:0kB present:4194304kB managed:4109120kB mlocked:0kB bounce:0kB free_pcp:1760kB local_pcp:1760kB free_cma:0kB
[  506.855055][    C0] lowmem_reserve[]: 0 0 0 0 0
[  506.859757][    C0] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  506.872344][    C0] Node 0 DMA32: 1960*4kB (UME) 1143*8kB (UME) 637*16kB (UME) 535*32kB (UME) 180*64kB (UME) 78*128kB (UME) 38*256kB (UM) 24*512kB (UME) 16*1024kB (UM) 7*2048kB (UME) 344*4096kB (UM) = 1527560kB
[  506.891317][    C0] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  506.902762][    C0] Node 1 Normal: 2*4kB (U) 11*8kB (UM) 13*16kB (UM) 10*32kB (UM) 8*64kB (U) 3*128kB (U) 1*256kB (M) 3*512kB (UM) 2*1024kB (U) 2*2048kB (U) 961*4096kB (UM) = 3945712kB
[  506.919480][    C0] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  506.929011][    C0] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  506.938279][    C0] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  506.947807][    C0] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  506.957075][    C0] 55986 total pagecache pages
[  506.961746][    C0] 0 pages in swap cache
[  506.965886][    C0] Free swap  = 124588kB
[  506.970025][    C0] Total swap = 124996kB
[  506.974163][    C0] 2097051 pages RAM
[  506.977954][    C0] 0 pages HighMem/MovableOnly
[  506.982624][    C0] 400874 pages reserved
[  506.986774][    C0] 0 pages cma reserved
[  507.433461][T11047] loop1: detected capacity change from 0 to 2048
[  507.461205][ T5154] usb 5-1: USB disconnect, device number 3
[  507.585854][T11049] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
acpid: input device has been disconnected, fd 3
[  507.926762][T11054] fuse: Bad value for 'fd'
[  507.932799][   T29] audit: type=1804 audit(1719024026.927:58): pid=11054 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz-executor.2" name="/root/syzkaller-testdir1943652706/syzkaller.WfCiPi/262/file0" dev="sda1" ino=1955 res=1 errno=0
[  507.935903][T11056] netlink: 36 bytes leftover after parsing attributes in process `syz-executor.3'.
[  508.037949][T11056] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.3'.
[  508.118616][T11056] random: crng reseeded on system resumption
[  508.183808][T11058] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.4'.
[  508.971664][T11092] fuse: Unknown parameter '0x0000000000000004'
[  508.986192][   T29] audit: type=1804 audit(1719024027.987:59): pid=11092 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz-executor.3" name="/root/syzkaller-testdir3187535921/syzkaller.PCUV3h/147/file0" dev="sda1" ino=1964 res=1 errno=0
[  509.069383][T11089] netlink: 36 bytes leftover after parsing attributes in process `syz-executor.2'.
[  509.244684][ T5153] IPVS: starting estimator thread 0...
[  509.463175][T11096] IPVS: using max 23 ests per chain, 55200 per kthread
[  510.670897][T11107] loop3: detected capacity change from 0 to 2048
[  510.892520][T11119] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  511.797351][T11130] fuse: Unknown parameter '0x0000000000000004'
[  511.830505][   T29] audit: type=1804 audit(1719024030.827:60): pid=11130 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz-executor.3" name="/root/syzkaller-testdir3187535921/syzkaller.PCUV3h/150/file0" dev="sda1" ino=1959 res=1 errno=0
[  511.910997][T11115] loop2: detected capacity change from 0 to 32768
[  513.034504][T11145] netlink: 36 bytes leftover after parsing attributes in process `syz-executor.1'.
[  513.483471][T11165] fuse: Unknown parameter '0x0000000000000004'
[  513.517868][   T29] audit: type=1804 audit(1719024032.507:61): pid=11165 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir4238717511/syzkaller.oMaqce/109/file0" dev="sda1" ino=1944 res=1 errno=0
[  513.679709][T11166] loop3: detected capacity change from 0 to 2048
[  513.713731][T11172] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  516.656105][T11174] loop1: detected capacity change from 0 to 32768
[  517.393688][T11207] netlink: 36 bytes leftover after parsing attributes in process `syz-executor.2'.
[  517.544544][T11196] loop4: detected capacity change from 0 to 32768
[  517.785391][T11220] vlan2: entered promiscuous mode
[  517.790593][T11220] syz_tun: entered promiscuous mode
[  517.821559][T11220] syz_tun: left promiscuous mode
[  517.882591][T11196] bcachefs (loop4): mounting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,nojournal_transaction_names
[  517.930824][T11196] bcachefs (loop4): recovering from clean shutdown, journal seq 8
[  517.998450][T11196] bcachefs (loop4): alloc_read... done
[  518.014637][T11196] bcachefs (loop4): stripes_read... done
[  518.021478][T11196] bcachefs (loop4): snapshots_read... done
[  518.045371][T11196] bcachefs (loop4): going read-write
[  518.052404][T11196] bcachefs (loop4): journal_replay... done
[  518.100278][T11196] bcachefs (loop4): resume_logged_ops... done
[  518.110591][T11196] bcachefs (loop4): delete_dead_inodes... done
[  518.122916][T11196] bcachefs (loop4): done starting filesystem
[  518.228381][T11196] bucket 0:34 gen 0 data type user sector count overflow: 0 + -24 > U32_MAX
[  518.228403][T11196] while marking u64s 6 type extent 1610612736:24:U32_MAX len 24 ver 0: durability: 1 ptr: 0:34:8 gen 0, shutting down
[  518.293356][ T5154] bcachefs (loop4): going read-only
[  518.298805][T11196] bcachefs (loop4): inconsistency detected - emergency read only at journal seq 12
[  518.318546][ T5154] bcachefs (loop4): flushing journal and stopping allocators, journal seq 12
[  518.406245][T11196] bucket 0:34 gen 0 data type user sector count overflow: 0 + -24 > U32_MAX
[  518.406268][T11196] while marking u64s 6 type extent 1610612736:24:U32_MAX len 24 ver 0: durability: 1 ptr: 0:34:8 gen 0, shutting down
[  518.423318][ T5154] bcachefs (loop4): flushing journal and stopping allocators complete, journal seq 12
[  518.427290][ T5154] bcachefs (loop4): unshutdown complete, journal seq 12
[  518.630199][T11196] bcachefs (loop4): incorrect key when clearing freespace:0:34:0 (got deleted should be set)
[  518.630199][T11196]   for u64s 5 type deleted 0:34:0 len 0 ver 0
[  518.667451][T11196] transaction updates for bch2_write_index_default journal seq 0
[  518.667472][T11196]   update: btree=extents cached=0 bch2_trans_update+0x1e29/0x2550
[  518.667486][T11196]     old u64s 5 type deleted 1610612736:8:U32_MAX len 0 ver 0
[  518.667499][T11196]     new u64s 6 type inline_data 1610612736:8:U32_MAX len 8 ver 0: datalen 8: 0000000000000000
[  518.667512][T11196]   update: btree=extents cached=0 bch2_trans_update+0x186f/0x2550
[  518.668541][T11196]     old u64s 6 type extent 1610612736:24:U32_MAX len 24 ver 0: durability: 1 ptr: 0:34:8 gen 0
[  518.668563][T11196]     new u64s 6 type extent 1610612736:24:U32_MAX len 16 ver 0: durability: 1 ptr: 0:34:16 gen 0
[  518.668571][T11196]   update: btree=inodes cached=1 bch2_extent_update_i_size_sectors+0xcc9/0x11d0
[  518.668578][T11196]     old u64s 18 type inode_v3 0:1610612736:U32_MAX len 0 ver 0:   mode=100755
[  518.668586][T11196]     flags= (15300000)
[  518.668592][T11196]     journal_seq=5
[  518.668597][T11196]     bi_size=9000
[  518.668603][T11196]     bi_sectors=24
[  518.668608][T11196]     bi_version=0
[  518.668614][T11196]     bi_atime=2346883235
[  518.668620][T11196]     bi_ctime=2346883235
[  518.668626][T11196]     bi_mtime=2346883235
[  518.668631][T11196]     bi_otime=2346883235
[  518.668637][T11196]     bi_uid=0
[  518.668643][T11196]     bi_gid=0
[  518.668648][T11196]     bi_nlink=1
[  518.668654][T11196]     bi_generation=0
[  518.668660][T11196]     bi_dev=0
[  518.668665][T11196]     bi_data_checksum=0
[  518.668671][T11196]     bi_compression=0
[  518.668677][T11196]     bi_project=0
[  518.668682][T11196]     bi_background_compression=0
[  518.668688][T11196]     bi_data_replicas=0
[  518.668694][T11196]     bi_promote_target=0
[  518.668700][T11196]     bi_foreground_target=0
[  518.668706][T11196]     bi_background_target=0
[  518.668712][T11196]     bi_erasure_code=0
[  518.668718][T11196]     bi_fields_set=0
[  518.668723][T11196]     bi_dir=4096
[  518.668729][T11196]     bi_dir_offset=825491560675941567
[  518.668735][T11196]     bi_subvol=0
[  518.668741][T11196]     bi_parent_subvol=0
[  518.668746][T11196]     bi_nocow=0
[  518.668752][T11196]   
[  518.668758][T11196]     new u64s 18 type inode_v3 0:1610612736:U32_MAX len 0 ver 0:   mode=100755
[  518.668765][T11196]     flags= (15300000)
[  518.668770][T11196]     journal_seq=5
[  518.668776][T11196]     bi_size=9000
[  518.668782][T11196]     bi_sectors=24
[  518.668787][T11196]     bi_version=0
[  518.668793][T11196]     bi_atime=2346883235
[  518.668799][T11196]     bi_ctime=2346883235
[  518.668804][T11196]     bi_mtime=2346883235
[  518.668810][T11196]     bi_otime=2346883235
[  518.668816][T11196]     bi_uid=0
[  518.668821][T11196]     bi_gid=0
[  518.668827][T11196]     bi_nlink=1
[  518.668832][T11196]     bi_generation=0
[  518.668838][T11196]     bi_dev=0
[  518.668844][T11196]     bi_data_checksum=0
[  518.668849][T11196]     bi_compression=0
[  518.668855][T11196]     bi_project=0
[  518.668861][T11196]     bi_background_compression=0
[  518.668867][T11196]     bi_data_replicas=0
[  518.668872][T11196]     bi_promote_target=0
[  518.668878][T11196]     bi_foreground_target=0
[  518.668884][T11196]     bi_background_target=0
[  518.668890][T11196]     bi_erasure_code=0
[  518.668896][T11196]     bi_fields_set=0
[  518.668902][T11196]     bi_dir=4096
[  518.668907][T11196]     bi_dir_offset=825491560675941567
[  518.668913][T11196]     bi_subvol=0
[  518.668919][T11196]     bi_parent_subvol=0
[  518.668924][T11196]     bi_nocow=0
[  518.668930][T11196]   
[  518.668935][T11196]   update: btree=alloc cached=0 bch2_trans_start_alloc_update+0x9ef/0xe20
[  518.668942][T11196]     old u64s 5 type deleted 0:34:0 len 0 ver 0
[  518.668948][T11196]     new u64s 12 type alloc_v4 0:34:0 len 0 ver 0: 
[  518.668955][T11196]     gen 0 oldest_gen 0 data_type user
[  518.668961][T11196]     journal_seq       0
[  518.668967][T11196]     need_discard      1
[  518.668972][T11196]     need_inc_gen      1
[  518.668978][T11196]     dirty_sectors     16
[  518.668984][T11196]     cached_sectors    0
[  518.668990][T11196]     stripe            0
[  518.668996][T11196]     stripe_redundancy 0
[  518.669001][T11196]     io_time[READ]     1
[  518.669007][T11196]     io_time[WRITE]    1288
[  518.669013][T11196]     fragmentation     0
[  518.669019][T11196]     bp_start          7
[  518.669024][T11196]   
[  518.669030][T11196]   update: btree=alloc cached=1 bch2_trans_start_alloc_update+0x9ef/0xe20
[  518.669037][T11196]     old u64s 5 type deleted 0:34:0 len 0 ver 0
[  518.669043][T11196]     new u64s 12 type alloc_v4 0:34:0 len 0 ver 0: 
[  518.669049][T11196]     gen 0 oldest_gen 0 data_type user
[  518.669055][T11196]     journal_seq       0
[  518.669061][T11196]     need_discard      1
[  518.669067][T11196]     need_inc_gen      1
[  518.669073][T11196]     dirty_sectors     16
[  518.669079][T11196]     cached_sectors    0
[  518.669084][T11196]     stripe            0
[  518.669090][T11196]     stripe_redundancy 0
[  518.669096][T11196]     io_time[READ]     1
[  518.669102][T11196]     io_time[WRITE]    1288
[  518.669107][T11196]     fragmentation     0
[  518.669113][T11196]     bp_start          7
[  518.669119][T11196]   
[  518.669125][T11196]   write_buffer_keys: btree=backpointers l=0 u64s 5 type deleted 0:8921088:0 len 0 ver 0write_buffer_keys: btree=backpointers l=0 u64s 9 type backpointer 0:8929280:0 len 0 ver 0: bucket=0:34:0 btree=extents l=0 offset=16:0 len=16 pos=1610612736:24:U32_MAX
[  518.882337][T11255] loop1: detected capacity change from 0 to 2048
[  518.932816][T11259] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  518.937896][T11196] bcachefs (loop4 inum 1610612736 offset 4096): user write error while doing btree update: EIO
[  519.509429][ T5154] bcachefs (loop4): finished waiting for writes to stop
[  519.628106][ T5154] bcachefs (loop4): done going read-only, filesystem not clean
[  519.879688][ T8380] bcachefs (loop4): shutting down
[  519.971205][ T8380] bcachefs (loop4): shutdown complete
[  522.645310][T11274] loop2: detected capacity change from 0 to 2048
[  522.717140][T11282] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  522.739369][T11283] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[  522.806487][T11287] loop4: detected capacity change from 0 to 64
[  523.298681][T11292] fuse: Unknown parameter '0x0000000000000004'
[  523.308215][   T29] audit: type=1804 audit(1719024042.307:62): pid=11292 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz-executor.1" name="/root/syzkaller-testdir185849640/syzkaller.x90pSJ/112/file0" dev="sda1" ino=1952 res=1 errno=0
[  628.522992][    C1] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
[  628.529998][    C1] rcu: 	Tasks blocked on level-0 rcu_node (CPUs 0-1): P5098/2:b..l
[  628.538553][    C1] rcu: 	(detected by 1, t=10502 jiffies, g=53785, q=235 ncpus=2)
[  628.546282][    C1] task:syz-fuzzer      state:R  running task     stack:22048 pid:5098  tgid:5070  ppid:5068   flags:0x00004004
[  628.559300][    C1] Call Trace:
[  628.562592][    C1]  <TASK>
[  628.565535][    C1]  __schedule+0x1796/0x49d0
[  628.570066][    C1]  ? check_sq_full_and_disable+0x1ac/0x330
[  628.575911][    C1]  ? __pfx___schedule+0x10/0x10
[  628.580807][    C1]  ? preempt_schedule+0xe1/0xf0
[  628.585670][    C1]  preempt_schedule_common+0x84/0xd0
[  628.590970][    C1]  preempt_schedule+0xe1/0xf0
[  628.595662][    C1]  ? __pfx_preempt_schedule+0x10/0x10
[  628.601047][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  628.607042][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  628.613384][    C1]  preempt_schedule_thunk+0x1a/0x30
[  628.618600][    C1]  ? mark_lock+0x9a/0x350
[  628.622943][    C1]  __local_bh_enable_ip+0x179/0x200
[  628.628151][    C1]  ? __dev_queue_xmit+0x2d2/0x3d30
[  628.633281][    C1]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  628.639014][    C1]  ? do_raw_spin_unlock+0x13c/0x8b0
[  628.644239][    C1]  ? __dev_queue_xmit+0x2d2/0x3d30
[  628.649372][    C1]  __dev_queue_xmit+0x16c9/0x3d30
[  628.654440][    C1]  ? __dev_queue_xmit+0x2d2/0x3d30
[  628.659586][    C1]  ? __pfx___dev_queue_xmit+0x10/0x10
[  628.664981][    C1]  ? mark_lock+0x9a/0x350
[  628.669331][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  628.675330][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  628.681672][    C1]  ? ip_finish_output2+0xa14/0x1380
[  628.686889][    C1]  ? ip_finish_output2+0x45f/0x1380
[  628.692103][    C1]  ip_finish_output2+0xd41/0x1380
[  628.697146][    C1]  ? ip_finish_output2+0x45f/0x1380
[  628.702366][    C1]  ? __pfx_ip_finish_output2+0x10/0x10
[  628.707836][    C1]  ? ip_skb_dst_mtu+0x6ba/0x9b0
[  628.712702][    C1]  ? __ip_finish_output+0x347/0x400
[  628.717923][    C1]  __ip_queue_xmit+0x118c/0x1b70
[  628.722874][    C1]  ? __pfx___tcp_select_window+0x10/0x10
[  628.728529][    C1]  ? __ip_queue_xmit+0x5f/0x1b70
[  628.733482][    C1]  ? __pfx_ip_queue_xmit+0x10/0x10
[  628.738610][    C1]  __tcp_transmit_skb+0x2557/0x3b80
[  628.743845][    C1]  ? __pfx___tcp_transmit_skb+0x10/0x10
[  628.749404][    C1]  ? timekeeping_get_ns+0x5c/0x420
[  628.754539][    C1]  ? seqcount_lockdep_reader_access+0x157/0x220
[  628.760805][    C1]  ? lockdep_hardirqs_on+0x99/0x150
[  628.766027][    C1]  ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[  628.772640][    C1]  ? ktime_get+0x3c/0xb0
[  628.776916][    C1]  ? tcp_small_queue_check+0x206/0x410
[  628.782394][    C1]  tcp_write_xmit+0x18b3/0x69d0
[  628.787289][    C1]  ? _copy_from_iter+0x26b/0x1960
[  628.792331][    C1]  ? __pfx_preempt_schedule+0x10/0x10
[  628.797721][    C1]  ? __alloc_skb+0x2d5/0x440
[  628.802336][    C1]  ? __virt_addr_valid+0x438/0x520
[  628.807476][    C1]  __tcp_push_pending_frames+0x9b/0x360
[  628.813052][    C1]  tcp_sendmsg_locked+0x43b1/0x4e10
[  628.818317][    C1]  ? __pfx_tcp_sendmsg_locked+0x10/0x10
[  628.823879][    C1]  ? __local_bh_enable_ip+0x168/0x200
[  628.829265][    C1]  ? do_raw_spin_unlock+0x13c/0x8b0
[  628.834496][    C1]  tcp_sendmsg+0x30/0x50
[  628.838758][    C1]  __sock_sendmsg+0x1a6/0x270
[  628.843466][    C1]  sock_write_iter+0x2dd/0x400
[  628.848255][    C1]  ? __pfx_sock_write_iter+0x10/0x10
[  628.853574][    C1]  ? bpf_lsm_file_permission+0x9/0x10
[  628.858962][    C1]  ? security_file_permission+0x7f/0xa0
[  628.864541][    C1]  vfs_write+0xa72/0xc90
[  628.868813][    C1]  ? __pfx_sock_write_iter+0x10/0x10
[  628.874128][    C1]  ? __pfx_vfs_write+0x10/0x10
[  628.878937][    C1]  ksys_write+0x1a0/0x2c0
[  628.883303][    C1]  ? __pfx_ksys_write+0x10/0x10
[  628.888183][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  628.894531][    C1]  ? do_syscall_64+0xb6/0x230
[  628.899231][    C1]  do_syscall_64+0xf3/0x230
[  628.903751][    C1]  ? clear_bhb_loop+0x35/0x90
[  628.908455][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  628.914368][    C1] RIP: 0033:0x40720e
[  628.918288][    C1] RSP: 002b:000000c000611ae8 EFLAGS: 00000206 ORIG_RAX: 0000000000000001
[  628.926728][    C1] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000040720e
[  628.934721][    C1] RDX: 0000000000000168 RSI: 000000c00163be98 RDI: 0000000000000003
[  628.942707][    C1] RBP: 000000c000611b28 R08: 0000000000000000 R09: 0000000000000000
[  628.950694][    C1] R10: 0000000000000000 R11: 0000000000000206 R12: 000000c000611c68
[  628.958679][    C1] R13: 000000000004ffd6 R14: 000000c0000ec680 R15: 000000c0015ec000
[  628.966688][    C1]  </TASK>
[  628.969717][    C1] rcu: rcu_preempt kthread starved for 10541 jiffies! g53785 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0
[  628.980921][    C1] rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[  628.990900][    C1] rcu: RCU grace-period kthread stack dump:
[  628.996797][    C1] task:rcu_preempt     state:R  running task     stack:26928 pid:17    tgid:17    ppid:2      flags:0x00004000
[  629.008551][    C1] Call Trace:
[  629.011841][    C1]  <TASK>
[  629.014787][    C1]  __schedule+0x1796/0x49d0
[  629.019327][    C1]  ? __pfx___schedule+0x10/0x10
[  629.024204][    C1]  ? __pfx_lock_release+0x10/0x10
[  629.029240][    C1]  ? __asan_memset+0x23/0x50
[  629.033855][    C1]  ? __pfx_lockdep_init_map_type+0x10/0x10
[  629.039674][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  629.046016][    C1]  ? schedule+0x90/0x320
[  629.050268][    C1]  schedule+0x14b/0x320
[  629.054449][    C1]  schedule_timeout+0x1be/0x310
[  629.059331][    C1]  ? __pfx_schedule_timeout+0x10/0x10
[  629.064740][    C1]  ? __pfx_process_timeout+0x10/0x10
[  629.070053][    C1]  ? prepare_to_swait_event+0x32e/0x350
[  629.075647][    C1]  rcu_gp_fqs_loop+0x2df/0x1330
[  629.080523][    C1]  ? __pfx_rcu_gp_init+0x10/0x10
[  629.085482][    C1]  ? __pfx_dyntick_save_progress_counter+0x10/0x10
[  629.092000][    C1]  ? __pfx_rcu_gp_fqs_loop+0x10/0x10
[  629.097312][    C1]  rcu_gp_kthread+0xa7/0x3b0
[  629.101916][    C1]  ? __pfx_rcu_gp_kthread+0x10/0x10
[  629.107124][    C1]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  629.113045][    C1]  ? __kthread_parkme+0x169/0x1d0
[  629.118096][    C1]  ? __pfx_rcu_gp_kthread+0x10/0x10
[  629.123318][    C1]  kthread+0x2f0/0x390
[  629.127413][    C1]  ? __pfx_rcu_gp_kthread+0x10/0x10
[  629.132633][    C1]  ? __pfx_kthread+0x10/0x10
[  629.137251][    C1]  ret_from_fork+0x4b/0x80
[  629.141685][    C1]  ? __pfx_kthread+0x10/0x10
[  629.146292][    C1]  ret_from_fork_asm+0x1a/0x30
[  629.151090][    C1]  </TASK>
[  629.154116][    C1] rcu: Stack dump where RCU GP kthread last ran:
[  629.160450][    C1] Sending NMI from CPU 1 to CPUs 0:
[  629.165668][    C0] NMI backtrace for cpu 0
[  629.165681][    C0] CPU: 0 PID: 11286 Comm: syz-executor.3 Not tainted 6.10.0-rc4-syzkaller-00164-g66cc544fd75c #0
[  629.165702][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  629.165713][    C0] RIP: 0010:__sanitizer_cov_trace_cmp8+0x2d/0x90
[  629.165737][    C0] Code: fa 4c 8b 04 24 65 48 8b 0c 25 80 d4 03 00 65 8b 05 70 ad 6d 7e a9 00 01 ff 00 74 10 a9 00 01 00 00 74 57 83 b9 1c 16 00 00 00 <74> 4e 8b 81 f8 15 00 00 83 f8 03 75 43 48 8b 91 00 16 00 00 44 8b
[  629.165751][    C0] RSP: 0018:ffffc900000071f8 EFLAGS: 00000246
[  629.165767][    C0] RAX: 0000000080000103 RBX: ffffc90000008000 RCX: ffff8880233e0000
[  629.165781][    C0] RDX: ffff8880233e0000 RSI: ffffc90000007340 RDI: ffffc900000073e0
[  629.165794][    C0] RBP: ffffc90000007340 R08: ffffffff81410de5 R09: ffffffff8141095f
[  629.165808][    C0] R10: 0000000000000003 R11: ffff8880233e0000 R12: ffffc900000073e0
[  629.165820][    C0] R13: dffffc0000000000 R14: ffffc90000000000 R15: ffffc900000073e8
[  629.165833][    C0] FS:  00007ff5d3b556c0(0000) GS:ffff8880b9400000(0000) knlGS:0000000000000000
[  629.165849][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  629.165861][    C0] CR2: 00007ff5d3b54f80 CR3: 0000000023f48000 CR4: 00000000003506f0
[  629.165876][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  629.165887][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  629.165898][    C0] Call Trace:
[  629.165905][    C0]  <NMI>
[  629.165911][    C0]  ? nmi_cpu_backtrace+0x3c2/0x4d0
[  629.165931][    C0]  ? __pfx_lock_acquire+0x10/0x10
[  629.165951][    C0]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  629.165969][    C0]  ? nmi_handle+0x2a/0x5a0
[  629.166003][    C0]  ? nmi_cpu_backtrace_handler+0xc/0x20
[  629.166022][    C0]  ? nmi_handle+0x14f/0x5a0
[  629.166047][    C0]  ? nmi_handle+0x2a/0x5a0
[  629.166072][    C0]  ? __sanitizer_cov_trace_cmp8+0x2d/0x90
[  629.166091][    C0]  ? default_do_nmi+0x63/0x160
[  629.166110][    C0]  ? exc_nmi+0x123/0x1f0
[  629.166128][    C0]  ? end_repeat_nmi+0xf/0x53
[  629.166155][    C0]  ? unwind_next_frame+0x196f/0x2a00
[  629.166178][    C0]  ? unwind_next_frame+0x1df5/0x2a00
[  629.166203][    C0]  ? __sanitizer_cov_trace_cmp8+0x2d/0x90
[  629.166222][    C0]  ? __sanitizer_cov_trace_cmp8+0x2d/0x90
[  629.166242][    C0]  ? __sanitizer_cov_trace_cmp8+0x2d/0x90
[  629.166261][    C0]  </NMI>
[  629.166266][    C0]  <IRQ>
[  629.166272][    C0]  unwind_next_frame+0x1df5/0x2a00
[  629.166301][    C0]  ? arch_stack_walk+0x103/0x1b0
[  629.166330][    C0]  __unwind_start+0x641/0x7c0
[  629.166355][    C0]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  629.166380][    C0]  arch_stack_walk+0x103/0x1b0
[  629.166408][    C0]  ? stack_trace_save+0x118/0x1d0
[  629.166427][    C0]  stack_trace_save+0x118/0x1d0
[  629.166445][    C0]  ? __pfx_stack_trace_save+0x10/0x10
[  629.166460][    C0]  ? stack_trace_save+0x118/0x1d0
[  629.166478][    C0]  ? __pfx_stack_trace_save+0x10/0x10
[  629.166499][    C0]  kasan_save_track+0x3f/0x80
[  629.166553][    C0]  __kasan_slab_alloc+0x66/0x80
[  629.166578][    C0]  ? kmalloc_reserve+0xa8/0x2a0
[  629.166598][    C0]  kmem_cache_alloc_node_noprof+0x16b/0x320
[  629.166624][    C0]  kmalloc_reserve+0xa8/0x2a0
[  629.166645][    C0]  __alloc_skb+0x1f3/0x440
[  629.166664][    C0]  ? seqcount_lockdep_reader_access+0x1d7/0x220
[  629.166694][    C0]  ? __pfx___alloc_skb+0x10/0x10
[  629.166715][    C0]  ? do_raw_spin_lock+0x14f/0x370
[  629.166742][    C0]  skb_copy+0x12b/0x820
[  629.166763][    C0]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  629.166793][    C0]  mac80211_hwsim_tx_frame_no_nl+0x1068/0x18d0
[  629.166823][    C0]  ? __pfx_mac80211_hwsim_tx_frame_no_nl+0x10/0x10
[  629.166844][    C0]  ? seqcount_lockdep_reader_access+0x1d7/0x220
[  629.166878][    C0]  ? mac80211_hwsim_monitor_rx+0x1bc/0x810
[  629.166901][    C0]  mac80211_hwsim_tx_frame+0x1cc/0x220
[  629.166925][    C0]  mac80211_hwsim_beacon_tx+0x3bf/0x850
[  629.166950][    C0]  __iterate_interfaces+0x223/0x4c0
[  629.166970][    C0]  ? __pfx_mac80211_hwsim_beacon_tx+0x10/0x10
[  629.166991][    C0]  ? __pfx_mac80211_hwsim_beacon_tx+0x10/0x10
[  629.167012][    C0]  ? ieee80211_iterate_active_interfaces_atomic+0x2a/0x170
[  629.167034][    C0]  ieee80211_iterate_active_interfaces_atomic+0xd8/0x170
[  629.167058][    C0]  mac80211_hwsim_beacon+0xd4/0x1f0
[  629.167084][    C0]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[  629.167110][    C0]  __hrtimer_run_queues+0x59b/0xd50
[  629.167134][    C0]  ? ktime_get_update_offsets_now+0x3c/0x250
[  629.167163][    C0]  ? __pfx___hrtimer_run_queues+0x10/0x10
[  629.167187][    C0]  ? ktime_get_update_offsets_now+0x22d/0x250
[  629.167210][    C0]  hrtimer_run_softirq+0x19a/0x2c0
[  629.167236][    C0]  handle_softirqs+0x2c4/0x970
[  629.167256][    C0]  ? __irq_exit_rcu+0xf4/0x1c0
[  629.167275][    C0]  ? __pfx_handle_softirqs+0x10/0x10
[  629.167294][    C0]  ? irqtime_account_irq+0xd4/0x1e0
[  629.167319][    C0]  __irq_exit_rcu+0xf4/0x1c0
[  629.167336][    C0]  ? __pfx___irq_exit_rcu+0x10/0x10
[  629.167358][    C0]  irq_exit_rcu+0x9/0x30
[  629.167378][    C0]  sysvec_apic_timer_interrupt+0xa6/0xc0
[  629.167400][    C0]  </IRQ>
[  629.167406][    C0]  <TASK>
[  629.167412][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  629.167436][    C0] RIP: 0010:finish_task_switch+0x1ea/0x870
[  629.167459][    C0] Code: c9 50 e8 99 c9 0b 00 48 83 c4 08 4c 89 f7 e8 cd 38 00 00 0f 1f 44 00 00 4c 89 f7 e8 e0 42 21 0a e8 fb ed 36 00 fb 48 8b 5d c0 <48> 8d bb f8 15 00 00 48 89 f8 48 c1 e8 03 49 be 00 00 00 00 00 fc
[  629.167473][    C0] RSP: 0018:ffffc900048bf7a8 EFLAGS: 00000286
[  629.167487][    C0] RAX: 4caf145fd6b72000 RBX: ffff8880233e0000 RCX: ffffffff94766603
[  629.167500][    C0] RDX: dffffc0000000000 RSI: ffffffff8bcabb80 RDI: ffffffff8c1f12c0
[  629.167513][    C0] RBP: ffffc900048bf7f0 R08: ffffffff8fac1aaf R09: 1ffffffff1f58355
[  629.167527][    C0] R10: dffffc0000000000 R11: fffffbfff1f58356 R12: 1ffff11017287e97
[  629.167540][    C0] R13: dffffc0000000000 R14: ffff8880b943e740 R15: ffff8880b943f4b8
[  629.167562][    C0]  ? finish_task_switch+0x1e5/0x870
[  629.167588][    C0]  __schedule+0x179e/0x49d0
[  629.167616][    C0]  ? __pfx___schedule+0x10/0x10
[  629.167643][    C0]  ? __pfx_lock_release+0x10/0x10
[  629.167664][    C0]  ? plist_check_list+0x2cb/0x300
[  629.167683][    C0]  ? futex_wait_queue+0x27/0x1d0
[  629.167705][    C0]  ? schedule+0x90/0x320
[  629.167720][    C0]  schedule+0x14b/0x320
[  629.167735][    C0]  ? futex_wait_queue+0x27/0x1d0
[  629.167754][    C0]  futex_wait_queue+0x14e/0x1d0
[  629.167776][    C0]  __futex_wait+0x17f/0x320
[  629.167794][    C0]  ? mark_lock+0x9a/0x350
[  629.167816][    C0]  ? __pfx___futex_wait+0x10/0x10
[  629.167838][    C0]  ? __pfx_futex_wake_mark+0x10/0x10
[  629.167868][    C0]  futex_wait+0x101/0x360
[  629.167889][    C0]  ? __pfx_futex_wait+0x10/0x10
[  629.167912][    C0]  ? __pfx_lock_release+0x10/0x10
[  629.167935][    C0]  do_futex+0x33b/0x560
[  629.167954][    C0]  ? __pfx_do_futex+0x10/0x10
[  629.167969][    C0]  ? restore_altstack+0x10c/0x150
[  629.167990][    C0]  ? __pfx_restore_altstack+0x10/0x10
[  629.168014][    C0]  __se_sys_futex+0x3f9/0x480
[  629.168035][    C0]  ? __pfx___se_sys_futex+0x10/0x10
[  629.168052][    C0]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  629.168072][    C0]  ? do_syscall_64+0x100/0x230
[  629.168097][    C0]  ? __x64_sys_futex+0x21/0xf0
[  629.168114][    C0]  do_syscall_64+0xf3/0x230
[  629.168138][    C0]  ? clear_bhb_loop+0x35/0x90
[  629.168163][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  629.168186][    C0] RIP: 0033:0x7ff5d2e7d0a9
[  629.168200][    C0] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  629.168215][    C0] RSP: 002b:00007ff5d3b55178 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  629.168231][    C0] RAX: ffffffffffffffda RBX: 00007ff5d2fb3f88 RCX: 00007ff5d2e7d0a9
[  629.168244][    C0] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007ff5d2fb3f88
[  629.168255][    C0] RBP: 00007ff5d2fb3f80 R08: 00007ff5d3b556c0 R09: 00007ff5d3b556c0
[  629.168268][    C0] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff5d2fb3f8c
[  629.168279][    C0] R13: 000000000000000b R14: 00007ffd1df5d5f0 R15: 00007ffd1df5d6d8
[  629.168300][    C0]  </TASK>