last executing test programs: 5.057406577s ago: executing program 2: socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_route(0x10, 0x3, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xa, 0x5, 0x2, 0x4}, 0x48) socket$nl_generic(0x10, 0x3, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000030000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000c8500000001000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0x8, 0x8}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='mm_lru_insertion\x00', r1}, 0x10) socket$netlink(0x10, 0x3, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.controllers\x00', 0x26e1, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x7a05, 0x1700) socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="1fe8ffff0000000000003b00000008000300", @ANYRES32=r4, @ANYBLOB="21003300d0800000080211000000080211000001505050505050000000000000", @ANYRES8=r2], 0x40}}, 0x0) 4.90220843s ago: executing program 2: openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) read$FUSE(r0, &(0x7f000000c3c0)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_INIT(r0, &(0x7f0000000240)={0x50, 0x0, r1, {0x7, 0x1f, 0x0, 0x202}}, 0x50) syz_fuse_handle_req(r0, &(0x7f00000041c0)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea2105600000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000170000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r2 = openat(0xffffffffffffff9c, &(0x7f0000000900)='./file0\x00', 0x0, 0x0) fcntl$lock(r2, 0x6, &(0x7f0000000200)={0x2}) 4.808527645s ago: executing program 1: prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='mounts\x00') read$FUSE(r0, &(0x7f0000000600)={0x2020}, 0x2020) sendmsg$IPSET_CMD_RENAME(r0, &(0x7f0000000440)={&(0x7f0000000280), 0xc, &(0x7f0000000400)={&(0x7f0000000340)={0x3c, 0x5, 0x6, 0x801, 0x0, 0x0, {0x7, 0x0, 0x8}, [@IPSET_ATTR_SETNAME2={0x9, 0x3, 'syz2\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4800}, 0x0) sched_setaffinity(0x0, 0xffffffffffffffca, &(0x7f0000000040)=0x10001) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, @buffer={0x300, 0x0, 0x0}, &(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0}) r2 = syz_open_dev$vim2m(&(0x7f0000000140), 0x8, 0x2) ioctl$vim2m_VIDIOC_S_FMT(r2, 0xc0285628, &(0x7f0000000240)={0x0, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}}) write$tun(r1, &(0x7f0000000300)={@void, @val={0x4, 0x3, 0x7, 0x7, 0x8800, 0xf000}, @x25={0x2}}, 0xd) preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000180)='./bus\x00', 0xe, &(0x7f00000004c0)={[{@resuid}, {@init_itable}, {@stripe}, {@noblock_validity}]}, 0x3, 0x451, &(0x7f0000000f80)="$eJzs3M2PU1UbAPDn3k6HlxdwRsQPPtRRNE78mGEAlYULNZq4wMREF7qczAwEKYxhxkQIUTAGV8aYuDcu/Rdc6cYYVyZudW9IiGEDuKq57b1MW9rCdFqq098vuXDOvedyztNzT3vuPS0BjKyp7I8kYntE/B4RE/Vsc4Gp+l/Xr55fuHH1/EIS1erbfyW1cteunl8oihbnbcsz02lE+lkSe9vUu3L23Mn5SmXpTJ6fXT31wezK2XPPnTg1f3zp+NLpg0eOHD409+ILB5/vS5xZm67t+Xh53+433vvqzaNfNMXfEkefTHU7+GS12ufqhmtHQzoZG2JDWJdSRGTdVa6N/4koxVrnTcTrnw61ccBAVavV6rbOhy9UgU0siea8IQ+jovigz+5/i611EvDy4KYfQ3fllfoNUBb39XyrHxmLNC9Tbrm/7aepiHj3wt/fZFsM5jkEAECTH7L5z7Pt5n9pPNBQ7p58bWgyIu6NiJ0RcV9E7IqI+yNqZR+MiIfWWX/rIsmt85/0ck+B3aFs/vdSvrbVPP8rZn8xWcpzO2rxl5NjJypLB/LXZDrKW7L8XJc6fnztty87HWuc/2VbVn8xF8zbcXlsS/M5i/Or8xuJudGVixF7xtrFn9xcCUgiYndE7OmxjhNPf7ev07Hbx99FH9aZqt9GPFXv/wvREn8h6b4+Ofu/qCwdmC2uilv98uultzrVv6H4+yDr//+3vf5vxj+ZNK7Xrqy/jkt/fN7xnqbX6388eaeWHs/3fTS/unpmLmI8OVpvdOP+g2vnFvmifBb/9P72439nrL0SeyMiu4gfjohHIuLRvO2PRcTjEbG/S/w/v/rE+73HP1hZ/Ivr6v+1xHi07mmfKJ386fumSidvif9G9/4/XEtN53vu5P3vTtrV29UMAAAA/z1pRGyPJJ25mU7TmZn69+V3RaSV5ZXVZ44tf3h6sf4bgckop8WTromG56Fz+W19PX8xIupfLSiOH8qfG39d2lrLzywsVxaHHTyMuG0dxn/mz9KwWwcMnN9rwegy/mF0Gf8wuox/GF1txv/WYbQDuPvaff5/MoR2AHdfy/i37AcjxP0/jK6O438z/88/QI3PfxhJK1vj9j+S75oo/qUeT9+0iSj/K5qx8UQ1adu5kQ67YRKDTAz3fQkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKBf/gkAAP//qmHgTw==") chdir(&(0x7f00000001c0)='./file0\x00') syz_open_dev$sg(&(0x7f00000003c0), 0x0, 0x802) r3 = syz_io_uring_setup(0x0, &(0x7f0000000080)={0x0, 0x0, 0x10100}, 0x0, &(0x7f0000000100)) syz_io_uring_submit(0x0, 0x0, &(0x7f00000009c0)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xffffffffffffff31}) io_uring_enter(r3, 0x207a98, 0x0, 0x0, 0x0, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='mountinfo\x00') mkdir(&(0x7f0000003200)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000180)='devpts\x00', 0x0, 0x0) syz_mount_image$fuse(0x0, &(0x7f0000000340)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/bus/input/devices\x00', 0x0, 0x0) r4 = dup(0xffffffffffffffff) mount$9p_fd(0x0, &(0x7f0000000140)='.\x00', &(0x7f0000000180), 0x0, &(0x7f00000003c0)={'trans=fd,', {'rfdno', 0x3d, r4}}) mount$bind(&(0x7f0000000040)='./file0\x00', &(0x7f0000000180)='./file1\x00', 0x0, 0x101a000, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f000000b7c0)={0x0, 0x0, 0x0, 0x0}, 0x90) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) getdents(0xffffffffffffffff, 0x0, 0x0) 3.990031167s ago: executing program 2: madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000300)=0x9) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) socket$packet(0x11, 0x0, 0x300) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000005c0)=ANY=[@ANYBLOB="3801000039000900000000000000000001000000040000000c0001800600000005470000080002"], 0x138}}, 0x0) 3.885870339s ago: executing program 1: syz_mount_image$nilfs2(&(0x7f0000000a40), &(0x7f0000000a80)='./file0\x00', 0x0, &(0x7f0000000ac0)=ANY=[@ANYBLOB], 0x1, 0xa1d, &(0x7f0000001540)="$eJzs3U2MG1cdAPBn73rzWeKUhC5paBMKbfnobrNZwkcETdVciJqKW6WKS5SmJSINiFSCVj0kOXGjVRWufIhTLxUgJHpBUU9cKtFIXHoqCHEgClIlDqWQLIr3Pa/3H5uxd5P1ev37SW+fZ/5jvzfe8Xg8M++9BIyteuvv/Px0LaVLb71+9B8P/n3LzTmPtZdotv5Odkw1Ukq1PD0ZXu/9icX8+gevnOyW19Jc62+ZTk9daz93W0rpfNqXLqdm2nPpymvvzD15/MKxi/vffePw1Tuz9gAAMF6+dfnw/O6//OnenR+9ed+RtKk9vxyfN/P09nzcfyQf+Jfj/3paPl3rSJ2mwnKTOdXDchNdlusspxGWm+xR/lR43UaP5TZVlD/RMa/besMoK9txM9XqM8um6/WZmcXf5Kn1u36qNnP29Jnnzg2posBt96/7U0r7JEkax7SwY9h7IIBF8XrhLc7HMwur0361yf7Kv/Z4vfvz4TZY6+1f+aNV/q8u2ONw+2zUramsV/kcbc/T8TpCvH9p0M9/eb14PaLRZz17XUcYlesLveo5scb1WKle9Y/bxUb19ZyX9+EbId75+Yn/01H5HwPdfej8vySNbVoY9g4IWLfifXMLWYnH+/pifFNFfHNFfEtFfGtFfFtFHMbZb1/8SXq1tvQ7P/6mH/R8WDnPdlfOPzZgfeL5yEHLj/f9Dmq15cf7iWE9+/2Jp0995dlnrize/19rb/838va+L08382frcl6gnC+M59Xb9/43l5dT77Hc3aE+d3VZvvV41/LlaruWXid17Gduqcf08uft6LXc3uXLNcNyW3LaHOobj0+2hueV44+yXy3v12RY30ZYj6lQj7Jf2ZnzWA9YibI99rr/v2yf06lRe+70mVOP5umynf5xorHp5vwDa1xvYPX6bf8znZa3/9nent+od+4XdizNr3XuF5ph/lyP+QfzdPme+87Eltb8mZPfO/Ps7V55GHPnXnr5uyfOnDn1Aw888MCD9oNh75mAO232xRe+P3vupZcfOf3CiedPPX/q7MFDhw7OzR366sH52dZx/Wzn0T2wkSx96Q+7JgAAAAAAAAAAAEC/fnjs6JU/v/3l9xbb/y+1/yvt/8udv6X9/49D+//YTr60gy/tAHd2ibeWCR2sToXlGjl9PNR3Vyhnd3jeJ3LeHscvt/8vxcV+XUt97gnzY/+9ZbnQnUCaSLf2PzIVntdZv0/n/GLOf5lgiGpbus/OeVX/1mVbL/1T6JdiNJX/W9kaSj8mpf13r36dyv5/5xrUkdtvLZoTDnsdge7+Ofb9f+cjmKHXQ5LWPi0sGMUDWB+GPf5nOe9Z8rN/+Obmm6ksdu3x5fvL2H8prMZ6H39S+Rtr/M/2+Hd97//CiHnNlZX7759dfa+j2LSn3/Lj+pd+oHcNVv5HufyyNg+l/spf+EUoP14Q6tN/Qvlb+yz/lvXfu7Ly/5vLL2/bww/0W/5ijWv15fVonzf+cDEv1//ieePielj/0rfnwOu/woEab+TyYZyNyjizgxqV8X97ifdhfClPlx1huc8hjncyaP3L/RXle2B3eP1axfeb8X9H29dyXvV5KOP/lu2x2WW63jHd6PLebtR9DYyq98f++p+0irR429fw6yGtMC0sLNzZE1oVhlo4Q3//h/07YdjlD/v9rxLH/43H8HH83xiP4//GeBz/N8bj+HoxHsf/je9nHP83xu8JrxvHB56uiH+yIr6nIn5vRXxvRfxTFfH9FfH7KuL3V8Tvrog/UBH/TEX8sxXxByviD1fEP1cR3+hKe5RxXX8YZ7F9ns8/jI9y/afX539XRRwYXT9988ATz/zm283F9v9T7fMh5TrekTzdyL+df5Sn43Xv1DF9M/Z2nv5riK/38x0wTmL/GfH7/aGKODC6yn1ePt8whmrde+zpt9+qXsf5jJbP5/wLOf9izh/J+UzOZ3N+IOdza1Q/7ownfv27w6/Wln7v7wjxfu8nj+2BYj9RB5dCf/t/9YnnBwa9nz324zeo1Za/wuZgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQ1Nv/Z2fn66ldOmt148+ffz07M05j7WXaLb+TnZMNdrPS+nRnE/k/Of5wfUPXjnZmd/IeS3NpVqqteenp661S9qWUjqf9qXLqZn2XLry2jtzTx6/cOzi/nffOHz1zr0DAAAAsPH9LwAA//9WXw9H") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x242, 0x0) write(r0, &(0x7f0000000540)="953820a61a166fd5dd4b4b", 0xfdef) truncate(&(0x7f0000000280)='./file1\x00', 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, 0x0, 0x0) 3.36487932s ago: executing program 1: r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000cc0)=ANY=[@ANYBLOB="120100004f92b90857152077ebb7000000010902120001000000000904"], 0x0) syz_usb_control_io(r0, 0x0, &(0x7f0000000f80)={0x84, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e00)={0x40, 0x13, 0x6, @local}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io(r0, 0x0, &(0x7f0000001740)={0x84, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001600)={0x40, 0x19, 0x2, "b3f0"}, 0x0, 0x0, 0x0, 0x0}) 3.035933382s ago: executing program 2: openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) read$FUSE(r0, &(0x7f000000c3c0)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_INIT(r0, &(0x7f0000000240)={0x50, 0x0, r1, {0x7, 0x1f, 0x0, 0x202}}, 0x50) syz_fuse_handle_req(r0, &(0x7f00000041c0)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea2105600000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000170000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) umount2(&(0x7f00000002c0)='./file0\x00', 0x3) fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000200)={0x2}) 3.008835006s ago: executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe5000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f00000001c0)=ANY=[@ANYBLOB="01000000050000f59104"]) 2.931340582s ago: executing program 2: r0 = socket$inet_sctp(0x2, 0x1, 0x84) r1 = landlock_create_ruleset(&(0x7f0000000040)={0x10}, 0x10, 0x0) landlock_restrict_self(r1, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000680), 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000001c0)=0x5) preadv(r2, &(0x7f0000001880)=[{&(0x7f0000001a80)=""/102400, 0x19000}], 0x1, 0x0, 0x0) getsockname$packet(r2, 0x0, &(0x7f0000000280)) sendmsg$inet_sctp(r0, &(0x7f00000012c0)={&(0x7f0000000000)=@in={0x2, 0x0, @rand_addr=0x64010102}, 0x10, &(0x7f0000001200)=[{&(0x7f0000000040)="ea", 0x1}], 0x1, &(0x7f0000001240)=[@init={0x18, 0x84, 0x0, {0xfffc}}], 0x18}, 0x0) 2.880463112s ago: executing program 3: prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='mounts\x00') read$FUSE(r0, &(0x7f0000000600)={0x2020}, 0x2020) sendmsg$IPSET_CMD_RENAME(r0, &(0x7f0000000440)={&(0x7f0000000280), 0xc, &(0x7f0000000400)={&(0x7f0000000340)={0x3c, 0x5, 0x6, 0x801, 0x0, 0x0, {0x7, 0x0, 0x8}, [@IPSET_ATTR_SETNAME2={0x9, 0x3, 'syz2\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4800}, 0x0) sched_setaffinity(0x0, 0xffffffffffffffca, &(0x7f0000000040)=0x10001) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, @buffer={0x300, 0x0, 0x0}, &(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0}) r2 = syz_open_dev$vim2m(&(0x7f0000000140), 0x8, 0x2) ioctl$vim2m_VIDIOC_S_FMT(r2, 0xc0285628, &(0x7f0000000240)={0x0, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}}) write$tun(r1, &(0x7f0000000300)={@void, @val={0x4, 0x3, 0x7, 0x7, 0x8800, 0xf000}, @x25={0x2}}, 0xd) preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000180)='./bus\x00', 0xe, &(0x7f00000004c0)={[{@resuid}, {@init_itable}, {@stripe}, {@noblock_validity}]}, 0x3, 0x451, &(0x7f0000000f80)="$eJzs3M2PU1UbAPDn3k6HlxdwRsQPPtRRNE78mGEAlYULNZq4wMREF7qczAwEKYxhxkQIUTAGV8aYuDcu/Rdc6cYYVyZudW9IiGEDuKq57b1MW9rCdFqq098vuXDOvedyztNzT3vuPS0BjKyp7I8kYntE/B4RE/Vsc4Gp+l/Xr55fuHH1/EIS1erbfyW1cteunl8oihbnbcsz02lE+lkSe9vUu3L23Mn5SmXpTJ6fXT31wezK2XPPnTg1f3zp+NLpg0eOHD409+ILB5/vS5xZm67t+Xh53+433vvqzaNfNMXfEkefTHU7+GS12ufqhmtHQzoZG2JDWJdSRGTdVa6N/4koxVrnTcTrnw61ccBAVavV6rbOhy9UgU0siea8IQ+jovigz+5/i611EvDy4KYfQ3fllfoNUBb39XyrHxmLNC9Tbrm/7aepiHj3wt/fZFsM5jkEAECTH7L5z7Pt5n9pPNBQ7p58bWgyIu6NiJ0RcV9E7IqI+yNqZR+MiIfWWX/rIsmt85/0ck+B3aFs/vdSvrbVPP8rZn8xWcpzO2rxl5NjJypLB/LXZDrKW7L8XJc6fnztty87HWuc/2VbVn8xF8zbcXlsS/M5i/Or8xuJudGVixF7xtrFn9xcCUgiYndE7OmxjhNPf7ev07Hbx99FH9aZqt9GPFXv/wvREn8h6b4+Ofu/qCwdmC2uilv98uultzrVv6H4+yDr//+3vf5vxj+ZNK7Xrqy/jkt/fN7xnqbX6388eaeWHs/3fTS/unpmLmI8OVpvdOP+g2vnFvmifBb/9P72439nrL0SeyMiu4gfjohHIuLRvO2PRcTjEbG/S/w/v/rE+73HP1hZ/Ivr6v+1xHi07mmfKJ386fumSidvif9G9/4/XEtN53vu5P3vTtrV29UMAAAA/z1pRGyPJJ25mU7TmZn69+V3RaSV5ZXVZ44tf3h6sf4bgckop8WTromG56Fz+W19PX8xIupfLSiOH8qfG39d2lrLzywsVxaHHTyMuG0dxn/mz9KwWwcMnN9rwegy/mF0Gf8wuox/GF1txv/WYbQDuPvaff5/MoR2AHdfy/i37AcjxP0/jK6O438z/88/QI3PfxhJK1vj9j+S75oo/qUeT9+0iSj/K5qx8UQ1adu5kQ67YRKDTAz3fQkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKBf/gkAAP//qmHgTw==") chdir(&(0x7f00000001c0)='./file0\x00') syz_open_dev$sg(&(0x7f00000003c0), 0x0, 0x802) r3 = syz_io_uring_setup(0x0, &(0x7f0000000080)={0x0, 0x0, 0x10100}, 0x0, &(0x7f0000000100)) syz_io_uring_submit(0x0, 0x0, &(0x7f00000009c0)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xffffffffffffff31}) io_uring_enter(r3, 0x207a98, 0x0, 0x0, 0x0, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='mountinfo\x00') mkdir(&(0x7f0000003200)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000180)='devpts\x00', 0x0, 0x0) syz_mount_image$fuse(0x0, &(0x7f0000000340)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/bus/input/devices\x00', 0x0, 0x0) r4 = dup(0xffffffffffffffff) mount$9p_fd(0x0, &(0x7f0000000140)='.\x00', &(0x7f0000000180), 0x0, &(0x7f00000003c0)={'trans=fd,', {'rfdno', 0x3d, r4}}) mount$bind(&(0x7f0000000040)='./file0\x00', &(0x7f0000000180)='./file1\x00', 0x0, 0x101a000, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f000000b7c0)={0x0, 0x0, 0x0, 0x0}, 0x90) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) getdents(0xffffffffffffffff, 0x0, 0x0) 2.500930822s ago: executing program 4: bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x12, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x0, 0x2, 0x3, 0x2, 0x1, 0xb}]}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xfe4a}, 0x90) 2.416597931s ago: executing program 4: socket$nl_route(0x10, 0x3, 0x0) r0 = socket$nl_rdma(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_RES_CM_ID_GET(r0, &(0x7f00000003c0)={0x0, 0xb, &(0x7f0000000380)={&(0x7f0000000100)=ANY=[@ANYBLOB="180000000b140309f5ffffff00000000080001"], 0x18}}, 0x0) 2.306008053s ago: executing program 4: bpf$ENABLE_STATS(0x20, 0x0, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='blkio.bfq.time\x00', 0x26e1, 0x0) close(r0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x4, &(0x7f0000000000)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x97}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000011c0)={r0, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000001240)="b9ff03076804268c989e14f088a8", 0x0, 0x0, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50) 2.225672483s ago: executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = dup(r2) ioctl$KVM_SET_MSRS(r3, 0xc008ae88, &(0x7f00000001c0)=ANY=[@ANYBLOB="01000000050000f58604"]) 2.212117543s ago: executing program 0: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000040)=@framed, &(0x7f0000000000)='GPL\x00'}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r0}, 0x10) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_prio={{0x9}, {0x18, 0x2, {0x0, "0000000000000000000100000e00"}}}]}, 0x48}}, 0x0) 2.133943436s ago: executing program 0: openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) read$FUSE(r0, &(0x7f000000c3c0)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_INIT(r0, &(0x7f0000000240)={0x50, 0x0, r1, {0x7, 0x1f, 0x0, 0x202}}, 0x50) syz_fuse_handle_req(r0, &(0x7f00000041c0)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea2105600000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000170000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) umount2(&(0x7f00000002c0)='./file0\x00', 0x3) fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000200)={0x2}) 1.984719525s ago: executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe5000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f00000001c0)=ANY=[@ANYBLOB="01000000050000f59104"]) 1.88400895s ago: executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = dup(r2) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000fe5000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_SET_MSRS(r3, 0xc008ae88, &(0x7f00000001c0)=ANY=[@ANYBLOB="01000000050000f58e04"]) 1.880184007s ago: executing program 2: syz_mount_image$bcachefs(&(0x7f0000005b00), &(0x7f0000000040)='./file0\x00', 0x2, &(0x7f0000000240)=ANY=[@ANYBLOB="6261636b67726f420d645f636f6d7072657373696f6e2c6e6f6e652c6261636b67726f756e645f636f6d7072657373696f6e3d7a7374642c737472df686173683d63726336342c73743332632c646174615f636865636b73756d3d63726336342c646174615f636865636b7375003d6372633332632c7374725f686173683d736970686173682c6261636b67726f756e645f636f6d7072657373696f6e3d6e6f6e652c0063ad2a0f24dbcb9b4c34c2eab4871f7dee411dc51b7c2cc57106643bb5721eae89517d4a6314015fefa971e2255edc0dcd297a5ba652a6c236bba6ae8074b44c616c423519f5e3de4f62550a9c00ea21b273c6024b2a7d6e407de8a0cbb9a45c"], 0x1, 0x5b1c, &(0x7f000000b6c0)="$eJzs3Q2MHNWdIPCq7hnPjMc2YxLAMR8ewPgMF2CMyQEWUQZOAXKJCYHEJIFgO3hshvgDPHYMTogNUkhEOM7SnRIuUhBCicQJIXKLNpuPjUy0hGjDRrGUZU12N0sEiTbsijgikHgxilczXdXTXVOvq6e7xzHw+8memqp+/X/v/+pNTdXrmu4IAACAt4SnPj/2hysXvvfHd428uuuK7266M+ovT2zvTQsMJMvb/lwt5Ejq6VowscyOiz3Ds556z70fePZrn/jG8y/MX7rs6zdfdujWOSvvuWf4Zxcc+smf7iiKm46nMyfX45fiKDr5p0u/fPcPnz5hfFscRVE5HtgdRfPj0g/mx5kQQ69FUbQuWVmQefDxV5evH1/u/lJP3fZjMuWM97e23mScfeH7W076zTmXPbv355e+OtT72tbdk0Xi3prxFEXz1tQ+vzuKor7k/7h0tKXjMR20V0VRNLvmeRcWtOu0Jtt/dmB9YbKclSz7C+Kkj5+aWe9ush1dmWVvk89rVWmG46fS/TdnhuvPHtyy9cxPlt9KlmdOM345/R9HpTjqqla3MZ4cI1HNfoujeGLfT66X6sZCnBkbcRTFmfVSZr3cnclrot5koJXjuH57Wi6zfTDZ3pVsP7VgrF0T2P6ONN/kB/VgJv9s0P4p31TzmpC265cN2nIklGqOQXnb0/b2JjujP9nWHx875TmHc6SPrXrhvsee3/nA4oFAO+Jvxkn8uKX4z2y6aP+Snb84kP29Xo2/ppTEL7UUf+yclx998eofnRCMvyeNX24p/nPnL/nK93btOBjsn9+l/dPVUvzyirMOLbtraFWw/Q+m8Xtbiv/QpY98dd67nnw02P6htH/6Wuuf0e2vX/fwcQeC8aM0/uyW4l/yyvFnrNjyyIZg/CfS/ulvKf7TY6Mr775p0Y7BUPx9afy5LcU/7VfXX7d3/8hzwfYPp/0z0FL8dy++5KqVBzbfGzp2xruP1G9YgDentyXnWF9M1lu9zmxXzfXC/QNx5ZxvTvJ/brmTNdUbr2fezIUHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4C3qoYF1I3/6zimvdyXrPck3p5Qry3T7rCiK+6IoGtu2duu20c0bBm/esn3r5rUbB9duGxzZvG3r7YPnv3Nw68gtG9fePv7o0NnLK887Noory/jkKXUfPnz4cGmgflta36cu+N+PD56y/x+jaOi4n53SFWz/B+9Y+N/n53zNiIcPb/xfZ9zw4py/3V7ZMJC0ayDQrijQrosffmnFb77b9z+jaOj4Ru3616WX/7CuQRMbJuMkSj1RaeKbnnh2bjuqrU7ak/ZX1/rRjSNDxf1bDuTx64N/8ZEdYzfurvRvbzCPJvu3b/jwHzd/+4kbL955VWXD0brfi/o7zSJtX9p/vUl/z0vymhfIqyuQ191nnPov//B/N720Oxrq+v2iqXUX5dWdDIDu+B1N1ZvWMDuu75PepHy6x9Pnnbtt0y3njt2+8+zRTWs3jGwY2bx8+fILz19+3gXn/bdzJ1KvfO1Y/mn9/6XJ/I/MeNpywfBo+rW58VTUrqL+GG9XcX/Utij08/f2D1/+T3f+5Z6rKxuKxnlauno8SZazx3fzsqhmvE3tq7y8ivqhO9APG67p/3+vDG75j6LjUO2eqf2aEQ8f/v3o371nzt7Tb6hsOCLH+doGtXicr7Y6aU937XFn2dHbvz1ROcmrP7ddp9/18kf//jvxYLV9s2ZFt63dtm3rssrXI5TX26/5bGfzunDJv9+6c82d86fkdV7l65ykpXPiE3Pbld2a5rVo4ms5SrolXUS9pfz8uqNK+7K/F9LnZXu1P3msPz42N6+s9LFVL9z32PM7H1gc6un4m5Ua+6K5lWV8UqDkxswTy9UG59VfND6iKFpTuy3txye+/X8G9/54/qbC8VEZGVO+ZtMbPvy5i+b8euzafSsrG47McaWmQS0eV6qtnmzPRH9NHFfOO3ry+PPt57ofrHj48N6T3rlh+V9vS37si/q3Wjqvf5dHUdFxYFFmfaaOA9l6JsvnxxvMrPdH5ZaOG8+dv+Qr39u142DwuPG7Zo8bn61bK7d53IgD42n/5/7/Hz+z/5n3de648b4l5Y//86LlSYceLT9vvcm47g2M62qrk/bEteP6nBu3bFxX2X70nv8my4Lrn/T399jtOz+1duPGka1jzeXV7HlJWk+2l1s9L0l/+o4tyCvdX5N5zdw3zfRXsz9vafvXZfurxZ83yNMfxS39Pntm00X7l+z8xYGBQNx4TSmJX2op/tg5Lz/64tU/OiEYf08av6ul+OUVZx1adtfQqmD8B+Mkfm9L8R+69JGvznvXk48G4w+l7e9r7XxidPvr1z18XLj/ozR+f0vxnx4bXXn3TYt2BOPvi5N6xs/toujxV5evr6zHUXdyHE7b0V3Xrii7HmfWS5n1cu16qTIHX62gHMf129NyyfZTa9qS59ooivb1TN2enj32LqgsD6brUfabxtuPNqWac4K87UXn1wDwZpK+/p+ea6Sv/y9KfiHWvP5fWcaz6p6/IDmfWjC5aeI6787Byi/S6c7rpe3Izuul8ZeeXh+j1Xm9onm50zLrabsWJb2StqfBecOcqIl5uan1NJ6Xy6RfPG82+MXMhq6Jub3QfutOZiryXmfOtHfOeIR2z7MX5Le6ep4dGnfZ+Y70dfq4yXGXvS8i3b/Z+yLS+AszE2it3hfR7rhLpzUajLuJzIrnU6eOi6hBv06Oi/xo2XExjXE0UBlHM/u61Bv/en9m59/fMvMJ0e76/mlyPuFov95Pt6fHh64m5wFWBbZ3ah4gPVyk7fplg7YcCeYBAGDy+j89pxi//h//XT2YOc8vum7JXmWk8YL3sZTz21N0/Tv1frbZLZ1XXvLK8Wes2PLIhuB58RPN3pdyS93a7IL7Uor6cXFmvbAfA7eCFM07LMmU74/mttSPp/3q+uv27h95LtiPw5UTqeJ+3FO3NrfNflyaWS/sx+78VhX1Y7aeovF7Zma9P7kjaLr9/u7Fl1y18sDme4P9vrvZfn+wbm2goN9dpwfiu05/U7zuXzQf+WebB0jmrWdqHuCawPbpzgP0T/mmmteEN9w8QOD3AgC8kaXX/9X75ZPr/7/JlGv3+jB43jbcmftZg+dt1fPa9s7Lg+2vnpe3d10UjF+9LmrvuiXYP9Xrlvauu4Lxq9dd7c3TBPvnibR/pp7372oifnreH/pzgfS8/41/XTSz8wyui5L1KPtNhesiAACOBun1f3q6mt7//2Synj03nvnr3Jm+Dp3p6+iZnmeY6XmSN/p17pGfZ2gmfvPzDDM9z2YewDxAMfMAAABvDu9Nljc0Wb5r4h7iKPrkjTedt3rdyKdXr986MjJ2y9obR1aPbh7dVi3XPXHlNfU+6VB9RfdJ55Wf3aD86mD8+vZcFigf0m7+ofqK8s8r3yj/NcH49e25PFA+pN38Q/UV5Z9XvlH+a4Px69tzRaB8SLv5h+oryj+vfKP8PxmMX9+e9wXKh7Sbf6i+ovzzyjfK/8Zg/Pr2/I9A+ZB28w/VV5R/XvlG+WffLzOU//sD5UPazT9UX1H+eeUb5T8SjF/fng8Eyoe0m3+ovqL888o3yn99MH59e1YGyoe0m3+ovqL888o3yn9DMH59e64MlA9pN/9QfUX555VvlP9Nwfj17flgoHxIu/mH6ivKP698o/xHg/Hr23NVoHydmonjdvMP1VeUf175RvnfHIxf354PBcqHtJt/qL6i/PPKN8r/U8H49e25OlA+pN38Q/UV5Z9XvlH+G4Px69tzTaB8SLv5h+oryj+vfKP8NwXj17fnw4HyIe3mH6qvKP+88o3y3xyMX9+ejwTKh7Sbf6i+ovzzyjfKf0swfn17VgXKh7Sbf6i+ovzzyjfK/5Zg/Pr2XBsoH9Ju/qH6ivLPK98o/1uD8evb89FA+ZB28w/VV5R/XvlG+W8Nxq9vz8cC5UPazT9UX1H+eeUb5T8WjF/fno8Hyoe0m3+ovqL888o3yn9bMH59e64LlA9pN/9QfUX555VvlP/2YPz69lwfKB/Sbv6h+oryzyvfKP9PB+PXt+cTgfIh7eYfqq8o/7zyjfLfEYxf354bAuVD2s0/VF9R/nnlG+V/WzB+fXtWB8qHVPPftnVkZPX2W9at3TayevOWdSNjq3dsHd22bSQ5UWv3vsTgfWXJfYndUVfD/Bdm1o9J3h/omMD7A2XLp2FPnPhm6vsDZavtKnifnKL9la2/6H2G8srnjbfQ/i06HjQ7HrLqfj4qg2R089jI1qnH776G/VE7JqKJ2+b6Ksv4+KbKZ9+uM1BNoebz6W2YT3ZzT3IjYE98XFPlo8DnwU1X8/nEwXzy2jHdz7FLw07rc+wyX6bIeY/WunzXj00cpEfXbhzdOTK1/bOPgvY304+7O96O0pR2FO3/ONMf85OWzA993lug/3Z8698e+u1v/+r9UTR0XPmktvovHj685uDxn/zpxT3njre/1LD91ZLp5yoXfP5htnyaT9fGLWPb/uv6Lds357+Clt7vXKquz9D9zkme5SbvXw7d7zHd+5fjKd8cnZq9fxkAAOCtIv37//R6dUHyN6jzM1MEzc8Dt/f30cF54H3NzQNnZyOK5oGz5dO0m50H7m9zHjhbf2iettSgfKPXXZqdB/54oPx0NT9O2nsfgOA4SXqqaJxk/w6/aJxky093nPS1OU6y9ReNk7zyjV6fbnacXBsoH9L8eGjhfScGJ993IjgehpobD9nP1SwaD9ny0x0PvW2Oh2z9ReMhr3yj+3WaHQ8fDpRvVvPjo733hQmOjzXNjY/s56UUjY9s+emOj7jN8ZGtv2h85JVvdD9js+PjQ4Hyqeb3f3vv2xPc/3ua2//Zz20p2v/Z8tPd/6U293+2/qL9n1e+0f3cze7/KwPlU/X7f3zHT+z3kdU7tmytvQd6pj+3JaT59s3s59a0qvn2z+z7Ps18+2f2faVmvv3tXTcF27+vvVe6mm//zH4uUauO2Ouxyd8MFb3/VNHrtB8LbJ/u67SzpnxzdPI6LQAAAMy89PX/9OP40/eH/1KyDHxMf8ve+J/v7fO3c+N36PO3i+Yxzec1qOwoYD4PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgM3q6Fkwsn/r82B+uXPjeH9818uquK7676c49w7Oees+9H3j2a5/4xvMvzF+67Os3X3bo1jkr77ln+GcXHPrJn+4oDDxQWZyZrPZGUfxSHEUn/3Tpl+/+4dMnjG+LoygqxwO7o2h+XPpBnI0w9FoUReuq7ax/8PFXl68fX+7+Uk/d9mMyQbJ5Rf3ltD117YxuK8yIN6DeZJx94ftbTvrNOZc9u/fnl7461Pva1t2TReLemvEURfPW1D6/O4qivuT/uHS0LUifnCyviqJods3zLixo12lNtv/swPrCZDkrWfYXxEkfPzWz3t1kO7oyy94mn9eq0gzHT6X7b84M1z/l6JapZ36y/FayPHOa8cvp/zgqxVFXtbqN8eQYiWr2WxzFE/t+cr1UNxbizNiIoyjOrJcy6+XuTF4T9SYDrRzH9dvTcpntg8n2rmT7qQVj7ZrA9nek+SY/qAcz+WeD9k/5pprXhLRdv2zQliOhVHMMytuetrc32Rn9ybb++NgpzzmcI31s1Qv3Pfb8zgcWDwTqi78ZJ/HjluI/s+mi/Ut2/uLAgkCe8ZpSEr/UUvyxc15+9MWrf3RCMP6eNH65pfjPnb/kK9/btePgQCj+79L+6WopfnnFWYeW3TW0Ktj+B9P4vS3Ff+jSR746711PPhps/1DaP32t9c/o9teve/i4A8H4URp/dkvxL3nl+DNWbHlkQzD+E2n/9LcU/+mx0ZV337Rox2Ao/r40/tyW4p/2q+uv27t/5Llg+4fT/hloKf67F19y1coDm+8NHTvj3UfqNyzAm9PbknOsLybrrV5ntqvmeuH+gbhyzjcn+T+3kxVljNczbwbjAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADw5jRy+f27Lt+3+oquOIriQJnDOdLHyrOGhwdbqLe84qxDy+4aWlW7bUELcQAAAIBi6XV4qbqlN1oQ7Yj7ohNzy6dzBCema3H99uwcQt9kyY7EKXUoTrlDcbo6FKe7Q3FmdShOT4fi9BbE6Y2ai9PXME6p6fbM7lCc/g7FmdOhOHM7FGdeh+Ic06E4Aw3jND8O53cozrEdivO2DsV5e4fiHNehOMd3KM4JHYqTnVOe7jicm5RcGIoz8U25ME5XXK4+kDefntZzcuZ5pWnW099kPdk5++nW09dkPae3WU9vk/UsabOeuMl6zmyznlJBPem4vS3bvrSedK3J8X97h+Ls7FCcz3Qozmc7FOeODsX5XIfi7GozDkCz0uv/yevGgain6+JodnLEyc4CpNe7iyrPnnI86s1eoCfSeCdlts8qipe9UM/EW9Th9p2W2d5dF6+ret7UIN5AbbzFmQcL881OKGTat3S68bITCwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwg0Yuv3/X5ftWXxHF0fi/XIdzpI+VZw0PD7ZQ76oX7nvs+Z0PLK7d1tPVQiAAAACgUHod3l3d0hv1dJ0bzYpn1ZX7T3btL0auqn4A+Lk7szPDtvCb/gJ1IIWOLF0xIi1dlD+p4aIPs8SgBDAaMN0tZVg3bHeR3aawImt9ID5oINHE1SfDE4bwoAZFJVkeNAYlYRPFJoLyIlE0QAIk1MRkzO7cO/8601lGtAU/n4dz7z3ne873ntmmyffMFJJzgELynCnWr1F5aOM6Em07aXw2id+9eOiu3Qv3Ln145tCB6ep0dW58fPzKy8f3XrH3o7vvmJmt7qm3Id9nveFkvYV7l+48MDtbvXuh/tz53qVkXqnZNbXeHE3e+//75ImS+Gae/9xN/78WAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACcWtXKynJlbXJiJAoh6hFT6yIdy+TiuDxA3mvf3L7r6vlHp1v78tkBFgIAAAD6Suvw4UZPIeSzmZAJ5248XdgMLYbQrPsBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID/PdXKynJlbXJiSxRC1COm1kU6lsnFcXmAvL9ZmLn+gS/sPNLaVxpgHQAAAKC/tA4favQUQimMhuHo3La49GzgvI75nXHpOudvMq7z7KBX3Ogm48Y2GffBPnGfSq73BAAAAHj3S+v/bKOnGPLZM3vW//3q+jRuZ0dcJrkO8lsBAAAA4N+T1v+5Rk8p5LOlRr2+2Xr/wo64dH6/7+3T+f2+t0/jLu6Rp/P7fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg9FWtrCxX1iYnMlEIUY+YWhfpWCYXx+UB8r54+di3f7585HhrXz47wEIAAABAX2kd3iy9CyGfHQnDYctG3X/l2N+/uDR1dNtwMRnO5cI9BxYX795bb9O40a++/rnf/TQqnxB3Wb09JZsDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADeUdXKynJlbXLijCiEqEdMrYt0LJOL4/IAeV+cOfzPWx8557XWvtIA6wAAAAD9pXV4s/YvhFLIhVzYvvHUWuuvG+qY3+vMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHjvWLh36c4Ds7PVu924ceOmcXOq/2cCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABOF9XKynJlbXKiEIUQ9YipdZGOZXJxXB4g78Mff/S7Z33kF4+19pUGWAcAAADoL63Dm7V/IZTCcBgO52w8dTsT2Kj/i//FlwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAE4L1crKcmVtcuLMKISoR0yti3Qsk4vj8gB5L/zz529dPVZ9sbUvnx1gIQAAAKCvtA7PNXoKIZ+9LOTDjuR5tn1ClEmu3c8FmvPuaps2sul597XNy2x63tc6dpZNdlOfV0jXK9avjXnlE+eVQwilZF6pOTDVNi881DbrzE2/5/fa5hX7zAsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwGqpWVpYra5MTURRC1COm1kU6lsnFcXmAvM8duurY2NIfX2vtKw2wDgAAANBfWoc3a/9CKIXzw1nh/I26PxTb49O4fY+8cvVff3bGN0LYs/23F2R7rv+Xiyu/7GxCGGoPGgrh/5J8UY98R378t4dfffUnnwxhzzmZHW83X/uScW3q+Pbbnt2X332SDwYAAADeQ9L6f7jRUwz57FzP+j+tvN9W/T9/9k33bUvapCLvmDFUTPIN9ch35xXf/FH5gmN/WK//T5bv018+7xPbwvwV8Uza1ns6RHFt9sFd+1/e+vThdNf1/JmO/Onn8tLxH37myMLBr9TzF0Ih6T8v2y3/iW2HM+LaW3NPPHVw39IN7fmzPfb/wK73/+n33zn0ynr+N3aONPJ/4CT7P3n+s2+uPH/08YdubM8/3CP/9E1bvv9mef4fnfsf6Vg4+eTrf/CWv0KHKK69MfPMNVtXR/e35w8hTLUGpp//U098q7z6622H0vzpb0UuHu3I3/JPrbXtOHOK4trqjkumx59c3NKeP+rIn+7/2P0/eOtLx567rnP/t3fuv2f+zv1fN5a55YWd44P8eAYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4F2gWllZrqxNToRMCFGPmFoX6VgmF8flAfJ+7KJrb7j+tbmvt/blswMsBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALxjqpWV5cra5MRQFELUI6bWRTqWycVxeYC8C5e+/tjLN/7qfa19pQHWAQAAAPpL6/Bm7V8IpZALuTCyUfdPHd9+27P78rtDsT4aJdfs7PzC4ofumD88d/spenMAAABgs9L6P9voKYZ89qIwnNT/qzsumR5/cnFLWv+HEKbWm8IdM7PV8dA4J7huLHPLCzvHy41zgta4Sw/OzybHBOm691+19aWFz65d33Xdvc24N2aeuWbr6uj+NG44uW7EXdaMm31w1/6Xtz59OI0bSs8p1uP2NOPemnviqYP7lm5IxzOt67XEnX1z5fmjjz90Y2Od5DqS5AUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAf7EDBwIAAAAAQP6vjVBVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWF/ToKsaqI4wA8c++uXr3rtluUmxSpmGiQrFRUQrQKSQ9tSIEvFviQlZFJLWEI4SZkYRI+VQRFREEgUhD0UIQFZZBEQYT2EIb2UA+xEW2IGxW7O7N79+hpt1OrIN8Hh3Hm3POb/5kznr0XAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4v+a29Yy1h58e+P3ORbd9vnvL8K7b39/21P6+OYdv3XfHsVfuffPEye4Vq994aP3Iox39e/f2fX3jyBd/Pjlt8BPjzcrUbYQQf44hXPnlihf2fHpk4ehYDCHUY9dgCN2x9nF3LCT0ng4h3DdR59ST7w5fd/9oO/jc3CnjFxVCivcVmvVcz7iuqfVyYWmkffbMh9uv+HHV+mOHvl033Ns4/djg5Edio2U/hdC5ufX69hDCvHSMyrutJ1+c2g0hhPkt1900TV1LZ1j/tSX9Ramdk9rmNDn5/JJCv32GdbQV2sYMr6uqNsv5WX5+HbM8f/HlVpynO7XvpXblv8yv5yOGWgxtE9M9HCf3SGh5bjHEsWc/2a9N2QuxsDdiCLHQrxX69fbCfY3NmzZaPcap4/lzhfHFabwtjS+ZZq/dXTJ+eb7f9B/1VOH+i6HNM/4xcV9jcl3f/0Mt50Kt5R10tvFcbyM9jGYaa8aLz7jmr7PI5zaefP7tEztfXdZVUkd8J6b8WCn/m203H12+87uhnrL8zbWUX6uUP7Dq14M/3fXZwtL8/Tm/Xin/+PXLX/xg145TpevzS16ftkr59TXXjKze3buxtP7Xcn6jUv7r6w683HnDJwdL6+/N6zOv2vpsffyPTW9dOlSaH3L+/Er5a3+77Oo12w88UJr/UV6fZqX8IwNb+/c8eNWOxWX5X+X8BZXyl/5wz6ZDR7ccL62/L69PV6X8W5at3dA/9Mi+sndnHDxXf2EBLkyXpO9Yz6Z+1d+Z/1XL74WXuuL4d76OdCz4PycqGJ2ncxbzAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgb3bggAQAAABA0P/X7QgUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeCoAAP//1K1XJQ==") 1.833201259s ago: executing program 3: bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000002400007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000e00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x26e1, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000200)='ext4_sync_file_enter\x00', r1}, 0x10) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0) write$cgroup_int(r2, &(0x7f0000000680), 0x12) 1.769957389s ago: executing program 4: openat$ptp0(0xffffffffffffff9c, &(0x7f0000000280), 0x40c000, 0x0) ioctl$PTP_PIN_SETFUNC2(0xffffffffffffffff, 0x40603d10, &(0x7f00000002c0)={'\x00', 0x0, 0x2}) creat(&(0x7f0000000e00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0) syz_mount_image$iso9660(&(0x7f0000000dc0), &(0x7f0000002380)='mnt\x00', 0x3a0c412, &(0x7f0000000340)=ANY=[@ANYBLOB="756e686964652c636865636b3d72656c617865642c6d61703d6e6f726d616c2c626c6f636b3d3078303030303030303030303030303830302c686964652c6e6f726f636b2c686964652c686964652c756e686964652c6e6f6a6f6c6965742c6e6f636f6d70726573732c6d61703d6f66662c2c9b5214e0ced9c5911fcab0cbbf0c1134e335a68f5bbbeba319ac6582578abc6d8a77a9d0e6a54054c516469aa2c3da41d16e9a865425ac09258d08bcd72bbe6750158db43b2af0f4d4e844a4245e748ed7c43f46d9c39589cdfd32e714f88a57ce1a07d26baf157c013dfce69c6eb6"], 0xff, 0x9bc, &(0x7f00000017c0)="$eJzs3c1vHOUdB/Dv+CVxDQoBUpoiIJvQgIHUWTslNOLSxF4npn6pYkciqipCSVJFsUoFrQSoh1SqeipqD1UP9MaxJyQucKlya/+CHipV/Auop7SHbjWz69jGXq+d+o3w+VjjnZffPM/v8czOo13vzhO+zJrNZjXd4/KlP+9ksuw958Y/+/Cj98vpV7eyL715sfgkGUhSS/qSHE76x8Yvzk53KehmciXJ7aRIsj+txw25kuJ3eXBp+XaKP5X1Vi7dY8PYkCZfabt9/gEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwF5UjI3X6yNFpiZnLr1a66waArzTxp6l8j6tRv0uPu1ab1KUUwYGFof6PnxoafNj5a9jeaK19EQ1IHkG8t4Djx18+dG+nsX910l4M/7bHgx50zu+/e57N19fWLj21hYl8mVzvjEzOTc7OX32fKM2OTdbO3P6dP3khYm52sTkVGPu8tx8Y7o2drFxdn72Ym1o7LnayJkzp2qN4cuzl2bOjw9PNRZXvvTt0Xr9dO2V4R80zl6cm505+crw3NiFyampyZnzVUy5uYx5qTwRvz85X5tvnJ2u1a7fWLh2akVGa5wSZdBIt5aUQaPdgkbro6MjI6OjI6dfPPPiS/V639KK3lQr6l+QVbvcPWnLM3ozf2v2tA96Nhq5tRdw+D/0tPv/TGUyM7mUV1Nb82cs42kWyXSH7W2L/f/xk411613e/y/28oeXNj+eqv9/qrX0VKf+v0MuO/fzdt7Ne7mZ17OQhVzLWyu27r+HEpvN3W/Vxn/Op5GZTGYus5nMdM5Wa2rtNbWcyemcTj2v5UImMpdaJjKZqTQyl8uZy3wa1Rk1lotp5Gzm+8oDXctQxvJcahnJmZzJqdTSyHAuZzaXMpPzGc/ZqpTruVH93U+tk+PdoJGNBI2uE7RO/99esYn+n6+obbiKw71ptvv/fd1Dh8Z2IiEAAABgy33zbzlw6JG//jPpz5PVe+wAAADA/ab6uN4T5UN/OfdkionJqUZ9t9MCAAAAtlBRfceuSDKYI625xW9CeRMAAAAA7hPV//+fKh8Gy7kjKbz+BwAAgPtN93vsd40oTqSWW+Wm2tVW5NV2RPs+v4MT+5KMzU69PJJnqrsMVN80WFVabw4m1dcPns/RVtTRwdbj4MoSB8qokeGXRzKQY+2GDD1dPjw9tEbkaBn5fJ5tRT67GDmQVZGnykgAuN8dW6c/3mj//3xOtCJOPF7dvr3v8TX64LqeFQD2iu5j7HSNKL6zOPxPh9f/j+T6kdZHCobzRt7MQq7mRPVtg+oTB+1Sc7vIUqmDyz6GcKLLuwGDy0Z4ObH4fsCRB8tX+cWt1tIasaM5seodgU7lntr24wAAO+nYqn54nf6/2WzNrXr/f/3X/4M+UggAe8rdEey3cWa32wgArHRPvXTvNiYEAAAAAAAAAAAAAAAAAAAAAAAAAAAA94GduP//npy5lWQPpGFme2cGduYM/9G+ZK80eYtmdvvKBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwE4okt611vck+5O+epKTO5/V9rm12wnssuJO7uSdHNjtPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7jft+//3pPX4QGtV+nqS40muJPnhbue4le7sdgK7bNn9/8tjnmaRvtZhT9E/Nn5xdro8/Nlfbv/sw4/eL6d7qacsoKxhxeAS7Ro67/Vwtdfg+LW3b/78zZ/Vxs9VSZ6bn5ganz5/8XtLgY8VHye1tKZFi/n+smifxStb/nHZ0o3VO1HVO7663m+stffdeo//5fed27ZkKY0bC9dGy5rmG6/O/+KnN95ZFvRIjiZPDyVDK2v6STl1qOlo+tert/i8+E1xIH/Mler4l2kUzaI8RA9V7f/a9RsL14bfeHPhaoecDuZIkqvJwMZzOrL6SCyqzrqe/rLWehVU/jrUpbx1PdB7oNlslTjSoQ0PV6fM4KbaUOvchkqXv3u7jac6ZPRontn0kX6mS41t/2m2tJaKz4t/FBfy9/x62fgfPeXxP56NPDvLmCpy2ZnSuc3Hl1o+unzDa1+M7PisZBv8Nj/Od+8e/55l1//2sdqZ69GyGrfteVG0eqG2av7QF3qk9tWnU5btPA+1ojrk+fW8sHq/Lnm+0OWKskXP/5WKz4sPiqH8K7eM/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOx9RdK71vqe5HiSg0keKpdrSXMr6usZLLaimA3at2rNrR2sfe/ouTtX3MmdvJMDu5oOAAAAAAAAAFvm3PhnH370fjlV/4/vzbeKT5KB1n/6+5IcLP7Qf/XfzeZ0l4L6kytJbpfzA5vLodwvDy4t3y6XDm++LQDAxvwvAAD///7fd9o=") r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x1, &(0x7f0000000100)=0x5) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000200)='sched_switch\x00', r0}, 0x10) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x20, 0x4, 0x0, &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) symlink(&(0x7f0000000540)='./file0\x00', &(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x22000406, &(0x7f0000000200)={[{@dioread_lock}, {@noblock_validity}, {@dioread_lock}, {@init_itable}, {@auto_da_alloc}, {@grpjquota, 0x2e}, {@nouid32}, {@errors_remount}, {@jqfmt_vfsv1}, {@grpid}], [], 0x2c}, 0x84, 0x4aa, &(0x7f0000000740)="$eJzs3MtvG8UfAPDvbh59N2l//QF9QA0FEVFImrRADxwAgdQLEhIcyjGkoSpNW9QEiVYVDQiVI+IvAI5ISJy4cAIJIeAE4gp3hFShXlo4oKC1d5N1YqeO8zDUn49kZ2Z3xzPf3R17vJN1AF2rkj0lEdsj4peIGKhl6zeo1P7cunFl4s8bVyaSmJt76Y+kut3NG1cmik2LctvyzFAakb6XxP4G9U5funx2fGpq8mKeH5k598bI9KXLj505N3568vTk+bHjx48dHX3yibHH1yTOLK6b+96+cGDviVc+fGFiLl79/rOsvdvz9eU4agZXXWclKjGXW1jaX31+aNWv/u+yo5ROejvYEFakJyKyw9VX7f8D0RMLB28gnn93PvNNhxoIrJvss2nXkqU9+d90/vMLuBMl+jh0qeITP/v+Wzw2cvzRadefyZ4nq/Hfyh+1Nb2RZt9lB2vf2HualL9rlfVvj4iTs399lD2i4XUIAIC19VU2/nm00fgvrRvb7MznUAYj4nBE7I6I/0XEnoj4fz4Oujsi7llh/ZVF+aXjn5+2tBVYi7Lx31P53Fb9+C/Nt0jmczuq8fclr52ZmjyS75Oh6NuU5UeXqePr537+oNm6Smn8lz2y+ouxYN6O33s31Zc5NT4zvoqQ61x/J2Jfb6P4k/mZgGwP7I2IfW28frbPzjzy6YEsvXPb0vW3j38ZazDPNPdJxMO14z8bi+IvJLWams1PjmyOqckjI8VZsdQPP157sZzvK6Xr4t/cWkyb2w22gez4b214/ufxF92gmK+dXnkd1359v+l3mqXHP4mTs+Ut8vO/9C6Qnf/9ycvVdH++7K3xmZmLoxH9+YK65WMLZYt8sX0W/9Chxv1/d8TfH+fl9kdEdhLfGxH3RcTBvO33R8QDEXFomfi/e/bB15ffQ22e/2sgi//Ucsc/YjApz9e3keg5++2Xzepv7f3vWDU1lC9p5f2v1QauZt8BAADAf0VanYNO0uEiXbo4tSe2plMXpmcOV+LN86dqc9WD0ZcWV7oGStdDR/Nrw0V+bFH+aETsqv6n0ZZqfnjiwtSOTgYOVO/Vqev/kabDw7V1vzX7pxfgzrGiebTy3YGff7H2jQE2lPs1oXvp/9C99H/oXvo/dK9G/f9qxK0ONAXYYD7/oXvp/9C99H/oXvo/dKWlt8QXP7TQzp3+C4ndJ1ZVfN0TcwPr8sqzKy/Vs06RRvlHO5omkohor4pIl9+mv4XaO5ZIb7vN023ulhUkDuaJTRHRaqmrG7ZXO/u+BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsFb+CQAA//8O/dzR") 1.63286807s ago: executing program 3: mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x10, 0xffffffffffffffff, 0x0) io_setup(0x0, &(0x7f00000004c0)=0x0) r1 = bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f00000002c0)=ANY=[@ANYBLOB="1500000065ffff018000000800395032303030"], 0x15) r4 = dup(r3) write$P9_RLERRORu(r4, &(0x7f0000000340)=ANY=[@ANYBLOB='S\x00\x00\x00\a'], 0x53) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="7472ff01000066642c7266646e6f3d", @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r4, @ANYBLOB=',k']) io_submit(r0, 0x1, &(0x7f0000000200)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x5, 0x5, r1, &(0x7f00000000c0)="b6baf1fc0803d8958c2290770d3d520a2d633f406a61bb6230df6a559a05295092d602a703a377f473dc3613bd18a76311a80ffc559b034229fcbe9aeb50fab25a91a2816b91a10d027cf5ba99237c512a0ec3812cb249d529ae0ede9d6a953be19c31143cac4efe94a82eca95edc4b0da99d41c65876a7d8b7a3aae2587a291385514c34b6f0189e43561db21c1e9d30990086aa58180854f56cb01a913605b9de78db37447b7465387085c8598feb72bf9531a4e8dd47178e75fb4eb2ff936303dc739d0cf2fb2ecfe22a46bf7807640476f4bdf73ab131a8399cc4322e72519119c691b54b5e74175ebd4", 0xec, 0x81, 0x0, 0x0, r4}]) getsockopt$inet_sctp_SCTP_RTOINFO(r1, 0x84, 0x0, &(0x7f0000000280)={0x0, 0xffffffff, 0x0, 0x6}, &(0x7f0000000380)=0x10) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90) socketpair$tipc(0x1e, 0x4, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) accept4$packet(0xffffffffffffffff, 0x0, 0x0, 0x0) ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x8923, 0x0) r8 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r8, &(0x7f0000000000)={0x2, 0x4e21, @local}, 0x10) connect$inet(r8, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x13) getsockopt$inet_IP_XFRM_POLICY(r8, 0x0, 0x50, &(0x7f0000003ac0)={{{@in6=@remote, @in6=@private0}}, {{@in=@initdev}, 0x0, @in=@loopback}}, &(0x7f0000000b00)=0xe8) r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRES64, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700"], 0x0}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703"], 0x0}, 0x90) r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r10}, 0x10) sendmsg$tipc(r7, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000040)="fb", 0x1}], 0x1}, 0x0) recvmsg(r6, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)=""/60, 0x3c}], 0x1}, 0x0) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r1, 0x84, 0x7c, &(0x7f00000003c0)={r5, 0xfff, 0x2}, &(0x7f0000000400)=0x8) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000340)={0x3, &(0x7f0000000080)=[{0x45, 0x0, 0x0, 0xfffffffe}, {0x4}, {0x6}]}) ioctl$TIOCGSID(r1, 0x5429, &(0x7f0000000440)=0x0) ioprio_set$pid(0x3, r11, 0x2007) 1.603701421s ago: executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000000)=ANY=[@ANYBLOB="0100000000d32a2e000001c0"]) 1.520796355s ago: executing program 1: bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000540)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x2, 0x8, 0x0, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 1.408597743s ago: executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f00000029c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)={0x14, 0x35, 0x701, 0x0, 0x0, {0x10}}, 0x14}}, 0x0) recvmsg(r0, &(0x7f0000000600)={0x0, 0x0, 0x0}, 0x0) r1 = socket(0x2, 0x80805, 0x0) listen(r1, 0x5) r2 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r2, &(0x7f0000000240)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r2, &(0x7f0000ccb000)={0x2, 0x4e20, @local}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1, 0x3, &(0x7f0000001a00)=ANY=[@ANYBLOB="18000000030000000000000026d0000095002b000000000093adff012255f674412d02000000880b5f04596a5e99fce658be2f200c699223886d8be4b50000005ab527ee3697f98125f30e6326996a3cfee33025a30b45bdcf2c69d105e5e55a1d273683623f1a5dc6e3c7e20eb7a98ecf3bd2cf898e924abe26ac296f660e69ba982fd76e00dcff7f0000ca6b78ad833488cfe4109eaf009eddcf21f5c63cde2f00150200000001000000520a0000151d010000000100bf00000000cc587424363da52001a3cdf2000000db74596fd72c002a60c1bc7dc8c38b7d2e13c50424b9dd1145d03ff45f70685c6bd9ff41c69b7de406e89dcbb7677e65a88a8407a9e7f9c0e91028b0856eb1ed9474480737a55ebb0bd701f7fb21135c6172eba7eb8a341f07e5a2d1e88b3cfc22df01e4bac9d97328fa2a82b5e8741e02056d93a433f50479387467824262852c7939db5672d07cdbe8e14abf56497e5d56dbe37551b870b2851c3f0a1a9ebfcba105a6ccdd01b0f04edb256c0200000073f6db43661bd7f0e2536ffbfe5ca31b4083145531458b7d1e341c6b351ebc5223f54d6bec93f4ef088e5d1be2515226988d664709ff03f1aa3dc7f1580ace9bf2afd28d0700000000000000d6eb372713255012e028cb2654d493a0b43bf21375709f348f5eda2967199cc936859a538100070000000000dc10e13ef227f627a40000ad1fa253d33fa74f172d3407ae4e1e347c0c6ef9dd2b6bb700000000000000000c586272c3f4d79bc36315745cb149f3cb385e6add14652003c7cdd3324f07d134d3a6c718bbd1aafe1140cff0be4c6f8df084c5e9734ae30aa9af030025f01ab03a9b1074407136bc506031f0916a39d3057d55183612b39e73ae8e6dc30356886a831836469e2051d937eb85f3f2d5ae2c1dca476b97419a3b76ed62409d004d7fbe362145d19605d760df4c5124ca325d374b371867a79b35c6617fc3327191fbf514573f0e30d1d60be2168fffc2f3dccd599a2cb77f124e22f87673675805494db821f39b50d938d5fd8c6b2a3a324c257bc9110971b749ccd74089ed6b86f81ca3ba47d8f71d290ed1b1a11f7a67125170c88c3b6a50692cc0064fc6bbd312536ac15016c85c6332226401b110da9c786eeca22debc99335587b54c13c3107008fa069af8223b38ced735c2d906551004d8dc10d88738488da01ffa4add56474573c964a270000f2f16625c0c10200000000c7a5ca60fdad159f2e44171f39638410020000004825d081f2d987f05c534187738655d7dc958f2046fa0c1619a6554b82d9c162eb61ca74f1ffdaccf0ea5f06e0fca8b27ff3983ab74fd3d560700a1fab44e77e312b3b129e000302d613916c9bcf9f0000fac73a5b6bfb27f88dba816020be760f7b45e001efada8000000000000fdaf4660402f7b3b79a433e08074ea2462974a00040000eb01352638f56dae0249d15ba8767259658878b7492cfbacde9b57cf4de00788adce638190f3570e0b4c80ef682df22201270955afb6008846557ee3bc09fda6dbb6550d597300eb82a184c96ffde5a30e5433e866665b98ca2002c804c22ff2634b7bfbf5c0d586cda5b45fd00dede1e88a4d41dee7cc76d7a23d06acb1d2d4c58faea84158bb440df2a694f4cdcaa4f65c22efffffffffffdd00000000d503d79986958115ae07b70f991430b7fb475d77b869ee02000000000000000000001ffff0ef89b2a68d2b05c995445d8a7700bcdfbec74fb2dd163e863315e84498dfb52bb93f6c9084659ce777ddac563c8596c2b1d8180289a61faa95a82bf1cfb7f2fd7252e9322abe282c33445d443a67467893b9bf0d1c8130ae6b226900000635376413c29f7c6f7b7e29b9a0c64e68328661f0c06e21f7d7dc22174ea4447a6f60edef3a4168d40200fbc71104512efe8e5d7d934aa289b4bd2b870000000000000000000007000000002000000000009b777883a02f0593dfc4cb4114b9f9cf4ad155110cc6ace2b322ac31bfa27847c799c8009a1ea5b98e525e6383ad7fd9795170e7b11e247603c2ff49a11459c7f606d729d3979676bffb3049166bb84a0f061991bd57c2566c10c282352aba05b6164ef876915a3f2491e4793e590dcc71de10da96366c1e992c0068c940dd4422c9882d3aa0f8a797b8fea6efcfb5276b7679f15559edaa977504cc0b2f777acb907ebf5fc14add71d0bca37405ded69b77ab4a3d7487fd04000000de17e1e13b93669b79556abb722d9c085b189b5fd1f30e8dc813f608830b110001732135e8e7262f290000923bfb6b41ff3792cee2fc37eee739c3e36a4bc80112968ec0d8902eced1fe552018014a463abbbf7ccd6a92a5734e3ebfca9b6e88e031f31de2183652e77c164c646a1cfd3710aa4205d8d4d4f974133ccb1e49feb42664eccd809c0ba8917eda87489e8946d5c8156197bcb66fd5606c63e3389ee9e8552381646365066ef9a36a449c96485c22ad1aa423b7b89efbc6cd54000bb0ea5f4f1e8773144fb6ac9a44d43593d77e66aa7ed7f3d4e7b211590c738888d02b2dbb0b2ba73ec72e1d8d7360a128499dd19e1e7b9b0671f4f58515b45ecb9964f3c4ddb8234391d514f8d996d8d6dd7f8fadfee2d7a0035638ce27c2936cb04b30a0eb0cde0000000000000040000000ec3c12ecee8fc3a40000000000000000e215b00ce2570b930723cbadb4033d1b8aaa2cfb3fb89e4a6e89737fd6232218a9e0c099d1eb59d60b3cca089785642f327139bc4394fb6d547a9b3c22599e780c1da7433fb47615d372e3fffe9703e37d5c87d513165278650738efcc04d27b766cf7f60066edd292f6c8a2174f391ed164bb1816819ceb3e378e776d422bc946cd9501accebeac3a5b31d8abc68ae537cd44a04e6bc21c35a7beab2610c51e593676bf635a20f597f4631b91454d182f826071f5210bd6d93173589929b23801e63c2266fde13b5a04b8d48be057c752bc415a756ea9b4d34156c4f73dd5e5924ef101a5fcdaf37c7ba2c4a9de9b000000000000000000000000000000a73b862e4b63c245616b522345587d0ee65a6902bdd0abd941e8aba37510b222ae544f395edd1b92ad53fc68f08ea00edc5e10d768836169dd296d56b306e8b75778c37571792a6c3d8b02ef378ebd59422cdd008bef6f80a80a68641ea5ed4f1126bb676098c10bf663eb3fb8c839364d28fd046dc64b35f9c3397ce6f4ad357b0000000000090000000088c7a8e2638f650a6f04a6f33a090f59414d6ebcbc687e66d600000000bd0a58ea6d36fc2cf9b9a71c137a2a22adb1006f371d4faf47285fd66fe0389afb96854bb360edcdf11b4ff6dd578bba93e949d240cde9b5836cb46032484dc19c93db7b6e5afa10547c78e76a3111557346e52566df196fd630561bb908fff4d2e19562aabd43742a26a43799f8636fa04ceb40c9e4ca1cfbbc7b949cd245a3ee118fd0d4f639444539af8766028d4ac4d4c548e290199e0dacbb4f6796b39bf32934d941ba2f88e3ebd0cf8e24f99eca86e4ca9b2cd2b54044a7fc4631572a6378a32df288785f146275c1f548e2a0c1016744e05f9de5044373d7650125027547eefe7b2d8c8871bb65395fae99d8456883705bfdfb00001854b2e5efa8aaf25827d659f592b1575281ec125de7fb91cd81d91dcb19f5cdf1e1e2b4a8a1389753a09110538689e38e07fb2dc72bd4fd11d7bc16aac5d85c6101bb722895248e463a5fb45ce0e564e90cb19d5993b471687ae4165e29cf2f58082115f5f8569896eedfd798733223e6d6584997510c374912ab798bd4af4654c01bb2c411bc36468ddd62b4eba5cfc8953526e0e5b1359797956152d0098ce47c62c3fe5a23219389622b7f65bf03527d25c3941b9cf1ffeedf6d99082bb57ea871c12213cc40900f83033bc18c529171fae324c315bc6ce358831d0230412212acfd5fc8d5cb0d028cf568e8bb40e27befe2ff01f7c6674a4d86d900633ea36641e0a781ea0ea7f2d928b8b22e2f97dd13348927375baea6863bef4acf4299096ada5cdd2a0eaafaa760a79d102d1e0c0000000000000000007926653b8d79ce16a432f124786a0bc3c5b7d196822492ae1ccf91aeac16406ad6f9cd3d96d57fceba8360ae49f73351814c9c2972f11064aaf3739d9100f9c0e4d0cb17d50c82e305ba7d62cf1cc6da26e34982a8c74dd8122cf5b5e7c34fd2712a0cef05e4d8ec7dd363219676bd9b19943185b132eb35a695e208dfa5cecdb1d6425c8879063c0f11bd64291a4209ee6dc1d9e9010013f6148c603e6a335e298efd6ab5cccc47a2c568c6afec54f8251bd840752addf200371361c9eedf05ed98585cf6d99e9e56055064bda2d373369761238c278147cd0eb7799f6b9c9fcaa3fd282154994f5b25420c86db9b6401e885de1c615a719a1c83e8fbbb181282dbaf3313a4e4a4877e9f37607e2cd6da0cf6371ec06a75f5a4206b2418ad8897ae149085d63f01f22eca44033234b3930b4d5da756669a1d59d69e7de54abf439988ed7ec33c2d0a901bb0985a24878984d8a4340fa9a356d100926fb5f2ef9976366a61b8cc2bcb1c072b0e9c564852388e1edff10d75b3832792e471cc15b40380f94d834243080158603fbc9134d6983c540525447478984611c0d9666941bfc0a30db47a8828b6e5c51aee2094599b4ce52795750e1764f1657ca8c5633c71287239dddf5c651496f7bbd148c937f083d2e4e0197dbc6ff0649c749707b17399b1d7efad23abb8b40b38704737e15662ae4913a4a001cd3b71c7af75b5ffad9780650c800a40ca80ddc41987919142fd28dbf22db5f4c435415a03455e1d55d1783ccef97d7e4655cf839d06f06e137bbe462a03b3100231914b19739dd57b4f12d026ad0c7fd3"], &(0x7f00002bf000)='GPL\x00', 0x4, 0x436, &(0x7f0000000040)=""/183, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffffffffffc95}, 0x48) r3 = socket$kcm(0x29, 0x2, 0x0) sendmmsg$inet(r3, &(0x7f0000001500)=[{{0x0, 0x0, &(0x7f0000000b00)=[{&(0x7f00000002c0)="89", 0x34000}, {0x0}], 0x2, &(0x7f0000000e40)=ANY=[], 0xd0}}, {{0x0, 0x0, 0x0}}], 0x2, 0x0) 1.374433333s ago: executing program 0: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x4, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180200000000000000000000000000008500000053000000850000007d0010009500000000000000"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000040)={r1, 0x0, 0xe, 0x0, &(0x7f0000000280)="e0400000000d85ff9782762f88ca", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000780)='netlink_extack\x00', r0}, 0x10) ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, 0x0) symlinkat(&(0x7f0000000400)='./bus\x00', 0xffffffffffffffff, 0x0) r2 = socket(0x10, 0x3, 0x0) sendto$inet6(r2, &(0x7f0000000080)="7800000018002507b9409b14ffff00000202be04020506050e1304095c0009003f0020480a0000000d0085a168d0bf46d32345653600648d040012000a00050049935ade4a460c89b6ec0cff3959547f509058ba86c902000000004a3200040016000b000a0000000000e0ddf66ed538f2523250", 0x78, 0x0, 0x0, 0x15) r3 = socket$inet6(0xa, 0x80001, 0x0) setsockopt$inet6_MCAST_JOIN_GROUP(r3, 0x29, 0x2a, &(0x7f0000fca000)={0x100000001, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000040)='./file1\x00', 0x2808000, &(0x7f00000013c0)=ANY=[@ANYBLOB="696f636861727365743d63703836302c696f636861727365743d6d616372906d616e69616e2c73686f72746e616d653d6c6f7765722c73686f72746e616d653d77696e6e742c696f636861727365743d6d6163726f6d616e2c636f6465706167653d313235312c756e695f786c6174653d302c646f733178666c6f7070792c73686f72746e616d653d77696e39352c757466383d302c726f6469722c73686f72746e616d653d6d697865642c756e695f786c6174653d302c00"], 0x21, 0x2a6, &(0x7f00000007c0)="$eJzs3c2KI1UUAOBT3Ul3WoVk4UoEC3ThKkzPE0yQFgazUrLQjQ5OBiQVBhIIdCvGWbkXXPkOvoMP4MY3cOFScOcsxJJ0VXV+Jp02EDMSvm9Tp27dc3+qbncgUDefvTkcPH46fvLsq1+j0Uji6EE8iOdJtOIoKt8EAHBInud5/JEX7qpbi5OIyJvl2dEehgcA/Ae2+fwHAA7DRx9/8kGn2734ME0bEcNvJ70kimNxvfMkvogs+nEvmvFXRH6jiF972L2IWppWXwZMzqIXMfz05/K883vEdf55NKP1Yv77D7sX52kh3hlOJ71Zz7NjPV5JIjp5UjR0P5rxekRej7KRef79NfnRO4l33/6hHP/f/WhHM375PJ5GFo+vm5jnf32epu/l3//5ZTGDXkQynfROr+vN5cd7eygAAAAAAAAAAAAAAAAAAAAAABy8dnqjtbh/TrUbYLu9/vqt+wOVO/xMF/bXuZemad4oO+zVo8ivxRu1qL20iQMAAAAAAAAAAAAAAAAAAMD/yPjyavAoy/qjpeCnfLXk7qC2UFK91r9F+lIw+DFi+6x/E8RxObQseaGLpLq0g75ON9Up91aIquRsXadxdNs9rGVRDP677Qf21q4muDGImwkmcUflxvpFsrAyz8rGRuNk46JdDvI1t+741qyTHc395NXd3szZjOsrq6Wq05g9yYWS+rZdTGPjX8qKZOf/ewAAAAAAAAAAAAAAAAAAgGXjy6vqxd7fisPCT/I/eylDAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIC9G19eDR5lWX80D6K1WrIaTMvkTXWq4HQ0XtNta8/TBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4MD9EwAA//93C1dv") prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r4 = getpid() sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.stat\x00', 0x275a, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='pids.current\x00', 0x275a, 0x0) setsockopt$inet6_MCAST_MSFILTER(r3, 0x29, 0x30, &(0x7f0000000500)=ANY=[@ANYRESDEC, @ANYRESDEC=r0], 0x310) 408.826024ms ago: executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = dup(r2) ioctl$KVM_SET_MSRS(r3, 0xc008ae88, &(0x7f00000001c0)=ANY=[@ANYBLOB="01000000050000f58604"]) 354.079625ms ago: executing program 1: openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) read$FUSE(r0, &(0x7f000000c3c0)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_INIT(r0, &(0x7f0000000240)={0x50, 0x0, r1, {0x7, 0x1f, 0x0, 0x202}}, 0x50) syz_fuse_handle_req(r0, &(0x7f00000041c0)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea2105600000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000170000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) umount2(&(0x7f00000002c0)='./file0\x00', 0x3) fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000200)={0x2}) 303.676022ms ago: executing program 0: r0 = socket$inet_sctp(0x2, 0x1, 0x84) r1 = landlock_create_ruleset(&(0x7f0000000040)={0x10}, 0x10, 0x0) landlock_restrict_self(r1, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000680), 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000001c0)=0x5) preadv(r2, &(0x7f0000001880)=[{&(0x7f0000001a80)=""/102400, 0x19000}], 0x1, 0x0, 0x0) getsockname$packet(r2, 0x0, &(0x7f0000000280)) sendmsg$inet_sctp(r0, &(0x7f00000012c0)={&(0x7f0000000000)=@in={0x2, 0x0, @rand_addr=0x64010102}, 0x10, &(0x7f0000001200)=[{&(0x7f0000000040)="ea", 0x1}], 0x1, &(0x7f0000001240)=[@init={0x18, 0x84, 0x0, {0xfffc}}], 0x18}, 0x0) 0s ago: executing program 3: mkdir(&(0x7f0000000040)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000140), 0x42, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000002400007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10) mount$fuse(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, &(0x7f0000000000)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}}) read$FUSE(r0, &(0x7f00000021c0)={0x2020, 0x0, 0x0}, 0x2020) syz_fuse_handle_req(r0, &(0x7f0000004300)="f6c5cdd50b89338e6f0228b937225c21a87072407fe83d5fecd7bcca9b3fb6c714baa7d905bd76d4f38eba0ffafc067da9e5b2a863dbea1f11e32b455862ad205d1de267dbf9edb296fda48092e372fd3166c91d636b627f4ce223d2fff7db30abd245c174812a8ebfce720483d74f6658daaba3ea9e453d789d9d1d8b63c91f02b1282f122d5847241f305a5d791a7188c946ed5d5e5343c04968e62b064aeadeafd55ddb6a1b724a9adf29b15c4c55c9afd709d19cf29df117c69d1f855b647f2d6dc3ad9cc2e413cda65ca8d3fd777fdf88827428723d37b89a7330dddd234f39187db8e54905b8eb0dc851f51ff37b5deb69b64bbd27b72881267f94a88974a56b1d3178d49c209d6f4e974c00f25a87255c3804b1150f98d46437f5333b200651dfd1ae939125483cec1690ecb4d449ae4f2bdf88d50382440dbe1699017f21c0f1e0c85cd339a9f87046af063b54b923d4eaa04fc8dabb3bb3e3bc83f0657b5a3c4cdfce3c325abe45a39b794d13057e3a036ec20c4eb1c18a7501a8bf3899626fe01b2b9c18ab08eaa972ab9f8a786888162c7f77db751c1ab88db854ad8a99c7307a52571fd4d0a8ca5a6f4f5e46396bab29e4a5bb6f7c40404be7357b47028a1cd2b780abbba9e37d182866a9171ddea543a5684ff6445d4c3ba61b4300a1556e85518301862b398e43f61d461054469f693c42f995a000dc9b950b277bbc5a9bec872462a0938ef0e0ba4f4d2bff4d81804996a9f97893c02b2deff1abf1a6cb7987f446132f55a10aaf537d93422ed22fa659ceda5939cf18398f8632a257abbf68d4854e452ceb5acc02c7b65d67b582e159fb5039ecfe636dfd00218f2e5d1e2ebeca027472d63fdd2b61d7bbd9258a3fbb14ee2559845a638e07bbde84f87a42b59a09c1bc877b7e51a4ea42c64bcb3b3c8043f1604c569308bd6ddf438204df167580f5aefe2a8beabb77a8fd3392f99e3a43a7cfa0a68b1b21a307aeecd5b7a3742d74ff1790b13f1026ebec296210301d48d9354646382a18d247300bfd8aca878051a2d667ad2ee489edfeb3c1c912cc6a6c573fd92dd4cd1b6d2fb1bbdc86ddd8bf515c28f15ebafe858df78e8a783b293db3144c44397cbaeeadea44655c6350562166bda3accf7a2e65cf3eb7beace08760337e2dff8c9611fb131b345f44dba2aa2eee0bb4ec719c59a269e71ffc0775c5c193e341a833d38edf8a1f01f66b9fd039ff55c884257ec7330f333e579e66ac67097bfe31b2b78d88b81b640351da3bea710e38d8b50b0a63814f4638df1680d2217dfe7364dc228ea79f74e678b338105391e8c1e041cae3d2ccb9d1b034d96b811bf06515b3f4dd02cf2cf9f9884a6a1af39f219fde0b1caee2065536b8e900bf4fe9d87396cb0854ff28db253382a8f1e6c2a2805b5d5c8b756640a49a092f8fbc5ab87e511d790519e9e79c1336b2af288b1b07871858966197f65919009c435e6ca5bc89a15fae0e3534e50cbacb3cb2ee519a9894f08facb453a7ada35c0cd8e6ac71cf9ceb21c1b944d81a16a3299c730fe1ddb164505e2df5e4dc7f46c3fa3230a9cc3845298d4abf909565a67be3316ca881540f2920c8fb6ffe5ffc66ef477476cc4941ba03795287f408b6175df89274e189bc2e12e93f5d8aaa532400946a7a0cb6cacb55d4947d0c02da9e2345b4d0cc92a570019ac51f64b29b7e509109500f9fe8129196bc46230a1848ad7dc721efd97f1cbee41a1e520da4cda9fa5a0024d7865e637d0f17f240647f11f4d41a39e29643917f6ccd8680d83cfaa33081c3dd613ba2ebe736539834ba7977d2617b85b073a4532c8e6cb3dc3ecb492f23b573ee103ad6c56a5930904e836e9390a8b20470de2c7e0d1b52000366cbc198caa4917b593334a449840a093bbd709a6f835eb4338e23b12f59efd0fe6a8f7d108e6c40d63b06b43639a73822b431b636c3c6cfa2c973fd43aab1ebb560eb5b556b98758583195190651d9f12bec2a2db9c87f879af59d9e72786e416ea8fa36ff4a4f08d56c5e208b9995fd9ed0607d3af20b1eb51dc0943cd96bee0cc78875fac1dc471f80664ef9eb1f146d5b6871842ae1c51e83523f28a149346df307eae77929a81c235f5593d7eb30581b0650a8759d5a59b5c2697c461e17d8458b13dc88935b878f71f0597d46924bc84714ca7af2df5749b1b0fbe1950aade8d85555887809f9d4cb5d8d6cdd0ddede90e2fd122d1168f0c7e535aefe0385ce12a5cb1060498ba51b28fc344e6c6094b1cf6263007e299d7ceae7814c664f43bc2b8e989779e1a2a36e7e209175c197117966925ced8cd941fb4d37d05a5c771ba579671d505d6af7fb70fe764d906fa84f046fb4429d82bc7f4ed72f686bf2f923ec7bd48b1be8773ef8a51235825cb6c54d444021e823ba2614e7d93920a96d23f19d9adfcabe1716fea4979ef4d74fadc6fd53e8d6c6704c4eb04a039ba4c83d15afdb195a36f292ba9a2728cd85311076aa6a484c01fbf9fad617f4870fcbd1cd453aeaa391968287263852732552443e3388bd07d975cd2a11624fa2d0d931034b940c4b2babe262706c6cd72007c5fd5744564babc9fc37da476cb38ed0de6b530864e26a6febeb8d901d40c771a0cf2f498830487d83368ff3f8af68a0ffa5762d3f2c9cf2a66e2338d3e3655b647685c2dcacba997eac420d5618c3d268b85795fa49e37ee504521017439581a6c5c064f0184e4cad2b8134e2f9b9ec42981c155775d7d744bfff7adb3f7599f159c7cf1d7d56fb7cddf5b4f8ee8a3dcfbc1151b3d253771db09879f48c3c0cc9506e97c776fa8251c21d5fed9dba8ca6674e45ac2a6bef86ae18b175ffb5d281f58527661ef7d5651b28db85c1b7cc305ab5b34fb49a32778390d3b6d4e78d06d3d863eff86435d36be3043529fb9b4d061a7a983d6e287fa83925dfab1b526d6bf510a29f9d6ad493bbb4da5fdf0aef4f16ff50799b016dc4230aaf87b9ef8953f8ad522ab4c3ec3209a57852cbdb5e39628ad107b248d6f07d123fb0e68d7b7aa8558478de5dee88032de6ccbbcab0ecfe8fccb1681816db894fdc24a9b6cf8ad5690efb01c8b4840255a5d5563b4cb73609f0a5337738e179fd9577bb795eb5a89a4ee4e2b2bed5fc65ba1efb911889e131a0b010c5699d7f6b869ffff3945208feee8d245eb45590f2c67b97d186307dbee5327ef60340386ae04d45f981061b80d33ed6db2e5dcd711d68f8d9befdca10334e9636de1a2d6e6de2888d0984aae79b636eb0576f6cc9f450320b7e946eb82e9e1f8b3477f382090c79a9524a69f3416eadba673ff24cb1846358680d370e6ae98230256ebad4826f90ef8189b95f3b6275950c33ec2781bf438bbcce8ee350f3c1475b026a6c189db5101981b21f82ba8d8f62e852ccc5109a2780c70eb4a0b014c0c06ef46ff506c481b8082154db687b644ff122e5f35af5882212834a5b696afda432241f966d5706fa7c00be4a4912b6adb8e5629d0e18bb2ed4e2d7b6dbe79920d21ed0491f7a5017ae5ccdee5b498f61bb9ad5845a6268abebf80338c20c09530675a8366bfd4ea746957dd7337f1c1184751b649a399891ad2b6306bb062b9b2dc8a8b09302ea3386ccd78d9a3a0314c3df264ce81048391ae66ec9eeda8c70efe95146205d0b6bed2c362f2920615d41c7d12fc3991000a080061dad4e34587ff1684c6756f55dfd249d2d62bef74b5e4a40a63a2bc14a473cf913d5a4fd289d1792fc693c4a5f85326eebc52994a34e16af861438f22633fc5a4ce0d30d37ac0e2277e072f78375d7b1443e1af9647c23decfc411a3d0def781ce6679d92872fbc27dbd4a7edc2acfe565103d472fbde7ac626248a5305cf6e1c5fc81e9b71adb2523839b9425c72a67409539d611240ff5ad04ea2b3d063e197f5663606aeb0b76fa2e1121e3815506fe4a9ac09d555c1b8d8c9749f5dd5096130aaab80d9b721a831013885e3a376a57f97db4f1878372c7ac241b7424b86d97ae5fa3a0943f55c64cdbb4aa3209c4fbee3d9ed201e2bfccee01d33bd99c01689e1f23b185acb82e75cd2a161c316334f4887c8225f11ec1354105e3180d67ebb3a98d1178cca8332eb73555f53ed86c7285fc6c85570be32e74baeece3d610cfb505e1ca6c02fabffbd9b4c80274db8faab4a4d29f8bfa6db38daf4ca8442aad66e40581f40a63e50b3a33d9a3e32f4440b761d149a8d71c138f74d5b0e10d9266788499a19f03a17726226e27c899c538bf4c219d7a035bdab2c5b347bcb176555fa451594050c6196a2236e5b0981eabab3519dd10ed1ffb6334476cbb06059384f02c164f278d49391c6069b9adf25c14870e2fe1f28abdb325d3101fe464f829e971067dc9231fc3bc9d0e2a6c8e13db15f4b69b3b028a587a092453296f7f790a547ba191bca2ca929d1477344d7ba30b826a10152580e5ed7418f481e4b10139a4acea1a1c42f748cafff8b0215c6be50e0af09905366f0403c53f8c746ff06ec45d69d3c4039d0980af45c8a2d6cadafe477ffe3451fce3bdc9644faf73ef3ca3e823526fdc086d82967b1a569cdb99ea26fe6d06a21fdfa7a8342089931240324b786f6be1b987c8fc9e9e602cb0ad66039a0147319a896134cc97a7f50b3a0c04c4f80b8a53ea222f5c009325eca6668e453d92e1577712af0297ffbc3e3365d504ebc1c7e825e045c30c0ad9067fcea6dd754c179c3febce85187611f78634c081192b430010987a852837015a3c2a70604e18c5d394207fa61fd3c51a8ac5ab263d1c15a9918f599338d21b894e6016337a5a31422867a775a7def8fb7cc3a41342175e05c891ebbd7318bf011ab2dcd865dc5efa3a9451d973951c96752803665567c08013259f14fd704d5d108cef5a38b4e2375aa241c5cfa99511e334cac9665a06f25da7d3fdb497363b119bb4d536a6803b3aed59143655ef6df225b5a9305979f77e32942ffb48e859da96a309ab57b68fa56a9e0d6e53650e7b1968fe5afc21e5638cd50f5c415c9addd998fe32ac983a9f9266590967782b6d9b70f22a48cc14301af5de46d7b71d0f7c0ead21ff503cbed5c2535672835ea0216eaa7fed72390b66b4684b51365d1923aec4dcf4dd08b357552cfb7e96a5ab956ac1276882e80a79d018c5ca7ffb3367d59846387f4af1fd4b6098cb560bb565af3ec0c3934da29120546804f3800aaba4969e00cb83d9d9b0cf216c42a8722030a6fc85a01b9748bebe688671318a2cc33f69e0bf3a8a3779c8847de958b28b2e8017da7f74d56f1a75134a4da0944e45dfefe63ff367759b55e1659870e0be86cef2789ec9063ae6093693c1d47cfc164eae67c97efa447120a36b39561d380077ceaff4bf0f55b066af441e400cc3996633abf905a32cf025becf31983dc6fceb6e0fb506bd350d81afa6421115939adef8cd68abbbd94f1567d9e9f7505af57e1802b8d704bb7460b3822330c4a4bb6ff2b187fb9a3f324b0f415c706a1de8a7cf6747c72be3b356c0206a3c0c39daa85309bff9faba7b68178108b261086cc15a0e21a52a37c1576a72d2d5da5c43248ad760d239711739cb79fc79b4ca2dbec2e100db1c535ed90623c67ed2e3817ebec259343b17efdd912ea0fbf73653015b7f8a51cae3cab19ba00638b8c8bfa8db481ca7dc7ce5c2540c46c963386188f74dec088552330e6ea067b222bd97ecab5073d95d5814599f522a36fc80636bb66ee8dca399586f90f1c849e30d92382bb0e64f62511a7f1044560175d68dffc03a9e56ac7629a4bcf50a4334f29b3391ef4bf0f3174a44d69e143437cb3dcb3871c4e7de50084b5e5033c48df364a1d5cf925d42a3c8e2b419909e4a2ca2156c1397eb87704e8f8d6cdb3a4a031c1b5468a1e75a923cbdbd384cd8d87c2c05f11f1df014ef98c13fcf9f182f6fb68dc0aa4adf7bec8a17caedd172f64806c311fc106b39edd9628a01d7159d638e09b39feab432718059589dc971143da4a8e640aa63ae0c2fb4a71129d362cdcf993adbc97b4f1543637cf1acbc9e67067f6c6f95be39fdd14dc6478c507507ceff88c2d1c5e13522547ab149dad2526393714c6c0a221c167ddf1084b563c0bfcc4c75a972131c62ddec7a497bd5118eaa12ab25bbbf7cc62eca5de5ea50bab67ce6ff2e05cc47cc0b0a5465eb01bbc08dac30b8522bd92180d8987390314e19eb3201f0be2b4f71abb697a751fd8d6a3251ca8ea1b2f20a7827d2599d62e392d6c065183a1778950d5ebe04180047ee8a2a096e5f1d6813ec63ff4a626c725b24d259cbd9ca6305009b29c6ef7225eecf9078824f9aef4d3e9aee1e9616b2b7f87499f8abab6c38e9a3e7714132850b5e71fa671697e6c8407ac3dad5abeee5f7b2a63aa51d29744736b0c38adccf8e29a85b81f3b3106daed64fc78618e18c9056cc41ce2f50379cc6c2c1411ba2c690e1899dee193f0f2877412f1cbd54d12255ca81a72211f9a8ab7f0b7bebb6c11b4bd6c77455decdfd7df2b2014395ba69f22e520138a43e1b3a11264822b143adcad307b35800563bab720687a898a76cde1f0a15aa3f32c0d302ce6f1094bacf5a1add935884be029c7fe18a5e90c696e3371af0f3cd721abd7dd4ce74efe353105ebcc4b1411d52026901380a9c7a807a76fa617667adea8b7734822da93d93969641a92ad2af6350ceee54e3d7c7c39e22d6c5f363d201572b8d68c2b9c7230b0b85801cfafbc5557f21bc444ea05fc612e2c2a8d4a38578c69bb252d8f4d617d0974f95b6ebb416d5c8f3fa925d4ed4f23bfce03e28389ca8c1bece1fa49e8d66387bbb09b3c29d9ed75ea5a9ac7930cb3ed05f999867c640b3435962fdb763002e2fb451c5a1b9d4536e49ba50fcf61451168a994249ef29af51694a1426d987ed8cfe09f10462c7629c4ff1b1cc709b99e9e87a54d1ecf54cd9da0c2c19b84b2a2c32c0bd12d158b73230cf610645048cf1afbb62aa7ce6fab79bec3ad84108f3d96cb9fb3d78a26724892a6bca533e64880c7d4c28a6685502f4cb2a27b132c8253b97e88583fe0766d04795709486556df99b7e65fbf71febe24e0a188e2dc489b8fddbf9d4b1c9ef4b558f888824469df9b2085a845998220332d9cb693472ff2abcc10784c2280825adfcc630e3a961b39ab786deddc53b18e862edc75742d6eb2d7cc227ba3ed770851718388612e4e7f4f257a90fdf09e3b0081d7498e2d5b628d9132aa0165f323f59af5e9ea54c582999fb527d5f2f3dd7e4f85877080526f8481899b6afc732f5da6af31b561ddc36a6b8c723087d3f168292550d89b228f7a3cc131c110a2dab2f81e339f24d3d2b696892dcd4a3e8f2eaaddc0d78e2d07cb9df9d2fe73e4c55562c0794092c7dabd4364f9fea89d6cdd8369d5bf1bc8863b8f89aacf0fd9b9b380947bb4872656e58bc87526e18fa8b17ef8a7219adf1b79d1be5dd827e7ba8e4ed50a81eb7562b179876a8803dde2ea99fe744e8f7df17040ac38592a3be7eb353416496e867d8a74c7eb94556b16241935d718dd43462fe0855cc31a812e0ac01109d1d3539bd2fd4eeb422009138a92324bd072edee2ba47d6cacc24588410ce30565a8aaa5aad52d9c55368372715717ff5ed3a0243ddafd11a7059c29a26b9ea9374e8434f31e4c15a747ee6d69368d12b96122690f843569e82ad27eb8fb25e94dde94cc15e690dc65f6a6c2a6393821168a79e03cd223ce54a1d5e38eee1c12e23027b12c6a8094c805088617c2fb4f52008366faf37fdb13b3a7a879949d13644da36dd35a4ede785ca0ac7b4f15472e77a33228129143f849ee75c915df31764c96954621a01e0941d6bb58125f544818b7152698f3addcd0a684af8fcdd4bcdf5752b3faa731988866ee8a664850989d280505d2a4b861f159d47d2d61ab3de866fb2c8f90075b713f61cf83a2ed426d53214b70385b7a46e5620c032486a5a00e0e73d3ea16eeccf5731507903a25685466b61311502ce781634ee46542957a0d5bacabb8d965689422588ee102d6a6016bf11589fff32e503feefccefe4107d0619e7a15336a8655e2f09034b4069941126d48909232592aac6d9c231285dc1d038ff1fa09c1588f543304659ca334afbc42b5f5fb813b34663cc6f4b0a12fc3edc28765b062e7a50fd19ef575be96cd1d9aa48c1fef1b2763949982a47bf25a69c8b1306e8e36c91d2096e6a6cf934452233ff49e91ee173c1e288b9ff70ff364689b82e2467a3d741809657ce0856582d24da5663162422a6f1ed1fce7cef40d90ce57cb99e19a0b4365d483361d03d0cceadd682f333bcdb0a49e24d8c7d004aad2dac06f4839cffc0a77730623917e5f101c33411ab4e0a8491de9a8bbd5dedb8dfeb5a5880da57c74bb8e1fd8b02d3c22087be3f686aee26988b2d62a41d4593ff0dc100c31dad221489f612ef60c160bd6c1f5a00ea6efd3a5aa5ca14efbf78ae4e5d8c5db9c03758b81e636005ade8d03a11f5d8231cfc1bdacdb276992ca8ecbad337fa89dacc9e9be11d398d37207e15ddb45566e0af78833545352d3043b70e20695ddddaccccaa93ee5e2874bfc7f9510541a57fb3cb9c8d6e75460cca3c4cca39a642eff1967dda07a66fe67d87696a5fe22a718a52cd9ba83e348ed211c1dc2e21ebd797455f0648af12c10321240058857632112a75adfdca249f26cf8d6ba05ee83d00ff8d64d8fed069dae70b79105ccd95fc9df34426d765578f651a4cba8094f46e0a9b676c0c0ebb1803660a70f5c7ad2de1ff96676c3ecacdc2953fd235856228556db20395b8d54819b7b12f56e4dddf6a7fe4f7f3d69dff022c59efb2313ae801dcb02b117f50f18eb11dd5a291a7068c820fbe381bd0697566909a38fdab0a0c48442dc935ab8447ebecb93af879a6bb82ab5f245274d873b5be4312856fe4fab8edc9575c02ba4cdb34b31323b69cfef40755bf96279460640ed9fb84d5c60d95cfd76a39726c29f5607d80090e5e3da18fd74682975dd98d98e4afdf4460e1aeb7087a18ded69310b28fa45b356fc28d1f2bef4c9dd50909076de9587fa07b966ee143ec589f70b8ac4d1320cac5bafefe640e445922090c721ce79e4e2c546cfb9b7f058932e6c83170dd2785e28ed81757ade61aa094bd042411aafe0b75156067a5790c78a44589728f1190ac0ba2f93004e06602f51fab34cc56a485569be11e0fd8c89ec3363e053dbdb6cbc69b686e89ff3730dce9099daff958f3be6e7f9ac00bddf0f133a6f904262443963aabe84b0ec9ab9209ebb0d6e81b8d30b2959bbfe5b332459310be2d8183a93ea08301b816d5b009a967916dd45b0f541c57685a6c7ef8cf715ae7fd1780f0a0da48467196e25e26fd2d5a075ad5acfa1ebec9647da21672b642ee4a908fbce416f4ed36ab5b96e5b47a0f6c7f280119567b7d54640c65ce5a0f4912690c4a3d0805e4284fb695eb3af2528f031261439506a4d3f4c2e18b736c55475828a0faf0153acf0dd89bf3c2f6525cb4bfcb419421c7696ee93bc595158a9a43bb288022122a8c45a0db060fe5e85bcc128f396f7af7006eba4e0d6e2f0802625342799bc1b98366682db90ff1be99322bc0672e07757c44173b96e659ff645d263af255d6ecd88bd9a0863006db7f674e79b0493d41a12057e36243394294b4c7850d14a988715de4b55e9f83c2f0676a8486efcc948109076361267f092315dae79164da8f832ad6f35f600b92e4a8228d39e507117c1c1b2a4a12b667538000912ea67de21bd85616cb30f95573ba748a75d2e04b493865a8711a688e33221b26f621ab3a137cf86cc9dd340bcee72f19e00de06f1e9abbe08b4cb8725c9e624f02d36c4c276a529b6e23581c348bb90a4fb1f89053aee36caca5529bad9124825860c011140744f245cd02ffe219e436bfef045517e4e41094b25cf9082692cd8e37d3893c5a90c35b808a17a6508fa7ae743740be0d984ef5ea80cee51e14b9997f86b45b97e5acf89a0a6aa962689c4f53bc7b65e5037de60fa395ed1013591caa79412108224c020d77069939391e20ee32b86139fca7eb9ca5c07fa733311fef5d5594b83ae34c6bc32f037b09995511ff9b9b611bc727055a10b808ebb8c8e5ce532046c7ad3336c38d506e0e3043c4413dc8ce0a9caadbef27d6f663b22bf8d399621ee86e52d9abd5628e3270424d8a06a79174c7de23c431224fd8d0f42853510600f9e2deb8a7bfcd324a5c6ec19cd0c9ca81c552b111a2acc4479e20439e2e3caf44c92026b5be1ad6933ed8d4de1575216c134d55171568ee64213fc4d32ca5cd7ad04b8705ecfd1b88d56294dca67efe3b1b37c7d5d170cef18997c4af074e97a98c11ec3cdc83a4ea564ebb47f02344d3ab410e25a4ad658be9bf627d49c106c1098dccf7ff62ff9f4dc997a279afdc5630ba32167a68ed7bb3bae2a8b61fca67b5b7dc5b3ef3ab679b602764da9aabf3d0caa56b278c2ab6fbee2cfdd7277402a1f82de1d97807829c0105277073772929f16d79584118f31b45ec4db29aad83693b2d9de08f417beaa2f78d55a36a824a94d1e3cfeb3d75c3d41ddd0e317e85d327e9b5a9da44dc12b6fc3acf6d222a44f59520fa3fcdc37903eca4b7a91fe14cf54b06855d204ebd71018fe767a158b5e389b5e8e136fc8960840ef1916d8e36f08260e5fc9808442e2034f2c761ae051d03fa618a5f6b8ba8cee00411d09aaa3f8fe30a5d29d9403a905403b5310355326387ea6ea72643b70fcc5bf767371878440d07be919c4ad8c4b8952ea61655bbeac50025f4cc2e859c20dfd440a0b1b14549bccaf7952a27f12266c3b7185d9f37ab405d0765011ae6dbc0717f58ec6bd4101589f5c6054faba863bd2af1e8b19cc2cee98c619e477a47497896c42c37697313917b37140a77a5afec97556f06e0ee1d87c3739bd9ff4c210ddd4eceb65701e64bf4d6cbd5d4b9786f4d45acd881fa6eb1c6fda5f8844f5a1635d05e7bb82270694efe063d44296d86b4bb8b28e573dd7cc0d379b5449af1064f10ab8e8f5f177713a63fd7ea8bb68305356c59b5b48334d568fc6d81713bf2c1438dbec4c2c793d5bcd94c459eaace9295ec5b51328fcea5c8f984d8bf90b2f9fb247ce722a1c001e6ff179524417d647b856d905976f623b2db0facf05d62a87662ddc0d6c31cadca2ec262439fdd0f5cd7788617b98bbb802ceed7f971fe6d432a49dc132fe5475db3bc61d6ff04442a9afa9078be7a15de8668cdf469697e337eb4a99b24cd89da2a36eaf4f725cfc77f5e4de3dc010c2ef1f6b22dc479544c0c4c611fe1c8ef5ed3c23ddae7cd01ae1874217f8d1001f0c5f8d2ace0ec72ef3ed9b95b72753462feaa1ff5c2d23f5ec1ccf41064895d6944f38bf7c41a091df7b8c5c5021ff7ab7571439a3d5c889aa57c715e4a55ecd77b5cb4f8bc3408d95d560f5e8ec711e81ef8a751df5d1d053822debf0295574ebfc5f1fc47caafdf8b3862d68fb01d6239fa13c026320aafdead31d003d8bd8b46842687b6", 0x2000, &(0x7f00000011c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)={0x90, 0x0, 0x0, {0x3, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}}}, 0x0, 0x0, 0x0, 0x0}) write$FUSE_INIT(r0, &(0x7f0000000e00)={0x50, 0x0, r3}, 0x50) unlink(&(0x7f0000000100)='./file0/file0\x00') kernel console output (not intermixed with test programs): ersion 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=xxhash,compression=zstd,nojournal_transaction_names [ 164.279732][ T6259] bcachefs (loop0): recovering from clean shutdown, journal seq 10 [ 164.319187][ T6259] bcachefs (loop0): alloc_read... done [ 164.324845][ T6259] bcachefs (loop0): stripes_read... done [ 164.330759][ T6259] bcachefs (loop0): snapshots_read... done [ 164.339154][ T6259] bcachefs (loop0): journal_replay... done [ 164.345046][ T6259] bcachefs (loop0): resume_logged_ops... done [ 164.352686][ T6259] bcachefs (loop0): going read-write [ 164.360067][ T5148] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 164.384038][ T6259] bcachefs (loop0): done starting filesystem [ 164.385057][ T5148] usb 5-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 18 [ 164.407341][ T6283] bond0: (slave bond_slave_0): Releasing backup interface [ 164.431250][ T5148] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 164.450851][ T5148] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 164.477368][ T5148] usb 5-1: SerialNumber: syz [ 164.492511][ T5148] cdc_ether 5-1:1.0: probe with driver cdc_ether failed with error -22 [ 164.521707][ T6257] syz-executor.0 (6257) used greatest stack depth: 14200 bytes left [ 164.556072][ T6049] bcachefs (loop0): shutting down [ 164.562538][ T6049] bcachefs (loop0): going read-only [ 164.572655][ T6049] bcachefs (loop0): finished waiting for writes to stop [ 164.600853][ T6049] bcachefs (loop0): flushing journal and stopping allocators, journal seq 12 [ 164.636429][ T6049] bcachefs (loop0): flushing journal and stopping allocators complete, journal seq 14 [ 164.657808][ T6049] bcachefs (loop0): shutdown complete, journal seq 15 [ 164.665676][ T6049] bcachefs (loop0): marking filesystem clean [ 164.815933][ T6293] loop4: detected capacity change from 0 to 1764 [ 164.843458][ T6049] bcachefs (loop0): shutdown complete [ 164.850586][ T6293] iso9660: Bad value for 'gid' [ 165.370333][ T930] usb 5-1: USB disconnect, device number 5 [ 165.572508][ T6304] netlink: 'syz-executor.3': attribute type 1 has an invalid length. [ 165.598062][ T6304] nbd: couldn't find device at index 20 [ 165.636073][ T6304] loop3: detected capacity change from 0 to 1024 [ 166.264666][ T6311] loop1: detected capacity change from 0 to 32768 [ 166.439682][ T5201] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 166.767267][ T5201] usb 1-1: Using ep0 maxpacket: 16 [ 166.781311][ T5201] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 166.837363][ T5201] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 166.889611][ T5201] usb 1-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0 [ 166.940352][ T5201] usb 1-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 22 [ 167.015731][ T6315] loop4: detected capacity change from 0 to 2048 [ 167.025213][ T5201] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 167.062966][ T5201] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 167.088352][ T6315] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 167.112803][ T5201] usb 1-1: SerialNumber: syz [ 167.144541][ T5201] cdc_acm 1-1:1.0: Control and data interfaces are not separated! [ 167.178552][ T5201] cdc_acm 1-1:1.0: probe with driver cdc_acm failed with error -12 [ 167.189499][ T6315] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.4'. [ 168.904999][ T6326] loop2: detected capacity change from 0 to 32768 [ 169.745076][ T783] usb 1-1: USB disconnect, device number 4 [ 170.055997][ T6312] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 170.247378][ T6312] usb 5-1: Using ep0 maxpacket: 16 [ 170.267535][ T6312] usb 5-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 170.295988][ T6312] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0xD7 has an invalid bInterval 152, changing to 11 [ 170.454310][ T6312] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0xD7 has invalid maxpacket 8285, setting to 1024 [ 170.502722][ T6312] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1 [ 171.718663][ T6347] netlink: 68 bytes leftover after parsing attributes in process `syz-executor.4'. [ 171.818412][ T6312] usb 5-1: string descriptor 0 read error: -71 [ 171.824735][ T6312] usb 5-1: New USB device found, idVendor=05ac, idProduct=9226, bcdDevice=b2.89 [ 171.833911][ T6312] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 171.848091][ T6312] usb 5-1: config 0 descriptor?? [ 171.854790][ T6312] usb 5-1: can't set config #0, error -71 [ 171.868966][ T6312] usb 5-1: USB disconnect, device number 6 [ 171.892469][ T6349] loop1: detected capacity change from 0 to 1764 [ 171.911518][ T6349] iso9660: Unknown parameter 'Rőʰ˿ 45[eWmw@TFAnT% %+gP;*D$^t?FÕ2Wk|' [ 172.376300][ T6358] loop0: detected capacity change from 0 to 32768 [ 172.967573][ T6360] capability: warning: `syz-executor.2' uses 32-bit capabilities (legacy support in use) [ 173.300550][ T783] usb 3-1: new high-speed USB device number 8 using dummy_hcd [ 173.492199][ T6364] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'. [ 173.515694][ T783] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 173.526287][ T6365] loop1: detected capacity change from 0 to 512 [ 173.558367][ T783] usb 3-1: New USB device found, idVendor=07fd, idProduct=0001, bcdDevice=48.99 [ 173.574038][ T783] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 173.585129][ T6368] netlink: 'syz-executor.0': attribute type 1 has an invalid length. [ 173.606708][ T783] usb 3-1: Product: syz [ 173.609450][ T6368] nbd: couldn't find device at index 20 [ 173.626822][ T783] usb 3-1: Manufacturer: syz [ 173.635003][ T6365] EXT4-fs warning (device loop1): dx_probe:877: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 173.637461][ T783] usb 3-1: SerialNumber: syz [ 173.656050][ T6368] loop0: detected capacity change from 0 to 1024 [ 173.678328][ T6365] EXT4-fs warning (device loop1): dx_probe:880: Enable large directory feature to access it [ 173.718351][ T783] usb 3-1: config 0 descriptor?? [ 173.817334][ T6365] EXT4-fs warning (device loop1): dx_probe:965: inode #2: comm syz-executor.1: Corrupt directory, running e2fsck is recommended [ 174.061769][ T6365] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -2 [ 174.119005][ T6365] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2234: inode #15: comm syz-executor.1: corrupted in-inode xattr: invalid ea_ino [ 174.123972][ T783] snd-usb-audio 3-1:0.0: probe with driver snd-usb-audio failed with error -2 [ 174.177610][ T783] usb 3-1: USB disconnect, device number 8 [ 174.209350][ T6365] EXT4-fs (loop1): Remounting filesystem read-only [ 174.242471][ T6365] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 174.338051][ T6368] loop0: detected capacity change from 0 to 32768 [ 174.469320][ T6368] bcachefs (loop0): mounting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=xxhash,compression=zstd,nojournal_transaction_names [ 174.497196][ T930] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 174.505409][ T6368] bcachefs (loop0): recovering from clean shutdown, journal seq 10 [ 174.545231][ T6368] bcachefs (loop0): alloc_read... done [ 174.563713][ T6368] bcachefs (loop0): stripes_read... done [ 174.577344][ T6368] bcachefs (loop0): snapshots_read... done [ 174.591365][ T6368] bcachefs (loop0): journal_replay... done [ 174.617625][ T6368] bcachefs (loop0): resume_logged_ops... done [ 174.637948][ T6368] bcachefs (loop0): going read-write [ 174.652479][ T6368] bcachefs (loop0): done starting filesystem [ 174.687172][ T930] usb 4-1: Using ep0 maxpacket: 16 [ 174.699069][ T930] usb 4-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 174.730408][ T930] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0xD7 has an invalid bInterval 152, changing to 11 [ 174.760656][ T930] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0xD7 has invalid maxpacket 8285, setting to 1024 [ 174.782180][ T930] usb 4-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1 [ 174.818161][ T930] usb 4-1: New USB device found, idVendor=05ac, idProduct=9226, bcdDevice=b2.89 [ 174.855680][ T930] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 174.874035][ T930] usb 4-1: Product: syz [ 174.887158][ T930] usb 4-1: Manufacturer: syz [ 174.891798][ T930] usb 4-1: SerialNumber: syz [ 174.916396][ T930] usb 4-1: config 0 descriptor?? [ 176.944418][ T930] appledisplay 4-1:0.0: Error while getting initial brightness: -71 [ 176.958555][ T930] appledisplay 4-1:0.0: probe with driver appledisplay failed with error -71 [ 176.990051][ T930] usb 4-1: USB disconnect, device number 5 [ 177.037541][ T6049] bcachefs (loop0): shutting down [ 177.050062][ T6049] bcachefs (loop0): going read-only [ 177.066874][ T6049] bcachefs (loop0): finished waiting for writes to stop [ 177.204066][ T6049] bcachefs (loop0): flushing journal and stopping allocators, journal seq 10 [ 177.220285][ T6049] bcachefs (loop0): flushing journal and stopping allocators complete, journal seq 10 [ 178.380764][ T6410] loop4: detected capacity change from 0 to 32768 [ 178.423825][ T6049] bcachefs (loop0): shutdown complete, journal seq 11 [ 178.710724][ T6049] bcachefs (loop0): marking filesystem clean [ 178.862134][ T6049] bcachefs (loop0): shutdown complete [ 179.397393][ T6406] loop2: detected capacity change from 0 to 32768 [ 179.431933][ T6406] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz-executor.2 (6406) [ 179.675115][ T5103] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 179.696634][ T6406] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 179.715925][ T6406] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm [ 179.725288][ T6406] BTRFS info (device loop2): using free-space-tree [ 180.027404][ T6406] loop2: detected capacity change from 32768 to 0 [ 180.143240][ T6406] syz-executor.2: attempt to access beyond end of device [ 180.143240][ T6406] loop2: rw=34817, sector=10448, nr_sectors = 8 limit=0 [ 180.217561][ T6406] BTRFS error (device loop2): bdev /dev/loop2 errs: wr 1, rd 0, flush 0, corrupt 0, gen 0 [ 180.265650][ T6406] BTRFS warning (device loop2): direct IO failed ino 260 op 0x8801 offset 0x0 len 4096 err no 10 [ 180.286526][ T6442] loop4: detected capacity change from 0 to 64 [ 180.311677][ T6442] hfs: inconsistency in B*Tree (1024,2,0,3,0) [ 180.325066][ T6442] hfs: get root inode failed [ 180.739790][ T5923] kworker/u8:25: attempt to access beyond end of device [ 180.739790][ T5923] loop2: rw=67112961, sector=2064, nr_sectors = 8 limit=0 [ 180.803184][ T5923] BTRFS error (device loop2): bdev /dev/loop2 errs: wr 2, rd 0, flush 0, corrupt 0, gen 0 [ 180.838406][ T5923] kworker/u8:25: attempt to access beyond end of device [ 180.838406][ T5923] loop2: rw=67112961, sector=13008, nr_sectors = 8 limit=0 [ 180.868834][ T5923] BTRFS error (device loop2): bdev /dev/loop2 errs: wr 3, rd 0, flush 0, corrupt 0, gen 0 [ 180.897231][ T5923] kworker/u8:25: attempt to access beyond end of device [ 180.897231][ T5923] loop2: rw=67112961, sector=13016, nr_sectors = 8 limit=0 [ 180.928395][ T6455] tipc: Failed to remove unknown binding: 66,1,1/0:2104398259/2104398261 [ 180.940059][ T5923] BTRFS error (device loop2): bdev /dev/loop2 errs: wr 4, rd 0, flush 0, corrupt 0, gen 0 [ 180.954746][ T5923] kworker/u8:25: attempt to access beyond end of device [ 180.954746][ T5923] loop2: rw=67112961, sector=13024, nr_sectors = 8 limit=0 [ 180.955848][ T6455] tipc: Failed to remove unknown binding: 66,1,1/0:2104398259/2104398261 [ 180.975722][ T5923] BTRFS error (device loop2): bdev /dev/loop2 errs: wr 5, rd 0, flush 0, corrupt 0, gen 0 [ 180.996725][ T5923] kworker/u8:25: attempt to access beyond end of device [ 180.996725][ T5923] loop2: rw=67112961, sector=13448, nr_sectors = 8 limit=0 [ 181.018567][ T5923] BTRFS error (device loop2): bdev /dev/loop2 errs: wr 6, rd 0, flush 0, corrupt 0, gen 0 [ 181.028198][ T6455] tipc: Failed to remove unknown binding: 66,1,1/0:2104398259/2104398261 [ 181.037220][ T5109] BTRFS error (device loop2 state A): Transaction aborted (error -5) [ 181.045896][ T5109] BTRFS: error (device loop2 state A) in __btrfs_free_extent:3222: errno=-5 IO failure [ 181.074421][ T5109] BTRFS info (device loop2 state EA): forced readonly [ 181.087227][ T5109] BTRFS error (device loop2 state EA): failed to run delayed ref for logical 1052672 num_bytes 4096 type 176 action 2 ref_mod 1: -5 [ 181.111240][ T5109] BTRFS: error (device loop2 state EA) in btrfs_run_delayed_refs:2211: errno=-5 IO failure [ 181.135041][ T5109] BTRFS info (device loop2 state EA): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 181.137339][ T8] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 181.359226][ T8] usb 5-1: Using ep0 maxpacket: 16 [ 181.386388][ T8] usb 5-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 181.402937][ T8] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0xD7 has an invalid bInterval 152, changing to 11 [ 181.433635][ T8] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0xD7 has invalid maxpacket 8285, setting to 1024 [ 181.482015][ T8] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1 [ 181.507302][ T6448] loop0: detected capacity change from 0 to 32768 [ 181.530249][ T8] usb 5-1: New USB device found, idVendor=05ac, idProduct=9226, bcdDevice=b2.89 [ 181.540513][ T8] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 181.560488][ T8] usb 5-1: Product: syz [ 181.564929][ T8] usb 5-1: Manufacturer: syz [ 181.766459][ T8] usb 5-1: SerialNumber: syz [ 181.774039][ T8] usb 5-1: config 0 descriptor?? [ 182.147538][ T8] appledisplay 5-1:0.0: Error while getting initial brightness: -110 [ 182.231653][ T8] appledisplay 5-1:0.0: probe with driver appledisplay failed with error -110 [ 182.313221][ T8] usb 5-1: USB disconnect, device number 7 [ 183.540945][ T6477] loop3: detected capacity change from 0 to 32768 [ 184.546328][ T6465] loop2: detected capacity change from 0 to 32768 [ 184.570410][ T6465] workqueue: Failed to create a rescuer kthread for wq "xfs-buf/loop2": -EINTR [ 184.719767][ T6491] tipc: Failed to remove unknown binding: 66,1,1/0:1999667100/1999667102 [ 184.740747][ T6491] tipc: Failed to remove unknown binding: 66,1,1/0:1999667100/1999667102 [ 184.752674][ T6491] tipc: Failed to remove unknown binding: 66,1,1/0:1999667100/1999667102 [ 184.850086][ T8] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 185.037354][ T8] usb 2-1: Using ep0 maxpacket: 32 [ 185.051816][ T8] usb 2-1: New USB device found, idVendor=046d, idProduct=08f6, bcdDevice=81.8a [ 185.068733][ T8] usb 2-1: New USB device strings: Mfr=0, Product=9, SerialNumber=0 [ 185.076953][ T8] usb 2-1: Product: syz [ 185.093354][ T8] usb 2-1: config 0 descriptor?? [ 185.107518][ T8] gspca_main: STV06xx-2.14.0 probing 046d:08f6 [ 185.114171][ T8] gspca_stv06xx: st6422 sensor detected [ 185.331826][ T6497] tipc: Failed to remove unknown binding: 66,1,1/0:100648764/100648766 [ 185.352924][ T6497] tipc: Failed to remove unknown binding: 66,1,1/0:100648764/100648766 [ 185.366658][ T6497] tipc: Failed to remove unknown binding: 66,1,1/0:100648764/100648766 [ 185.569082][ T6506] loop2: detected capacity change from 0 to 512 [ 185.726471][ T6510] bond0: (slave bond_slave_0): Releasing backup interface [ 185.744909][ T6506] EXT4-fs (loop2): Test dummy encryption mode enabled [ 185.772741][ T6506] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2234: inode #12: comm syz-executor.2: corrupted in-inode xattr: invalid ea_ino [ 185.806269][ T6506] EXT4-fs error (device loop2): ext4_orphan_get:1399: comm syz-executor.2: couldn't read orphan inode 12 (err -117) [ 185.829013][ T6506] EXT4-fs (loop2): mounted filesystem 00000005-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 185.917213][ T25] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 185.932970][ T6502] loop0: detected capacity change from 0 to 32768 [ 186.098562][ T25] usb 4-1: Using ep0 maxpacket: 16 [ 186.114854][ T25] usb 4-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 186.149726][ T25] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0xD7 has an invalid bInterval 152, changing to 11 [ 186.185906][ T25] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0xD7 has invalid maxpacket 8285, setting to 1024 [ 186.206416][ T6519] fscrypt: AES-256-XTS using implementation "xts-aes-aesni-avx" [ 186.214667][ T25] usb 4-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1 [ 186.544145][ T53] Bluetooth: hci2: command 0x0406 tx timeout [ 186.836494][ T25] usb 4-1: New USB device found, idVendor=05ac, idProduct=9226, bcdDevice=b2.89 [ 186.887402][ T25] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 186.916502][ T25] usb 4-1: Product: syz [ 186.954912][ T5109] EXT4-fs (loop2): unmounting filesystem 00000005-0000-0000-0000-000000000000. [ 186.969136][ T25] usb 4-1: Manufacturer: syz [ 186.973974][ T25] usb 4-1: SerialNumber: syz [ 186.991404][ T25] usb 4-1: config 0 descriptor?? [ 187.343541][ T25] appledisplay 4-1:0.0: Error while getting initial brightness: -110 [ 187.357410][ T25] appledisplay 4-1:0.0: probe with driver appledisplay failed with error -110 [ 187.386968][ T8] STV06xx 2-1:0.0: probe with driver STV06xx failed with error -71 [ 187.414322][ T8] usb 2-1: Found UVC 0.00 device syz (046d:08f6) [ 187.442102][ T8] usb 2-1: No valid video chain found. [ 188.396812][ T6532] loop2: detected capacity change from 0 to 32768 [ 188.498946][ T25] usb 4-1: USB disconnect, device number 6 [ 188.854989][ T6530] loop4: detected capacity change from 0 to 1764 [ 188.894278][ T6530] iso9660: Unknown parameter 'Rőʰ˿ 45[eWmw@TFAnT% %+gP;*D$^t?FÕ2Wk|' [ 189.111068][ T8] usb 2-1: USB disconnect, device number 5 [ 189.208810][ T6538] tipc: Failed to remove unknown binding: 66,1,1/0:2383280487/2383280489 [ 189.238680][ T6538] tipc: Failed to remove unknown binding: 66,1,1/0:2383280487/2383280489 [ 189.247273][ T6540] loop1: detected capacity change from 0 to 2048 [ 189.259258][ T6538] tipc: Failed to remove unknown binding: 66,1,1/0:2383280487/2383280489 [ 189.284918][ T6540] UDF-fs: error (device loop1): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 189.634631][ T29] audit: type=1800 audit(1719098882.815:26): pid=6545 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.1" name="file0" dev="loop1" ino=1368 res=0 errno=0 [ 189.712120][ T6536] loop0: detected capacity change from 0 to 32768 [ 189.760095][ T6545] input: syz0 as /devices/virtual/input/input9 [ 189.780743][ T6536] XFS (loop0): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 189.907411][ T6536] XFS (loop0): Ending clean mount [ 189.936005][ T6536] XFS (loop0): Quotacheck needed: Please wait. [ 189.942801][ T6556] loop4: detected capacity change from 0 to 512 [ 189.956978][ T6556] EXT4-fs warning (device loop4): dx_probe:877: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 189.971758][ T6556] EXT4-fs warning (device loop4): dx_probe:880: Enable large directory feature to access it [ 190.060840][ T6556] EXT4-fs warning (device loop4): dx_probe:965: inode #2: comm syz-executor.4: Corrupt directory, running e2fsck is recommended [ 190.179852][ T6536] XFS (loop0): Quotacheck: Done. [ 190.374400][ T6556] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -2 [ 190.457803][ T6556] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2234: inode #15: comm syz-executor.4: corrupted in-inode xattr: invalid ea_ino [ 190.501759][ T6556] EXT4-fs (loop4): Remounting filesystem read-only [ 190.535186][ T6556] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 190.563722][ T6542] loop3: detected capacity change from 0 to 32768 [ 190.588409][ T6542] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop3 (7:3) scanned by syz-executor.3 (6542) [ 190.659051][ T6542] BTRFS info (device loop3): first mount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0 [ 190.670928][ T6563] tipc: Failed to remove unknown binding: 66,1,1/0:2567622025/2567622027 [ 190.688919][ T6542] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm [ 190.700025][ T6563] tipc: Failed to remove unknown binding: 66,1,1/0:2567622025/2567622027 [ 190.709351][ T6563] tipc: Failed to remove unknown binding: 66,1,1/0:2567622025/2567622027 [ 190.718174][ T6542] BTRFS info (device loop3): using free-space-tree [ 190.734853][ T6049] XFS (loop0): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 190.907069][ T6582] loop1: detected capacity change from 0 to 512 [ 190.921817][ T6582] EXT4-fs (loop1): Test dummy encryption mode enabled [ 190.952637][ T6582] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2234: inode #12: comm syz-executor.1: corrupted in-inode xattr: invalid ea_ino [ 190.974839][ T29] audit: type=1800 audit(1719098884.155:27): pid=6542 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.3" name="file1" dev="loop3" ino=260 res=0 errno=0 [ 191.009204][ T6582] EXT4-fs error (device loop1): ext4_orphan_get:1399: comm syz-executor.1: couldn't read orphan inode 12 (err -117) [ 191.053894][ T6582] EXT4-fs (loop1): mounted filesystem 00000005-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 191.374202][ T5106] BTRFS info (device loop3): last unmount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0 [ 191.435847][ T6593] netlink: 68 bytes leftover after parsing attributes in process `syz-executor.2'. [ 191.554774][ T5103] EXT4-fs (loop1): unmounting filesystem 00000005-0000-0000-0000-000000000000. [ 192.500740][ T6607] loop1: detected capacity change from 0 to 32768 [ 192.569843][ T5148] usb 3-1: new high-speed USB device number 9 using dummy_hcd [ 192.623332][ T5097] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 193.077372][ T8] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 193.111191][ T5148] usb 3-1: Using ep0 maxpacket: 16 [ 193.128631][ T5148] usb 3-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 193.139828][ T5148] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0xD7 has an invalid bInterval 152, changing to 11 [ 193.152079][ T5148] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0xD7 has invalid maxpacket 8285, setting to 1024 [ 193.163239][ T5148] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1 [ 193.189605][ T5148] usb 3-1: New USB device found, idVendor=05ac, idProduct=9226, bcdDevice=b2.89 [ 193.200825][ T5148] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 193.217144][ T5148] usb 3-1: Product: syz [ 193.221344][ T5148] usb 3-1: Manufacturer: syz [ 193.225951][ T5148] usb 3-1: SerialNumber: syz [ 193.249807][ T5148] usb 3-1: config 0 descriptor?? [ 193.287298][ T8] usb 4-1: Using ep0 maxpacket: 32 [ 193.299766][ T8] usb 4-1: New USB device found, idVendor=046d, idProduct=08f6, bcdDevice=81.8a [ 193.317675][ T8] usb 4-1: New USB device strings: Mfr=0, Product=9, SerialNumber=0 [ 193.317703][ T6611] tipc: Failed to remove unknown binding: 66,1,1/0:2968823744/2968823746 [ 193.334597][ T8] usb 4-1: Product: syz [ 193.348475][ T6611] tipc: Failed to remove unknown binding: 66,1,1/0:2968823744/2968823746 [ 193.379916][ T8] usb 4-1: config 0 descriptor?? [ 193.393675][ T6611] tipc: Failed to remove unknown binding: 66,1,1/0:2968823744/2968823746 [ 193.410389][ T8] gspca_main: STV06xx-2.14.0 probing 046d:08f6 [ 193.435605][ T8] gspca_stv06xx: st6422 sensor detected [ 193.461957][ T5148] appledisplay 3-1:0.0: Error while getting initial brightness: -71 [ 193.498405][ T5148] appledisplay 3-1:0.0: probe with driver appledisplay failed with error -71 [ 193.524340][ T5148] usb 3-1: USB disconnect, device number 9 [ 193.541866][ T6613] loop1: detected capacity change from 0 to 128 [ 194.077438][ T6613] loop1: detected capacity change from 128 to 0 [ 194.144444][ T6621] netlink: 68 bytes leftover after parsing attributes in process `syz-executor.2'. [ 194.154950][ T5103] syz-executor.1: attempt to access beyond end of device [ 194.154950][ T5103] loop1: rw=524288, sector=44, nr_sectors = 1 limit=0 [ 194.189659][ T5103] syz-executor.1: attempt to access beyond end of device [ 194.189659][ T5103] loop1: rw=524288, sector=45, nr_sectors = 1 limit=0 [ 194.218779][ T5103] syz-executor.1: attempt to access beyond end of device [ 194.218779][ T5103] loop1: rw=524288, sector=46, nr_sectors = 1 limit=0 [ 194.246515][ T6618] loop0: detected capacity change from 0 to 32768 [ 194.259673][ T5103] syz-executor.1: attempt to access beyond end of device [ 194.259673][ T5103] loop1: rw=524288, sector=47, nr_sectors = 1 limit=0 [ 194.285498][ T5103] syz-executor.1: attempt to access beyond end of device [ 194.285498][ T5103] loop1: rw=524288, sector=48, nr_sectors = 1 limit=0 [ 194.305228][ T5103] syz-executor.1: attempt to access beyond end of device [ 194.305228][ T5103] loop1: rw=524288, sector=49, nr_sectors = 1 limit=0 [ 194.325136][ T5103] syz-executor.1: attempt to access beyond end of device [ 194.325136][ T5103] loop1: rw=524288, sector=50, nr_sectors = 1 limit=0 [ 194.344759][ T5103] syz-executor.1: attempt to access beyond end of device [ 194.344759][ T5103] loop1: rw=524288, sector=51, nr_sectors = 1 limit=0 [ 194.366524][ T5103] syz-executor.1: attempt to access beyond end of device [ 194.366524][ T5103] loop1: rw=0, sector=44, nr_sectors = 1 limit=0 [ 194.381812][ T5103] FAT-fs (loop1): Directory bread(block 44) failed [ 194.388596][ T5103] syz-executor.1: attempt to access beyond end of device [ 194.388596][ T5103] loop1: rw=0, sector=45, nr_sectors = 1 limit=0 [ 194.405228][ T5103] FAT-fs (loop1): Directory bread(block 45) failed [ 194.411927][ T5103] FAT-fs (loop1): Directory bread(block 46) failed [ 194.418703][ T5103] FAT-fs (loop1): Directory bread(block 47) failed [ 194.425401][ T5103] FAT-fs (loop1): Directory bread(block 48) failed [ 194.432221][ T5103] FAT-fs (loop1): Directory bread(block 49) failed [ 194.443585][ T5103] FAT-fs (loop1): Directory bread(block 50) failed [ 194.456813][ T5103] FAT-fs (loop1): Directory bread(block 51) failed [ 194.522048][ T6618] XFS (loop0): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 194.593801][ T6618] XFS (loop0): Ending clean mount [ 194.609223][ T1249] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.615739][ T1249] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.633132][ T6618] XFS (loop0): Quotacheck needed: Please wait. [ 194.675904][ T6618] XFS (loop0): Quotacheck: Done. [ 194.681183][ T6624] loop2: detected capacity change from 0 to 40427 [ 194.699390][ T6624] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 194.707316][ T6624] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 194.714250][ T5923] FAT-fs (loop1): unable to read inode block for updating (i_pos 707) [ 194.744626][ T5103] FAT-fs (loop1): unable to read boot sector to mark fs as dirty [ 194.761396][ T6624] F2FS-fs (loop2): Found nat_bits in checkpoint [ 194.856867][ T6624] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 194.864159][ T6624] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 194.912044][ T6637] netlink: 68 bytes leftover after parsing attributes in process `syz-executor.4'. [ 195.132963][ T8] STV06xx 4-1:0.0: probe with driver STV06xx failed with error -71 [ 195.334073][ T8] usb 4-1: Found UVC 0.00 device syz (046d:08f6) [ 195.341243][ T8] usb 4-1: No valid video chain found. [ 195.348224][ T8] usb 4-1: USB disconnect, device number 7 [ 195.687041][ T6049] XFS (loop0): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 196.916640][ T6650] loop4: detected capacity change from 0 to 32768 [ 197.803838][ T6645] loop3: detected capacity change from 0 to 32768 [ 197.867860][ T6645] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop3 (7:3) scanned by syz-executor.3 (6645) [ 197.928551][ T6645] BTRFS info (device loop3): first mount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0 [ 197.959326][ T6645] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm [ 197.994145][ T6645] BTRFS info (device loop3): using free-space-tree [ 198.073149][ T6653] tipc: Failed to remove unknown binding: 66,1,1/0:3901430560/3901430562 [ 198.146208][ T6653] tipc: Failed to remove unknown binding: 66,1,1/0:3901430560/3901430562 [ 198.167362][ T6653] tipc: Failed to remove unknown binding: 66,1,1/0:3901430560/3901430562 [ 198.240773][ T6674] netlink: 188 bytes leftover after parsing attributes in process `syz-executor.4'. [ 198.263749][ T6674] netlink: 56 bytes leftover after parsing attributes in process `syz-executor.4'. [ 198.314276][ T53] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 198.327687][ T53] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 198.347021][ T53] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 198.363184][ T53] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 198.379527][ T53] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 198.388864][ T53] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 198.403484][ T6671] loop2: detected capacity change from 0 to 4096 [ 198.434081][ T6645] BTRFS error (device loop3): open_ctree failed [ 198.649179][ T6685] loop4: detected capacity change from 0 to 128 [ 198.787291][ T6685] loop4: detected capacity change from 128 to 0 [ 198.866647][ T5097] FAT-fs (loop4): Directory bread(block 44) failed [ 198.874164][ T5097] FAT-fs (loop4): Directory bread(block 45) failed [ 198.880973][ T5097] FAT-fs (loop4): Directory bread(block 46) failed [ 198.889059][ T5097] FAT-fs (loop4): Directory bread(block 47) failed [ 198.922670][ T5097] FAT-fs (loop4): Directory bread(block 48) failed [ 198.949651][ T5097] FAT-fs (loop4): Directory bread(block 49) failed [ 198.952813][ T6676] chnl_net:caif_netlink_parms(): no params data found [ 198.977859][ T5097] FAT-fs (loop4): Directory bread(block 50) failed [ 198.997457][ T5097] FAT-fs (loop4): Directory bread(block 51) failed [ 199.036311][ T5911] FAT-fs (loop4): unable to read inode block for updating (i_pos 707) [ 199.051335][ T5097] FAT-fs (loop4): unable to read boot sector to mark fs as dirty [ 199.528170][ T6704] netlink: 68 bytes leftover after parsing attributes in process `syz-executor.0'. [ 200.060219][ T5921] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 200.099429][ T6714] tipc: Failed to remove unknown binding: 66,1,1/0:2175257417/2175257419 [ 200.110992][ T6676] bridge0: port 1(bridge_slave_0) entered blocking state [ 200.131452][ T6714] tipc: Failed to remove unknown binding: 66,1,1/0:2175257417/2175257419 [ 200.140079][ T6676] bridge0: port 1(bridge_slave_0) entered disabled state [ 200.173165][ T6676] bridge_slave_0: entered allmulticast mode [ 200.181215][ T6714] tipc: Failed to remove unknown binding: 66,1,1/0:2175257417/2175257419 [ 200.189004][ T6676] bridge_slave_0: entered promiscuous mode [ 200.216152][ T6676] bridge0: port 2(bridge_slave_1) entered blocking state [ 200.245001][ T6676] bridge0: port 2(bridge_slave_1) entered disabled state [ 200.271965][ T6676] bridge_slave_1: entered allmulticast mode [ 200.284160][ T5111] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 200.293919][ T5111] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 200.304717][ T5111] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 200.313367][ T5111] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 200.322346][ T6676] bridge_slave_1: entered promiscuous mode [ 200.330907][ T5111] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 200.344224][ T5111] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 200.439738][ T5921] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 200.517271][ T53] Bluetooth: hci2: command tx timeout [ 200.554519][ T6676] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 200.614128][ T25] usb 3-1: new high-speed USB device number 10 using dummy_hcd [ 200.670807][ T5921] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 200.708517][ T6676] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 200.794444][ T6722] netlink: 'syz-executor.0': attribute type 1 has an invalid length. [ 200.816791][ T5921] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 200.832837][ T6723] netlink: 'syz-executor.0': attribute type 1 has an invalid length. [ 200.834231][ T6712] loop3: detected capacity change from 0 to 32768 [ 200.847688][ T25] usb 3-1: Using ep0 maxpacket: 8 [ 200.860941][ T25] usb 3-1: config index 0 descriptor too short (expected 301, got 45) [ 200.872277][ T6676] team0: Port device team_slave_0 added [ 200.883977][ T25] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 200.898190][ T6676] team0: Port device team_slave_1 added [ 200.904426][ T25] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 200.924191][ T25] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 200.941943][ T25] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 200.961686][ T25] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 201.017256][ T25] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 201.134610][ T6676] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 201.139404][ T6712] bcachefs (loop3): mounting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=xxhash,compression=zstd,nojournal_transaction_names [ 201.157191][ T6712] bcachefs (loop3): recovering from clean shutdown, journal seq 10 [ 201.166054][ T6676] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 201.192782][ T6676] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 201.211129][ T6676] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 201.218320][ T6676] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 201.230732][ T6712] bcachefs (loop3): alloc_read... [ 201.248025][ T6676] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 201.270281][ T6712] done [ 201.273099][ T6712] bcachefs (loop3): stripes_read... done [ 201.278972][ T6712] bcachefs (loop3): snapshots_read... done [ 201.286929][ T6712] bcachefs (loop3): journal_replay... done [ 201.293556][ T25] usb 3-1: usb_control_msg returned -32 [ 201.293867][ T6712] bcachefs (loop3): resume_logged_ops... done [ 201.307750][ T6712] bcachefs (loop3): going read-write [ 201.315865][ T25] usbtmc 3-1:16.0: can't read capabilities [ 201.324219][ T6712] bcachefs (loop3): done starting filesystem [ 201.391208][ T6676] hsr_slave_0: entered promiscuous mode [ 201.399063][ T6676] hsr_slave_1: entered promiscuous mode [ 201.411998][ T6676] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 201.420090][ T6676] Cannot create hsr debugfs directory [ 201.430406][ T5106] bcachefs (loop3): shutting down [ 201.437269][ T5106] bcachefs (loop3): going read-only [ 201.443197][ T5106] bcachefs (loop3): finished waiting for writes to stop [ 201.464496][ T5106] bcachefs (loop3): flushing journal and stopping allocators, journal seq 11 [ 201.496058][ T5106] bcachefs (loop3): flushing journal and stopping allocators complete, journal seq 14 [ 201.517913][ T5106] bcachefs (loop3): shutdown complete, journal seq 15 [ 201.525840][ T5106] bcachefs (loop3): marking filesystem clean [ 201.560124][ T5106] bcachefs (loop3): shutdown complete [ 201.585546][ T5921] mac80211_hwsim hwsim11 wlan1: left allmulticast mode [ 201.595971][ T5921] mac80211_hwsim hwsim11 wlan1: left promiscuous mode [ 201.603209][ T5921] bridge0: port 3(wlan1) entered disabled state [ 201.611755][ T5921] bridge_slave_1: left allmulticast mode [ 201.618753][ T5921] bridge_slave_1: left promiscuous mode [ 201.625888][ T5921] bridge0: port 2(bridge_slave_1) entered disabled state [ 201.636674][ T5921] bridge_slave_0: left allmulticast mode [ 201.643733][ T5921] bridge_slave_0: left promiscuous mode [ 201.652300][ T5921] bridge0: port 1(bridge_slave_0) entered disabled state [ 202.395756][ T5921] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 202.408233][ T5921] bond0 (unregistering): Released all slaves [ 202.437429][ T53] Bluetooth: hci0: command tx timeout [ 202.485776][ T6741] loop0: detected capacity change from 0 to 32768 [ 202.597558][ T53] Bluetooth: hci2: command tx timeout [ 202.624373][ T6741] bcachefs (loop0): mounting version 1.7: mi_btree_bitmap opts=nojournal_transaction_names [ 202.634799][ T6741] bcachefs (loop0): recovering from clean shutdown, journal seq 14 [ 202.719314][ T6741] bcachefs (loop0): alloc_read... done [ 202.724961][ T6741] bcachefs (loop0): stripes_read... done [ 202.733317][ T6741] bcachefs (loop0): snapshots_read... done [ 202.741742][ T6741] bcachefs (loop0): journal_replay... done [ 202.749448][ T6741] bcachefs (loop0): resume_logged_ops... done [ 202.755663][ T6741] bcachefs (loop0): going read-write [ 202.765362][ T6741] bcachefs (loop0): done starting filesystem [ 202.827606][ T29] audit: type=1800 audit(1719098896.015:28): pid=6741 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.0" name="file1" dev="loop0" ino=1073741824 res=0 errno=0 [ 202.874461][ T6676] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 203.001559][ T5201] usb 4-1: new high-speed USB device number 8 using dummy_hcd [ 203.025352][ T6715] chnl_net:caif_netlink_parms(): no params data found [ 203.051418][ T5921] hsr_slave_0: left promiscuous mode [ 203.061383][ T5921] hsr_slave_1: left promiscuous mode [ 203.068145][ T5921] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 203.075632][ T5921] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 203.470243][ T5201] usb 4-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f [ 203.862451][ T5201] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 203.874962][ T5201] usb 4-1: Product: syz [ 203.879678][ T5201] usb 4-1: Manufacturer: syz [ 203.885010][ T5201] usb 4-1: SerialNumber: syz [ 203.892081][ T5201] usb 4-1: config 0 descriptor?? [ 203.918047][ T5921] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 203.940070][ T25] usb 3-1: USB disconnect, device number 10 [ 203.957242][ T5921] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 204.040028][ T5921] veth1_macvtap: left promiscuous mode [ 204.047603][ T5921] veth0_macvtap: left promiscuous mode [ 204.073457][ T5921] veth1_vlan: left promiscuous mode [ 204.080883][ T5921] veth0_vlan: left promiscuous mode [ 204.252843][ T6049] bcachefs (loop0): shutting down [ 204.282730][ T6049] bcachefs (loop0): going read-only [ 204.313961][ T6049] bcachefs (loop0): finished waiting for writes to stop [ 204.338090][ T6049] bcachefs (loop0): flushing journal and stopping allocators, journal seq 17 [ 204.375362][ T6049] bcachefs (loop0): flushing journal and stopping allocators complete, journal seq 18 [ 204.404804][ T6049] bcachefs (loop0): shutdown complete, journal seq 19 [ 204.422151][ T6049] bcachefs (loop0): marking filesystem clean [ 204.504351][ T6764] loop2: detected capacity change from 0 to 32768 [ 204.518077][ T5111] Bluetooth: hci0: command tx timeout [ 204.529382][ T6049] bcachefs (loop0): shutdown complete [ 204.538332][ T6764] XFS: ikeep mount option is deprecated. [ 204.576416][ T6764] XFS (loop2): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 204.643140][ T6764] XFS (loop2): Ending clean mount [ 204.666851][ T6764] XFS (loop2): Quotacheck needed: Please wait. [ 204.677325][ T5111] Bluetooth: hci2: command tx timeout [ 204.810601][ T6764] XFS (loop2): Quotacheck: Done. [ 204.876774][ T5109] XFS (loop2): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 205.576957][ T5921] team0 (unregistering): Port device team_slave_1 removed [ 205.916109][ T5921] team0 (unregistering): Port device team_slave_0 removed [ 206.332999][ T6676] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 206.352849][ T6753] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'. [ 206.363373][ T6753] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.3'. [ 206.404645][ T6782] bond0: (slave bond_slave_0): Releasing backup interface [ 206.415369][ T5146] usb 4-1: USB disconnect, device number 8 [ 206.556035][ T6792] loop0: detected capacity change from 0 to 1024 [ 206.607615][ T5111] Bluetooth: hci0: command tx timeout [ 206.610803][ T6794] tipc: Failed to remove unknown binding: 66,1,1/0:658941829/658941831 [ 206.638499][ T6794] tipc: Failed to remove unknown binding: 66,1,1/0:658941829/658941831 [ 206.639556][ T6676] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 206.647071][ T6794] tipc: Failed to remove unknown binding: 66,1,1/0:658941829/658941831 [ 206.757594][ T5111] Bluetooth: hci2: command tx timeout [ 206.806962][ T6676] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 206.827066][ T6715] bridge0: port 1(bridge_slave_0) entered blocking state [ 206.842472][ T6715] bridge0: port 1(bridge_slave_0) entered disabled state [ 206.865690][ T6715] bridge_slave_0: entered allmulticast mode [ 206.884299][ T6715] bridge_slave_0: entered promiscuous mode [ 206.895583][ T6715] bridge0: port 2(bridge_slave_1) entered blocking state [ 206.910539][ T6715] bridge0: port 2(bridge_slave_1) entered disabled state [ 206.923026][ T6715] bridge_slave_1: entered allmulticast mode [ 206.934470][ T6715] bridge_slave_1: entered promiscuous mode [ 206.984174][ T6715] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 207.009774][ T6715] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 207.213422][ T6715] team0: Port device team_slave_0 added [ 207.258352][ T6715] team0: Port device team_slave_1 added [ 207.357065][ T6715] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 207.364874][ T6715] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 207.402112][ T6715] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 207.455593][ T6715] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 207.470657][ T6715] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 207.498704][ T6715] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 207.700059][ T6676] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 207.715470][ T6815] syzkaller1: entered promiscuous mode [ 207.728633][ T6815] syzkaller1: entered allmulticast mode [ 207.766752][ T6715] hsr_slave_0: entered promiscuous mode [ 207.776970][ T6715] hsr_slave_1: entered promiscuous mode [ 207.792202][ T6676] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 207.830334][ T6676] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 208.084325][ T6676] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 208.677413][ T5111] Bluetooth: hci0: command tx timeout [ 208.692451][ T6821] loop2: detected capacity change from 0 to 32768 [ 208.713640][ T6821] XFS: ikeep mount option is deprecated. [ 208.751227][ T6821] XFS (loop2): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 208.853407][ T6823] loop0: detected capacity change from 0 to 32768 [ 208.880457][ T6821] XFS (loop2): Ending clean mount [ 208.900752][ T6823] XFS (loop0): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 208.923961][ T6821] XFS (loop2): Quotacheck needed: Please wait. [ 208.936848][ T6676] 8021q: adding VLAN 0 to HW filter on device bond0 [ 209.038914][ T6823] XFS (loop0): Ending clean mount [ 209.070599][ T6821] XFS (loop2): Quotacheck: Done. [ 209.073083][ T6823] XFS (loop0): Quotacheck needed: Please wait. [ 209.084347][ T6676] 8021q: adding VLAN 0 to HW filter on device team0 [ 209.145963][ T6823] XFS (loop0): Quotacheck: Done. [ 209.147763][ T5109] XFS (loop2): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 209.199769][ T783] bridge0: port 1(bridge_slave_0) entered blocking state [ 209.206926][ T783] bridge0: port 1(bridge_slave_0) entered forwarding state [ 209.265318][ T783] bridge0: port 2(bridge_slave_1) entered blocking state [ 209.272542][ T783] bridge0: port 2(bridge_slave_1) entered forwarding state [ 209.594319][ T6715] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 209.618795][ T6715] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 209.663307][ T6715] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 209.695047][ T6715] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 209.861994][ T6049] XFS (loop0): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 209.930022][ T6676] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 209.983226][ T6715] 8021q: adding VLAN 0 to HW filter on device bond0 [ 210.007700][ T5148] usb 3-1: new high-speed USB device number 11 using dummy_hcd [ 210.065154][ T6715] 8021q: adding VLAN 0 to HW filter on device team0 [ 210.109181][ T25] bridge0: port 1(bridge_slave_0) entered blocking state [ 210.116343][ T25] bridge0: port 1(bridge_slave_0) entered forwarding state [ 210.132964][ T25] bridge0: port 2(bridge_slave_1) entered blocking state [ 210.140118][ T25] bridge0: port 2(bridge_slave_1) entered forwarding state [ 210.159722][ T6676] veth0_vlan: entered promiscuous mode [ 210.191770][ T6858] tipc: Failed to remove unknown binding: 66,1,1/0:3517230000/3517230002 [ 210.216939][ T6858] tipc: Failed to remove unknown binding: 66,1,1/0:3517230000/3517230002 [ 210.226931][ T6858] tipc: Failed to remove unknown binding: 66,1,1/0:3517230000/3517230002 [ 210.231962][ T6676] veth1_vlan: entered promiscuous mode [ 210.239529][ T5148] usb 3-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f [ 210.250596][ T5148] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 210.274403][ T5148] usb 3-1: Product: syz [ 210.280479][ T5148] usb 3-1: Manufacturer: syz [ 210.285157][ T5148] usb 3-1: SerialNumber: syz [ 210.300750][ T5148] usb 3-1: config 0 descriptor?? [ 210.421491][ T6676] veth0_macvtap: entered promiscuous mode [ 210.458212][ T6676] veth1_macvtap: entered promiscuous mode [ 210.509324][ T6676] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 210.523098][ T6676] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 210.551217][ T6676] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 210.603749][ T6676] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 210.616990][ T6676] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 210.630978][ T6676] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 210.631224][ T6866] netlink: 188 bytes leftover after parsing attributes in process `syz-executor.3'. [ 210.651670][ T6866] netlink: 56 bytes leftover after parsing attributes in process `syz-executor.3'. [ 210.651906][ T6676] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 210.690592][ T6676] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 210.706715][ T6676] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 210.726913][ T6854] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'. [ 210.745010][ T6854] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.2'. [ 210.770232][ T6676] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 210.787657][ T6676] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 210.815295][ T6676] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 210.826161][ T6676] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 210.836650][ T6676] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 210.853122][ T6676] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 210.863851][ T6676] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 210.892572][ T6676] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 210.924764][ T6676] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 211.007016][ T6676] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 211.019910][ T6676] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 211.031925][ T6676] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 211.040813][ T6676] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 211.061740][ T6715] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 211.133921][ T6873] loop3: detected capacity change from 0 to 1024 [ 211.179336][ T5146] usb 3-1: USB disconnect, device number 11 [ 211.272612][ T6873] hfsplus: extend alloc file! (8192,512,16777719) [ 211.298711][ T5923] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 211.306548][ T5923] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 211.388182][ T5921] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 211.407889][ T5921] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 211.425452][ T5923] hfsplus: b-tree write err: -5, ino 8 [ 211.491265][ T6868] loop0: detected capacity change from 0 to 32768 [ 211.513869][ T6868] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop0 (7:0) scanned by syz-executor.0 (6868) [ 211.551382][ T6868] BTRFS info (device loop0): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 211.578153][ T6868] BTRFS info (device loop0): using blake2b (blake2b-256-generic) checksum algorithm [ 211.589472][ T6868] BTRFS info (device loop0): using free-space-tree [ 211.664603][ T6715] veth0_vlan: entered promiscuous mode [ 211.714905][ T6715] veth1_vlan: entered promiscuous mode [ 211.773074][ T6715] veth0_macvtap: entered promiscuous mode [ 211.821520][ T6715] veth1_macvtap: entered promiscuous mode [ 211.935164][ T6715] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 211.979914][ T6715] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 212.030284][ T6715] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 212.075182][ T6715] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 212.122039][ T6715] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 212.164940][ T6715] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 212.210563][ T6715] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 212.236014][ T6907] loop2: detected capacity change from 0 to 40427 [ 212.244420][ T6907] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 212.250735][ T6715] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 212.252567][ T6907] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 212.298614][ T6907] F2FS-fs (loop2): Found nat_bits in checkpoint [ 212.303787][ T6715] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 212.346638][ T6715] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 212.364879][ T6907] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 212.372105][ T6907] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 212.656796][ T6715] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 212.693799][ T6715] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 212.704856][ T6715] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 212.716959][ T6715] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 212.835363][ T6715] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 212.861810][ T6049] BTRFS info (device loop0): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 212.877190][ T6715] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 212.936884][ T6715] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 212.951286][ T6715] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 212.965987][ T6715] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 212.980555][ T6715] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 212.991330][ T6715] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 213.009967][ T6715] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 213.068866][ T6715] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 213.111298][ T6715] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 213.136729][ T6715] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 213.166149][ T6715] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 213.176104][ T6921] loop3: detected capacity change from 0 to 512 [ 213.238552][ T6921] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 213.268041][ T6921] EXT4-fs (loop3): orphan cleanup on readonly fs [ 213.300697][ T6921] EXT4-fs warning (device loop3): ext4_enable_quotas:7078: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 213.395324][ T6921] EXT4-fs (loop3): Cannot turn on quotas: error -22 [ 213.420508][ T6921] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz-executor.3: bg 0: block 40: padding at end of block bitmap is not set [ 213.443098][ T6921] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6551: Corrupt filesystem [ 213.480002][ T5912] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 213.512171][ T6921] EXT4-fs (loop3): 1 truncate cleaned up [ 213.517209][ T5912] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 213.530043][ T6921] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 213.673133][ T5923] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 213.692106][ T5923] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 213.759168][ T6925] input: syz0 as /devices/virtual/input/input11 [ 214.187318][ T5106] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 214.527070][ T6941] tipc: Failed to remove unknown binding: 66,1,1/0:1300734396/1300734398 [ 214.557114][ T6941] tipc: Failed to remove unknown binding: 66,1,1/0:1300734396/1300734398 [ 214.572565][ T6941] tipc: Failed to remove unknown binding: 66,1,1/0:1300734396/1300734398 [ 214.676867][ T6935] bond0: (slave bond_slave_0): Releasing backup interface [ 214.904280][ T6944] tipc: Failed to remove unknown binding: 66,1,1/0:3242311478/3242311480 [ 214.972320][ T6944] tipc: Failed to remove unknown binding: 66,1,1/0:3242311478/3242311480 [ 214.984686][ T6948] loop0: detected capacity change from 0 to 1024 [ 215.009248][ T6944] tipc: Failed to remove unknown binding: 66,1,1/0:3242311478/3242311480 [ 215.026180][ T6949] netlink: 188 bytes leftover after parsing attributes in process `syz-executor.2'. [ 215.036329][ T6949] netlink: 56 bytes leftover after parsing attributes in process `syz-executor.2'. [ 215.099075][ T6948] hfsplus: extend alloc file! (8192,512,16777719) [ 215.180210][ T6953] loop4: detected capacity change from 0 to 2048 [ 215.225591][ T6953] UDF-fs: error (device loop4): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 215.275648][ T5912] hfsplus: b-tree write err: -5, ino 8 [ 215.322504][ T6957] loop3: detected capacity change from 0 to 512 [ 215.355562][ T6957] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 215.373430][ T6957] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e842e12c, mo2=0002] [ 215.382166][ T6957] System zones: 1-12 [ 215.386505][ T6957] EXT4-fs (loop3): orphan cleanup on readonly fs [ 215.435021][ T6957] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz-executor.3: bg 0: block 361: padding at end of block bitmap is not set [ 215.448622][ T6965] loop2: detected capacity change from 0 to 128 [ 215.463488][ T6964] loop0: detected capacity change from 0 to 2048 [ 215.489106][ T6965] VFS: could not find a valid V7 on loop2. [ 215.506831][ T29] audit: type=1800 audit(1719098908.685:29): pid=6962 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.4" name="file0" dev="loop4" ino=1368 res=0 errno=0 [ 215.533283][ T6957] EXT4-fs (loop3): Remounting filesystem read-only [ 215.552394][ T6964] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 215.571387][ T6957] EXT4-fs (loop3): 1 truncate cleaned up [ 215.597333][ T6962] input: syz0 as /devices/virtual/input/input12 [ 215.632857][ T6957] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: none. [ 215.701379][ T6957] EXT4-fs warning (device loop3): dx_probe:822: inode #2: lblock 0: comm syz-executor.3: error -117 reading directory block [ 215.733344][ T6965] loop2: detected capacity change from 0 to 4096 [ 215.761582][ T6957] EXT4-fs warning (device loop3): dx_probe:822: inode #2: lblock 0: comm syz-executor.3: error -117 reading directory block [ 215.792096][ T6957] EXT4-fs warning (device loop3): dx_probe:822: inode #2: lblock 0: comm syz-executor.3: error -117 reading directory block [ 215.842928][ T6968] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 215.876104][ T6969] EXT4-fs warning (device loop3): dx_probe:822: inode #2: lblock 0: comm syz-executor.3: error -117 reading directory block [ 215.897197][ T6957] EXT4-fs warning (device loop3): dx_probe:822: inode #2: lblock 0: comm syz-executor.3: error -117 reading directory block [ 215.910782][ T6957] EXT4-fs warning (device loop3): dx_probe:822: inode #2: lblock 0: comm syz-executor.3: error -117 reading directory block [ 215.924521][ T6957] EXT4-fs warning (device loop3): dx_probe:822: inode #2: lblock 0: comm syz-executor.3: error -117 reading directory block [ 215.938019][ T6957] EXT4-fs warning (device loop3): dx_probe:822: inode #2: lblock 0: comm syz-executor.3: error -117 reading directory block [ 215.976283][ T6957] EXT4-fs warning (device loop3): dx_probe:822: inode #2: lblock 0: comm syz-executor.3: error -117 reading directory block [ 215.999784][ T6957] EXT4-fs warning (device loop3): dx_probe:822: inode #2: lblock 0: comm syz-executor.3: error -117 reading directory block [ 216.077928][ T5106] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000007. [ 216.167563][ T29] audit: type=1800 audit(1719098909.355:30): pid=6960 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="loop2" ino=18 res=0 errno=0 [ 216.247045][ T6049] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 216.896170][ T6986] loop0: detected capacity change from 0 to 2048 [ 216.975512][ T6986] UDF-fs: error (device loop0): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 216.994347][ T6988] loop2: detected capacity change from 0 to 64 [ 217.002661][ T6988] BFS-fs: bfs_fill_super(): Last block not available on loop2: 196671 [ 217.212968][ T29] audit: type=1800 audit(1719098910.385:31): pid=6989 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.0" name="file0" dev="loop0" ino=1368 res=0 errno=0 [ 217.378392][ T6989] input: syz0 as /devices/virtual/input/input13 [ 217.774218][ T6995] loop3: detected capacity change from 0 to 1024 [ 217.871497][ T6995] hfsplus: extend alloc file! (8192,512,16777719) [ 217.981540][ T6982] loop4: detected capacity change from 0 to 40427 [ 217.997796][ T5911] hfsplus: b-tree write err: -5, ino 8 [ 218.226693][ T6982] F2FS-fs (loop4): Found nat_bits in checkpoint [ 218.917540][ T5111] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0 [ 218.928288][ T5111] Bluetooth: hci1: Injecting HCI hardware error event [ 218.938118][ T53] Bluetooth: hci1: hardware error 0x00 [ 218.981601][ T6982] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 219.051191][ T7003] tipc: Failed to remove unknown binding: 66,1,1/0:3496880434/3496880436 [ 219.071310][ T7003] tipc: Failed to remove unknown binding: 66,1,1/0:3496880434/3496880436 [ 219.125718][ T7003] tipc: Failed to remove unknown binding: 66,1,1/0:3496880434/3496880436 [ 219.970850][ T7014] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'. [ 220.040131][ T6715] bio_check_eod: 26 callbacks suppressed [ 220.040152][ T6715] syz-executor.4: attempt to access beyond end of device [ 220.040152][ T6715] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 220.097576][ T6715] F2FS-fs (loop4): Stopped filesystem due to reason: 3 [ 220.104219][ T7017] loop3: detected capacity change from 0 to 2048 [ 220.189910][ T7017] UDF-fs: error (device loop3): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 220.469520][ T29] audit: type=1800 audit(1719098913.655:32): pid=7025 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.3" name="file0" dev="loop3" ino=1368 res=0 errno=0 [ 220.589697][ T7010] loop0: detected capacity change from 0 to 32768 [ 220.601346][ T7025] input: syz0 as /devices/virtual/input/input14 [ 220.651366][ T7010] Dev loop0 Sun disklabel: Csum bad, label corrupted [ 221.029915][ T7031] loop2: detected capacity change from 0 to 1764 [ 221.044460][ T7032] loop4: detected capacity change from 0 to 128 [ 221.071716][ T7032] VFS: could not find a valid V7 on loop4. [ 221.078581][ T53] Bluetooth: hci1: Opcode 0x0c03 failed: -110 [ 222.433122][ T7032] loop4: detected capacity change from 0 to 4096 [ 222.506199][ T7042] loop2: detected capacity change from 0 to 1024 [ 223.577785][ T7046] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 223.694004][ T29] audit: type=1800 audit(1719098916.875:33): pid=7032 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.4" name="bus" dev="loop4" ino=18 res=0 errno=0 [ 223.741276][ T5912] hfsplus: b-tree write err: -5, ino 8 [ 223.757239][ T29] audit: type=1326 audit(1719098916.935:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7047 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f99a3c7d0a9 code=0x0 [ 223.820892][ T29] audit: type=1804 audit(1719098916.985:35): pid=7032 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir582303234/syzkaller.HgFz2e/4/file0/bus" dev="loop4" ino=18 res=1 errno=0 [ 223.873318][ T7055] tipc: Failed to remove unknown binding: 66,1,1/0:1052531599/1052531601 [ 223.903901][ T7055] tipc: Failed to remove unknown binding: 66,1,1/0:1052531599/1052531601 [ 223.914187][ T7055] tipc: Failed to remove unknown binding: 66,1,1/0:1052531599/1052531601 [ 224.092640][ T7057] tipc: Failed to remove unknown binding: 66,1,1/0:1244149643/1244149645 [ 224.145081][ T7057] tipc: Failed to remove unknown binding: 66,1,1/0:1244149643/1244149645 [ 224.158326][ T7057] tipc: Failed to remove unknown binding: 66,1,1/0:1244149643/1244149645 [ 224.551176][ T7072] loop0: detected capacity change from 0 to 2048 [ 224.639747][ T7072] UDF-fs: error (device loop0): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 224.802169][ T7074] loop4: detected capacity change from 0 to 40427 [ 224.806370][ T29] audit: type=1326 audit(1719098917.985:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7075 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f06d8e7d0a9 code=0x0 [ 224.840253][ T7074] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 224.848309][ T7074] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 224.930746][ T7074] F2FS-fs (loop4): Found nat_bits in checkpoint [ 224.963585][ T7074] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 224.970843][ T7074] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 225.014231][ T7081] loop3: detected capacity change from 0 to 128 [ 225.075701][ T29] audit: type=1800 audit(1719098918.255:37): pid=7083 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.0" name="file0" dev="loop0" ino=1368 res=0 errno=0 [ 225.077409][ T7081] VFS: could not find a valid V7 on loop3. [ 225.265684][ T7083] input: syz0 as /devices/virtual/input/input15 [ 225.383193][ T7081] loop3: detected capacity change from 0 to 4096 [ 225.489294][ T7089] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 225.526838][ T29] audit: type=1800 audit(1719098918.705:38): pid=7081 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="loop3" ino=18 res=0 errno=0 [ 225.580062][ T29] audit: type=1804 audit(1719098918.735:39): pid=7081 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir3779584832/syzkaller.iMxUlF/97/file0/bus" dev="loop3" ino=18 res=1 errno=0 [ 225.726546][ T7092] tipc: Failed to remove unknown binding: 66,1,1/0:4281342730/4281342732 [ 225.765367][ T7092] tipc: Failed to remove unknown binding: 66,1,1/0:4281342730/4281342732 [ 225.776366][ T7092] tipc: Failed to remove unknown binding: 66,1,1/0:4281342730/4281342732 [ 225.841876][ T7094] loop4: detected capacity change from 0 to 1024 [ 225.944447][ T7094] hfsplus: extend alloc file! (8192,512,16777719) [ 225.966416][ T7101] loop3: detected capacity change from 0 to 2048 [ 226.036017][ T7101] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 226.070714][ T5924] hfsplus: b-tree write err: -5, ino 8 [ 226.151403][ T29] audit: type=1804 audit(1719098919.315:40): pid=7101 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir3779584832/syzkaller.iMxUlF/98/file0/bus" dev="loop3" ino=18 res=1 errno=0 [ 226.188971][ T7110] loop0: detected capacity change from 0 to 128 [ 226.258865][ T5106] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 226.437544][ T53] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0 [ 226.448844][ T53] Bluetooth: hci4: Injecting HCI hardware error event [ 226.459951][ T5111] Bluetooth: hci4: hardware error 0x00 [ 226.657277][ T7110] netlink: 'syz-executor.0': attribute type 1 has an invalid length. [ 226.666628][ T7121] syz-executor.4 uses obsolete (PF_INET,SOCK_PACKET) [ 226.693149][ T7110] netlink: 224 bytes leftover after parsing attributes in process `syz-executor.0'. [ 226.714954][ T29] audit: type=1326 audit(1719098919.895:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7118 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f99a3c7d0a9 code=0x0 [ 226.743553][ T7100] loop2: detected capacity change from 0 to 32768 [ 226.774234][ T7110] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'. [ 226.783934][ T7100] bcachefs (/dev/loop2): error reading default superblock: Not a bcachefs superblock (got magic c68573f6-4e1a-4502-8265-f57f48ba6d81) [ 226.805857][ T7117] loop1: detected capacity change from 0 to 40427 [ 226.817930][ T7117] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12 [ 226.825706][ T7117] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 226.854694][ T7117] F2FS-fs (loop1): Found nat_bits in checkpoint [ 226.916016][ T7117] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 226.923392][ T7117] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 227.108651][ T7100] bcachefs (loop2): mounting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=lz4,nojournal_transaction_names [ 227.149253][ T7100] bcachefs (loop2): recovering from clean shutdown, journal seq 13 [ 227.204442][ T7100] bcachefs (loop2): alloc_read... done [ 227.212607][ T7100] bcachefs (loop2): stripes_read... done [ 227.221480][ T7100] bcachefs (loop2): snapshots_read... done [ 227.235546][ T7140] loop4: detected capacity change from 0 to 128 [ 227.247517][ T7100] bcachefs (loop2): journal_replay... done [ 227.256991][ T7100] bcachefs (loop2): resume_logged_ops... done [ 227.270090][ T7100] bcachefs (loop2): going read-write [ 227.282731][ T7140] VFS: could not find a valid V7 on loop4. [ 227.289568][ T7100] bcachefs (loop2): done starting filesystem [ 227.554994][ T7140] loop4: detected capacity change from 0 to 4096 [ 227.653893][ T7145] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 227.704871][ T7144] loop3: detected capacity change from 0 to 2048 [ 227.755386][ T29] audit: type=1800 audit(1719098920.935:42): pid=7140 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.4" name="bus" dev="loop4" ino=18 res=0 errno=0 [ 227.838403][ T7144] loop3: p1 < > p4 [ 227.848900][ T7144] loop3: p4 size 8388608 extends beyond EOD, truncated [ 228.026904][ T5109] bcachefs (loop2): shutting down [ 228.036721][ T5109] bcachefs (loop2): going read-only [ 228.045038][ T5109] bcachefs (loop2): finished waiting for writes to stop [ 228.067628][ T7144] loop3: detected capacity change from 0 to 1024 [ 228.076135][ T5109] bcachefs (loop2): flushing journal and stopping allocators, journal seq 15 [ 228.153941][ T5109] bcachefs (loop2): flushing journal and stopping allocators complete, journal seq 17 [ 228.279646][ T5109] bcachefs (loop2): shutdown complete, journal seq 18 [ 228.288525][ T5109] bcachefs (loop2): marking filesystem clean [ 228.325575][ T5109] bcachefs (loop2): shutdown complete [ 228.517610][ T5111] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 228.983639][ T7156] loop4: detected capacity change from 0 to 1024 [ 229.165883][ T7156] hfsplus: extend alloc file! (8192,512,16777719) [ 229.341552][ T7148] loop1: detected capacity change from 0 to 32768 [ 229.345133][ T5911] hfsplus: b-tree write err: -5, ino 8 [ 229.446253][ T7148] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop1 (7:1) scanned by syz-executor.1 (7148) [ 229.563267][ T7148] BTRFS info (device loop1): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 229.588817][ T7148] BTRFS info (device loop1): using xxhash64 (xxhash64-generic) checksum algorithm [ 229.627377][ T7148] BTRFS info (device loop1): disk space caching is enabled [ 229.807332][ T5111] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0 [ 229.819422][ T5111] Bluetooth: hci0: Injecting HCI hardware error event [ 229.830227][ T5111] Bluetooth: hci0: hardware error 0x00 [ 229.877690][ T7169] loop3: detected capacity change from 0 to 40427 [ 229.885537][ T7169] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 229.893404][ T7169] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 230.041202][ T7169] F2FS-fs (loop3): Found nat_bits in checkpoint [ 230.567732][ T7183] loop4: detected capacity change from 0 to 32768 [ 230.635454][ T7169] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 230.642687][ T7169] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 230.744002][ T7148] workqueue: Failed to create a rescuer kthread for wq "btrfs-compressed-write": -EINTR [ 230.747809][ T7148] workqueue: Failed to create a rescuer kthread for wq "btrfs-freespace-write": -EINTR [ 231.478065][ T7148] workqueue: Failed to create a rescuer kthread for wq "btrfs-delayed-meta": -EINTR [ 231.527751][ T7148] workqueue: Failed to create a rescuer kthread for wq "btrfs-qgroup-rescan": -EINTR [ 231.616350][ T7148] BTRFS error (device loop1): open_ctree failed [ 231.976116][ T7193] tipc: Failed to remove unknown binding: 66,1,1/0:635142036/635142038 [ 232.018713][ T7193] tipc: Failed to remove unknown binding: 66,1,1/0:635142036/635142038 [ 232.027028][ T7193] tipc: Failed to remove unknown binding: 66,1,1/0:635142036/635142038 [ 232.203668][ T29] kauditd_printk_skb: 29 callbacks suppressed [ 232.203687][ T29] audit: type=1326 audit(1719098925.385:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7194 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa66e47d0a9 code=0x0 [ 233.317608][ T5111] Bluetooth: hci0: Opcode 0x0c03 failed: -110 [ 233.436847][ T7219] loop0: detected capacity change from 0 to 2048 [ 234.271921][ T7219] iocharset iso885t not found [ 235.527519][ T7237] loop3: detected capacity change from 0 to 40427 [ 236.534958][ T7233] sched: RT throttling activated [ 236.560551][ T7237] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 236.570390][ T7237] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 236.714281][ T7237] F2FS-fs (loop3): invalid crc value [ 236.726244][ T7237] F2FS-fs (loop3): Found nat_bits in checkpoint [ 236.769205][ T7237] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 236.777783][ T7237] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 237.117632][ T7247] tipc: Failed to remove unknown binding: 66,1,1/0:489285310/489285312 [ 237.148888][ T7247] tipc: Failed to remove unknown binding: 66,1,1/0:489285310/489285312 [ 237.177399][ T7247] tipc: Failed to remove unknown binding: 66,1,1/0:489285310/489285312 [ 238.776467][ T7243] loop4: detected capacity change from 0 to 40427 [ 238.856760][ T7251] loop0: detected capacity change from 0 to 32768 [ 238.890663][ T7251] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop0 (7:0) scanned by syz-executor.0 (7251) [ 238.898666][ T7272] fuse: Bad value for 'fd' [ 238.921449][ T7243] F2FS-fs (loop4): Found nat_bits in checkpoint [ 238.929146][ T29] audit: type=1326 audit(1719098932.125:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7270 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f99a3c7d0a9 code=0x0 [ 238.961680][ T7251] BTRFS info (device loop0): first mount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0 [ 238.976810][ T7251] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm [ 238.988350][ T7251] BTRFS info (device loop0): using free-space-tree [ 238.993587][ T7267] loop1: detected capacity change from 0 to 4096 [ 239.021936][ T7243] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 239.058665][ T7278] 9pnet_fd: Insufficient options for proto=fd [ 239.262239][ T29] audit: type=1804 audit(1719098932.405:74): pid=7251 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir2944680864/syzkaller.o0XgXK/52/file0/file1" dev="loop0" ino=260 res=1 errno=0 [ 239.909370][ T6049] BTRFS info (device loop0): last unmount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0 [ 240.093485][ T6715] syz-executor.4: attempt to access beyond end of device [ 240.093485][ T6715] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 240.127431][ T7297] loop2: detected capacity change from 0 to 1764 [ 240.142354][ T7297] iso9660: Unknown parameter 'Rőʰ˿ 45[eWmw@TFAnT% %+gP;*D$^t?FÕ2Wk|' [ 240.152067][ T6715] F2FS-fs (loop4): Stopped filesystem due to reason: 3 [ 240.214574][ T6676] ntfs3: loop1: failed to convert name for inode 1e. [ 240.268424][ T6676] ntfs3: loop1: failed to convert name for inode 1e. [ 240.892160][ T5923] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 241.454321][ T7311] loop2: detected capacity change from 0 to 512 [ 241.830804][ T7311] EXT4-fs warning (device loop2): dx_probe:877: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 242.564351][ T7311] EXT4-fs warning (device loop2): dx_probe:880: Enable large directory feature to access it [ 242.576747][ T7311] EXT4-fs warning (device loop2): dx_probe:965: inode #2: comm syz-executor.2: Corrupt directory, running e2fsck is recommended [ 242.579888][ T5923] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 242.718215][ T7311] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -2 [ 242.743140][ T7311] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2234: inode #15: comm syz-executor.2: corrupted in-inode xattr: invalid ea_ino [ 242.774975][ T5923] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 242.786390][ T7311] EXT4-fs (loop2): Remounting filesystem read-only [ 242.812017][ T7311] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 242.972144][ T5923] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 243.004011][ T7332] loop4: detected capacity change from 0 to 2048 [ 243.095724][ T7332] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 244.038694][ T53] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 244.052988][ T53] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 244.063947][ T53] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 244.072709][ T53] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 244.082302][ T53] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 244.094444][ T53] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 244.138279][ T5923] bridge_slave_1: left allmulticast mode [ 244.167234][ T5923] bridge_slave_1: left promiscuous mode [ 244.203344][ T5923] bridge0: port 2(bridge_slave_1) entered disabled state [ 244.212867][ T5109] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 244.230517][ T6715] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 244.264853][ T5923] bridge_slave_0: left allmulticast mode [ 244.270728][ T5923] bridge_slave_0: left promiscuous mode [ 244.288025][ T5923] bridge0: port 1(bridge_slave_0) entered disabled state [ 244.621651][ T7335] loop3: detected capacity change from 0 to 1024 [ 244.853124][ T7336] loop0: detected capacity change from 0 to 40427 [ 244.896035][ T7336] F2FS-fs (loop0): Found nat_bits in checkpoint [ 245.051616][ T7336] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 245.923666][ T51] hfsplus: b-tree write err: -5, ino 4 [ 245.933924][ T6049] syz-executor.0: attempt to access beyond end of device [ 245.933924][ T6049] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 245.948808][ T6049] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 246.117529][ T53] Bluetooth: hci2: command tx timeout [ 246.208072][ T5923] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 246.253603][ T5923] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 246.273276][ T5923] bond0 (unregistering): Released all slaves [ 246.319273][ T7348] wlan1 speed is unknown, defaulting to 1000 [ 246.335672][ T7348] wlan1 speed is unknown, defaulting to 1000 [ 246.466628][ T7348] wlan1 speed is unknown, defaulting to 1000 [ 246.534285][ T7348] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 246.601171][ T7348] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98 [ 247.460381][ T29] audit: type=1326 audit(1719098939.945:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7362 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30e187d0a9 code=0x7ffc0000 [ 247.540086][ T29] audit: type=1326 audit(1719098939.945:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7362 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f30e187d0a9 code=0x7ffc0000 [ 247.561954][ C1] vkms_vblank_simulate: vblank timer overrun [ 247.615411][ T7348] wlan1 speed is unknown, defaulting to 1000 [ 247.672124][ T29] audit: type=1326 audit(1719098939.945:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7362 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30e187d0a9 code=0x7ffc0000 [ 247.719605][ T29] audit: type=1326 audit(1719098939.945:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7362 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=208 compat=0 ip=0x7f30e187d0a9 code=0x7ffc0000 [ 247.741546][ C1] vkms_vblank_simulate: vblank timer overrun [ 247.753027][ T7348] wlan1 speed is unknown, defaulting to 1000 [ 247.760862][ T7348] wlan1 speed is unknown, defaulting to 1000 [ 247.810510][ T29] audit: type=1326 audit(1719098939.945:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7362 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30e187d0a9 code=0x7ffc0000 [ 247.822725][ T7348] wlan1 speed is unknown, defaulting to 1000 [ 247.891048][ T29] audit: type=1326 audit(1719098939.945:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7362 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=206 compat=0 ip=0x7f30e187d0a9 code=0x7ffc0000 [ 247.893940][ T7348] wlan1 speed is unknown, defaulting to 1000 [ 247.913085][ C1] vkms_vblank_simulate: vblank timer overrun [ 247.958721][ T7348] wlan1 speed is unknown, defaulting to 1000 [ 247.970092][ T29] audit: type=1326 audit(1719098939.965:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7362 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30e187d0a9 code=0x7ffc0000 [ 247.991299][ T7348] wlan1 speed is unknown, defaulting to 1000 [ 247.992308][ C1] vkms_vblank_simulate: vblank timer overrun [ 248.007518][ T7342] chnl_net:caif_netlink_parms(): no params data found [ 248.025586][ T29] audit: type=1326 audit(1719098939.965:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7362 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f30e187d0a9 code=0x7ffc0000 [ 248.054835][ T29] audit: type=1326 audit(1719098939.965:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7362 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30e187d0a9 code=0x7ffc0000 [ 248.076794][ C1] vkms_vblank_simulate: vblank timer overrun [ 248.154491][ T29] audit: type=1326 audit(1719098939.965:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7362 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f30e187d0a9 code=0x7ffc0000 [ 248.176339][ C1] vkms_vblank_simulate: vblank timer overrun [ 248.217216][ T53] Bluetooth: hci2: command tx timeout [ 248.320772][ T5923] hsr_slave_0: left promiscuous mode [ 248.326982][ T5923] hsr_slave_1: left promiscuous mode [ 248.334788][ T5923] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 248.388419][ T5923] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 248.462464][ T5923] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 248.479768][ T5923] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 248.565549][ T5923] veth1_macvtap: left promiscuous mode [ 248.584417][ T5923] veth0_macvtap: left promiscuous mode [ 248.589481][ T7385] loop4: detected capacity change from 0 to 1764 [ 248.602095][ T5923] veth1_vlan: left promiscuous mode [ 248.622283][ T5923] veth0_vlan: left promiscuous mode [ 248.655576][ T7385] iso9660: Unknown parameter 'Rőʰ˿ 45[eWmw@TFAnT% %+gP;*D$^t?FÕ2Wk|' [ 248.893888][ T7378] loop3: detected capacity change from 0 to 32768 [ 249.158507][ T7378] bcachefs (loop3): mounting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=xxhash,compression=zstd,nojournal_transaction_names [ 249.177471][ T7378] bcachefs (loop3): recovering from clean shutdown, journal seq 10 [ 249.268889][ T7401] loop4: detected capacity change from 0 to 512 [ 249.324881][ T7378] bcachefs (loop3): alloc_read... done [ 249.336765][ T7401] EXT4-fs warning (device loop4): dx_probe:877: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 249.356353][ T7378] bcachefs (loop3): stripes_read... done [ 249.386417][ T7378] bcachefs (loop3): snapshots_read... done [ 249.438148][ T7378] bcachefs (loop3): journal_replay... done [ 249.444102][ T7378] bcachefs (loop3): resume_logged_ops... done [ 249.453494][ T7401] EXT4-fs warning (device loop4): dx_probe:880: Enable large directory feature to access it [ 249.513524][ T7378] bcachefs (loop3): going read-write [ 249.522162][ T7401] EXT4-fs warning (device loop4): dx_probe:965: inode #2: comm syz-executor.4: Corrupt directory, running e2fsck is recommended [ 249.537464][ T7378] bcachefs (loop3): done starting filesystem [ 249.736816][ T5106] bcachefs (loop3): shutting down [ 249.753310][ T5106] bcachefs (loop3): going read-only [ 249.763297][ T7401] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -2 [ 249.768641][ T5106] bcachefs (loop3): finished waiting for writes to stop [ 249.796352][ T5106] bcachefs (loop3): flushing journal and stopping allocators, journal seq 12 [ 249.806494][ T7401] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2234: inode #15: comm syz-executor.4: corrupted in-inode xattr: invalid ea_ino [ 249.840868][ T5106] bcachefs (loop3): flushing journal and stopping allocators complete, journal seq 13 [ 249.896623][ T5106] bcachefs (loop3): shutdown complete, journal seq 14 [ 249.929605][ T5106] bcachefs (loop3): marking filesystem clean [ 250.006307][ T7401] EXT4-fs (loop4): Remounting filesystem read-only [ 250.014340][ T5106] bcachefs (loop3): shutdown complete [ 250.038835][ T7401] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 250.287297][ T5111] Bluetooth: hci2: command tx timeout [ 250.508751][ T5923] team0 (unregistering): Port device team_slave_1 removed [ 250.676052][ T5923] team0 (unregistering): Port device team_slave_0 removed [ 250.944944][ T6715] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 250.990853][ T7408] kvm: kvm [7407]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0xc0010000) = 0x1000400000000 [ 252.116874][ T7342] bridge0: port 1(bridge_slave_0) entered blocking state [ 252.124520][ T7342] bridge0: port 1(bridge_slave_0) entered disabled state [ 252.147263][ T7342] bridge_slave_0: entered allmulticast mode [ 252.155481][ T7342] bridge_slave_0: entered promiscuous mode [ 252.173941][ T7440] kvm: kvm [7439]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0xc0010000) = 0x1000400000000 [ 252.185519][ T7342] bridge0: port 2(bridge_slave_1) entered blocking state [ 252.207339][ T7342] bridge0: port 2(bridge_slave_1) entered disabled state [ 252.214665][ T7342] bridge_slave_1: entered allmulticast mode [ 252.240688][ T7342] bridge_slave_1: entered promiscuous mode [ 252.344974][ T7342] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 252.361385][ T5111] Bluetooth: hci2: command tx timeout [ 252.364551][ T7342] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 252.417855][ T7455] overlayfs: overlapping lowerdir path [ 252.563170][ T7342] team0: Port device team_slave_0 added [ 252.610256][ T7342] team0: Port device team_slave_1 added [ 252.715102][ T7342] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 252.737854][ T7342] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 252.791277][ T7342] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 252.824162][ T7342] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 252.849112][ T7342] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 252.893559][ T7342] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 253.061700][ T7342] hsr_slave_0: entered promiscuous mode [ 253.081443][ T7342] hsr_slave_1: entered promiscuous mode [ 253.107621][ T7342] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 253.128971][ T7342] Cannot create hsr debugfs directory [ 253.813245][ T7500] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'. [ 253.836577][ T7500] tipc: Started in network mode [ 253.847008][ T7500] tipc: Node identity fe80000000000000000000000000001, cluster identity 4711 [ 253.890088][ T7500] tipc: Enabling of bearer rejected, failed to enable media [ 253.919955][ T7502] netlink: 'syz-executor.0': attribute type 1 has an invalid length. [ 253.939836][ T7502] netlink: 112865 bytes leftover after parsing attributes in process `syz-executor.0'. [ 255.034426][ T7342] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 255.090275][ T7342] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 255.130328][ T7342] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 255.139072][ T7520] loop2: detected capacity change from 0 to 16 [ 255.161780][ T7522] loop0: detected capacity change from 0 to 128 [ 255.182022][ T7342] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 255.192482][ T7522] FAT-fs (loop0): Directory bread(block 11554) failed [ 255.207287][ T7522] FAT-fs (loop0): Directory bread(block 11555) failed [ 255.217803][ T7520] erofs: (device loop2): erofs_read_inode: unsupported i_format 16 of nid 36 [ 255.243689][ T7522] FAT-fs (loop0): Directory bread(block 11556) failed [ 255.267299][ T7522] FAT-fs (loop0): Directory bread(block 11557) failed [ 255.274298][ T7522] FAT-fs (loop0): Directory bread(block 11558) failed [ 255.295983][ T7522] FAT-fs (loop0): Directory bread(block 11559) failed [ 255.320743][ T7522] FAT-fs (loop0): Directory bread(block 11560) failed [ 255.357615][ T7522] FAT-fs (loop0): Directory bread(block 11561) failed [ 255.364797][ T7522] FAT-fs (loop0): Directory bread(block 11562) failed [ 255.425937][ T7522] FAT-fs (loop0): Directory bread(block 11563) failed [ 255.454462][ T7528] loop4: detected capacity change from 0 to 256 [ 255.466727][ T7342] 8021q: adding VLAN 0 to HW filter on device bond0 [ 255.510459][ T7342] 8021q: adding VLAN 0 to HW filter on device team0 [ 255.561535][ T7528] MINIX-fs: mounting file system with errors, running fsck is recommended [ 255.562111][ T5201] bridge0: port 1(bridge_slave_0) entered blocking state [ 255.577757][ T5201] bridge0: port 1(bridge_slave_0) entered forwarding state [ 255.654496][ T5201] bridge0: port 2(bridge_slave_1) entered blocking state [ 255.661816][ T5201] bridge0: port 2(bridge_slave_1) entered forwarding state [ 256.019369][ T7516] loop3: detected capacity change from 0 to 40427 [ 256.046699][ T1249] ieee802154 phy0 wpan0: encryption failed: -22 [ 256.053303][ T1249] ieee802154 phy1 wpan1: encryption failed: -22 [ 256.097488][ T783] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 256.110401][ T7342] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 256.132470][ T7516] F2FS-fs (loop3): Found nat_bits in checkpoint [ 256.143330][ T7526] loop2: detected capacity change from 0 to 32768 [ 256.238480][ T7342] veth0_vlan: entered promiscuous mode [ 256.257412][ T7516] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 256.291267][ T7342] veth1_vlan: entered promiscuous mode [ 256.323483][ T5106] syz-executor.3: attempt to access beyond end of device [ 256.323483][ T5106] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 256.326611][ T7552] loop4: detected capacity change from 0 to 256 [ 256.347387][ T783] usb 1-1: config 0 has an invalid interface number: 236 but max is 0 [ 256.350674][ T7526] bcachefs (loop2): mounting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,nojournal_transaction_names [ 256.355567][ T783] usb 1-1: config 0 has no interface number 0 [ 256.379809][ T783] usb 1-1: config 0 interface 236 altsetting 0 endpoint 0x4 has invalid wMaxPacketSize 0 [ 256.394849][ T5106] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 256.403044][ T7342] veth0_macvtap: entered promiscuous mode [ 256.410131][ T7526] invalid journal entry, version=1.7: mi_btree_bitmap type=overwrite in superblock: [ 256.410185][ T7526] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 83426fcb67886cbe written 16 min_key POS_MIN durability: 1 ptr: 0:27:0 gen 0 [ 256.410199][ T7526] size == 0, shutting down [ 256.461722][ T783] usb 1-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=38.a5 [ 256.461755][ T783] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 256.461775][ T783] usb 1-1: Product: syz [ 256.461789][ T783] usb 1-1: Manufacturer: syz [ 256.461803][ T783] usb 1-1: SerialNumber: syz [ 256.464128][ T783] usb 1-1: config 0 descriptor?? [ 256.481437][ T7342] veth1_macvtap: entered promiscuous mode [ 256.509830][ T7342] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 256.509859][ T7342] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 256.509871][ T7342] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 256.509884][ T7342] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 256.509895][ T7342] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 256.509909][ T7342] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 256.509923][ T7342] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 256.509937][ T7342] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 256.509949][ T7342] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 256.509963][ T7342] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 256.530993][ T7342] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 256.544665][ T7342] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 256.558535][ T7526] bcachefs (loop2): inconsistency detected - emergency read only at journal seq 0 [ 256.566948][ T7342] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 256.571334][ T7526] bcachefs (loop2): recovering from clean shutdown, journal seq 10 [ 256.760028][ T930] usb 1-1: USB disconnect, device number 5 [ 256.769077][ T7342] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 256.784782][ T7342] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 256.811836][ T7342] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 256.831775][ T7342] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 256.852345][ T7342] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 256.866968][ T7342] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 256.887728][ T7342] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 256.906769][ T7342] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 256.935853][ T7342] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 256.951411][ T7526] bcachefs (loop2): alloc_read... done [ 256.980263][ T7526] bcachefs (loop2): stripes_read... done [ 256.986001][ T7526] bcachefs (loop2): snapshots_read... done [ 256.995528][ T7342] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 257.017403][ T7342] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 257.028665][ T7526] bcachefs (loop2): journal_replay... done [ 257.034626][ T7342] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 257.043733][ T7526] bcachefs (loop2): resume_logged_ops... done [ 257.054550][ T7342] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 257.065590][ T7526] bcachefs (loop2): scanning for old btree nodes: min_version 0.24: unwritten_extents [ 257.128147][ T7526] bcachefs (loop2): going read-write [ 257.169684][ T7526] bcachefs (loop2): bch2_btree_update_start(): error EIO [ 257.220693][ T7526] bcachefs (loop2): bch2_btree_update_start(): error EIO [ 257.244221][ T7526] bcachefs (loop2): bch2_btree_update_start(): error EIO [ 257.275238][ T7526] bcachefs (loop2): bch2_btree_update_start(): error EIO [ 257.305822][ T7526] bcachefs (loop2): bch2_btree_update_start(): error EIO [ 257.317476][ T7526] bcachefs (loop2): bch2_btree_update_start(): error EIO [ 257.330417][ T5912] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 257.346412][ T7526] bcachefs (loop2): bch2_btree_update_start(): error EIO [ 257.363882][ T7526] bcachefs (loop2): bch2_btree_update_start(): error EIO [ 257.380050][ T5912] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 257.426605][ T7526] bcachefs (loop2): bch2_btree_update_start(): error EIO [ 257.436260][ T7526] bcachefs (loop2): bch2_btree_update_start(): error EIO [ 257.444249][ T7526] bcachefs (loop2): bch2_move_btree(): error EIO [ 257.451116][ T7526] bcachefs (loop2): bch2_scan_old_btree_nodes(): error EIO [ 257.469445][ T7526] bcachefs (loop2): bch2_fs_recovery(): error EIO [ 257.481621][ T7526] bcachefs (loop2): bch2_fs_start(): error starting filesystem EIO [ 257.489836][ T783] bcachefs (loop2): going read-only [ 257.495508][ T783] bcachefs (loop2): finished waiting for writes to stop [ 257.509267][ T7526] bcachefs (loop2): shutting down [ 257.518885][ T5911] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 257.523347][ T7563] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'. [ 257.526706][ T5911] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 257.557769][ T783] bcachefs (loop2): flushing journal and stopping allocators, journal seq 10 [ 257.571102][ T783] bcachefs (loop2): flushing journal and stopping allocators complete, journal seq 10 [ 257.598658][ T783] bcachefs (loop2): unshutdown complete, journal seq 10 [ 257.634912][ T783] bcachefs (loop2): done going read-only, filesystem not clean [ 257.684371][ T7526] bcachefs (loop2): shutdown complete [ 257.824702][ T7569] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'. [ 257.850663][ T7570] loop1: detected capacity change from 0 to 512 [ 257.913792][ T7569] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'. [ 257.946829][ T7570] EXT4-fs warning (device loop1): dx_probe:877: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 257.978889][ T7570] EXT4-fs warning (device loop1): dx_probe:880: Enable large directory feature to access it [ 258.067520][ T7570] EXT4-fs warning (device loop1): dx_probe:965: inode #2: comm syz-executor.1: Corrupt directory, running e2fsck is recommended [ 258.240448][ T7570] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -2 [ 258.311993][ T7570] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2234: inode #15: comm syz-executor.1: corrupted in-inode xattr: invalid ea_ino [ 258.343076][ T7570] EXT4-fs (loop1): Remounting filesystem read-only [ 258.385885][ T7577] loop3: detected capacity change from 0 to 512 [ 258.434603][ T7570] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 258.455675][ T7577] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 258.509762][ T7577] EXT4-fs (loop3): warning: mounting unchecked fs, running e2fsck is recommended [ 258.653964][ T7577] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006] [ 258.662379][ T7577] System zones: 0-2, 18-18, 34-35 [ 258.739188][ T7580] EXT4-fs warning (device loop1): dx_probe:877: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 258.750981][ T7580] EXT4-fs warning (device loop1): dx_probe:880: Enable large directory feature to access it [ 258.761232][ T7580] EXT4-fs warning (device loop1): dx_probe:965: inode #2: comm syz-executor.1: Corrupt directory, running e2fsck is recommended [ 258.926343][ T7580] EXT4-fs warning (device loop1): dx_probe:877: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 258.938023][ T7580] EXT4-fs warning (device loop1): dx_probe:880: Enable large directory feature to access it [ 258.948291][ T7580] EXT4-fs warning (device loop1): dx_probe:965: inode #2: comm syz-executor.1: Corrupt directory, running e2fsck is recommended [ 259.123921][ T7580] EXT4-fs warning (device loop1): dx_probe:877: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 259.135666][ T7580] EXT4-fs warning (device loop1): dx_probe:880: Enable large directory feature to access it [ 259.145889][ T7580] EXT4-fs warning (device loop1): dx_probe:965: inode #2: comm syz-executor.1: Corrupt directory, running e2fsck is recommended [ 259.593835][ T7577] EXT4-fs (loop3): mounted filesystem 00000000-0700-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 259.611760][ T7342] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 259.708531][ T5106] EXT4-fs (loop3): unmounting filesystem 00000000-0700-0000-0000-000000000000. [ 259.812470][ T7586] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'. [ 260.047362][ T6312] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 260.247525][ T6312] usb 2-1: Using ep0 maxpacket: 8 [ 260.261335][ T6312] usb 2-1: config index 0 descriptor too short (expected 301, got 45) [ 260.282374][ T6312] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 260.307402][ T6312] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 260.323964][ T6312] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 260.345247][ T6312] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 260.365437][ T6312] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 260.374878][ T6312] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 260.384512][ T7598] loop4: detected capacity change from 0 to 8192 [ 260.435524][ T7598] REISERFS warning (device loop4): super-6506 reiserfs_getopt: bad value "noborder-barrier=flush" for option "block-allocator" [ 260.435524][ T7598] [ 260.478374][ T7588] loop3: detected capacity change from 0 to 32768 [ 260.507283][ T7588] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz-executor.3 (7588) [ 260.569481][ T7588] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 260.592052][ T7588] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm [ 260.607458][ T6312] usb 2-1: usb_control_msg returned -32 [ 260.627566][ T6312] usbtmc 2-1:16.0: can't read capabilities [ 260.627933][ T7588] BTRFS info (device loop3): using free-space-tree [ 260.645983][ T7601] loop0: detected capacity change from 0 to 2048 [ 260.667478][ T7601] NILFS (loop0): invalid segment: Checksum error in segment payload [ 260.676392][ T7601] NILFS (loop0): trying rollback from an earlier position [ 260.703411][ T7601] NILFS (loop0): recovery complete [ 260.717378][ T7609] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 260.758678][ T29] kauditd_printk_skb: 18 callbacks suppressed [ 260.758700][ T29] audit: type=1804 audit(1719098953.935:103): pid=7601 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir2944680864/syzkaller.o0XgXK/73/file0/file1" dev="loop0" ino=12 res=1 errno=0 [ 260.872599][ T7594] loop2: detected capacity change from 0 to 40427 [ 260.902689][ T7594] F2FS-fs (loop2): Found nat_bits in checkpoint [ 260.989430][ T7631] netlink: 576 bytes leftover after parsing attributes in process `syz-executor.4'. [ 261.054411][ T7594] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 261.125124][ T5106] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 261.210688][ T5109] syz-executor.2: attempt to access beyond end of device [ 261.210688][ T5109] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 261.233660][ T5109] F2FS-fs (loop2): Stopped filesystem due to reason: 3 [ 261.654014][ T7642] syzkaller1: entered promiscuous mode [ 261.667350][ T7642] syzkaller1: entered allmulticast mode [ 262.610622][ T7683] loop4: detected capacity change from 0 to 512 [ 262.625404][ T7683] EXT4-fs warning (device loop4): dx_probe:877: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 262.640650][ T7683] EXT4-fs warning (device loop4): dx_probe:880: Enable large directory feature to access it [ 262.653104][ T7683] EXT4-fs warning (device loop4): dx_probe:965: inode #2: comm syz-executor.4: Corrupt directory, running e2fsck is recommended [ 262.699950][ T7683] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -2 [ 262.709026][ T7683] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2234: inode #15: comm syz-executor.4: corrupted in-inode xattr: invalid ea_ino [ 262.723318][ T7683] EXT4-fs (loop4): Remounting filesystem read-only [ 262.734104][ T7683] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 262.978521][ T7693] EXT4-fs warning (device loop4): dx_probe:877: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 262.991495][ T7693] EXT4-fs warning (device loop4): dx_probe:880: Enable large directory feature to access it [ 263.002487][ T7693] EXT4-fs warning (device loop4): dx_probe:965: inode #2: comm syz-executor.4: Corrupt directory, running e2fsck is recommended [ 263.145766][ T7693] EXT4-fs warning (device loop4): dx_probe:877: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 263.157570][ T7693] EXT4-fs warning (device loop4): dx_probe:880: Enable large directory feature to access it [ 263.167939][ T7693] EXT4-fs warning (device loop4): dx_probe:965: inode #2: comm syz-executor.4: Corrupt directory, running e2fsck is recommended [ 263.313335][ T7693] EXT4-fs warning (device loop4): dx_probe:877: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 263.324953][ T7693] EXT4-fs warning (device loop4): dx_probe:880: Enable large directory feature to access it [ 263.335504][ T7693] EXT4-fs warning (device loop4): dx_probe:965: inode #2: comm syz-executor.4: Corrupt directory, running e2fsck is recommended [ 263.479868][ T5148] usb 2-1: USB disconnect, device number 6 [ 263.701710][ T7695] loop2: detected capacity change from 0 to 256 [ 264.023798][ T6715] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 264.073695][ T7705] loop1: detected capacity change from 0 to 64 [ 265.279269][ T7720] xt_CT: You must specify a L4 protocol and not use inversions on it [ 265.621442][ T7737] warning: `syz-executor.0' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 265.710851][ T7711] loop3: detected capacity change from 0 to 32768 [ 265.735594][ T7711] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz-executor.3 (7711) [ 265.786286][ T7711] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 265.841433][ T7746] loop0: detected capacity change from 0 to 2048 [ 265.861193][ T7718] loop2: detected capacity change from 0 to 40427 [ 265.889178][ T7746] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 1024) [ 265.907435][ T7711] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm [ 265.936826][ T7711] BTRFS info (device loop3): using free-space-tree [ 266.007655][ T7751] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 266.007972][ T7746] syz-executor.0: attempt to access beyond end of device [ 266.007972][ T7746] loop0: rw=524288, sector=33554430, nr_sectors = 2 limit=2048 [ 266.032684][ T7718] F2FS-fs (loop2): Found nat_bits in checkpoint [ 266.709474][ T7718] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 266.839190][ T29] audit: type=1800 audit(1719098960.025:104): pid=7774 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="loop3" ino=263 res=0 errno=0 [ 266.965469][ T29] audit: type=1804 audit(1719098960.055:105): pid=7774 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir3779584832/syzkaller.iMxUlF/143/file1/bus" dev="loop3" ino=263 res=1 errno=0 [ 267.898665][ T5106] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 267.951123][ T5109] syz-executor.2: attempt to access beyond end of device [ 267.951123][ T5109] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 267.977007][ T5109] F2FS-fs (loop2): Stopped filesystem due to reason: 3 [ 268.028215][ T7785] syzkaller1: entered promiscuous mode [ 268.036286][ T7785] syzkaller1: entered allmulticast mode [ 268.061444][ T7787] loop1: detected capacity change from 0 to 1024 [ 268.083058][ T7787] EXT4-fs: Ignoring removed orlov option [ 268.114239][ T7787] EXT4-fs (loop1): Test dummy encryption mode enabled [ 268.159178][ T7787] EXT4-fs (loop1): stripe (7) is not aligned with cluster size (16), stripe is disabled [ 268.272190][ T7787] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 268.407643][ T783] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 268.565482][ T7342] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 268.625099][ T783] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 268.650915][ T783] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 268.670758][ T783] usb 5-1: New USB device found, idVendor=044f, idProduct=b65d, bcdDevice= 0.00 [ 268.671257][ T7802] loop1: detected capacity change from 0 to 2048 [ 268.689594][ T7804] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 268.697387][ T25] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 268.701685][ T7802] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024) [ 268.704940][ T7804] IPv6: NLM_F_CREATE should be set when creating new route [ 268.721904][ T783] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 268.733910][ T783] usb 5-1: config 0 descriptor?? [ 268.740816][ T7805] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 268.752105][ T7802] syz-executor.1: attempt to access beyond end of device [ 268.752105][ T7802] loop1: rw=524288, sector=33554430, nr_sectors = 2 limit=2048 [ 268.892394][ T25] usb 1-1: Using ep0 maxpacket: 8 [ 268.908069][ T25] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 268.935542][ T25] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 268.948999][ T25] usb 1-1: New USB device found, idVendor=046d, idProduct=c20e, bcdDevice= 0.00 [ 268.960266][ T25] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 268.970578][ T25] usb 1-1: config 0 descriptor?? [ 269.127054][ T29] audit: type=1804 audit(1719098962.305:106): pid=7814 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir2908510980/syzkaller.PUB7wz/12/bus" dev="sda1" ino=1963 res=1 errno=0 [ 269.151534][ C0] vkms_vblank_simulate: vblank timer overrun [ 269.172079][ T783] hid-thrustmaster 0003:044F:B65D.0003: unknown main item tag 0x0 [ 269.190193][ T29] audit: type=1800 audit(1719098962.365:107): pid=7814 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="sda1" ino=1963 res=0 errno=0 [ 269.212574][ T783] hid-thrustmaster 0003:044F:B65D.0003: hidraw0: USB HID v0.00 Device [HID 044f:b65d] on usb-dummy_hcd.4-1/input0 [ 269.270173][ T783] hid-thrustmaster 0003:044F:B65D.0003: Wrong number of endpoints? [ 269.272117][ T7795] ipip0: entered promiscuous mode [ 269.367598][ C0] hid-thrustmaster 0003:044F:B65D.0003: URB to get model id failed with error -71 [ 269.370400][ T6312] usb 5-1: USB disconnect, device number 8 [ 269.474710][ T25] logitech 0003:046D:C20E.0004: rdesc size test failed for formula gp [ 269.496571][ T25] logitech 0003:046D:C20E.0004: item fetching failed at offset 8/11 [ 269.511652][ T25] logitech 0003:046D:C20E.0004: parse failed [ 269.518589][ T25] logitech 0003:046D:C20E.0004: probe with driver logitech failed with error -22 [ 269.584921][ T7821] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'. [ 269.620904][ T7821] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'. [ 269.698973][ T25] usb 1-1: USB disconnect, device number 6 [ 270.901159][ T7828] loop2: detected capacity change from 0 to 32768 [ 270.927944][ T7828] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 (7:2) scanned by syz-executor.2 (7828) [ 270.970405][ T7840] IPv6: Can't replace route, no match found [ 270.986509][ T7828] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 271.014931][ T7828] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm [ 271.037526][ T7828] BTRFS info (device loop2): using free-space-tree [ 271.114062][ T7830] loop4: detected capacity change from 0 to 40427 [ 271.141925][ T7830] F2FS-fs (loop4): Found nat_bits in checkpoint [ 271.213814][ T7832] loop0: detected capacity change from 0 to 32768 [ 271.256140][ T7832] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz-executor.0 (7832) [ 271.269580][ T7830] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 271.327615][ T7832] BTRFS info (device loop0): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 271.335013][ T29] audit: type=1800 audit(1719098964.495:108): pid=7828 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="loop2" ino=263 res=0 errno=0 [ 271.350233][ T7832] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm [ 271.379789][ T29] audit: type=1804 audit(1719098964.505:109): pid=7828 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir1044487596/syzkaller.UtoYXQ/112/file1/bus" dev="loop2" ino=263 res=1 errno=0 [ 271.431344][ T5109] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 272.317299][ T930] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 272.387739][ T7832] BTRFS info (device loop0): rebuilding free space tree [ 272.398831][ T6715] syz-executor.4: attempt to access beyond end of device [ 272.398831][ T6715] loop4: rw=2049, sector=45096, nr_sectors = 16 limit=40427 [ 272.430382][ T6715] F2FS-fs (loop4): Stopped filesystem due to reason: 3 [ 272.445910][ T6715] F2FS-fs (loop4): Stopped filesystem due to reason: 3 [ 272.537266][ T930] usb 2-1: Using ep0 maxpacket: 32 [ 272.555064][ T930] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 272.558679][ T7832] BTRFS info (device loop0): disabling free space tree [ 272.574301][ T930] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 272.579512][ T7832] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 272.605164][ T7832] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 272.629035][ T930] usb 2-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 272.669516][ T930] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 272.700732][ T930] usb 2-1: config 0 descriptor?? [ 272.712332][ T930] hub 2-1:0.0: USB hub found [ 272.735478][ T29] audit: type=1800 audit(1719098965.915:110): pid=7832 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="loop0" ino=263 res=0 errno=0 [ 272.787670][ T29] audit: type=1800 audit(1719098965.955:111): pid=7832 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="loop0" ino=263 res=0 errno=0 [ 272.928581][ T930] hub 2-1:0.0: 1 port detected [ 273.344047][ T930] usb 2-1: USB disconnect, device number 7 [ 273.466570][ T6049] BTRFS info (device loop0): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 274.001846][ T7922] netlink: 'syz-executor.0': attribute type 21 has an invalid length. [ 274.248182][ T7913] loop4: detected capacity change from 0 to 32768 [ 274.279162][ T7913] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz-executor.4 (7913) [ 274.297828][ T7913] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 274.311210][ T7913] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm [ 274.322103][ T7913] BTRFS info (device loop4): using free-space-tree [ 274.519896][ T29] audit: type=1800 audit(1719098967.705:112): pid=7961 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.4" name="bus" dev="loop4" ino=263 res=0 errno=0 [ 274.578106][ T29] audit: type=1804 audit(1719098967.705:113): pid=7961 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir582303234/syzkaller.HgFz2e/50/file1/bus" dev="loop4" ino=263 res=1 errno=0 [ 274.653635][ T7964] loop1: detected capacity change from 0 to 512 [ 274.679303][ T6715] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 274.695223][ T7964] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 274.766030][ T7964] EXT4-fs (loop1): 1 truncate cleaned up [ 274.773675][ T7964] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 274.863909][ T7970] loop3: detected capacity change from 0 to 2048 [ 274.887228][ T5148] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 274.912410][ T7970] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024) [ 274.947336][ T7964] 9pnet_fd: Insufficient options for proto=fd [ 275.031052][ T7973] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 275.031995][ T7970] syz-executor.3: attempt to access beyond end of device [ 275.031995][ T7970] loop3: rw=524288, sector=33554430, nr_sectors = 2 limit=2048 [ 275.077592][ T5148] usb 1-1: Using ep0 maxpacket: 32 [ 275.085848][ T5148] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 275.100591][ T5148] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 275.123740][ T5148] usb 1-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 275.133450][ T5148] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 275.150266][ T5148] usb 1-1: config 0 descriptor?? [ 275.169759][ T5148] hub 1-1:0.0: USB hub found [ 275.400083][ T5148] hub 1-1:0.0: 1 port detected [ 275.410834][ T7342] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 275.500835][ T7984] netlink: 268 bytes leftover after parsing attributes in process `syz-executor.2'. [ 275.632810][ T7986] loop1: detected capacity change from 0 to 2048 [ 275.642803][ T7984] : entered promiscuous mode [ 275.657676][ T7986] NILFS (loop1): invalid segment: Checksum error in segment payload [ 275.670595][ T7986] NILFS (loop1): trying rollback from an earlier position [ 275.720445][ T7986] NILFS (loop1): recovery complete [ 275.733762][ T7989] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 275.807579][ T5148] usb 1-1: USB disconnect, device number 7 [ 276.287281][ T6312] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 276.477510][ T6312] usb 2-1: Using ep0 maxpacket: 8 [ 276.503196][ T6312] usb 2-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb [ 276.536873][ T6312] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 276.576556][ T6312] usb 2-1: config 0 descriptor?? [ 276.606285][ T8022] loop3: detected capacity change from 0 to 512 [ 276.637303][ T8022] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 276.673440][ T8022] EXT4-fs (loop3): 1 truncate cleaned up [ 276.683990][ T8022] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 276.803001][ T8022] 9pnet_fd: Insufficient options for proto=fd [ 277.213323][ T6312] asix 2-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71 [ 277.274989][ T6312] asix 2-1:0.0: probe with driver asix failed with error -71 [ 277.293833][ T6312] usb 2-1: USB disconnect, device number 8 [ 277.451114][ T5106] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 277.579972][ T8053] loop4: detected capacity change from 0 to 1764 [ 277.594967][ T8053] iso9660: Unknown parameter 'Rőʰ˿ 45[eWmw@TFAnT% %+gP;*D$^t?FÕ2Wk|' [ 277.823070][ T29] audit: type=1326 audit(1719098971.005:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8056 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f99a3c7d0a9 code=0x0 [ 277.989662][ T8068] loop0: detected capacity change from 0 to 256 [ 278.035632][ T8051] loop2: detected capacity change from 0 to 32768 [ 278.780459][ T8076] loop4: detected capacity change from 0 to 512 [ 278.932333][ T8051] bcachefs (loop2): mounting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=crc64,background_compression=zstd,nojournal_transaction_names [ 278.990759][ T8051] bcachefs (loop2): recovering from clean shutdown, journal seq 8 [ 279.012418][ T8051] bcachefs (loop2): Version upgrade required: [ 279.012418][ T8051] Version upgrade from 0.24: unwritten_extents to 1.7: mi_btree_bitmap incomplete [ 279.012418][ T8051] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.7: mi_btree_bitmap [ 279.012418][ T8051] running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_subvolume_structure,check_directory_structure,check_nlinks,delete_dead_inodes,set_fs_needs_rebalance [ 279.091890][ T8076] EXT4-fs warning (device loop4): dx_probe:877: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 279.103920][ T8076] EXT4-fs warning (device loop4): dx_probe:880: Enable large directory feature to access it [ 279.130878][ T8076] EXT4-fs warning (device loop4): dx_probe:965: inode #2: comm syz-executor.4: Corrupt directory, running e2fsck is recommended [ 279.198919][ T8051] bcachefs (loop2): alloc_read... done [ 279.204889][ T8051] bcachefs (loop2): stripes_read... done [ 279.223741][ T8051] bcachefs (loop2): snapshots_read... done [ 279.242470][ T8076] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -2 [ 279.247276][ T8051] bcachefs (loop2): check_allocations... [ 279.282925][ T8051] [ 279.290989][ T8051] ====================================================== [ 279.297998][ T8051] WARNING: possible circular locking dependency detected [ 279.304997][ T8051] 6.10.0-rc4-syzkaller-00217-g35bb670d65fc #0 Not tainted [ 279.312192][ T8051] ------------------------------------------------------ [ 279.319184][ T8051] syz-executor.2/8051 is trying to acquire lock: [ 279.325483][ T8051] ffff888051300988 (&c->sb_lock){+.+.}-{3:3}, at: bch2_gc_mark_key+0xc66/0x1010 [ 279.334521][ T8051] [ 279.334521][ T8051] but task is already holding lock: [ 279.341875][ T8051] ffff888051301a58 (&c->btree_root_lock){+.+.}-{3:3}, at: bch2_check_allocations+0x2e31/0xcca0 [ 279.352206][ T8051] [ 279.352206][ T8051] which lock already depends on the new lock. [ 279.352206][ T8051] [ 279.362593][ T8051] [ 279.362593][ T8051] the existing dependency chain (in reverse order) is: [ 279.371586][ T8051] [ 279.371586][ T8051] -> #1 (&c->btree_root_lock){+.+.}-{3:3}: [ 279.379576][ T8051] lock_acquire+0x1ed/0x550 [ 279.384587][ T8051] __mutex_lock+0x136/0xd70 [ 279.389649][ T8051] bch2_btree_roots_to_journal_entries+0xbb/0x980 [ 279.396582][ T8051] bch2_fs_mark_clean+0x2cc/0x6d0 [ 279.402111][ T8051] bch2_fs_read_only+0x1101/0x1210 [ 279.407725][ T8051] __bch2_fs_stop+0x105/0x540 [ 279.412901][ T8051] generic_shutdown_super+0x136/0x2d0 [ 279.418783][ T8051] bch2_kill_sb+0x41/0x50 [ 279.423616][ T8051] deactivate_locked_super+0xc4/0x130 [ 279.429487][ T8051] cleanup_mnt+0x41f/0x4b0 [ 279.434402][ T8051] task_work_run+0x24f/0x310 [ 279.439494][ T8051] syscall_exit_to_user_mode+0x168/0x370 [ 279.445631][ T8051] do_syscall_64+0x100/0x230 [ 279.450726][ T8051] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 279.457128][ T8051] [ 279.457128][ T8051] -> #0 (&c->sb_lock){+.+.}-{3:3}: [ 279.464402][ T8051] validate_chain+0x18e0/0x5900 [ 279.469756][ T8051] __lock_acquire+0x1346/0x1fd0 [ 279.475115][ T8051] lock_acquire+0x1ed/0x550 [ 279.480157][ T8051] __mutex_lock+0x136/0xd70 [ 279.485159][ T8051] bch2_gc_mark_key+0xc66/0x1010 [ 279.490599][ T8051] bch2_check_allocations+0x3e06/0xcca0 [ 279.496659][ T8051] bch2_run_recovery_pass+0xf0/0x1e0 [ 279.502449][ T8051] bch2_run_recovery_passes+0x19e/0x820 [ 279.508493][ T8051] bch2_fs_recovery+0x2370/0x3720 [ 279.514027][ T8051] bch2_fs_start+0x356/0x5b0 [ 279.519117][ T8051] bch2_fs_open+0xa8d/0xdf0 [ 279.524121][ T8051] bch2_mount+0x6b0/0x13a0 [ 279.529041][ T8051] legacy_get_tree+0xee/0x190 [ 279.534215][ T8051] vfs_get_tree+0x90/0x2a0 [ 279.539155][ T8051] do_new_mount+0x2be/0xb40 [ 279.544158][ T8051] __se_sys_mount+0x2d9/0x3c0 [ 279.549415][ T8051] do_syscall_64+0xf3/0x230 [ 279.554445][ T8051] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 279.560852][ T8051] [ 279.560852][ T8051] other info that might help us debug this: [ 279.560852][ T8051] [ 279.571085][ T8051] Possible unsafe locking scenario: [ 279.571085][ T8051] [ 279.578514][ T8051] CPU0 CPU1 [ 279.583861][ T8051] ---- ---- [ 279.589202][ T8051] lock(&c->btree_root_lock); [ 279.593950][ T8051] lock(&c->sb_lock); [ 279.600606][ T8051] lock(&c->btree_root_lock); [ 279.607866][ T8051] lock(&c->sb_lock); [ 279.611916][ T8051] [ 279.611916][ T8051] *** DEADLOCK *** [ 279.611916][ T8051] [ 279.620039][ T8051] 4 locks held by syz-executor.2/8051: [ 279.625472][ T8051] #0: ffff888051300278 (&c->state_lock){+.+.}-{3:3}, at: bch2_fs_start+0x45/0x5b0 [ 279.634777][ T8051] #1: ffff8880513268d0 (&c->gc_lock){++++}-{3:3}, at: bch2_check_allocations+0x258/0xcca0 [ 279.644758][ T8051] #2: ffff8880513042d8 (&c->btree_trans_barrier){.+.+}-{0:0}, at: __bch2_trans_get+0x9b0/0xdf0 [ 279.655263][ T8051] #3: ffff888051301a58 (&c->btree_root_lock){+.+.}-{3:3}, at: bch2_check_allocations+0x2e31/0xcca0 [ 279.666023][ T8051] [ 279.666023][ T8051] stack backtrace: [ 279.671919][ T8051] CPU: 1 PID: 8051 Comm: syz-executor.2 Not tainted 6.10.0-rc4-syzkaller-00217-g35bb670d65fc #0 [ 279.682308][ T8051] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 279.692352][ T8051] Call Trace: [ 279.695614][ T8051] [ 279.698525][ T8051] dump_stack_lvl+0x241/0x360 [ 279.703188][ T8051] ? __pfx_dump_stack_lvl+0x10/0x10 [ 279.708371][ T8051] ? print_circular_bug+0x130/0x1a0 [ 279.713550][ T8051] check_noncircular+0x36a/0x4a0 [ 279.718487][ T8051] ? __pfx_check_noncircular+0x10/0x10 [ 279.723927][ T8051] ? lockdep_lock+0x123/0x2b0 [ 279.728582][ T8051] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 279.734540][ T8051] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 279.740932][ T8051] validate_chain+0x18e0/0x5900 [ 279.745775][ T8051] ? __pfx_validate_chain+0x10/0x10 [ 279.751042][ T8051] ? vsnprintf+0x1ccd/0x1da0 [ 279.755611][ T8051] ? printbuf_do_indent+0x99a/0x9d0 [ 279.760795][ T8051] ? __pfx_vsnprintf+0x10/0x10 [ 279.765547][ T8051] ? bch2_extent_ptr_to_text+0x58/0x5d0 [ 279.771073][ T8051] ? __pfx_lock_release+0x10/0x10 [ 279.776077][ T8051] ? mark_lock+0x9a/0x350 [ 279.780400][ T8051] __lock_acquire+0x1346/0x1fd0 [ 279.785235][ T8051] lock_acquire+0x1ed/0x550 [ 279.789722][ T8051] ? bch2_gc_mark_key+0xc66/0x1010 [ 279.794827][ T8051] ? __pfx_lock_acquire+0x10/0x10 [ 279.799832][ T8051] ? __pfx___might_resched+0x10/0x10 [ 279.805099][ T8051] ? printbuf_do_indent+0x4d/0x9d0 [ 279.810189][ T8051] __mutex_lock+0x136/0xd70 [ 279.814683][ T8051] ? bch2_gc_mark_key+0xc66/0x1010 [ 279.819775][ T8051] ? bch2_btree_ptr_v2_to_text+0x19a/0x2f0 [ 279.825568][ T8051] ? bch2_btree_ptr_v2_to_text+0x209/0x2f0 [ 279.831350][ T8051] ? bch2_gc_mark_key+0xc66/0x1010 [ 279.836439][ T8051] ? __pfx___mutex_lock+0x10/0x10 [ 279.841446][ T8051] ? bch2_bkey_val_to_text+0xf0/0x160 [ 279.846799][ T8051] bch2_gc_mark_key+0xc66/0x1010 [ 279.851732][ T8051] ? __pfx_bch2_gc_mark_key+0x10/0x10 [ 279.857097][ T8051] ? __mutex_lock+0x2ef/0xd70 [ 279.861764][ T8051] ? __gc_pos_set+0x1a4/0x2c0 [ 279.866418][ T8051] ? bch2_check_allocations+0x3d0f/0xcca0 [ 279.872115][ T8051] ? __pfx_bch2_trans_begin+0x10/0x10 [ 279.877468][ T8051] ? __asan_memset+0x23/0x50 [ 279.882039][ T8051] ? bch2_trans_iter_exit+0x295/0x3e0 [ 279.887395][ T8051] bch2_check_allocations+0x3e06/0xcca0 [ 279.892923][ T8051] ? __asan_memset+0x23/0x50 [ 279.897499][ T8051] ? bch2_btree_node_iter_init+0x36bb/0x4280 [ 279.903461][ T8051] ? validate_chain+0x11e/0x5900 [ 279.908382][ T8051] ? __bch2_journal_key_search+0x9c2/0x10e0 [ 279.914252][ T8051] ? __bch2_btree_node_iter_advance+0x577/0xaa0 [ 279.920474][ T8051] ? validate_chain+0x11e/0x5900 [ 279.925394][ T8051] ? __pfx_bch2_check_allocations+0x10/0x10 [ 279.931262][ T8051] ? bch2_btree_node_iter_advance+0x3c8/0xc70 [ 279.937311][ T8051] ? desc_read+0x200/0x3f0 [ 279.941704][ T8051] ? desc_read+0x1a2/0x3f0 [ 279.946100][ T8051] ? prb_first_seq+0x131/0x210 [ 279.950843][ T8051] ? __pfx_prb_first_seq+0x10/0x10 [ 279.955935][ T8051] ? this_cpu_in_panic+0x4f/0x80 [ 279.960853][ T8051] ? _prb_read_valid+0xa39/0xac0 [ 279.965772][ T8051] ? validate_chain+0x11e/0x5900 [ 279.970692][ T8051] ? __pfx__prb_read_valid+0x10/0x10 [ 279.975954][ T8051] ? data_push_tail+0x6c6/0x730 [ 279.980784][ T8051] ? __pfx_validate_chain+0x10/0x10 [ 279.985962][ T8051] ? prb_read_valid+0xa9/0xf0 [ 279.990622][ T8051] ? __pfx_prb_read_valid+0x10/0x10 [ 279.995799][ T8051] ? desc_read+0x200/0x3f0 [ 280.000207][ T8051] ? desc_read+0x1a2/0x3f0 [ 280.004601][ T8051] ? prb_first_seq+0x131/0x210 [ 280.009342][ T8051] ? __pfx_prb_first_seq+0x10/0x10 [ 280.014433][ T8051] ? this_cpu_in_panic+0x4f/0x80 [ 280.019349][ T8051] ? _prb_read_valid+0xa39/0xac0 [ 280.024272][ T8051] ? bch2_check_allocations+0x3197/0xcca0 [ 280.029977][ T8051] ? console_unlock+0x239/0x4d0 2024/06/22 23:29:32 SYZFATAL: failed to recv *flatrpc.HostMessageRaw: EOF [ 280.034808][ T8051] ? console_unlock+0x447/0x4d0 [ 280.039637][ T8051] ? __pfx_console_unlock+0x10/0x10 [ 280.044901][ T8051] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 280.050876][ T8051] ? bch2_check_allocations+0x83d/0xcca0 [ 280.056520][ T8051] ? vprintk_emit+0x3cf/0x770 [ 280.061216][ T8051] ? __wake_up_klogd+0xd5/0x110 [ 280.066090][ T8051] ? bch2_check_allocations+0x83d/0xcca0 [ 280.071740][ T8051] ? __bch2_print+0x17a/0x220 [ 280.076424][ T8051] ? __pfx___bch2_print+0x10/0x10 [ 280.081431][ T8051] ? bch2_trans_put+0x8ed/0x1030 [ 280.086345][ T8051] bch2_run_recovery_pass+0xf0/0x1e0 [ 280.091630][ T8051] bch2_run_recovery_passes+0x19e/0x820 [ 280.097166][ T8051] bch2_fs_recovery+0x2370/0x3720 [ 280.102195][ T8051] ? __pfx_bch2_fs_recovery+0x10/0x10 [ 280.107552][ T8051] ? __pfx_lock_release+0x10/0x10 [ 280.112551][ T8051] ? bch2_get_next_online_dev+0x2b/0x4f0 [ 280.118162][ T8051] ? __pfx_lock_release+0x10/0x10 [ 280.123167][ T8051] ? bch2_get_next_online_dev+0x2b/0x4f0 [ 280.128784][ T8051] ? bch2_get_next_online_dev+0x4b9/0x4f0 [ 280.134498][ T8051] ? bch2_get_next_online_dev+0x2b/0x4f0 [ 280.140126][ T8051] ? llist_reverse_order+0x72/0x90 [ 280.145249][ T8051] bch2_fs_start+0x356/0x5b0 [ 280.149850][ T8051] bch2_fs_open+0xa8d/0xdf0 [ 280.154372][ T8051] ? __pfx_bch2_fs_open+0x10/0x10 [ 280.159418][ T8051] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 280.165772][ T8051] ? __pfx_bch2_test_super+0x10/0x10 [ 280.171074][ T8051] ? sget+0x2b8/0x620 [ 280.175068][ T8051] ? __pfx_bch2_noset_super+0x10/0x10 [ 280.180454][ T8051] bch2_mount+0x6b0/0x13a0 [ 280.184895][ T8051] ? __pfx_bch2_mount+0x10/0x10 [ 280.189774][ T8051] ? vfs_parse_fs_string+0x190/0x230 [ 280.195067][ T8051] ? kfree+0x4e/0x360 [ 280.199036][ T8051] ? vfs_parse_fs_string+0x190/0x230 [ 280.204302][ T8051] ? __pfx_vfs_parse_fs_string+0x10/0x10 [ 280.209913][ T8051] ? cap_capable+0x1b4/0x250 [ 280.214485][ T8051] legacy_get_tree+0xee/0x190 [ 280.219226][ T8051] ? __pfx_bch2_mount+0x10/0x10 [ 280.224074][ T8051] vfs_get_tree+0x90/0x2a0 [ 280.228488][ T8051] do_new_mount+0x2be/0xb40 [ 280.232980][ T8051] ? __pfx_do_new_mount+0x10/0x10 [ 280.237991][ T8051] __se_sys_mount+0x2d9/0x3c0 [ 280.242655][ T8051] ? __pfx___se_sys_mount+0x10/0x10 [ 280.247836][ T8051] ? do_syscall_64+0x100/0x230 [ 280.252616][ T8051] ? __x64_sys_mount+0x20/0xc0 [ 280.257363][ T8051] do_syscall_64+0xf3/0x230 [ 280.261846][ T8051] ? clear_bhb_loop+0x35/0x90 [ 280.266508][ T8051] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 280.272391][ T8051] RIP: 0033:0x7f06d8e7e7aa [ 280.276793][ T8051] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 09 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 280.296383][ T8051] RSP: 002b:00007f06d9c53ef8 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 280.304956][ T8051] RAX: ffffffffffffffda RBX: 00007f06d9c53f80 RCX: 00007f06d8e7e7aa [ 280.312910][ T8051] RDX: 0000000020005b00 RSI: 0000000020000040 RDI: 00007f06d9c53f40 [ 280.320860][ T8051] RBP: 0000000020005b00 R08: 00007f06d9c53f80 R09: 0000000000000002 [ 280.328896][ T8051] R10: 0000000000000002 R11: 0000000000000202 R12: 0000000020000040 [ 280.336859][ T8051] R13: 00007f06d9c53f40 R14: 0000000000005b1c R15: 0000000020000240 [ 280.344820][ T8051] [ 280.368833][ T8076] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2234: inode #15: comm syz-executor.4: corrupted in-inode xattr: invalid ea_ino [ 280.389000][ T8076] EXT4-fs (loop4): Remounting filesystem read-only [ 280.398280][ T8076] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 280.480755][ T8051] done [ 280.501517][ T8051] bcachefs (loop2): going read-write [ 280.507386][ T8051] bcachefs (loop2): journal_replay... done [ 280.513190][ T8051] bcachefs (loop2): check_alloc_info... done [ 280.569657][ T8051] bcachefs (loop2): check_lrus... done [ 280.579682][ T8051] bcachefs (loop2): check_btree_backpointers... done [ 280.613588][ T8051] bcachefs (loop2): check_backpointers_to_extents... done [ 280.679607][ T8051] bcachefs (loop2): check_extents_to_backpointers... [ 280.680395][ T8051] missing backpointer for btree=inodes l=1 u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq efdd7a26d7396dd5 written 24 min_key POS_MIN durability: 1 ptr: 0:38:0 gen 0 [ 280.680415][ T8051] got: u64s 5 type deleted 0:9961472:0 len 0 ver 0 [ 280.680425][ T8051] want: u64s 9 type backpointer 0:9961472:0 len 0 ver 0: bucket=0:38:0 btree=inodes l=1 offset=0:0 len=256 pos=SPOS_MAX, shutting down [ 280.781809][ T8051] bcachefs (loop2): inconsistency detected - emergency read only at journal seq 8 [ 280.793960][ T8051] bcachefs (loop2): bch2_check_extents_to_backpointers(): error fsck_errors_not_fixed [ 280.804492][ T8051] bcachefs (loop2): bch2_fs_recovery(): error fsck_errors_not_fixed [ 280.844346][ T8051] bcachefs (loop2): bch2_fs_start(): error starting filesystem fsck_errors_not_fixed [ 280.855913][ T45] bcachefs (loop2): going read-only [ 280.861611][ T45] bcachefs (loop2): finished waiting for writes to stop [ 280.870460][ T8051] bcachefs (loop2): shutting down [ 280.875570][ T45] bcachefs (loop2): flushing journal and stopping allocators, journal seq 8 [ 280.886530][ T45] bcachefs (loop2): flushing journal and stopping allocators complete, journal seq 8 [ 280.899697][ T45] bcachefs (loop2): unshutdown complete, journal seq 8 [ 280.906881][ T45] bcachefs (loop2): done going read-only, filesystem not clean [ 280.911264][ T8070] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 280.930405][ T8051] bcachefs (loop2): shutdown complete [ 281.104841][ T5924] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0