last executing test programs:

19.265941797s ago: executing program 4 (id=230):
syz_emit_ethernet(0x18, &(0x7f0000000140)={@dev, @random="e5dbda09b0a5", @val, {@generic={0x88a8, "0321"}}}, 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r1 = mmap$IORING_OFF_SQ_RING(&(0x7f0000843000/0x1000)=nil, 0x1000, 0x2000007, 0x401d071, 0xffffffffffffffff, 0x0)
r2 = userfaultfd(0x1)
ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000000100)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1})
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x0, &(0x7f0000000080), 0x0, 0x4)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x0, &(0x7f0000000040), 0xc00000, 0x4)
close(r2)
syz_usb_connect(0x2, 0x2d, &(0x7f0000000000)={{0x12, 0x1, 0x200, 0xfe, 0xb1, 0x5e, 0x40, 0xea0, 0x6858, 0xe45b, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0x3, 0x5, 0x80, 0x0, [{{0x9, 0x4, 0x1f, 0x5, 0x1, 0x5d, 0x95, 0xce, 0x8, [@uac_as], [{{0x9, 0x5, 0x5, 0x10, 0x20, 0x4, 0x2, 0xf9}}]}}]}}]}}, &(0x7f0000000280)={0xa, &(0x7f0000000180)={0xa, 0x6, 0x201, 0x5, 0xd9, 0x4e, 0x8, 0x4}, 0x0, 0x0, 0x2, [{0x0, 0x0}, {0x4, &(0x7f0000000240)=@lang_id={0x4, 0x3, 0x2409}}]})

17.900288737s ago: executing program 4 (id=232):
mkdir(&(0x7f0000000580)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000180), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f0000006840)={0x2020, 0x0, <r1=>0x0}, 0x2020)
syz_fuse_handle_req(r0, &(0x7f00000042c0)="9ab1446569aa24b774753c9e994c09c24df9d42fa5a228e469b44cecf6f9f5ce5f77c93b1895aaac9cf34b37415f11fe22d6fa0162aa743b242e8fe0a8659e32fb543d7969d6513136a9f332a8074f8ee1e445277ddd5859eb5ac3321eb710be880a441031da9b31f791d54fb3c97cd8ee92b00cbf962be8eb5fd0b7cab207645f59cf87a8c41e2739dd8386b6bb84b627cbf5e09bac876ad4b215f0e510a853c5e8b9f7822b26771d72972290a1f9a6f0a46942be0d0eb7aa5145ff368863b14e9845926088f9f92d554e572926290dc6e6b574aea8c500fbe5697f881c0cec48282c6d07619248da0c3b9aa6f7c778525d1760051e4ba8ef31d3c8d3e1d4214ffa5261ce1fdbc12eba889968137f5c06fea233000296cf18df494b4e7b1bee7dc2f3751c37415d46f6d7ffb3d0f788f2100ee41266e6fba75b61af22e1d7b286507ff100cc34ed28d5a2c8be3231446874bbbde6f3c367ca802d64192ffcce1ea41b2cbc57f7500fc4f8f12fe02690c1c9785bbc35542b59d05600783cf4f4633b374101d8ed395303392b238d198f9f68c8ae928cbf3b558deec6d38ebaa526e749ac4e47dd5b838ec34f2820a1134252ae60159d4e030cf5e5d6f8de799a31e12ae57cfe5a1a3ded525c6e71271271d35a0056265362387a361f21ea0f4b6d46f6a83a8512687e43b31e11b1396d6e9e49cf42b693732e226b55d21a1203022f6be9f8ecccb68de3bf4ce99689514bd752f4e60bd2f8e376d7fae5b5fc8db0f53db8c52746671e361b9319419c1b3f3168b4797ebd2d118ee42dda4bc59dd0251236195c8cdafc0546354eeb28f4c7e71e8245a6ccaddfb858f61039c0ccf5acd924680aab38dd061fc7b123f24ac7f3d3c0cee43b61045bb1efea25af86088a0591f166e2f11ea4089860893b17ca5e3d99ec75131268e2e4e290c2bf15e4dde23284e4bdf6e549c096ce221d9c8a6c0fc78aa6a1c8b547c0e10738de2a1e8663e03ab0ce4594e244989f75b6672de1eee97ba7e6467a0da51c0e75d5866c405b03c4744d8d3fbb01eddba5a0361662269154c2f0e61a9433982eb904ff562896cbfa692eb1e6c644fcf6cbc103a76b712af706a47608d3e2f5d54d47d8e9906ab37ddf04004d32ce00200fc3c274666aeb618b27424d87b6a4b0262de4436b9e6f150bc798394c298b25a2c318fbe786185464057c0bcfcd1917230d78ee1a49eca12068fa676852c1099096c6cb98dfda27fedac41826516e42cc116f0cbb68f0f810418258dc5a65c0e1ada296176e17f8d762894c80542a79383cc1674a4f3d6520633ce80baba214c20628899f9ac826484c887713aed9c5caf13b40a598cb1e81f7b18dae39efc22dc99ff497e11f158edc2716ebe3bcd593691aa26523efc168e1394ab439c9a9270575ef34eeee9084b0a31b2d81d47c964ac61e600f75d9321d7474dde45bb8d0cc46510488ab68486d3ba6cc9c3ddb6f66f2e5d251ee285121e1645a2f5167fc5fb8ac4491c0d9d0423c7a8452efea2f5a30096a0fa47173f3a68500a5c755ea939c838d3be126a87ff6baa5a1fba638a5c64767d17f04201b935fcb1cb6afa175594f410f2ff773194c703e623876051e46bb0850a5016e65f8fa34b96bafdfe851a0756fe26fb63d52113c0935b0867f7dc8a94d887484b15e8f92b6a316a22c04a985cc94e432cd43f44001bcdbd48efcd463c402d3d181298e96db60fdb714b82e146567af5ae3fc0c3f9d241471b4d129f928d286f780facb1e84434610ab3379dfff0f64d57b4a1c2e96c98b693de952d26773d24e7a95eddbc450f79932d5332d27991c7bfbd3bc35bfeb9496fbebccb5e4c35c368e021dea643cb292d794d3d3bbcc960f989bef09763dc73d83cbf907485635265e81f87b712d958a66719230fc6466615a0e3bb998d48159e9e9c51959354a545966bcffa298c7673b4d32b991c886a997236642c0f104f6795feab9f48d0ffc74667f3f3e82473ac892ad25f4b13029b0b27fb1d86991ddc42bbc3fe584ed364e769f3bc72ed8749e7a654ec1a2ec7a01bd2d5caccdc6241a1b1ef2726db54d2c34ab47020b4c729b5994b43deb00ad959950e0051d2c0f27217397055e78f1dd3bd867a45e06c2134ae8981021aae881cc7b2049fe7c82d2127ec81d6430c8116355c8d0ab8b9291c688ed9b8dbb1ed6f1a99bb58a1be8d5737acbf9461b142c8982f52481195d35ef82aed4fa52385ea4ed00a739d01cad7af9f7c27d357748e24f28d22065ccb37300e8f5d8dae5ca79af7a50edc3e05184d1a2a6d59784d5ceeb1f1550a44ea03bee4dc5c27eb78f0032593c7d082e59211f83a8b91aa78bfb7e959328ee63af26a37b79ce5e5139eeebd12e28b2a26ad2fcbdca652524d036b324782d54247a48b9f8200b2d6d2c091c41366d677e3be6e136cec6c3080d608849135c6e3c7d695d2e226ae1ce999d730d7f79116ab85762e55a3e5a66a690ce0a4bb4fd1560c796e2797414b544ef78e29d55e4853fdbf3362085a65c46105f32c360a0a9867b984a5d0297fe0b06a45684ac801a8e66294cef6e5f3c48648884fbb2422fa00488df33a9a0ff1039c81f1939f2cd2f5fe8aa805af2d2332ac37244ed4a7b50265af8062752b0c16511e5f25e8aa2b60645675bc826557bb75474ca4787f6b584b2f83bc25192579104aa0baae79f396df0d31121f90db9acea9695ee0fe0c22df4db503ec8b2437b05f5d35a65722fa82eebd2aff4bcd3316a5cffc4b31913fd02f82130c77f320bf04bf8fa873d0e3f62122d6a5f87d3e908bedafed4a3cb6d9f73ff546f5a2b74a2493b1753e89b682352bb3166563518dcb190c7b3d9fd667c57978a670b192641a674dc92c2401d067b6767aa632ce32a401175c98200a52ab5d80dffa719746d0bff8a84bac4a56e0ab8124fc332b64ea662d01e1b73231a6638f01cf4d699448da228c16951149c8d3dab9a7e3be9a16c7d1ffb061818f8f9cb2b42739fae4a0d70c0701c8dceee785d36ef6413162de1917df01c693ef3e1f517e7fc46245209fee52f5c6a2f50ab3f56d67d1cd987282b24071d8ebb1bc5cd635957b2a7ad92d0650abd5bbc24b75885b6119592a3d715392718e52f9124c4ac95be3582abba4ac3a4049ee49fa8ceb9b59d4e1e2a069c9d482879fd8d27d5ac22ef870542453be22c2ec4ebf1472c19fbfb56aa0a3671297b020e3fe49d201a82a04420e90bda43691dacf92347bcbcae3742cc4abad4c8010c0afa15278795d4d76c482461ae78f30569e1dcf87b9b150d07a2bd81676ec6022422d490759ae1e861a6c4cd1f733bd772d60975a59356c385a4a390429f3d2131e7f616015261df6db3cc3ec261a53be10c4f197e71878984fee00e6d1069f79825194b7af434fb6bb86db18e11977f82928be35054543060cea94ebb4015d061f20f8454e056e7b6e4f9a1621ef2377d77659c20bf358c817519f1801be15ae3b5b42adfab367777a6789635a0dcdd1f2b97edecea0210768af67601d1b95a8850dddb6b1f4b0c2f52c835b0833d81966ad19e49ceb9dc9c729cd8334bc3ee5bb8c74186f5cc3e765b9fdd91d79baaab3d2ab64c15d655d1af7de9cf8d5d7c1baef24577843ce142331743b45b06104b6d0d4392e61ca8c07507ff5f831bbf720854db4debf64182aaebf899ba57626a48748fc2dcf016013d575595d24d383eef2da0ff0c9f6fe9c64b186cd4617e3f37635d7dacb58ec297f3ddb48ce4a5e00cc127267e18a1fdf209e098f2cb2e9c0630d15ec9b867b2b95ecf82ad2c0ba39df9c4d36d492bc9a55c4b767da966e4fd7f4d2fef5e91d0575177c05d240b50757031c76333d43bcc828ab2f0376e29d12d1261ce104a8ea488091326bc451c120c8c04d3e64835c893f55b312e248ad8fc1c32429d68e6b67bf45ab8a1cc3db22f9f01a2266b8349046d3d3e081eaa7f7020c73c0762d11a33b517b8f081da3c61ef63e1d40cd87d69c7ac7491fb61bb57c1fe2d218aff6d39b3e1fc847f0ed894e2f0b4d6a4ad03ba42e28bb1dfab645081f548e64ceb8ce15d2214bd66a14fe594aa447c3537eb493299fef0f9326236ea5dae44e23b34801fe06ee16c79545feaf2528421d6e7f9a256a7914d86bd053dc33c8c2043ba73714f5ff5f0507097a56c40b2190e77877d43be849ee2ac129e582930ced06d359eebb49eda4edb13819f91cecc449c9613d9659906179f8fefa34fecb7d21cdaf09a1ce8d094421da80796c97c02fc56171aaba53fd8a7f55de059044717df164f3571028f16995d51fc8829534cdf58dd134def1e43a34e4f5f372fa8e19d3b85881e99ecd45faa4fccfdb47e094ab06955f3960fac71294dd965f24a97cff36b9966cf1a4c3e96c3e14a3951dcc8a3e9371f7e1ae9df77ddb1a99172174adbee8ea57a0c9872a6d677c2875da88a6a7234bebf68a3cc0532a9809a4de4b4d419bff67b0ba825a7ae6e999087155378357ae67e2dd98697f1d10ffa4497dde6582571670456db995228b97d0ecb2fb30c2ba6c16038c40059815c56b35666cc1c5090f6c38e0f4c12abf79919951b85a2734d32dd12b239912d541f9163387a4aa0be0b7a12d9c6b56dbcf1e9aadcfd72e2664a84d6c5147c72bffe7c3560ccd8c447b748dcd26cc9ca2a85cded742a8dccdfd8e78c96e78d405a19faab9e57183b37583f94b3d416b2920c6b746427ed75c08dc3be02720c1edc4743229153c48f1239b222b9fe2e21c0ae28122bc44f9dc78a59f3485ac8057eb21f0857bcfea2d9ebbbcc197e7880d81515bb1cb7192d97c4258c09926d137e245977db40812b253f99a504bb68137d8d73ca4e7c808d50f1dcc600e6a6db90238ff44e075932fe668c066e6988a6a8b4a8485120c8e4d6511268a75d8f9b0f06689aac8cd621e90c62af1e59aa9efe928e9ea098661b408a2825c4f9aac1efd9d54d163a651054b9ab32719d2be3b176f6795ddad0f1310b9237181689f2f9dd34a41d4d4cd2d7569bf56e6a80bc24d90df3bdde0f9649e699f4ef70c4f3faf9553a231215416bba26c29f17861e0f265e9641b2307ed43d6fde23a378669f4ade874e54c20a5e902205dcaa79a3e8584a3f78a86e703451115a1717df882507c607297afac0a056a0f3509a57502fd2ffff6035d04b91f72f5e1a69ddafaf80f7b2f7a13f38c683988436585e6bc7fc2da328449675c234ec0acf5294ce06c72442beba15e65d6a3e1b5dc3c8f115e1005798383f79b0194f6b7d4b1b32371acbf22340af6e5ee3ea840f7ed451226daef3041fc194e051af2fb450022b394c774273b9575c974c324ecd7268435176ee28c54bb54c8e829232ca636f3bdef60ed460b5ff425936626dd16a3f436f08a863582a79f393378f60f6c8ecdd13d83073bfda2e9f8d0c74a841021cbb8c148e70bfc585627449cdd9fb3045db3ea08a96108b52ee8a4f5048a5d910355789f4bb85c1362955e267e719581c38a2648eaa0b516db6277d2ee3c6e1e1090df3f53a31b747d99887e337dadddab16a297d9e56797007a3d18ce333311c70bb1bf45bdae517ffc589419af643773bb30a1fbff7ecd4a8ae7456a608fe73547c2eda4f070d57dc70b65d867526c946a435ea581497da18646ce569eaf6ccf3474cd6e7aa3d6d4732836ff4167c9153757ce58a34864be6d479f7b4ea1d6480b9ac16c5bff346a74e74133234744df867e16b3d2f1f7db4b21b89019b520917ef863e60f52999d6946b9e09cb60054f49d8a255f02e4b62fff6e6adb9a167ea70a177d00b26f56e29b63138a2ebc30b956161a4ab25d5da1c207c3f762714f651341ae771e17d84fa1c86685f2fcb0a128c2e1208d1930e7ff0d8d55299154112af574b881be8b69cc1721d548ad4dc02632e184c47f9b394bf4a834e60fbead8c8bfbf5087f8454513b0b086ac97bbbb9aa342af9def758fe88f1e4570e65f93fd4a9868665d08fac0cf6ebde786995c433504ca01cdf83311aaae20cc76f819a4344a8ee4e26c1094cb00d2c8a67c733fffcd89e97534cacb08a64d75e8594fa31f0dcfcafb0d1bc184c7067fec6a48ddefd580d4d9a4128d8f70f6fc6562da683904766e982ecd0286064db6844131bb7962a0a497f7b97fefad88a0b128bdf8cca774b1c32cb4af259bfebccda036e7e4ea8962838dbb5c04ffab0a2f1481848a27f06171645daf5246a2e563f3ed60097a9d7023d6ba5c8a58d39f733b12baf0863d82c427460f51cf9e3f77281a42221725b7bb75c2116ab31f704661f090d3eeddd2aa6efc619946b4933c398b635fd04ba3758294965c568997e1ef44b0562804e6c64558f6cfa87662a988c321a856ead51c848528a4954f9ff1948d517d67bc11db66801648848bfb7ee12296428bc3ffec863e9c77ff31ee386197679adab2a0e93bbe0c66ffe9c4b09b636f6216faa373aa8271678cc57ad46898222df7e2d8b14a5b70130596c0430997c4c04d9b5187fd9bb26b71fd19aacc8e08a3239f0eebca7b2873062a19f327a4a282012ebf9898a5ab6310b8623c864d4dada3ded00ad201ce8f3973f90396f5edc1ba466e16247fe6b0ee98acfd53792cc0fea33647b841596655b8d9efbc14b50fe0b588e4c41e2cbd0a700529e7ca91122d3d1b26e52bf44a0c9fe37cdbc352357f13b2adc68e78a00f6dc88a8e6ea54bd0b2c8276f9e1bfebc8655a1f47b72c25ffa97f4463630cc21428ca3bb381a6d3171d28bb946f746f820247bf3f7bb69caaeb5c47026ca9997e586e657a9e1569312bb443299ef4cfeacc9aaf4fc3aaa4a77a21579234d2aab6fd0234398ae07ca7c57ac6d6a51e025744b1430abce27f7f9b0d0e45c051e34d20db95cadcc0e4e327dbd979166b33e39a3951d0b8dd62c0d1542b69583cfc07b127243cac4b052cb29ccb3592972698fa4cd84633d222d78b8741d5f903f8636d95cddfe2ef13829df9ce32705edfda51ded2f0ef38f60a33a2e00373107eef56a01acb5e05d849279b5987343c8bbc73ea660ceaf7c9b90c0a8e1412ff3f517cef8fe604d7a26e085170a76e1bf43f5d1bb77ee771fe841d59fe2cc2874d25bf991b4af6bf9ffe1bfbf3a5587006b60bab5bdfd5a3192e82d474ecab0ab656967856c84cba9469c5823c1d1bf104d2a21c071bb08b2a137883dd9c8f545d6958db8efa45263ae303de76e70f2f6a10e1858e6654004f2a099dc31950ee730c465e0a1822935e309d41650fba489aa3050eedbf3f058d24d1f04fc340966e42d72052d84a66789ccf75000c3fc83b8842badd6b22ddaaaf53ed34e25c1b638e3630d66a7903405052902cf8e7395d54679e2f4a2bf7c8c89b0dc38969376ea164fe97b37b1172e6e8f05a929aa373108e891a64e38e18b432a115a44d754811e03c4f4ae7c525a6b9b92aab0d16967ee1a64eeeb2207c094f6aa96f126d058eff22435a4ae76c31f888ee13b327d2cab4ab5a56abf4cae88c583dd67129271708aa17f4f10886ead0e12734314bd4a49e64349beba4abdf94a1fb23a72cf7e16b5af2f1706d9646a5ff7dbf5c7b1cb2c3781346167b15d4625841d9f3d14392db1d39101d37175c42c522229db0708544058d75cebf3e399cd443d1b943c6f3017a898bd49836a8d92519deb810712aed76602682ef0df2be270734eeda7f289a76f4684baf75702a1ac3da005e62b83f794b934cf882db5d50e5ed4aca868e300d690c0b10daf0a47486e9f49d1b08eac6cf5090ddd2443b1459b2df86ab3447b2b5c6afe8aadb410de6a84b640e326eb882832d1a9cb12e0b8f13aef579f404af8631cdd5a30a031dad19cdf247575dd223229330f19fe4d88c51242217397acf66b86c743de283d5df7212fce59af17eb702eccab192f56f054a33709d41841e4a39638e02b4210559593f9b5c44fd22d9da637ef1a3a0a41c40469990dc4beec30a05b67931c0560d9a59fa875f3e26fd1eb32655aa30c7a1cd3d541716fdaacdda206328f3cbc8f16fc2be26690f18963a16febbaf2cb6c199330579ca067c60b54cbdd211c1350e066448fb50ae28ed58788ac98f0ded3414c8735ab90639916e26ab29102cc2609035e56d9b9d2dbc98118835bcf0e437c77052efe2293d9f19b7197aa1b94b10997b0b1efdef251de8945a97fec885f032c3bee2447335230b866d7aef515b04664d0c59e18233f9a229969e3e17d69716413ca3bc55f5959e340627ea803f7b26f4a74295b295344a3685287093998a1ce75b1ed5d730c9aec812617b4c200a0250c9ef8ef7d2fcfc59ef97422eca746bc6451a5b77307d14c1cfa0ea2c8eb7cf7819644577a6456efec0af058a0e3c8ec371019009462bfe174a11368b57fbe3090208a57b2236b97edc32cda5c6fc988cbaaf91c4020a06a7ad45519eaa761e045fc84d3219b287206282347a031ef1e7b7dbc67de738fa8f9fe71c44201fd1d548f8aebe93bf502d64d4b5f470a419e3fcd87f0616b9813048311ed20ac2efd7f18dcd6889542208b50c28c8c0700f73fa33a964e38d699819cab2098c6ff081266721cdced87ff41948c84037485f30d38a99eeeb3ff4c3049742a29eb09bb35c358e732546267c165a62fee9e25abdafdb8a48785bd432d160797e7a41d580f59d7d8e59b3e6b954d39f86db33b8f7cabde43e8e04cac1fcf9aa6fdbe4326e0d9c782d9a630055b36f85c2b8efebf18f42ef14ee5eb1d33ca322db69704f8bb90bf30eb05908b8d8ed169580923f53a6539cc3b55baa47718053d2ff103c23d90f9cb49ddc7d759950f605bafabcb7953c042c0523b84da994529a87ad68fc6f0709fd7af5fc20e53a17d3f5fd4d25fc5ff6598c6ddfc34668a08ee5e066d81a65e7979c50c08febf76dc5a3a405f551bb8449d94ea0dfdad6dd6dd6d6e4486f4ae1d2523c05f46198d8af4da12873ebdf7d6b5f2d0f1b2d29759ab0d78e34ae6f17b7ab83518cf8b18836ea5630ee934e5ecc123f0d3fe6b803ae1f735d65dcadcaaf6660e02ecad0290f6ead0594733a10b2b1654a44244424fa8b3180b551ac401828203e61603b017106e2256f01b9f26db33897167d9defb54ddfe49334150574493895370bad46cc658667aa9a8ed333c86f112b2a542936af92e2f933254b6fb0b1a599eec3bf2e476ae6714e2486dd31b29e4d26838d84bd7a62c62beab3ba71642278ecaf2e50d70670d9fdff105019791d36321bc57fdfd8f65f2ea1cb188035ecabf6140e777b7e6d2177ac29e9a1a2f87dd54d96184bb1a855bd9efdadfc606f13621f40e07cd8be9c2435c8c90b4ccba5eb7ddcf8cf1f76617c9a9e011abf4a63ffe31df63ecacb8b1d2d653e613cb399ce079392f9ca2e226c60b6e8103447c24c1f80d42e1ee747997602ae3ccff8f9f98ce9b56f6f3e3c0ba507df8b2169539cfc946c42da72644feb9b3b582ce332f8b2eda02192958194903d17b3e9b4bd60d08cd9a7989d946ece6d8dc01d6b66a7851bb11e4b075d38081d3ce7bf1875fec9daf47a589abdb72763c9747b83a28389238b0279c8e41db6521130420851acac463664a97be2190aff921923475f2c1f8a87d1169229e5f10dd0a92221e61358b156020f2c9ca2cb6580743a8d5e3c59e6fd97a7a246211450c7c62f1891cedb434102f8794d81c1caf2c1b4ae18b7c4b9c88de5c51da33e3343cef76da0d00341c2e60c4562c162e41a7efa8290cc9061f3d6a592d5f104c5018f31bcaf912bdd37370fbf8fedf0aa9026c1142299197d67ab026756927b5864ea42c45a82c23c275697d31a1b7900670c9a3c967d12974543c11f20c367a336bea9b9ebe480f9c806528138dff35c5f56b1199b75748e9c5cf50e6a32397dc3eeb04c3636c0848a5e13df8a9758bacea231f34cba13b466360b0dec69f74f8bf9a2dcf3dd94fa3a7d27e8caae00240559d75875ef9c619416593ca0072e7f38caae5a530c62dbe00e38c12cb8b924d63fca4d5c3a4c8f50e8f4f86fc1fe2b163219c46c21eb783e587e18e07ab7e1927a646c4f154c5000cb65ce9528457c3c66f43d9ab7d61580df0ecfb31cb38e4cbcdc3dafcca57311abec6b74048c8b74505ba678a4db07ed7243c70a821aee66a487bf91fd273418f8ef657d1eeb9ea6f095d47641e9f9fa30599e8b9c6b4453a1a5e8afd86fcafb46dd095fa4a98a2b26470e2c799b08c6000f5c3c4e28961463724377f37813f3922484fda986eb7c93ae8365baf648acbb344ca7e044d7ba93e7ba35c31085f3f99c5fdb2f9f2845f00b8590395e8ff730b86f5dd7f52297b8ecd5d5a6bb452bcd12b98d6adb27e7ef0e84b9567c66093ca3edab7e64ac4f56360501d81823ea2b1595f934c5f61c8558304c16154109a983a2af8725c7af91b5bc57e555768aa8115236a6ccc921d472b608eb6b82c4ba3747d79027d7856fae5369aa325df6a76138a5b41a94377eeeb251087e0b8510d8890e3f7a0cffaeddb9d2c29bc89f952489f82ee2e2b485cd297e6d30683701623cf73ee9ee606baeae9c3afba287eff57731b9cfaf034b1f56c8b31a32a1078c4fcab298c3f925a8e7cacceb9edf7ba2e54d31033a25462021e4a3c0bf5af341b462ee4417024da7c12c7f385de3af129aef1338a9c1fd68323d07ff47ec8bcca66b44300624d02c9202a2d093c3c85fd922b57b3bd14162c8ca5690734b7e4e4b8980b73a8e9908a9fa3dd508b30e3b1e1fd4ec388affa27c4bc26ca2820e0a902d51ff94984e8894fa5fca7b8704b7600ca6d6b1b1527ea999fcdf8fe3b290ec0036cad222f92cf8a5a54d0fa91de6e74ef61f60a233c9f15fdc86226c3f688de15ed8f0c3f1bc3afcad87cee47a19384afc6a804f197339ebce4aca211dbe0504a000755d18f20c4ecacd4123acdff7653cbb26456499495662508c8186afb883f5481c6bdf88cf137e263bde9d62f054573e0d1454cc119c95d4d9011332bd77682f79debcf5c21f0be7e9a83a58cec34e7cfb17a8122e030669228e4d3d9e274a678c5b77e6180aacc2fa8eb9952c5b04de6b2c7bee591badab96a3c3248c275b5b8faf5394eacc427a840570033be5006c33ce2d2c6e54f08681c3f74ad2fe54bca6dc62a9d84f6c58509c1e5dd5cfcc7a358493d428de48dfc1bc3f74154801c97e6aae38445045320b4cf66c1e56eb6ea2c1218de65f120b463c5cfb9255b3a25eb6e848cbd977f0605d71c561c2a754f5761c31f84101ee8178782cc8cf70b41a2204c5cb2f3134d572327fe4bbc1792249dfcf0ae7ba5d81fb5ae4a7978d044085f3b7f2e398c05733e2bf456cae898f8b5a81e9c79179bb5ca716713fce643dabe21eaee4386e646e25ad3adc5a4ad40f9bd6743f5f742efb1a674ffdbd2ced56c646ae590eb8f10283b47f57e6f96ad76adebecb24df74020b096fdee3c8d780d563a915f73c8b0246b861cd3a8580d5cf75798e8cf1c5875724661a39277e7165fe48ed8d5e6a20d68239f626fe8ea434a4e6e03ea434ec68c4b92a0fc2af15a135d6cbaeeca39a0c1896dab33daac", 0x2000, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
write$FUSE_INIT(r0, &(0x7f0000004200)={0x50, 0x0, r1, {0x7, 0x2b, 0x0, 0x20, 0x0, 0x0, 0x400, 0x0, 0x0, 0x0, 0x80}}, 0x50)
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006780)={0x90}, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006780)={0x90, 0x0, 0x0, {0x5, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000, 0x0, 0x0, 0x0, 0x10b}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = open(&(0x7f00000001c0)='./file0/file0\x00', 0x2, 0x0)
lseek(r2, 0x0, 0x0)

17.370627038s ago: executing program 4 (id=236):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mmap$dsp(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x2, 0x12, 0xffffffffffffffff, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff})
r3 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xaee2, 0x0, 0x2, 0xbfdffffc}, &(0x7f0000000000)=<r4=>0x0, &(0x7f0000000280)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f0000000040)=@IORING_OP_SEND={0x1a, 0x0, 0x0, r2, 0x0, 0x0, 0x0, 0x404c040})
io_uring_enter(r3, 0x47f6, 0x0, 0x2, 0x0, 0x0)

16.35971832s ago: executing program 3 (id=239):
r0 = creat(&(0x7f00000001c0)='./file0\x00', 0x0)
close(r0)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x1, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r1, &(0x7f000000e440)={0x2020, 0x0, <r2=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f00000002c0)={0x50, 0x0, r2, {0x7, 0x1f, 0x4, 0x1, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x14c, 0x94a4}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f000000a3c0)="61ddaf21c1282a5a6352f350c2f614ede5b0c406f5488574ed6fcb609ce20f648ee274c8dfeaa625b1fd332f70f776ae0b6e3f959c24f3876756c20e05c82079387520764f2446820d53242898a90e51c5b68297e39b7fcf558b450e9608326c3dc6704a054216a8c6f0d689e5eb6b8564854376910eff147682d2378b9c5b95a626493ce628b1bb6b524ed7e90ebe6eb0246399eac6d624dcf4e824be2de9c1d5d06eab13f2770577304eb676106fd9868a030192067ac009482e03a817f1abd909a94702479fe30b2594ca60b4acc37148cf04e8c0e76dd69e29d243596f8174129ac6ab9dbb79ace8f0fae14234845725102a027d4163f97f3971d207500defeaa2c7318f7e82e591701f9d3f78592ea7ec28806a53278a35a20251eeb2735fa9f37bf0045b5e6faf5f751c7ad31d8426be7b09027b2092f49247159a33b580d2691ebf00797962168bdc368f57282ce5b8526eacb80952ffba771626c0016b8a010546f0b4daf470814cee0ea418b76331c34616cea0459dbd1f196364c99e4a47bcdd64b518ef51833e6f8041fbbbe86e808bdbade7009885f2c4d7ffd76a0e7dc7d542bdee1d136d2096dfa997f98ac83c6341b306a3a8cf81642566d7777480d4dc61b0182f0d418ce95d74c9aadb182326d6671412a1f0c62c93a0ba873ff5daa4ece4b2fc73ed5b02b60890374acc0cd25cbf1707016a542fafd6af098f9737304c726712c8243dcd5eb15c0996e9e03dd741d519cb3e86ea214e20408c2cc5ea607585f1bfd268ba3084ffa69425512571d263fd1ae49b488b2964bd3e78943122006489cc22191dec2900a7fdf798c9f683461f2a7b940f4112b805dc077a7b99071b5b454f7c6d2b13a6b23091f74ecc65a24ac0d11e2ffd7332fb2b2b11aeec3c809d78cc2e168f126f38dddfe3e1d0ec1c6fb25f880690f97a70dc5fbea5d25dba3b24c01d9bd228c58deca660625511127a62220429c94be65d6ad4ce7e79e97af67931b46ccfabca5dbaea11e2dc76279b0244cc2845f31beff418fe4bd892d3676079d9d4eb0251dfead9e0a07a11c0a7e597ac89ec77de60a5f6e0ff4a62374856b8e1659e885d3a0d90293daa0c7bb041cbcd54bf098b66b2ddec28dcba4cfbad969e3b97e4bf680f901485d1cd4b231a9115c22ab2f911415ad0efe0eb7f4bee15c6de7d0f818acd687a117286f9e3c33df5206df918ea4ac52927487968d88f4a18d4889a4060f20487e4cec19250fe48a16b1f9f7250a6ab81fbaa2ad451a936ee98021bf859b9a635132a0dcf7530c0e2c84a459241a1fc9fe45b4a4f32fa8e95185db92660292ece6b5ddbb0b9f69bd7435cd4944f8ff2ed51172f0683fbae1013cde202498f2e1be54d1a2e17b3984b17d1994915a477c87697f465781e41b44c6a40ae035e75a4d9f9c0926bec533db0d4c26d605cb1ae225e692ed315062e8c3283716929e25a22b25105e018d81c07cb7600d1bae16d8beec33c88f1cdb52ac988b4677ed604c28ff1cdeeeb74c332dc526cff5ee935016984cabf117694cccabae944de4d2d2daff8f281b6434475b52c1910210598c684da99c108000a53d2ca03afd42b0200691d92341616353a22a8dacd8cb7eee85953b251236603d2ef1e450675f8d0f3cd0e28ef36457f79c267d836d14ed758148e979b9749ddcef14aec903939c69567a1697aae8f9ed72a16be0267a3a967727937f609720802570287c4e08641b9b7b979c6541add0e8600dd2d75a1dc0822ceb7a7e4e1afda2940d127f488589963b46417d7a7474545e5b08a621c1a7637b3fcb62b0aee10d999505907bd14033370e391f6192ff7d718e1db3ef861d30b2d477f11cd45ecb296d4babcccc34901165e3fcdbef6fa1ee478a97f7d21dc5562582d67c448ae352d3157d83e8ab0122a2bb056bdff8043a91b8f3abe4d788fe741483997a8e3fe126626a14b4243d3ff8ada8dd555c95d5e30b68cc053dfbbb61940cbb552cc1fe211ea5ea13cbfb6a577cde339282d84e92f866145e7b1de4d5a1705fc24fc8843f1a69f4c604adf0d715ad88c6a4ac80a35375662610e0ed07af9c4c76326716a77b106ef87782804ca353eaade28a1ca522d706282ebe48c0b23fd42b2e0297f5997d3aab40615f143e868c6aaf920bc827224946db3e3b3e65ea66dbfa5fe6c45dab930877852e86df251024e4ae46ee8e04cf40f2b3239f4df40062cfddada61700959deaeed3a44fb185ce51685fcab793184435b3e668e7d80820a613acde8d61e24571b9de7ce4581a4751d70a28e8d098660e81941fe40b6844a3204b512457194e100c995c75921569f735afee321080ed6310610887ca842001f5112c5af8c9083e3d088a404b48ee82e1e8be16fd493a2a643816488447706f3e86d2d0ed48f7397aad0cf105a4a71d928a15413ab3813e42478cf7a5be2e03d15ccb90a625863cb2ca1059110f90186cf4c370469f4d7e1ccda56ed9c427cce46e7d1c82641554ffa0c7c42697cbc754702b62be5ab03c995ac8cda3145959c440c4dbcacea29d4554d2d95ed4444e9bcbd6ead7d6398faf189de77645a05a54d6c33c9678daec6e5ac0048f91e15b2fdb808d712e662007da5e228ddc7370f575723a0018a1da70fa27e6624c8c75047eb584bf3399a8fce999df94f6fb54fb6c1fc954b1d899459fcd2f459e57c214ae590513ed268ed2d1114d8276642510a2eb99feecb58d8476550553a9f3d1f04c9bb442dae6dd84628b60cc9fd3c1e5c4fe3b9ad5f43b5d06e31ba4644f7499c03fd68cd2207027eeb1908a8022d70eb8fc8f55fee7be7e3af525d4fb1ab3e9b458246cbb5371e8145e1d04762c62068e03795a5a6b48d8643a83927c47000b7766e320e0ef2339d5423813e8d7845b939a9567745f6e2d6070764669c905ea77943a31f0df838a5d046f25d516bb654336f759c05dcc0febbbf1d214382a76fa09aa32be9799252f1d0fd8bacfe3f32574fdc82c6ed77f1c08d4aef88c157cbdac947346e3e015af60125d3e36ec6bd8dc5127c7ab1ed773c8beffc9dba99bd9fa1498a5a49bcce4ddb13fb85e256fcac569aab1c815527710d2c350c7cc84db5a7eb243227973fd5e2d1d8450077ececa0d96884c90ac0146d37b13f1aacc1eaddec3f0d475df6ceafe73f9076fcfeaf496efcae22d09745453a5e4776876ecfb1d004361f82f76b2bfba050d0fd5060f50fd74f9908a62649955e2f90e4ac4a4f0b29484cf80eebcbecb12db8586ee58443c181a59c046c657ecbb067a1e70d4c548e8b291a5aa681624747d9a52a6184a5fc82d824d9ab6156ec5fd73a038b38d86974e7a89b55a95b609e12c98f4168c0e48139749fce33397948224641e9823588858f82247d9abf8f84250564189676325e43944e888cef6918cd2b842b3a42751475a37656b3f04a02430705f16908d638212f69cf96d5311038e00e048468810d1cfefb0a9aeaf46d1bd31f7156a97542d9373abd3c069aa096486244389312031398a35e0ebca6668ed06dbe80290ac9a2a15ac9c208cdbcb2c1e18f008741649b4fe2ac1e6ca0a19980b6276fa09c5c0e67e748c1669add6fd4c70ba522be4428df305c3313929a4eec348f03fc6a6dfd1d6740a61230a977555b6b4d5165c98323871d750e80f9205231af03ab430a720dcaad03d113f38574ebada74f5b34a05a6abb7ba9b8b280401a3a21dd7e1e026deb438ed020d09fc93ffd7376ced7b5d6c9c35072c7f28ddb7fea3ffa7b7e6766892be2015c20e2cc7fa8bcb5832b97e964947ae940d5ce215ff3a0d74851d5735f3573d533cca9b3a89f9494f150cb732139cc2282304f6a375ee1062f6f850ebf89548973b6c5e7aee8b98b18b443332d3be20fea086653d52756b40ec4f08ad52f4d0a5a61004c700f070b83548670ef36dcbd8daf13ae6d382aaba3c3bac3c1efd953781d69e7365e1393d2c3f34d3dc91999ab9a545bc167e50ea6874fe8f49e93e452ad4710d7127c430ab2caf3ec1627e6a2a6a57604a5da490087991b68cd58d456f6818f22e38007e1628c6a78f6a8a321e3f0d5d5e1bc7f9ef53c4780b451dad949962c8a6a464b25cb161159b72f40fed8280daec34135f77373b9432f411b232e9374e9cb3fcd85a599c20d0b8e294835c60c2e034eb8385c507095c6eb6748180fd1ad97cb0a4b2ffa70c90891d373459538f4106078162bc46b425572466aa4769153b994698bbff1a98b5948e40d98bb2900445eebe95c4892bcb92b4c28b734ea7e106accc9836767e0881f970c9d69063dd918de44a484ef3f860b0dcec58f22b3f1a0abb9c0c2b6cd5bdacdc194f188588c0888d6abfa2d0b79d0b33a41e3b6a0f9fbf811ba20f346025b3a4be17eb5ce583b860cad5424bcaf1ef4a255678706052c1cae9cd77cc78639f975f07737b791831c64f0c974b23a5c428091b8b8e17a037ac3c6d56da4b4c7e4752736cbbc8d67b1b823e87d51ffc95fe9752e8479fc15a6fe7b96fbd7b93dc2144381c424ec7782d7f8b2637010dca11ccdaab1bad652a9ecd8b6ba2c116fa419c8582a0ccf754a294d9de5b457d9b1a4120fd53667862e50cb028e2f92c73a38f77ff57c93b410e7f3257bd56e5aa504f0643bd2bcfae2168046ad2737a36b21f6d993de1fe7b31e9ef7c79d545e5364b65011a6d26e0a2f1018a5280ca88d3d1e30c68195f8cf1a3ece813f22e44d83867c9f711218203d1adf2869ed89babca094b8def7ae0abd0245f522930db59c4b2eeec4d564bfdb931d435a986daba4b604d5bf30b1cfdf6960986ba0dab216dfd7ad95ca2555e0573d073dccd407ddd5ed7920c788aa0213aec90b38981a91bc370ede38d171648316d59478e66c068eec33295345162e9896ffc82f8d94b995d3a3a7a4f459e564632b5918b4fd850da380937655f19e2820376e7deb48edb0f5e295521a9a153f5ef69de397d88acc20be99779d7ea2c38445bd70aeeb68cc6c68c1bc603ab580b632866497a3dbcbfd933e2074323f66f1db73129eec8331c8872aa92a33e2180fc0cf2e28d198faef4421064b8435f37b5bfb9b531332b3b0838015fe848f0ce859db8706f2e53fb07ce4d0fd017d85ac9ce2943ab172f08b13c948c3778d2469257d412b1a5305526cc8dcb4a8645f825cca66a63b7134d8b7c760db6a8fa21f2df3456e9b460867303a9d53fb01db8548800d800e49c08c8d731bbf9a642206f4cc6673e4fc0f7106661abfde1eb8a8d384b26d88c16d15f238556ff4b205145d860228038430cd8a342bc15849afd81666b55b358e3ec584fa96f119b77495c4ec36616070237bb170fc04d3befebdaff66643814eb8519abaaf1e9bf939bf5bfefa33c32fe9909055393e383268e426436305b370867db76991ca600bf6211dece3b6b7b4dc5cd4569ff4538080fec318a9e0cce4a8cf26aca8359b503781aaedc2d58b0bb1a82c163425e678b488bdc7362d0be24a7a8238deb31482c332d4d385005ca84c836933b0fce21685ec067adb9490d1a416f83e36e6e3b87d05ab6973f4e359a1fb5a4dbf2ff6a85d235e50d893f222c2a7d84252be9015e104ee3609c83cafdd796a8422257c9ca9172888d91c0f2f2afe36dccada9a713cfc026cf25e113fc543d522e9254f5e129d7ffd61b43ee25bdd63545a81a2b086b616e23abd380a7bb8e54b8341f42c663da1fc8451f21da7315aea416e6856d4d45128dcd34a0f3aeb7aed00c54c348f38888b8c8fec59028d38344a92249c95943d3ff8608bc11406102ebe8269892b2e909bd82ba467aabef127713a0993df779ba7b0816a990566699e4926d75fd47c3f1b9cae3e58771a6ae8776fdb672ee70f215fd908d6dfddb8a2ad10f27b749fa6e67171848d70d3ae135ee3defb2546bb35a3ad2d8ac0e838ff8abb1cd733d80047bc8626960a257b704b43bf0390b7fee656ca7831d23e8ba940533c16c17de68270bb3b2d3bf142b34899b3a106cf9569b4f46f148297c61390733ff9f399c669122dd045187d0a35fe54b4f17e4090c56cfcfa47498b1701a855827d35cf3624624906f997092b010b1da616325a090770694d028fae9874a91f8d21fea85804956594b8252c24d05df5775148ecbf8ab38f131c268cc263f6a2dcd375acfbf39a2defc9869801a720d83add1ff01ac7fc389bc7e35c2eee2b44f808508e6e02ea31cf23ea9f2118bce520101e307b394e5fdd28e90870a327b0a1444b552b7227134a8e5397474a6c0e1ce89d918c899d292660ea44294e07b1645ff9e85f65156f92d55ae795e134250b5359dec6c31d4892d83f363cb09632bb738c4e7f351361adc3ab54776a5c55d6ff4895516c82cc6387b1a424f3af2bb0398d0d4a71fe44c5132b7ad5fdfa732bbcff9f02395df587714072caca65f5fc1215dc9068585e1fbcee22cd69c0386a6482230540ec9ff8e373018e4e2788b9502e5be3e3247f997800c68a634e4490c91d01144a63a7a55afbfa4f0ef5ad538aeec8ea203ef2716ff989e11ce4985263898b8e36b0d3386b816ce484e81404a01ac0ed9f18ef5643f93d46705c949acddca2b74ad53441090f658d22dd081aaf49a7bb07c93ab8dfb5213cba354b4d37d9899423d3b3d45e9463c506ccd69747162d2d64b54291d11fdc6c9b89114543d6948f10e68008973cc485df080b84e0d098f962715ba009f2aa1fb41f7199ea5b9b70df0e1c378da164f7257b4ed04a9fee7cc2de065ad35a60b882d78e26d5804942ed1f2bcf85fc63795fb9164a5f94ffe6bfbf838c9197bce2160d24f88dca14c3e733d18ff1fb7acb0ebdfc4e2ce268a676fb27cc34d4b6b5d7e8db29c020c4c498d793931b0fc7d91ad68d3d8463e36a267833edbdd7062f4d62aa9fd1cb7f8e561d3939bbfa118b897167168832c0aff17fb6cdcf75ad6ef0a18e2b37fb24c85d0866f2e5f191b2ef8fe9b5997635a74cb06aec67363435eb175559629c09316f96dc56de6c7785335d121fc2e4d47c2f50c37c5bf7950ae5de07b3b73830f4299d5009742d4eca98df821a95d244967a42b5a4f3375edc41c5281ca3104bd247c14e838912634d4764c1b6e440860d98f258aa8a24e8af643497366edc2b781aec0567451884aec0343ced1fbddfae585db1012a6d9245ad85c56aa33d5bc30307515bccc8d36d7848c99884db4a49d748e1953b4673e4286393fc97c233d529435faf7ed9f9aa64029814b7cd6a36c3dd9ca7be95e5c4d48e024a3d23651cc81c00a52e2fa2d094435ebdb4ae5be8e6b53cf628ddc87a4bc2dccc98ac38019c91789a40d103fb95785bde5992de08ecdca1dff2ab7cf5013420b3d29b8a7f0af455c4e86285422b986bdf482b87297061084b50684e936acbb075a84e720a2d03892efec7dc1af2fae2a7ce7725cf0d19f39403b273be262c7a4ff638898f6caf84bfb358c580ba4adfd8664bcc539b82792e39ab4f1d8393b1f98f6dd5aae14bc6b73feeeaef7c3accde4d9b098f2d5c7ed68621851f37d27980c4b44df095d865493eeef2724db90aa53a3c37bd345ea75b4e76e8878deae1b4f3204c2957f3806e36a03e995f7633de9b863ff6b3309d330ade917c82f3286d9500105755efac22a4220f457debd861df3c0925dc4ba8913cea12b8deb93cec87c972421bb8442ef2a2a9d638471108ae0152aefdc45eac6ff786dae370a21bfe1e5777df8070bcefba8596cb8f71a516b505b1f83de1129cee91d3a4d6383daac7b9de46a99bc34661f3d805d2e138a769fd6489e4d058a3ab35ccbc81251aa2f23f83d7740bd8869465634e10e114c62bdfd640d69cebf6e78eb0970fa442746f7c3bea77d8589ab131827a95b274dd63ea04fba4c822aed4f8d0cd83ed83177d90332c7e66f103d4eb1dffb9ec0f52094bc7324a7c59819dca343776d6adb6850e7e7e83e2316db1c32feb4ea1c6f47a2ee41bb09d0a931f4fa3cdf7ada2bac7fe5ae2b997e24b8f8c52b0bee1482b74af68b407f0d78f3767bdcb42557c9f3aff0c2c2ea7745a0f588b00a751c1c8d2124a8bfd4d7f756587d239cc43a8cae1d67cf15c73dc8569a1ebdd7b8559e969541a547c272e52d57e5924ced9afc87cd2cdcdf8e30f423ebe26170393ecec06afa093839fc3a10fdc3f9ae19e79e4df6a9af6027e1129a7a6cb4517607eac80fa2b5f7853fe84028a66976ec4b4af50abe9ca959b844d7b2ab94903efec6dfc99ed9df2c329c0e8449b4d2a0a5bc2506d170884d2c6ea8aefebcaaf2abbfa3c4d9e4d201369a47792124a7909e247dc98b777b60a30b1461d857f164e3df983d9a900f8b11bddbdcf47c29d483033c9250f30e268ddf97e0ecbdd99d6fb3dc4562bb75f8f1e03d1aec424293fa5fc786444411a512fc582a9b577d5e88fb9d6f7346bd489f6eb4296e576e25c45e114fb6a3d0b6b831fb4ffe7486daadf2f0ad78aad8f8f7eba17e524de06e81a5af9c1aa09019fcc51611afc45fd30b8ecd2a2ae19758a1ffa55f79cdf53ef1bb55e49cb58d8b291664be61586ace94c7b378d685e54aeee09af828a3ce7335f9d03f8daabcf3543b8099956f60913db6ab401a427aca83772df4fce9081409ab426dae09739b50a8ab4c04a6d2e63b2c4c0b5f7fbd9dc76722057ab6cefc9ccae3abf251259f999fe09dbe1232b8ecf0e26b3d88d13a1001840f6b5942359c3ac75bfc321d9504bcc0e3f4add741125941ece20b4f90416b1f14edb4ecb1ced79cef883aa1d5193f3efeeae7e103891ae4840978fbe74d2cc90b7e02b4d839f15c75576b74e05f7a8af71823317a851bf0ff9171bdb16ffa36f57ccdef61065a62d64ba434571db0d476995e2bf4f148f0a6276b2fad82f03b91fe53f9a7acff3ecdfcedcc1eae42e52e1f7443114b8edc8a9d5c8a55727f7ee1d20e1ca55b42e51b47fc4d2313458ab9a5f05c1411dc8f11e4c57d3fe87183763bd24cfb8dc583c82ce9c0abbeb76310666d2236e2ca164c66e6336fd571967f35b2b0ba847922f5aabf97aea061d19eb9cc3cd6e764da9651f9e66577d9c8870734fe8e03d20ba107e6e2997ef7c42f940b88410c6bf46635cb5e402113411a98c75e8cfd3760235d7a486bfeea1a1dc188b7886172ac66d45a4bd87f60b8502382888f3806e47ffb74d9aef2519e91536f7798b7c22ee70566e686ae2b577f6341f7c47dc1ae41f2af983b80f7db23a3466b4f14e2afd591b19d36375acbc0c8ebf21654c8cf44ea49103299eb1ac6e96bb282a33a6ea204aa266b7d627c53757daa176f6cde932e7e0342977dbf7d5668e8ba984bf05dc610e5450eb4c3dcf7965eedc9b168a9c274ef6a050e93234a9bb5488a5aefaea9c442729b5416dcee6bac23f238bea2f1f4615c863a3ff7c7a081558237f2097b9ffa869f4b69fa32784f62c0b7a458411efd3a9108735de667c63c34af2225e382a17600acecc118ac1f81ec5ed9a26fa966bee8dc6f55c17bbd89a94932bf930b081fd310ef94c490855453551e9eb809e9d568500e6662564b65701a721208dcbef9a07650f9faa5a503d37f2e1b1912fbfb437f1f4c2d4a830a2dcfae905d323fe9a6a01cc8d88ff82a26a1c228103396b6756659b6a8a9ff8b31494cd8bde6205d6f62e698d9ae43ec740fafc60d798a85e5f8598486b6e82f23506c6004ec2f733cde633c3b45d9ef14fb223c020a67f305e33b5d3b239b5026ca679004e212725a4090818734435247b918dc9c65d2f0c580722651217ce7a2dec34c0f8c49e3dc051c01f5d445dca8675339f5c8b30ddc19f51ffa9e9c513f5fc9892dbe5ee5bc148ebf3033635401c8675f0fb43e503d73cd432e3ae2f25bf29b4088a3193c208f5ba51882364202dc3eed6f3ab9a871b4afa960f1776cc92deb7098ae6f61af30e715ab60d44f378bbb79f8fb663de164a5f4f582e6a17fd7e553e677632d1e8489a8138bc780418de30c0a95ae3ec3b0cdee51901869acc318a6725c0c06273dc67d393129278225b9384d978512befdf449f85146fbbe92e6b52cf40028b13d77ccc68e7b65e0c1a25f1f9d17b06b17f216729684fec1b4c0c3fdaf40af5dd1a3f4492d49e018f60f41d91524bc5d750789fd39b6e69cb66b1d86b2c1405331e3e793fb38dc447161f1ba02cee1519b72727aee9ede2898c5195adb0dc1c29fe6eca6598c5612a7f98bfe0d1853e44f47c94ae57bfdaee16711135226c9b44440abbeca5ed53b0aa58d34fa0faf766087135599d7b88a04d5ba7d69c148f3ebaee211a06438146d762c9f85d9007a228edd7d71ad18fe69a1af0caa6176eade25bea11504c2f0498a450d4d265bf97dea5b23c10560c9844d761702a5814fb355827ed6f46bcebb61d0a06c21746625a438c38496a941f447c2150c9125990ff7feef9d551a7adcbe0fd828ef4397c0799507599899259f61ff914f76be6077d0daa67ac0ab9093ecd0f78455b605a7885cae38a88b2955cecd37f972841f440de12831263ae64c7c78970138a738bcc66aae8c1a5c3ca0e166dde9860bbfc4c7bdb854cdb3d94ad4c723b2de03a50dfd120041a9b3107a480e7e108f729484d0df0d8e47c3a6b7ce0376e642ec5a267a91dd2bb1f1b3fe56a5097edddba482627cf79b66801fdd4ecb733067ad52e8fb9970be01a397ede6a3eaee6b8524f8e1cf00e0c5aed165b8b1533afaaeeaa82153f9840760b58b8a12e8168956db4522f2dd5a13183cf861acb0c0bb2735ff5cb683f633bd99ba2bfa7f1fcdd0a54d3b4fa9a7d3de250d7e40bd7b3a829a4f04fd71c64ed4f2503094773b45fdd821688d10ced9da17089b7c954f7e4a7f3e56226abee46d7eb93a6f3d039a7cf3dc14c18dd7502aa0e29e1c54bd1c2182138e06326f3cd4cddcf1997c9739f9e4a0899ce919f20b2def0ff103e5a9e123a1db4a544d438f789a0ed26664523bd55902364f4a21b2a92fcc111392dcdcf7ac0ece18c474d47a11d544b64836a62e3e1e0e9d15f8066315f000b7d8603f772704ed5b96798f28e4f699a671023a4d49c5a1e30d14145b9179e4b0f3424fd46cc22ca48cde74904876cc037a04aee32b53d02e4869427b6b18bf0ce7b5ffb75268788ca5029d2d12b2df068219af12d4e17e56f83e581b0fd6cb7048204803342ab8b146b0c237d6ac7aeb2ee21550c00da60286994f1e7ca53de19d874f7bb27c8c5e263fa35e548ea28f4ac0cdfdc4c0d5096f2ab328d089dacb5e87f0a29814e8461470a22ee8a4a318f5e2b5317a027da39789b7b17bdcc9b26bdad1ba5e4580f671a3179a9fde91408aa41a68f47c71c524f8e413557b0656cc2a67e36da5a07ee7c55b0877ecf41a8616ec20f59d370f3eff6b10e68a6c55feff6f52f498bc9ab77224a7548ccdfa3de41ff44ee4bd32295a42d9fdac1a4c8484a7383a6bd5e39cb0249e939fe7f53075d6d4a54bcfbaec50853c5e4bfda256665ed56dcd20fbd04a1d40c200223ddac36a7229df6003f335227a6bde261f7e2f7c980e7e522c68abc63601b3b1a9ebdd4530e4f33b9986f5823", 0x2000, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000940)={0x78, 0x0, 0x0, {0x4000000000003, 0x0, 0x0, {0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8001}}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
execve(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
syz_fuse_handle_req(r0, &(0x7f0000002800)="d1f89c14e7f8640b43b1f1d1e00b2b0b3146d223d281c321953af4ade40d696d07f4b7d2ed1c1fd5691291056351901df48500519139568c88f49bb32801c2e3e2932895f1eb24b30efbab27313a3acab179fd6ce1f7150b0f0aae8cde4dd46b4f63cd60f647ea9bcf83f107e981a050f61f5d1bb5c7883f93269bba25e4122796c0f88ab27d913586d055f8c977ffcb05c85210f93cbad91499fedb2ab95e06bf009e54b422f66cef043560f4d77ae5c083cc67fcb0d3f10699aac8cceaf6d3b8f32e15555924edbc42b4ca3d2f4a92f5d30c18176c3abd17db4de2ef74472ffb637dd07460aeb7c882811c089217d88cbb5eec41d2be903e1c65cad2ad742f9ba8b512adab575f89d539492034ddfe4fd28205c8f27c52f0f631703d384634bfcad149ea9e842125062ac67006ca474be31f708b4f4f1e0c97a4eb2f26b671e172e251e8a6e9e1510bb74931aaf6b6ff84f8aefd63591f18f2ae8028985d78fcc5ed2d57bf595d3068e904387eeddd19bd359721a432bed0bff033cbca6acfddb6529fb11290bf1563b45034bd9b6c331091efef04303ca9942fcb64e56f3ff74d610e14c8f8a87e41582aebb272e5d6e945fdc7095bd181b93f13ddbdc18545f9cfc4db7f134c9ffa6add6727ab8755a06dca23d24a67658fda84321bb97fc475ace3b9912dad73f0ee6c8b2d6d58d7328ca63d1aeceb22a419fe4ec4c3b943051e9d276c559c33e6a45a97813bfcf80c7d79ebe04b1827878c4c8c2da2d598f9f3e444ae82f142716827dddcd94f8997d88a30be2a76432641125e28d5a0896b3e040a8b6805abc98da90844261468826b89f6cbac8d7b5eb6cd8a23f7c7ae9b99dfa6616f9dd10ac48e8c53a38ebfcee8c0ae1be1ee982515ce12a1ebf5d2d19022b4407a9bd062c453845ce75f54dd07e3d8079e19b3b116dc51f7a07d005ba682da13b73e3854bb60059fb021b8f4b9430629d408b32ccd3678bf1dc149a3493c44b2a52a5572c128957e0db8a4a214848b64bea6733bb48fc17a4e42474e2b1f47b507d038bb87a3fc32e7bf471685a61f736a414772cc1825e9342c58768640c83486dbf058050dd6c8a9843c106d1a4efa5e5b36deae71448e55f4ef2721d2d210ce075bdc52c97bd6c097a9a4120a507f6c99cd9054579c250cd5b207684deadf75f2f8c54349a57500625be7577fd6c81ca72111935f577c74c2bd1e9419344e2a3563b5a7d6026722469a30a061d123b45f93027a01c7d38863589118d25e333c07f5c3eb85d4dde937d8f1421b72035f8733754ef4793acdc8d1362ef08ac1e9f0246bfb478647ada002f809a3e63433d031e6d5e4f86218ace6a6221103608705719c3106b4659c377f7e3b6ae1777075ea45a68df2004deb6ef742c5971c23d409278be94c5de68153d93d1a2378f1b1656786ec896b72de0da8259a6f181be8829f9cb7cb98ce0b169e734e4a240508952f6ce3ca984eef7e0cd549996147fe56a0bb1598f015ab955df145a51d783397366084e53455840d5688cb9b7d2cdf8abbfcdf850a7de4073eada567d6ca989611c4910e692e44677a857eec2b654f8dc66b2be192786dce3b9780f9806652bdef013304a43dba3f8d15e5105414f6d1fb2a57dea02211fa311b489088a9802e36d649ada97d72a216f54ca6da090a51c01f5638a04f364a3cbf24bb374f644fda38856a7e0f5c3c9cd7b00555d105daf57561379cf1d77bce66d12de44f202a866a43a7a05a6e0910a1f0ab5b1341d8ae992ae9d95fa2c876db1bcd3635d7851f03dde1eddae6dcf95b182edab72a0521c88c8c3a8c2ad3c6ec2cc44321ce1550d51476e95a18ae5fdab801ef4f5a7a56580261d850f392929061ae5808ba390b2f7d8fe7325df9c07c39faadeeb0ee1ed95db7ccf49c9b93fca83e06be745156d422c8b936d65b8e7e76d9eeb2bbf19c1f9a59b8ee6b55d594d4794a869b2d3b37b0b936866894f00e6a90c788c22e0fb87d0ac53ce75e519765647deee2862552c77ceb75d419627e0627067ba24571807cbfae0bd959fa95cb14c2812a1ce41f76d2ad620c55df55f473e56cb219f7b13bed8cc4a98dddfda9d3b9b5650754f73c34bf00496993a1c4056aeb44e4160c3e2090d733604b2b13f40ae346b726a31365b7a230d8f66665dcb726594280678a258f8ddddfe69d424d62abe910db05c0efa5e773d0f6d8ef8c4c49926b46568a7a1321d996eacabb2f716539a020e34a02afc3bfead458287dd22c11e1c5f57cda7668853637dba0b2eb5e5318750b63c829ab0145c02d6bc05aef4113ee0ea0ba97c44d74cedcc89adff648eb5d7fe932a7a76c772b1e2e36c148dd3be951cfa0cfe11bc58635b38708fa1ff88f949eb15f4a4a3de71c33e2915c799d8204d7d1f9cf7c13c608e6ddf29e12b409028ee5edf37353df7982f67a120ff1871001094b1a3148ed5f4f75d9372aa21b2bb6e02b470336a2c20efee8af866032acd6dc56d1fa7a84dc314cafea1a7bba5fbae89e037a4a5597d2eefd153406d67ddbb3b4eeed6d981b229c2c1b76347b05d20835ecc979b697a2981f6785df853d3d5ce07c624136c805d4dc6c7419d68afe2ad4822aea38da761742b33de8394bcd2462518b35c6ef265eb2a9b130e5a3d669b55d457f92500a7b69156475e001989d55547fc831edf2afe2290591e902858914af73ad4e87ddb8ea3a719f435fe1c2839a39fe088ccc863e7c82e96b66e1b6d32ddbdc42bf2f6076b9e93ed2ec4b6ba6fce5dd3a8f5b3aa105aecf72a5cc9108d02a0b923de2d490ad90aed3a45c46d4594948e7b3f3cc7d153f4b2837ca378fb4af215657f016fd9c66395b98357c1d12a655ce07268beccb35acb3f928c1522bea5df98a0337c751308bfb361e68f3775c75e020ac9570283119264d4f8916c143ccc28d8e0709df356de6b6f35fccde79a677606b5b4d846fdad7c271fc5c2ae5f5e2fbcd6fbf21508a2615ab8f0208e276164bce80fb886b648b4cb085c7922a829c2bccdd850cec329870c866f7923c2c1cd59d6c2653263f7aa1f13d84c82575a021793ef875954ce8737c98abee465e780ab64f1d23da92828e62908543850e5730099eb34f5e47dee740581f596413b8e2711bbfc9d25e4a35b57416a741a60ba650b52ae2189cdd125f64565544f9e75bd8c2cbd898ed2dbdd704ee40d1746715eab4155a51289cf7d89a19ab7a355609dff8111c94f6cdf94a94c667508d7201eab7e86569b8b08bca2291cf3fb166df68f6d6da05398e8a1c0c5c66ca3cee621727a77f19b92927569ba44709302c1102683f338150989d971ea6d0151b69865e540ad4e5a186ad9fc8ce57a56ad114487c5ad99c0beae0fd49927c52380de839cc952f8e41e167006573b4ffc39ebec8f9f9fb4168386a78fe52c00cf3c3be6dbcd4ab32ac7cb8fdd1bae70a5c3da6f555aa6c8e6bd7e69e511bd5d87e39ee21f9035b0b14dd50b3c4e211794bfd7e8fbc48658044eab550f6b564d8f663c25ddb30233fb260e2d30bc9956f7293fd5532df2f74019f639c7313ca029280c513c2fc3c77dc4d0e7f5a9f273fda00349c28319743bc8f7eaeacc7f487bcf5866a55b2fa5b66e31964f090ac448a1ccd3b8cbc9735db5d7d1dd2f2bcdad1ee48b4f8a36688d8ddead1f166a5afb2efe12e943ce6ca41f1f45fe650536860881c28ff04a66ddce9cd19b4304c26e3238f114a1f4080999aaf6ff1f4b8b59ef5d54c10cd8a6598420949f1c0eff13259ba7da9f4c749b58f31f01627b780c2502cc6d1d82f68271e2bc945ddcb6784532e1aba414385096eeeb45afca0ddec570b16b476fbf7b4818275a05afe4beec9086e1c816ebf96608ed57a570c931577ca5b14c9359718b4b31b4789f291f5cb012f832e5763ba53521f58d3ee0a10930d3b4ea7747c5c751cfb476159287a9d371530e5d7cffa6ab09f049d2435960b0ad34f7890df22a3cfd6ce052b08409e67a1291f8459a59b988d7b97d2534f306d83656fd43313eebce1732837b6c22dc60a80d03c54b695b4efbf31381916c7da9644ef8e0f6739c98e7892ca89bf696715391c989c3bd53362e01b81d998e50e46fab088f9312465d200c034691b7e5dcb22ead3c3f3225f16a5588b2be09470e225290d8073dce5cd955d31e7acd452950505597f01c4b54a6f16f2e7d00ab182258f26e40bb70db783b2a10aae019f87708e1306e1957fcc081dac3659d603d4044c10b0a1fe61f4482e56d031d43fc355100a9dcf822db16d0895e554b439bd032e6103df725123da3fdd4a48b68863e6bb36e05343136e171d39d86168be30188bf1ebac4a1d748115167033149ac61bb4f8d4cad7f4c68c32de226b03fb42d24d5e37ba886fa357100644e64d869f6395e3d6d3768a30f53e2aca3688408807bd4818a2c5150f8ee770121a4a6402c7dc334a9ee5e876566d19867e45d4bdc73477ff7f543a23f38d5f0bf666219b0391e66457af4238c5bd9a05586333556f8972aca1def4507c4b073d1bc1c3051f0bf34f71673ccc1de9c69170c9fc5299ac733569cfde6a7bbb3cd60b601cfca16510bf7fbb26ffab3b674000844daf55fbf4ab48eade708cf70fdf901454acc8cc95c63fd2ee771bffaf19205e9a119b847931bcfb4c738e39701a3882cef4ff47b46b72ce26ac207a1ccaa253cd3ddae2b2eb61d5b9b3c8156928a169d7dbb2874b884c3b2097cb8ea92ce7fe70af90514c11887df33c4f7ec3d3ee6c327e7129b0188b0ca8c777451b17d8f489d547d711404bef72d1914f66a5676e9d716ede8c4282526419adb31d071d241db47a58bb55ee6ebcb67c82765a25e5e6fedc4c8d1d9b17e2b5bac5e0af3c63ea870ad8c5f9521390b660fc735d331e6eb326abde284256cdb381b4651d05f55807f4ad1b5b883bf6b55ee87285fad8de366f3248ae0b9c32bf85fc95d5bc19a716ac2a5f41e4e58d26bfdfa582be5d506f9929bfe7cea70184c81722ef7300f779d5d64c08a225a083d44ce75ced73f3a016f5047af67245bc8a81214024e905f383252cc0228085aa5fc184cbcb41db3eccede89480e0a1c1d1754cc3ffa53edc27c337ec86ae2f68c6225edb0027c1c5bf9aee1b94b62f6144e4631887272a36add32d908add308207559064cd61576f917db864845e5e89efcb27c80d259eb6fd5fca398da0c7e62fc423511bb8eb3969732c862de33448e95aa5e15d2028b84b3b8348a50abb39c5c10ac7fdc2034d1ceeae9870dc4486f48ac6aae573a775716ec380ed57665b9bf1c77f6869f720e428f8b94170b14c23786ff1cacf95a66ae631c70245bf264ce5078c3bddb4aaa7928eb6f1261d52e45ae5fde6f1b3bff90cd560c6c2f77ecfcf553db137051685c925be70def2be6c9bdd5825eac58d4c892a6d4ad5dcc078c6582ca140e5a75993e5ab7b487f31e5c601844f18f13039c099317f5e512eb9e054dcd8535106a9bd8977bf74254b68753b7f3a9b385d4a38ccaa17e029bd9ab4ff9b9b561b2a7e613ea05eb18a50fc231f32b79b9f32514469193a3d12269f58f3c932e501513e48e81774ad389275d9f00b4f8c677b8bb584b503201f83c7ad2e934e909f9ae1fc540f544dd2327fe1d8e3bb86984a252e2ffa88e2aed6d65a302d1883e51654fdb046d35270130fb9f8e4a4861d7278a07ee627fe272dcf99d294d7b1ce72f2f804cddfe4fa7aeb2c9543ef2665bf826c8ce0ca82dc7d4e57b7181b55a5d96ad83417b79376793235ed5a320a3ffac3a025aefa669450a6df20d830042034c0953836097c9461bc0d9c1446485692d1b9d5c991086f3f118a49bfe2a0888a5af8a868d880e31946dbd0c7ddcfcd27dcf5c62c9c5ff8fa9750d129f32e3c4f524eb3c31d5c9cb33fbcf52384a04a9f4faa216020e45be91181efeb7393d96b1f3ad8e9fadcffe49bec1bf36e70c2291475356ec5a416feb5d3b4f1331052271679d1186b338163682ac5b6bb79c64d6d0f8ddfec84d0d9870f45a64413f529c8dd93b358e66c9da2fd233e53b73ae2761f363ee69a38a0d7320a149c90c086e6a426abca5c461088747a2fb5006919ad7640aad79b1ec03cf6f49206f37382ad3105fcbd0e08d00815029d8cc3ca16472e58226f1def116bfab456c32a2a2323bb5a661eacb3b7c915d1eaa8c5aa8b1bf25c3a7bc9a2e047c499d8f2fbf2fe25606fc7f0ae5a539af68830b1955f82962f596e2ad0feb3e99b1982ffe3e553f102b4360b8e1d659575a8f713b8bb88d97dbcfd98f91c147a97e896646a47a43334569da8a01541b012063e0465c4122cb96b57484b0ab8c5f0c8f346c0766be69decf4e3ebef7f74f153ef8c6b6e9c5fe224e8f995f11c1867c5600cd7a345afacafec9076d4ccfca741fd41e445476d31f7cdf06b0d0cf596c755235408782a5e37abeb1f2dad79c83e59a1040c4b3b6a5a2acce9df0ebdb607c9c0549a4b16028595f7a9cd9da115dab0189f3d98b0dc2b8ddf6be4de2b38421a2071d91f14f8752c74df31fecb64de59dce09da2c3a1a2826446d982509baaa89b76379d8320bf3c1f76448e0ddc0889fe57ba756ab1403949cd2ca9ab520fa485576eca5acb471002a14a31e8d7f54c8c3edda8f416b0ae9d9fdfc445b54ed8fb34ed7c1d11b3c57a2c5ad92217ab2fdebafc195d09fee7a518e027ccf9d2e8de8cef1e0ad52144d82b65519495b8a5c314e85361adca8953dce587cf461a461dc9bbc0eb13a54144964930d80d8b4a015676f3efd10ccfd0ec5fe64deb93b5901b506581461bf2aaf04fa9f8118936c5e67e1cee60ccfc4f011ee2812eb9716af42b22c40d83c55d4e4c4838826cc34387a2085aa3e17219c78255ace7bb1fc30ec80676449084744c0887dc4e7696d25a544f3e4b365cc6ad800931d5787be99d678347ea4d6cdeab5662f6cbcb5fa80590e513c4ca96d73d378085026e0e7c71d968a670aefd48519e35beaeef9c67506db6f9b3edb62ef1b3b52b9c2db876b76101644e7dcf5a5056a8d916a0f69ea5bf096e7a4c2f8f1d0da29dbcef9d2ad1b82179ccd0ef95006b7a1d542a847e3e0f864d63434c15d6de4fecad18b788a867da5515e3d51871417bfd783d2dffd852953ea7113d3a61aac3c7c1a4efb449faa928456eb570e62d0ff9542a971b542d7c1fed9d633eb4a81499c105d0f73c5165badb54b0e83f8192d3d51d46ddd9908b04e9f57d5a4e6b65affee3799ae7cc51b4098f71e8ee947ffdeee4fd03095536376e1281ef8158fd1da4a39aebdad37fad75f6217bf45bfad16f2f1a80f5e8a3eea1141a56beb91319fe948bb44350a6e79959c140a5dad9955fb287aeba0a8a45d1fd8d692d30c96d01c9100e417082ae6edf62965fef7e190af60a99145925a307d1e11534d2a64484be3c6cd642432a2db66ba6d3ab1b7ea645edf4e54623d2ba0619bcc2a917cc2df8b0dbed096951947445ed5f08c626e1f9a5f566515bf106c48174f73587314b513962ed556fa7f16d8c6a953bcdda72f083a9b16357b3262c13cd500dfa09cc3d09240a7338514031768ea3053caa5166c8e4e090b3128464a88ccdc751d8ee1b3b1098997c9eaa2b3a13a47e43723a49e5d011dabb22c0d9605e48d5e26b90a47519536fd77c5260bc713e2b510fa6da698069f6c1df7a72462399d7dd288be19a0eab18adb072677268a306f19685c2d813564bab4ac90b7389c2fb87c0517e769577c081ced55572da71b40d18e4979b6b6290afcde4caa610166920549286dfa80197a10ff074b08d6b96c97110e36742fdbc5607f4c48ea9dd53301eecb5c25fce4eec9381b84e6b5af767c5bcca600149a3021c3f4aa237a0143363549a705c5768b5aa6ed51fd1ca9f0f9dd242f0df21f7c3eaf321fca97837d989ca101b5462d2dc248316c21339cb2b4e3451bb483390c09c958d474c6df2f2eac208ef704cbae5c9f6597c19ce48c4c9161c1b14622ed824b0e8669cbe6746051729fd2fcabb020190764a468c58ce369528bfca46cf8ec51ab69e711a53c4121476d2a5d2ceb19c332a5a86a52cabb246d2be739f361d97a6efc2c1d408b6f079ff5cbfdfa7ffb5da3af4611e42f876a44f8180ebadf8efe05645f3326fd1b1bb7f82753ee13e25c406469a6b103b9083ac06d590a48543240bca6e467eafc7069c97aa93a3a4ef61b6043383b6e990d174637d695893bd910f217c9c2465688eccd8a171cb5270fca2e002261f2e3e595f3484b67c0bbd7b50ea53a470e3935c0eafc6226521f0a15fc7cf5494b67fcfb705019a86a5972a9dd285bc50985947e42ca8519de25510db7ba6553419d4e368fe56c2a7acec8e77cd734f557a0f1b507e0869d2d5c9913c52fcd78b42b8f59ad3ae92226e292ea4439b5486629b739f4cca3d7f21cef79045427656fd1679dc5ab23686e13500dcb6284df60599ce81e2570d1cd5c7c2e0026640177bf1395fcf6e999acac08e3a993c3700ad891b1a68d5efc32a4b4f9cc8841e837e778c2500eb6cffc1b9970b2adf724839c7711ebbb2ee3e55f7aa97746d7538153589deafeef63eee6dfbd43fc72e0b763a0e4709da3deb26691303e99230a93c490029383b322099363ba3b2f76b4773c0c43907361b578cfb312cde55ea6de2f477c351ac82786d15b52f08a42385b2a3349116d34f8719264f79082d7c24165423a8e6764c53b922a0b3121cbb88976e6f53c455be77521bc1ad4997135ff24c520b2fa0002cbcc8eb8ee5cb33b1140dc811ee36816f47f23ff0b77d6680d597ec2fe77f5bfe1bb75c3eddb2356940c01e694da66d1c4fd78f7df5857111c01bb5e9954585e54086af287dc0ce861d921b378e9a2a9c9c5a37d9812595063643b1dae4afa57d884501ee0de2d7e39692ed5ecbd2ba1d9bf4e3f291cf0b1dfb809a2f915ae90bd5fbe76d5848752c298f34e69d8e95f6f3c8a8ef365d0927811b8a90c8f58836da07c058f71b01025af8c9829f761d71465d3d813e1e08a7d8f66dcb0f98daa19bb106fb9b25d49a35e8900e6de4502668cecbb9638c5b0d158317970e802be345ab3570f6a452e18da421fb4957429ec4b6c481b5393be9c7f1cea3d77ad1c935ce6cab01ed08f7f24e5b01d25105211d5e28b25d3a5fea30e3c4cd1289bc2606728f127574cdfed91d7c19d7381c3e532c92d7e532e74f3d24281cbf0f4e1908dd4f5cf145daeb21db6b34f2fe175aafd1c20224544c113f132cefe620bd99c5caff7b74d6acf8a1aae2fda5212ec64c80d647308439d5f90f6f481101599b539cd09a1bdfc510b6c9027c879f76bfd397dce9d3985ff01e62ee0455372960b68202412c6d5eb7b09c36f265b7b8b3822aa489dc169f8079e71dc96e0b75de2ade686761b067416e4915287dfdd6309946487a68115ee9d0bec73ffc63223e9463a30b819297d24824cb20724c6b524d58af1e03264e8e2b8dce59377c78dbd5ff5977782181aeaa8c2bd6d9f3d25ec566fa4a01eb5aeaeb6912acad55ca7336d28e305781bf128d6575dba16110d64c55ec9840f299e353fcc5628f248bd660f4dfa5f3a1bb7fbdac78ec727e87a134c98a98f405a4cd3773e79bd4f22bd3239a5fa8cd5806601e07241b25678f048b05bab6f8da56818f8dd9c97d001f4a7ea8beb3fa65ed7a951878bcef7e1da873e21ac6208cf0852c6cb297c10c84b74582bf59aaa11e7d8239997c9e7fd3c5bbee5b8466c17394fa61771aa10a3541f88419b16bb4fa36126745e99c292911d30ed0fa366dcd62c10879a6826609ab2b80b3a0c2de3d877805a564ce925916063c53d9698bb918eed2b49315fb83465a0db1a63a0528a887f5106dd054edbf381280989581c859a517573a6eb4946e0fcc61956fd5868fd37c788090fd7c3341028cf1bcb38ed595a4fd845ccd45558282c6e23d92d4268875f80ebad1c24f8d247595de2f8b83708b504f674447bc6fa1748b86fdfc971c9275baedda1348324c4dbde22d423744e2d537a4e28d95771b18302bc5d92f9e0ba6b1029a3e73761080a4e6e1b52a9ebe3538cb3e982586c23f0b0cfa78126198a0a496d96734880885e4aef7b35d90af287f9d5b18998fba69cf5a13b9153edc5f1c3cd0d181c1cecb4936a489f34682b056eaf5c57caea4a9ebd9fc7d842bc3850046f925dc430769863922ce5bea6709fa9bf7f21098097d7f47c74269b524c4194bceae0571fe968ebdda85a28fa5be7f794632189da179e248fdc237a3ba3fd53845e42db45747caa6cebf574e9abb75e3b33c1096e40e0e845385d6f961c56fd1c71f92ae31a0c9088b2100b457cf2f8b33ac984fe79ceeb65fde350f9c6229433aa20d226aeb7677e0e7e8002e3e220fb74d4a1bc07ca43fa23fcf9cbabe7799b5b8daeb63b35923c4a92d2c636d36d58e719e6855b57445a26072d716aba7b653dfcdee115b3310b0c8af8649337597c1ac8bcee8b0533cb458d165b4ca4ee72c60a49f4a7061aab09449a318a6dc1d5b1a4f2a7f82c5af241e1f0cbe3e9fd5079e385ec86bc978ca82aaf1de5b470dcbb06b5f0360142857a0519583e3a77a6fbdadfff48de440bb5c3dcb2c3e6624800fa7898ab00242b7109809d58e5aa8a25705266d9bb04f165f843f1c61c23b41f010ad67f80aa8e455385cf3ff89073dc9434ce9be78993d6c73a8adf4db6b540e7a9f60d8dbcf3133a8f5c5c59f8378f2e5aad07f31707fb9834c66d6d0ded8a8b2d984ff5b4bfe70bb6479aecf208beb8f4da7b23957ce77d574993e1a44de0b3a5cb245f0ebf8ea32a22472270798defec3deeb94a4d025d1fe276612ebfe0f4e6e639de1300d47e542fb032150ab0aded71ba693817feb9cb43beb6f3074c2d7bfb77b9b2783e0335449c9a9775ccf9060ab2468a6644ebddd41f70add6d2d24fb9dd377c4f0dce3439283f22075ff3973e4e70e0bdcb53001be03800392084d6768c3e8f7fad09b192a497a36f602d07655d3e6a7ccab561ab92c79506e1e06aad05975accc9b8b48c41da8bc611d331717ee312d77403f9f66ee9a81fa4e624cca690540dca722986dc740a919597f7836ee95b554d3c34db3443ee5b6908f8623b2c82f32b65c3e8c3c0e15c3065d09214ea6290b55bf5520ee92825d9c82745bb5368ddda47036390910e26470b96cfd7c4e7b0df89f897153fd5ab4302de65fcda1f48206346d6051a94d8e0c32b959d914c218f54813811d13d99ef6259f54c0e635c04f875772b38524e94fae3a73109f60d0b00c96c1809f37e8fb37e61620690b07d726d388e9ae5dbc3a1c3557d1e4288da0622d77081ab4cd00ce22243824c363ad1be5cb0ceaad6336a797d8ca6d988c4373b3c00667d651452d50f81a830ac6ebb71559590181eea67dce1599d13f2e778d69a40c2b736dcc7c36782c1788cdc8d5c3820d68093ea84d56daaeaac19c19724ed7d3ebc1b8c1e3092839314dc6eddd99dc0eede13dbcb7fd22d401df8eb7f679a04f785006d3b4c4012bf78b7e43b1b355a9f6d04ca0e86c32d44f73fa514d1e2b147464", 0x2000, &(0x7f0000000c80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000880)={0x20, 0x0, 0xffffffff, {0x0, 0x8}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
close(0x3)

15.362929923s ago: executing program 1 (id=241):
mkdirat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x195)
r0 = open$dir(&(0x7f0000000000)='.\x00', 0x0, 0x5b)
mkdirat(r0, &(0x7f0000000080)='./file1\x00', 0x0)
mkdir(&(0x7f0000000240)='./bus\x00', 0x0)
r1 = inotify_init1(0x0)
inotify_add_watch(r1, &(0x7f0000000140)='./file0\x00', 0x20000112)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000180)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
io_setup(0x1, &(0x7f00000004c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x101042, 0x0)
io_submit(r2, 0x1, &(0x7f0000000280)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x8, r3, &(0x7f0000000040)="9d", 0x1, 0x1, 0x0, 0x2, r3}])

15.062808029s ago: executing program 5 (id=243):
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
write$RDMA_USER_CM_CMD_MIGRATE_ID(r0, 0x0, 0x0)
sendmsg$NLBL_UNLABEL_C_STATICADD(0xffffffffffffffff, 0x0, 0x80)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x9, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x9)
openat$sequencer(0xffffffffffffff9c, &(0x7f00000000c0), 0x8200, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
syz_mount_image$minix(&(0x7f0000000100), &(0x7f0000000a40)='./file0\x00', 0x2004000, &(0x7f0000000040)=ANY=[], 0x9, 0x204, &(0x7f00000004c0)="$eJzs281O1FAYxvHndD7B76+NG0000Y0zOEwyspML8AbckaEQYhEjbiAmDBtvwbWX4c47cetCEr2CmpaWoSOn03ZwWuT/S4Z5OenTc6bhHU4nIACX1s3wq5FRI6x83z94KOn1K0n11GhzLgsE8M/45rjpbZpnD7fTUwAuhtqvs8db1gb/GhcO7wLARXa0Wgv3Ad+M9P33x+HP6NHIuH84WnWk4BSjdvh9nG9K7Uz5QxM+36+Ps5+N1FLyBGZk2b98Oc4/OTV38FjIuv5o/sWJ/OK0YHDLFDh0wqenj5L5K5KuSrom6bqkG9G91i1Jt+MzaHQy//rE/Pcyrh+YRfDT10mMZGrbZL6TckArPR90z8aW5y7lmnWsEeWf58g8PlU3o3yv4PxxfrlgvhXlO8Mdb9161MuCZwfSOX/1fz5T+99mZ3BSztL/9WT/85kkkMPu3v6bNc9z3+cvnEKpShbttKtRs8bjm6TzWMbBxIgxUtmXZbYivqjBSN0faXrqU6G5HkTzVOAl5ygWqrEMe1HCmxGAuep+2H7X3d3bf7a1vbbpbrpve/2VF/3lXn+w0t0YeO5Sd5bdOYAqG//Sl7J8Zp7+J0EAAAAAAAAAAAAAAKAMdyTdLXsRAAAAAObifP5n6MdQsh9T9msEAAAAAAAAAAAAAAAAAAAA/hd/AgAA///cwS6r")
r2 = openat$dir(0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', 0x0, 0x0)
getdents64(r2, 0x0, 0x0)

15.05843163s ago: executing program 2 (id=244):
r0 = socket$inet6(0xa, 0x1, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r1, 0x1, 0x1d, &(0x7f00000001c0), 0x4)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x3, 0x0, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000004c0)={r2, 0x18000000000002a0, 0x0, 0x0, 0x0, 0x0, 0xd5b1, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
mmap(&(0x7f00009ff000/0x600000)=nil, 0x600000, 0x0, 0x11, r0, 0x0)
sendto$inet6(r0, 0x0, 0x0, 0xfffffeffffff7ffe, &(0x7f0000000140)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000001200)=[{{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f00000018c0)="72da", 0x2}], 0x1}}, {{0x0, 0x0, &(0x7f0000000b40)=[{&(0x7f00000028c0)="1a29686d9fe935c699abfce07ea022f260f7737101274349c2e284b44292298aafdcf9557a902c345d65381eef7661d27e5177dd6d1742007e4649d403ccc73f20b58d21c32d5f61de9df4eaea5fc4b3473d56b9a1ab523e47c84a16b0edefe2c0c6c0358a3a447916c4243917e70ea23c6a65cdb167de17b7a13ea902ed111d3f3760c66c955aa00e7e91ebb25b69ed73d9913532be657258f9d1dc7e2cf065ffc642a0b0d9a14740ad4206bae3661132fd0203d883b21be628cb02d66e6654fe7292576b15035c35996a86a5376f87ded181457b89b631123ba6e96eb836d51e7c7e1b2889709b03f8e08672b4a273a0d7564cbda01f6ecf067738f6364d02c2d61804eac7563e7941e569a15279034c7240369552d42f99bf7840223ffd51330e09436a3297162cf344e243029c2680059d0a027fd14e7674b182f28b3463b4d5eb2cedbd516462ee82c33b5fbe39e424f2b05ae30ca01252c1d6167ab020b0646be0a36efcce490d17b49f5cb4ff39b62407a2619a9459c5365a463dba799bc7bb1a84178f3fb4cc6d3023b0d90f0d19b666a67b0b57440e671ad76313fa19d358a146366b11ee856929cc098988168025a2b3ce2556708408607958a701f0860dbab81e737c06d286dcec360eba7cd20ef9306c88f5b454c03aee2303c4bcf42316508a1151bb62a925770787d230d0107f5d2f7c1cc410a484eeffdbef5b5635168eefc3137ca0700fc3ef929794f5a2b6b379c053f4402c9e25f35e1c77f1c20633628c5e96a22fbeb5c1083d82a51996e0740114b3c7df743aaf881835999c10a30e61a47442c62a86a0991e85524c684e4dc511aee215f3ea275ed9634d91919990a9a64c0f323f76386c101823d66d08e6b8bfb1cdc25947c9e663dc320c9e98cf95f8fa92e325d1a80f39cb12a42832c6180d85fea170fdeaf0fac49a3b7a9306dde9f538f8527a9b165b386f8cfa4c9974b3da399b1a17bcec4a4ed6b6afdcf7483c1b94bd204887fae46c5654be2297362b1d447b89cafe534df1dd987a8f8a0d9773453f72965810769e4e2955d5b6fd6a4b8d3f2852676c86997270c159ff76bdc906165e6855110dec5d590d99410baa3b48a2467d2a439009274c0ecbb7d6f6ec5fc7d1d6947b3cedf8363d8fea949f9a3c8c9e76eb9727ba01c1421f5010040c934e5228dd2228f08be55ab0c27d30aaec7abd61d3a35bf49e56372fa48b3e52944bb646642bab4ba38427e36ebf4366c44f557f748aa01e2166419f9ffce4b2f5af065ce3ef67687a3d0e1d691e0c6cab14d6b0050cc40eb63f92e6842b7bfc08c2dcd0bc24d51eb64b955da0a7f03cb60f0fcc2abcc7c0a3502f694867bdc0f1ee3a76cbbc250173de5811778ba10251ee045d030195ab2771d8d6b1d6ebf88b759f3aa30d6167a7433ff69ae251a5db6017d6aa522a49f6ef6f8b40c7ecefb5b70c32dbef8306be14238f7e55e642d26690b710560294f918122c0dbe117cc2248f7c8be4c06217207d7a54ac8a4aad99b6f5d9593731110f86c8a13b4f01436204a5febec7f8cb801f729c6cd414b1183c5204cc7d7e25a2744a74d5f9d11afb3eacf36b375097550ab0f0f8807f7f3271aaa480a29c0ea9b78a70cc56e69583051687b20d4638b746b6a0b3afac926aeab5e4fc2501058ae01c7f0d924e33d59b764a2492175b1f8ddfab95da5d12fbac042e958723b048e5250746f3ff6ff68547393bd4ea961058152108188b834b35035d2e98580d127627a76f8534e577bfad6d3ccca85050a39fefbf5cea99fb728a2b9ed1fba221d745d484d78a9e2ddab3ed058b9ad6f13c0900f3a2258acfcec81f263e5abc6ef11bd7bb717b00f2ae18b2f4c258e8b83aa96238dc55f84cef8dd0d9d59efb92af0788ec20d08a20300e064ff7865a66e43cc50b86dc416bb46b12845739688cd91ee85a36da2b1081916311b9dbd8333bb6551f114273607868ef83755e9da521c186e6e5df4750080525e16e9bd24b39a11e0f66937333f9f1adaf6c0f077bd797c6a4bf43fae592c7d80cecb0e65f3ba39ab0b77ec9f0366f19a519306d924e326beae86fa9c941102fd9e02ba7d72c53e54aadb74fc475fad2da5af651d8aff81106ba0e3b89a719f3c59712951c30df46b4db3149bc28c5b9324a83e7e33727cb6abc64ac75cc2eae00bc8847377f77ecc5c08e99adf9056fb4c52eeb055b8570bdb49413c54699844527b238158068a679bdc26a0450b21948a0eac9c18fec804e3067cb9886929a31407de23a894aead991fb30a1f6da613199ee76caf22404b1fa3b934d9e905b968b164e8c1c5874ce9c0940bbc791e865a6b3f3ea5f4874669cd46703dd044db0e68d7e1a20756d11319278fd46e25f5d127faa5814dbdd6d11aaf577d9f8b075a7389026ed74049ab9715c36379694558b12535ba9b0799381d27a079c2ada50f6b08678433f2aeb6967a11a73e691d276efd55e629c203c30423a55dbfdace02092ad988e50abc1b24d78253f8c1618c69c9d7639afedd8020f07e43272ea4b49a6a274c3e3bda6c8ce60597afac435236dd12c5d86bedfc52f841ff53340449f5c3f441b7c8d894938df48c8a3c71d9d35c4af3d28d72baea33a29b2beeee6f0f13a6d617eacdd38c9623d22b1306c2de29fb9805dcec16430280b54e4dfeccb70e0b2d3f218a6d6850b6115bdb69af048853fa7f414e54a9cfcefd37986aabe8f6c2d94c18050bc94205690addd224fe21f2e22a8628de1bcb2a90c4c3156e36ce68f95dae6644a5216aae2ec7d08ae0fc46945d6cf3b75e481ddc89ba84e3163458e11ffcf8ad5f532f2708cad50af9356a739ca2510cab0b8aa1f98c7006d483b0e0080ac86d0a376344789ac19ef280e853054f56b05ac320bed179902c9adfbd819d360a557ccff3d534b18047cb738f1a72ecda5157197a269a9d4a561ca45fd8043d06b9715f4fa19c70d9a3af134ef3c2d83489784c28762bb695e303352f48f83dcb35df75f63ef6bf0396ad7d472952ce86841e43f2f6cd0b2edf5741a1e316c228f4ffddd2210c498a51bb7753b3744b0cc3aea4a51fb9a02de4c295e06a74e6ed1a8b4a14da2edc127948750fb1a150fb1b7872da6e92adf1ea0311da8780c81f488125ea9836e7dcb445936d9b3998be1a0dd9fb43a3e82091ffd9ce1c2b9a56b44b6a0486fb0014f01244ea4d685656b5f3df810f7bd3d94dd2dae761ca6db57a343aefe8c7ff6d98018a14fe9deedbe31c61a502cf8fe53517f4ffcfa34efaedc61e36aa2826d24151c08a5889367e177d1d39c672e9c0eb4022f7b30d219360db78b0b88fb7b4a943629a79aa08001aed26acff7c5a72d2de889c23fe7ee359610aa011378d42ffbcda98ba37c5cdfc264dc91d6dab639df0d4c975552d3b136a13db9293006d55ac6a178a4f04be7bfd41cd355500838015bfb91b8c5cdfa051a3212f5c3b79f1411d99c2e7f7a1c75e2de530b90d4b218cff5b179c6f2487a1ac54f5719970c003feb9d0647cee624b01db38d635b493b250c09cccc406266ab3fb571f1d87351a43c44d5d79eef0841a574c2f55bbfde6d52e26657d622ff7f9388bed5e08c76fc5cd01e7e33bd1355ecbb4bbed5d94666a73629d04238104770fd3ca900ad6316e994d2c97064935d3eac054bd09e875baa19a4571d3dd7aac44428157e4ba20aa9684556e2e4e7c662aba34ffbe993cf442a27462650a52506b259a3df96563c6dba173553f3e2c81b9719ad7b9ddcf7a5c35e0421b4abc2a22fddeede33f118fef4c622f8e822ce44a763fed667a0a0c321bc755ce3fcb3ce369b63eb4329364a37be3b0d657ec7a194ce5e22e7d3660568200b33d713d546cdbffcca3e8aed418ade622e332cba4931200a078c811b5d1c0a28d61de302d32e7726087700b160444d7d997a4cb0fc3b4f74cf259db0aae49243a947a3aa8e4762841def472f686cf876088eaa2c267cb39df380bd94a5d4dca072bccf71ff7029c98a1a337c405bd0b5b1e216b0fbab3bbfb21faafff8ab4d7835b51a34a6ad5c069ad1c3d6ff819f0ac27c7acfbabc0265aa5b795081c60e21ae852795c4ee2a9a297b02341f2e0815045816c07533aa57f73116a53867ee07e32f55c632be1986d190b9e59c2e56c5e598867f5e0a5e79fd933520932fc6e05905a0aed9cca2df486a9dca475dc13c770ab56783c6fc4291182bb3f98a1fad71a47628c8b50ca28e1db47df1a9e57deaf53bef661ca87536a94bd78596dcb21365d56a74736227e062522393020d561095f200d5287e805e0ad2fc4219091b779e957fc3f1fe0614e436774dd9630c5f1e2a81fe9ad8363635bf3ce1e233eabe83a96f7c7e964baaf4c0a831ab1baa86976ded258cd38512c53f40860c271018188e56656d9c143304c4e744cd83ec673df6c0a968a3b7c5783f16b966d9752dc2fc0d587891e2f12158d521a04542dec2db145010ad00736fe2aa6b48ff4b4d159f86bdb2ddab055a48ff390b315f6c778d93723809ea2559eb64fe41857402bc424bc48620dcc5a09ede88d986a9c440cc02597d1c9ec8dc39e2f56fa4e88c1c30bc1adc6adbd9e754996d11bf72a1536c91c0e16288406a145a4150ad073196b7dd1f440a86a827c24acb4bb9d59b36331a12d771388f800216444f7869390d49c036708c69c388411d3401541781f5653714925020eee74a3be06de496e473f3704fbd97a274c02301c7bf44611eeb3ef2a19d889dd72c0f1ec53bd4f2c86a99401b9cb3dcfc1377a084d489c08b65c88b91b4e16c3ad0b56fcbd6112c330be885080becc0a70ca7a883b1dde203d7ef228a0c168463afb5feaafd41b8ffae34da857ad9371ba7ec23053bfeb12e64c59a32f97190cbb05a40ab8683661487ac3341cf3ea3bbe92febe59d4c48f17c8cfd07c6ecca383ef01fa597fa352eecd691f18417461acb105911fd85a840a3dca5efc534610cef8c8d015c19a3a2f7199f4fda683418f94fb1889816939fb71516e87dbe0819de475679912c12db3be40ce6b4b6baa32d4b4a74068bef74ee75cc8732b31d82ef3c3aa753afc5bbf71e2dec2135de3da3643ce5c5ebce8c1f635a8cf733cd4cbf97a997a37258c6f456b26604c468002a4fa220d291e588ba6a6f699a1d12e7ce0fb9b98eef015f20e48c7c8fbbf550704703482fe3714a5d8de61fe14223f66749898ab69c9c65ac476ca02057c0792357e7a9c6a8c84f6c9c596758ffebfd5be7722f2d4b16c9bcba2a08ce0ea4958f979e0d2e73eba30a48559ce587041cfbffe852be137a0bee8ae47598a9deeb901411c0eadad9f70a0127a19e858bb5fc757ba11148d3bedf2a9a58cd703abc54efc59932bb851b308a8cd859c48e8d045d4ef30e0c184fe202da9d085a83a8b7bdd02f003af053a73d3e8a03537f96dd1040ba18ee180ca4aa8fa9f10e8d04d788aa4c67c651192889df0f4fa9754952fea58d92cc1c6544fd839f977edbf50e0963f451780d8efa0e6889d83c53e9024193f2993ccaf2d17ba1e0f504e19a28ec43bb0ea671f6c457f91ecdb0a9dd9bac27712cc6c7e43ecddca3b684b6e41a681048cf17ba87a49fe80928be2eec88411d237eb87132e9adb8f61a35fbff74fb6c46b9eed67b92474bdfea3a48754bff62751f5aa6f68b90516189a62e11c4a4839a2fa01651fa1014f08c1d0c8da18ebe0f01a2d9882ce486a27ad5a032a11f7bb6a0c27737837a5c94c95e3bea16949a4c1d98d00cc763cc5b16fc8077", 0xffe}], 0x1}}], 0x2, 0x4000800)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f0000000240)={&(0x7f0000b95000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffe7e, 0x0, 0x0}, &(0x7f0000000180)=0x40)

14.927079383s ago: executing program 3 (id=245):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x1000, 0x2})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x18, 0x3, &(0x7f0000000040)=@framed={{0x18, 0x0, 0x0, 0x0, 0x5}}, &(0x7f00000005c0)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r2}, 0x10)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r3 = dup3(r1, r0, 0x0)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r4, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r4, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x44, 0x0, &(0x7f0000000900)=[@transaction={0x40406300, {0x1, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})

14.029778317s ago: executing program 5 (id=246):
r0 = syz_usb_connect(0x0, 0x1cb, &(0x7f00000004c0)=ANY=[@ANYBLOB="12010000122f0d4071040403dfe4000000010902b901010000003f0904"], 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, &(0x7f0000000340)={0x34, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x20, 0x0, 0x2}, 0x0, 0x0})
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io$uac1(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000040)={0x2c, &(0x7f0000000200)=ANY=[], 0x0, 0x0, 0x0, 0x0})

13.365804156s ago: executing program 1 (id=247):
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000004c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x5, 0x0, 0x0, {0x7}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0x48}}, 0x0)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000800)={0xffffffffffffffff, 0x20, &(0x7f00000007c0)={&(0x7f0000000280)=""/2, 0x2, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0)
pipe(0x0)
socket(0x1e, 0x1, 0x0)
sendmsg$RDMA_NLDEV_CMD_STAT_DEL(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000500)={&(0x7f0000000440)={0x18, 0x1412, 0x20, 0x70bd27, 0x25dfdbfe, "", [@RDMA_NLDEV_ATTR_STAT_COUNTER_ID={0x8}]}, 0x18}, 0x1, 0x0, 0x0, 0x4010}, 0x40)
mount$overlay(0x0, 0x0, &(0x7f0000000080), 0x0, &(0x7f0000000140)={[{@lowerdir={'lowerdir', 0x3d, './file0'}}, {@default_permissions}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000300)={[{@init_itable_val}, {@jqfmt_vfsold}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6a}}, {@user_xattr}, {@nombcache}, {@quota}]}, 0x3, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x9, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, 0x0)
lsetxattr$trusted_overlay_upper(&(0x7f0000000100)='./file1\x00', &(0x7f00000000c0), &(0x7f0000000040)=ANY=[], 0xfe37, 0x0)
unlink(&(0x7f0000000180)='./file1\x00')

13.180188765s ago: executing program 0 (id=248):
syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000840)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xc0ed000e, &(0x7f0000000200)={[{@jqfmt_vfsold}, {@max_batch_time={'max_batch_time', 0x3d, 0x1}}, {@debug}, {@noload}, {@nombcache}, {@noblock_validity}, {@init_itable_val={'init_itable', 0x3d, 0x601}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x8000}}]}, 0x1, 0x46c, &(0x7f0000000f00)="$eJzs3M1vFOUfAPDvTF94+/FrRXwBQapoJL60tLzIwYtGEw6amOgB46m2hVQWamhNhBCtHvBoSLwb/wvjSS9GvWjiVe+GhBguoF7WzM4MLMtu2aXbLrCfTzLd55l5us/znZln95l5djeAvjWW/Uki/hcRv0fESJ69ucBY/nDtyvmZv6+cn0miWn3rr6RW7uqV8zNl0fL/tuSZarXIb2hS74V3I6YrlbkzRX5i6dQHE4tnz70wf2r6xNyJudNTR44cPLB7+PDUoa7EmcV1defHC7t2HH3n4hszxy6+91OSRh53NMTRLWP53m3q6W5X1mNb69LJYP2WPb/cSDc7E+ilgYjIDtdQrf+PxEBsur5tJF77rKeNA9ZUtVqtrvCqvFwF7mNJ9LoFQG+Ub/TZ9W+5rNPQ465w+eX8AiiL+1qx5FsGI80Te4Yarm+7aSwiji3/81W2xBrdhwAAqPddNv55vtn4L42H88Rw9uf/xRzKaEQ8EBHbIuLBiNgeEQ9F1Mo+EhGPdlh/4wzJreOf9NIdB9eGbPz3UjG3dfP4Ly2LjA4Uua21+IeS4/OVuf3FPtkXQxuOzydzkyvU8f2rv33Ralv9+C9bsvrLsWDRjkuDDTfoZqeXplcTc73Ln0bsHGwWfxLlNE4SETsiYucd1jH/7GDLbbePfwWtn7Zt1a8jnsmP/3I0xF9KWs5PTr54eOrQxMaozO2fKM+KW/3864U3W9W/qvi7IDv+m5ue/9fjH002RiyePXeyNl+72HkdF/74vOU1TYfn/9Gtxfk/nLxdWzFcbPhoemnpzGTEcPL6reunbjxbmS/LZ/Hv29u8/2+LG3visYjYFRG7I+Lx7KKwaPsTEfFkROxdIf4fX3nq/c7jX5+50iz+2dsd/6g//p0nBk7+8O3t498YEa2O/8Faal+xpp3Xv3YbuJp9BwAAAPeK/DPwSTp+PZ2m4+P5Z/i3x+a0srC49NzxhQ9Pz+aflR+NobS80zVSdz90srg3XOanGvIHivvGXw5squXHZxYqs70OHvrclhb9P/PnQK9bB6y5LsyjAfco/R/6l/4P/SnR/6Gv6f/Qv5r1/09alh7/Zk0bA6wr7//Qv9ro/8v5Q+tRAXBv8v4P/Uv/h77U8rvx6aq+8r/uiX+L3zO8W9pz/ycivSuacf8nBtv+MYsOEtWRvP9nazY0LdPrVyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDu+C8AAP//F0nluw==")
chdir(&(0x7f0000000400)='./file0\x00')
creat(&(0x7f0000000580)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x1a0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mknod$loop(0x0, 0x1000, 0x1)
link(&(0x7f0000001240)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000bc0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
open(&(0x7f00000000c0)='./file1\x00', 0x147842, 0x88)
r3 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x32d800, 0x0)
renameat2(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', r3, &(0x7f0000000980)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)

13.16231387s ago: executing program 2 (id=249):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000010000000a00000008"], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYRES32, @ANYBLOB], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x1, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
syz_mount_image$btrfs(&(0x7f0000005100), &(0x7f0000000040)='./file1\x00', 0x800810, &(0x7f0000000180)={[{@discard_async}]}, 0xfb, 0x50f9, &(0x7f0000005140)="$eJzs3U+IVWUfB/Dnzp1x5lVw7isEtsoikGrh4CYioqtMUFF0y8VgBE4tgnThJEi0EMQW/Vt4S4paSK6kFsksjKA2LqQwArehYS7cKAaSi3Yac8957pz7HO+5d0ZtTD8fmTnnOb/zPOe5l7O43+uccwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACEEF74/bNDVfVT16bPnJtp7jywZebyvul1p0OodbbX8vqOrc++8ua2HS9OxA6zL2fLRqPfkFnX81ljVc/GhX69P6+HEMaSAer58pk1pVGLq3vKA1a6fnH30U17mxuPH27Xr146e7L80lkwsdITWCn5eXVh8Vxqdn6PJHt024VTr9Zzimb90xPuX3kRAMCSTLU6i+7H0fwjbre9P60n7WbSbift+AmhXWwsRzbuqn7z3JDWV2iezSwqjPedZ1LP3/9uu5X2T9pJ1FjCPHt3zSPNRL95ziX1lZonAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJ3kkbdHH6qqn7o2febcTHPngS0zl/dNrzsdQqOzvZaVa6vfP9z869utxw78uPmr4xeef6ye94vL0cLO4be48sRkCG8UKhfisBfXhtDqLXSa4cty4a3OynOxAAAAwN3k/s7vkW47i4NjPe1aJ03WOv+iLCxev7j76Ka9zY3HD7frVy+dPbn88Vp9xmvecLxuu7H4UysE4xh/0/EW63HXPaVxqqUjpnn+8fNTf1f1L+X/RnX+j++c/A8AAMDNkP/TcaoNyv/fvfbHJ1X9S/l/Q88hS/k/zjjm/5GwvPwPAAAAd7Lbnf+bpXGqDcr/4y+NfV3Vv5T/p4bL/6PFaceNv8YJ75oMYWrQ1AEAAIA+4v+7L361EPN69s1BmtefevTguarxSvm/OVz+H7ulrwoAAAC4GUe+2P5wVb2U/1vD5f/x2zprAAAAYCne+XDig6p6Kf/PDpf/V+fL/MqHrNNP8a8QDk2GMLGwMpcVfg7tp7sFAAAA4BaJOf3PT3f+ULVfKf/PVd//P97pIF7/33P/v9L1/4VCdte/J90YAAAAgHtR+Xr+eHv87MkF/Z6/P+z1/w/87+CrVccv5f/9w+X/enF5K5//BwAAAMvwX3v+3/bSONUG3f//vo/e/aWqfyn/t4fL/3G5pvjyTtRq2fvz3mQI6xdW8rsJfhMPtyspzI8VCh2tpMe22CMvzI8XCh1zSY/NkyE8uLCyPyn8PxbaSeHK2rxwJCmcjoX8fOgWjiWFE/FM+3xtPt208H0s5BdYzMcrKNZ0L4lIelzt12OhcMMeZ7sHBwAAuKfE8Jxn2bHeZkij7Hxt0A6rB+0wMmiH+qAdRpMd0h37bQ+zvYW4vX1m49Ke/39kuPwf34pV2aLf9f8hXv+fP9ewe/3/bCw0ksJ8LLTSOwa04jGysPtxPEajlfe4sr5bAAAAgLta/F6gvsLzAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP5h715j5KruA4CffY734d2FpAqhUbJJahw38Xptk4daqqwpVSPSNOuGBlURxcZek8ULdmxTYhQiYxPRCEFpg5R8KMIoimo+QK1ARFJAuEhxhMojoioKIFBoDVEQKSWJSBOkUM3ee2bvnLvz8GONl/5+knfOzP887zw859475wIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwP8Ph75y1d82iz/82/Oefu7Cicv2rrvw5WvOO/3xECZnH+/Iwh3919868fM7z71r731rbrvnyPkf7M3L5fEwUP3Tmd+5LtZ6ZGkI93aE0J0GVg5mgZ78/mCs712DIZwW5gK1ElP9WYm04fD9vhD2h7lArarv9YUwWAhc8MRDD95YTdzSF8KyEEIlbePZStZGXxo4qzcL9KeBbd1Z4FdvZGqB73ZmAThu8c1Qe9EfnKzPMDJ/uQavv54T1rE3Vzq8rpgYaZzvZ+sWuFMFvekDk8f1tJWqY0GU3h6HvNsWwbuttJ1v9rQVv0jl31DemAtVQufmqS0br5zZFR/pDGNjXY1qWqDn+alXv7TpaNKL5nUYOzByQl6HNz227M6uFZ969J6Vy1488KF9Lx1vN39U2KTF9EKrhPw1t2iex2jC58kiePuVviWN+tIVQtjy+d/7dLN4af4/0nz+H1/O8bazLnes9fWhbG4eHxmMiVeGsrk5AAAALBqLYa/ptrEHPlYoPlxJ6ivN/0fbO/4fD/nnk/lstIdCmJhN7BsO4YzZx7PAHbG5S4ZDeO9sarI+sC4JHArhnbOJFbWqkhJLYonRJPCToTwwkQQOx8BkEvhWDNycBK6LgYNJYFMMHEoC58ZAmK4fx+8P5eNoO9AXAxuyjXgwnoXwi6HYWrKtnqlVBQAAcILks8Oe+ruFcx2ON0OcXh7sa5UhnoHdMEMlqSGdwdamVQ1r6G5VQ2erGmrj3tN8+KWaO1rVXDoNo6M+w62//JvPhCZK8//x5vP/yjwd6Sgd/w9h/ezfmLszj8zU4hsm6zIAAAAAx2Hgf5//ZrN4af4/0d75/3GfSFchc3gk7obYOhzCeH0gq/YPy4HsqPdAHgAAAIDFoHY8vnYsfDq/zU7RTufT5fyTR5k/HvifmDd/76H7NzTrb2n+P9ne+f/99bdZJw7HXnxtOIQlhcAPYi+rgVmjMfDjj9cH8vEfjhvghlhVfmJCraobYokNMTCeBPY3KvHDWokz6gP5k1VrfF9tHNN5iUIAAAAATrq4OyAel4/n/7/vN2uualauNP/fcHTn/8/Og0un988MhLCqO4Su9IcBj/RnCwPGwGBHnnigP6urK63q2v4QzqkOLK3q+Xz9/+50jcEn+rKqYuCM9x149axq4pt9IawqBp783O0friZ2JYFa43/ZF8J7qqNNG//OkqzxnrTxry8J4d2FQK2qS5aEUG2sN63qoUp+HYO0qn+uhPC2QqBW1UcqIewOACxS8b/SzcUHd+6+euvGmZmpHQuYiPvw+8KW6ZmpsU3bZjZXGvRpc9LnumWMri2Pqd0r3zyTL1H02bvXD7aTrv1OcLzYVr4fv3TiYH4/fhfqmR3nmp66u2vTIX/g/eUmQuGbVKMhdy7wkPuLlcw9iaX6Y/7eMBCWXLlzasfYFzfu2rVjdfa33exrsr/xMFO2rVan26p/vr618fJouFpW4li31fJiJat2Xb591c7dV6+cvnzjpVOXTl2x+iNrxs8eXzv+0bNXVUc1nv1tMdTl81WdDPWN29sc1wkc6pndhUpOxqeGhITEYktsG1je9P/k0vx/e/P5f/zUiZ/8+foMjY7/j8TD/Nnjc4f5N8TA/naP/480OppfOzFgNAnsiYE9DvMDAADw1hAn+XFvZtwr/dMV33mxWbnS/H9Pe7//P0Hr/9eWrj+/0TL/K2KJ8Ubr/6fL/NfW/9/TaP3/dJn/2vr/+9+E9f+vrAWSTfIL6/8DAABvBSdv/f+Wy/unFwgoZWi5vH96gYBShpbL+Ld7gYCjXv//2f/8q/8OTZTm/ze3N/+3cD8AAACcOr78Z1f9TrN4af6/v735/8lf/y80Ov9/tFFgstHCgNb/AwAAYJFqtP7fyPX9FzcrV5r/H2xv/h9Pu+isyx1rfX0oW9MupGvavTJU+8kAAAAALA6dYWysp828dSujrjv2Np/KlwJtli56/k+OHN35/4fam//X/S7jpseW3dm14lOPvn7PymUvHvjQvpfmjv8DAAAAC6fd/RIAAAAAAAAAAAAAAMCb7/n/2Lu2Wbz0+/+wfvbxRr//j9f9i78veHtd7lhr6/X/8vsXfPKu3bNLFj4yFML7i4Gte7eeFvJr8y8vBh68aMU7qom9aYn7nzv3hWri4jTwiZWnv1ZNnJMENsRFEt+ZBuJVFV9bmgTi8or/ngbi9jiYBnrzwFeXZuPoSLfVTwezbdWRbqunB0MYLgRq2+rewayNjnSAtySB2gC/kAbiAP88D3SmvbprIOtVDAzGorcNZL0CAOCUFb8F9oQt0zNT4/ErfLw9s7v+NqpbsuzacrUdbTb/TL402WfvXj/YTror/S46d63xnlCpDmF16etqMUvH7ChPTC0tNt3bGwy51WpvnQ3KpY520/U2HlFfNqKxTdtmNve0HPja1lnWdLfMsro02Slm6ZzdpG3U0kZf2hhRm9umjS7H+51hbKwryfUHMTgS6rR6RbT7e/3iOn+NXgXFPFcc2ferZvWV5v8j7c3/K8VxvZZfDGBPvLLe3w1b5h8AAAAW1lfX/fob8d9nrn/4yWZ5S/P/0fbm/3EPVn4oONvbcShe/3/fcAizl9YfyQJ3xOYuGQ7hvbOpyVgiu6D++bHEeBa4I+4wWRFLbJisr2pJDBxMAj8ZygOHksDhGMj3UhwI+a6cvx8K4cOzqfX1JbbHEiNJ4NMxMJoExmJgPAksjYGJJPDy0jwwmQT+LQbCdP22untpvq0AAACORj7P6qm/G9J53sHuVhk6WmXob5Whs1WGSqsMjUYR7387ZuhJTl7pKGTqSWvtS2opZYgXwz/qfpUyhB/W50wLlpqO5x/UzjfoqM9w38e6K6GJ0vx/vL35f3/9bdb64Tj/n7v+Xxb4Qeze1+Kp46Mx8OOP1wfyHQOH42T3hlpVk3mJfNJ+QywxEQOjSWB7DEwkgQ3r88D+d9QH8pl2rfF9tcan8xKFAAAAAJx0cQdB3E0T5/+37fzKQLNypfn/RHvz/9jeQLGx62KtR5aGcG/HXG9qgZWDWSDuxxiMP49/12AIpxV2cNRKTPVnJXqThsP3+7JfqPemVX2vL/vxQbx/wRMPPXhjNXFLXwjLCntfam08W8na6EsDZ/Vmgf40sK07C8Q9P7XAdzuzABy32l7B+ILKT3WpGZm/XIPX31vlmqDp8Er7QOfJN99vrhZKaYdrvk+15uietqb7bzlhSm+PQ95ti/HdNuLdVvwilX9DeWMuVAmdm6e2bLxyZld8pPhL1pIFep6Lv1JtJ30CXod7jr23rVXSDownHx/j85eb/3XYEau76bFld3at+NSj96xc9uKBD+17qe1uNBB/KPzQNf86+KPC5l1olZC/5hbd58mkz5NF8d9A8u4e9bSFENa//PUbmsVL8//J9ub/3cntrF/HjblzOIQPFDbuI3Hz//Fw9jlYCGSfkm8rB7JD7v811PCTEwAAAE602u6O2v6C6fw2OyE8nSeX808eZf64v2Ji3vzt9rv/ry9a1ixemv9vaD7/X5J00/F/x/9ZII7/z+tU3xW9JH1gz3Htii5Vx4Jw/H9ep/q7zfH/eTn+7/j/fBz/b8Hx/3md6k9b6VvSdl+6Qggv/tEDTzeLl+b/29ub/1v/b/5F+2rr/21otP7f9kbr/+2x/h8AALCgGiw0l87zSqv3lTKkq/eVMrRcILDlEoPW/zvq9f9eOPPZ34QmSvP/Pe3N/+PLYaDY+mJZ/290fYOqbo6B7RYGBAAA4FTUaAcBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAb677/uF/NjeLP/zb855+7sKJy/auu/Dla847/fEQpmcf78jCHf3X3zrx8zvPvWvvfWtuu+fI+R+s5OV68tvfrcsda319KIT9hUcGY+KVoeqducAFn7xrd3c18chQCO8vBrbu3XpaNfGtoRCWFwMPXrTiHdXE3rTE/c+d+0I1cXEa+MTK01+rJs7JAx1pd/9xadbdjrS7Ny4NYbgQqHX3sqX1VdXa+NM80Jm28U+DWRsxMBiLfmMwayMGZmKJ6SUhrOoOoSut6uFKVlVXWtW/VLKqutKqvlwJ4ZwQQnda1XO9WVXd6cgf782qioEz3nfg1bOqif29IawqBp783O0fria+kARqjf9Fbwjvqb5k0sa/3ZM13pM2fktPCO8OIfSmJX7ZnZXoTUs83x3C2wqBWuOf7w5hd+AtIX741H2i7dx99daNMzNTOxYw0Zu31Re2TM9MjW3aNrO5kvSpkY5C+o1rj33sz7z6pU3V28/evX6wnXR3Xq5ntstreururj3Vex/71V+sZO75KNUf8/eGgbDkyp1TO8a+uHHXrh2rs7/tZl+T/e3Ko9m2Wr1YttXyYiWrdl2+fdXO3VevnL5846VTl05dsfoja8bPHl87/tGzV1VHNZ79PRFDvf3kD/XM7kIlJ+MDQEJCYrElOus+3cZP9Q/y0hf9uY72hMrsB3RpWlHM0jE7yhMx6HXHOOJj+Z7SckSrSxOHUpY182S5tj7L2tJkYq6WvizL7Pe60uSw2Fjn7CaN9zvD2FhXo+0wUn+3uHl/dhyb96l807WbBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4P/YgQMBAAAAACD/10aoqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwg4cCAAAAAAA+b82QlVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVRV24FgAAAAAQJi/dRg9GwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHApAAD//7IeJCA=")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x0)
pwrite64(r1, &(0x7f0000000140)='2', 0xfdef, 0xfecc)
r2 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
sendfile(r2, r2, 0x0, 0x800000009)

13.049728617s ago: executing program 3 (id=250):
sched_setscheduler(0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000000), 0x149a02, 0x0)
write$binfmt_script(r3, 0x0, 0x0)

11.961770112s ago: executing program 3 (id=251):
r0 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="9f01000083667d1040206402d14e0102030109021b000100000000090400000190f19c000905f3ed"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000600)={0x44, &(0x7f0000000340)={0x40, 0xf, 0x1, 'V'}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000780)={0x18, &(0x7f0000000580)=ANY=[], 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$printer(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000580)={0x2c, &(0x7f0000001180)=ANY=[], 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)

10.634796711s ago: executing program 0 (id=252):
r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fcntl$setstatus(r0, 0x4, 0x2400)
syz_usb_connect(0x0, 0x1cb, 0x0, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f00000000c0)={'vxcan1\x00', <r3=>0x0})
r4 = socket(0x1d, 0x2, 0x6)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000000)={'vxcan0\x00', <r5=>0x0})
bind$can_j1939(r4, &(0x7f0000000100)={0x1d, r5, 0x2, {0x3}}, 0x18)
r6 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000180), r4)
sendmsg$TIPC_NL_KEY_SET(r4, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, r6, 0x800, 0x70bd2c, 0x25dfdbfd}, 0x14}}, 0x10)
sendmsg$nl_route_sched(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000004c00)=@newtfilter={0x24, 0x11, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x74, r3, {}, {0x6}, {0x0, 0xa}}}, 0x24}, 0x1, 0xf0ffffffffffff}, 0x0)

10.246585027s ago: executing program 1 (id=253):
r0 = gettid()
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$int_in(r1, 0x5452, &(0x7f0000b28000)=0x3)
fcntl$setsig(r1, 0xa, 0x12)
poll(&(0x7f0000b2c000)=[{r2}], 0x2c, 0xffffffffffbffff8)
dup2(r1, r2)
fcntl$setown(r1, 0x8, r0)
r3 = syz_io_uring_setup(0x8d2, &(0x7f00000000c0)={0x0, 0x0, 0x3010}, &(0x7f0000000040)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f0000000200)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r3, 0x47ba, 0x3e80, 0x0, 0x0, 0x0)
tkill(r0, 0x13)

9.392486758s ago: executing program 2 (id=254):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000008002b000000000000000018040000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x11, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000003c0)='sched_switch\x00', r0}, 0x10)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup/syz1\x00', 0x200002, 0x0)
write$cgroup_type(0xffffffffffffffff, 0x0, 0x0)
r2 = openat$cgroup_procs(r1, &(0x7f00000002c0)='cgroup.threads\x00', 0x2, 0x0)
write$cgroup_pid(r2, &(0x7f00000001c0), 0x12)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r4 = openat$cgroup_ro(r3, &(0x7f0000000040)='cgroup.freeze\x00', 0x275a, 0x0)
write$cgroup_int(r4, &(0x7f0000000200)=0x1, 0x12)
write$cgroup_int(r4, &(0x7f00000000c0), 0x12)

9.038056809s ago: executing program 5 (id=255):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r1 = eventfd(0x103)
ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r1)
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000600))
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f00000005c0)={0x1, r1})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f00000003c0)={0x0, 0x0, 0x0, &(0x7f0000000080)=""/62, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, 0x0, &(0x7f00000000c0)=""/68, &(0x7f0000000880)=""/72, 0x8080000})
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1)
ioctl$VHOST_SET_LOG_BASE(r0, 0x4008af25, &(0x7f0000000040)=0x0)

8.388093173s ago: executing program 2 (id=256):
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f00000005c0)='smaps_rollup\x00')
r1 = syz_open_dev$sndmidi(0x0, 0x2, 0x141101)
r2 = dup(r1)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
r3 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000), 0x16b601, 0x0)
write$sequencer(r3, &(0x7f0000000240)=ANY=[], 0x9)
ioctl$SNDCTL_SEQ_SYNC(r3, 0x5101)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
lseek(r0, 0x2000, 0x0)
syz_open_dev$cec(0x0, 0x0, 0x101400)
openat$sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/tcp_rfc1337\x00', 0x2, 0x0)

8.007909391s ago: executing program 5 (id=257):
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
ioctl$sock_SIOCSIFVLAN_GET_VLAN_REALDEV_NAME_CMD(0xffffffffffffffff, 0x8983, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0xfffffffbfffffffe}, 0x0)
mknod(0x0, 0x0, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/partitions\x00', 0x0, 0x0)
r2 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/compact_memory\x00', 0x1, 0x0)
io_setup(0x4, 0x0)
sendfile(r2, r1, &(0x7f00000000c0)=0x58, 0x9)

7.837757424s ago: executing program 1 (id=258):
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x1)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f00000021c0)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f000001a4c0)={0x50, 0x0, r1, {0x7, 0x1f, 0x0, 0x10200420, 0x9, 0x0, 0x0, 0x26, 0x0, 0x0, 0x2, 0x4}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f0000008380)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000004200)={0x20, 0x0, 0x88}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x101001, 0x0)
r3 = socket(0x1, 0x2, 0x0)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r4=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r4, 0x0)
writev(r2, &(0x7f0000000000)=[{&(0x7f0000000cc0)="e1", 0x56000}], 0x1)
close(r0)

7.706651474s ago: executing program 4 (id=259):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000540)=@updsa={0x138, 0x1a, 0xffffffffffffffff, 0x0, 0x0, {{@in6=@mcast2, @in6=@loopback, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x2c}, {@in=@local, 0x0, 0x6c}, @in6=@private1, {0x100000000, 0x0, 0x0, 0xfffffffffffffffd, 0x970}, {0x0, 0x3, 0x0, 0xa6}, {}, 0x0, 0x3503, 0x2, 0x0, 0x4}, [@algo_comp={0x48, 0x3, {{'deflate\x00'}}}]}, 0x138}}, 0x0)

7.652500956s ago: executing program 2 (id=260):
prctl$PR_SET_MM(0x23, 0xa, &(0x7f00002d5000/0x2000)=nil)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0)
r2 = creat(&(0x7f0000000580)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
r3 = fanotify_init(0xf00, 0x0)
fanotify_mark(r3, 0x105, 0x40009975, r2, 0x0)
fallocate(r1, 0x0, 0x1000000, 0x3)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27ffff7, 0x4012011, r1, 0x0)

7.533523409s ago: executing program 0 (id=261):
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x8, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/20, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="0b0000000500000008040000cd00000001"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r1}, 0x10)
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r2, &(0x7f0000000440), 0x10)
listen(r2, 0x100)
r3 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r3, &(0x7f0000000000)={0x28, 0x0, 0x0, @local}, 0x10)
setsockopt$sock_linger(r3, 0x1, 0xd, &(0x7f0000000180)={0x5, 0xfffffffe}, 0x8)
close_range(r2, 0xffffffffffffffff, 0x0)

5.60918418s ago: executing program 4 (id=262):
r0 = socket$nl_route(0x10, 0x3, 0x0)
bind$netlink(r0, &(0x7f0000000180)={0x10, 0x0, 0x25dfdbfe, 0x8}, 0xc)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x3, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r4)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11ffffffff000000", @ANYRES32=r5, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000005840)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001240)=@newqdisc={0x2c, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000840)=@newtfilter={0x30, 0x28, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r5}, [@filter_kind_options=@f_bpf={{0x8}, {0x4}}]}, 0x30}}, 0x0)

5.123029767s ago: executing program 1 (id=263):
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0)
pipe2$9p(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff017f000e0800395032303030"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000000)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="b0"], 0xb0)
write$FUSE_GETXATTR(r2, &(0x7f00000000c0)={0x18}, 0x18)
write$FUSE_INIT(r2, &(0x7f0000000100)={0x50, 0x0, 0x0, {0x7, 0x2b, 0x3, 0x4000000, 0xfffd, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x10}}, 0x50)
mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB=',cache=fscache'])
utime(&(0x7f0000000200)='./file0\x00', 0x0)
llistxattr(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)

5.049879927s ago: executing program 3 (id=264):
write$P9_RVERSION(0xffffffffffffffff, 0x0, 0x15)
syz_mount_image$erofs(&(0x7f0000000180), &(0x7f0000000040)='./file3\x00', 0x210048, &(0x7f00000003c0)=ANY=[], 0xfd, 0x1d7, &(0x7f0000000840)="$eJzslj3PEkEQx/+7dznAaEwsbSwkUQuPu0ONDYk0VhYmvhALE4mcBDklAQohMegnsLezsPcLmGjrhzBoow1W2tic2ZfjVsIBD6/FM7/kmfvvPbtzszObWUAQxLHl+7c/4/h35UcewEkUkdPvf1rpHG7M/5r/9fLzrZu1Nw/ff8mN3cI8n3G8+vdtAJ+qFvrTtf+vLurnXfCpvgeOS1rXwOBq/Qgc97UOwfBA66eG7oj5rvukFYXu407UEMITxhcmEKY8G9/kNUPDiI8Z/+8Nhu16FIXdHYpl+ZtUOSpGfGa9XKhoPSN/Pjh8rctguKP1deSS3KiUGPs/a6f+rYX7d7DrjIhQjrDqzKnMUjkA1gsDYNuqPV7pI7vLM5QhLEiRVHRLnq097UIc9CVzYO89q2yzZK5Ti4831JrkTTxSYznndIbDeLTiJxysk420P8XvGC4Y/Um1krfyqhElLPUGw8utZ/Vm2AyfB0H5mnfF864GJdmIlF3Q/wqyP51I/c+9kwQOc/Ci3u93fWWn40DZeR2Xy/7HcfG8GoviOjN+84Zm+o/LpzwK7Q+Z0RMEQRyOc2B/Y42dCH2bwPite/uAMRIEQRAEQRAEQRAEsRn/AgAA//+U+0Ws")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file2\x00', 0x80000, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x10012, r0, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
r1 = dup(0xffffffffffffffff)
write$FUSE_BMAP(r1, 0x0, 0x0)
mkdir(0x0, 0x0)
io_uring_setup(0x38c, 0x0)
openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
io_setup(0x7, &(0x7f0000000000)=<r2=>0x0)
io_submit(r2, 0x0, 0x0)

5.034321138s ago: executing program 0 (id=265):
syz_mount_image$erofs(&(0x7f0000000340), &(0x7f0000000240)='./file0\x00', 0x2000000, &(0x7f0000000300)=ANY=[], 0x1, 0x22f, &(0x7f0000000380)="$eJzsmL9rU1EUx7/35r2XxIro0sHFwYIVbdK8LF0KVhCcRGj9NWmwz1KTNpI+wQakFBcX3RwEFwf/AYeCnRzc/AcEHVQQFMzgIEiXK+fem+QmzzTpazfPZ7h87z3n3nvOyX1nCBiG+W/5+uX35yfnZxbOAjiMCWTt+vcMIITR0vH/9Pz+mWezF168/vjq3eqRh9v959EWpXoXcrvc7wF4O5fBRuemzu4dEhN2sgBJ+gfpK5A4bdevQaBg9S1IXLU6gsANq+86uk7+hcKd5VpUuF2vLZKYpqFEQ0hDuT++1qbAop0rpZRw7GvrzWqlVosajvCs7R+mVKJzWXU8UT8fAVpz0ocTH1Xx+uNHmzRv12ba1E9TgkTJJlGGwLxdn0G2XRtTEif/4173/Ewi/2S2O2+0LxmGJZkzYvbXgRSLRAAjjk2lO2eS0jmXNB1FmnjQu8tH10SVPJiUBz4dLbyhb/GP/bGwtyvG6AFcGjWLp3kA+8orO1KEe82iR4y3tt8nTd923aWU2hjhqYuB78fvX8mNGnP7Q0xf1TyaVbmfig0K7MOW6R/qpcAppz95Tv8oxiv3imvrzanllcpStBSthmE5O2ZsuhEV9Zjoe93+nNf96ZBzvj/AN5ABHlTiuFEyYyAC5BHHjVDPQ+ezmd+q/7xpt8W4COCkmVDbDDonZhJ3iMD4SO1LajLpxDAMwzAMwzAMwzAMwzAMk4oTEPpf0CGEl7X33wAAAP//HVdh7g==")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
syz_mount_image$exfat(&(0x7f0000000180), &(0x7f0000000380)='./file1\x00', 0x22000848, &(0x7f00000003c0)=ANY=[@ANYBLOB='iocharset=ascii,discard,dmask=00000000000000000000007,uid=', @ANYRESHEX, @ANYBLOB="00646d61736b3d303030303030303030303030303135322c696f636861720300000069736f383835392d312c6769643d00000000000000", @ANYRESHEX, @ANYRESHEX, @ANYRES32, @ANYBLOB="69bf73f92e234554ec87ee5e75fbb975163e06e442e05c723ce6"], 0x81, 0x151a, &(0x7f0000006000)="$eJzs3AuUjlX7MPB97b1vhiY9TXIY9rWvmyeNsQ1JckjIIUmSJMkpIWmSJCEx5JQ0JCHHSXIYQnJqTBrn8yHnpMkrTZKEhCT7W3r7f97+vaf/99Zn/Zvrt9Zes69n33vf136uWfPc973WPF/3GFm3eb1aTYlI/Efgrz9ShBAxQoihQohrhBCBEKJiXMW4S+P5FKT8Zydhv68H0q90BuxK4vrnblz/3I3rn7tx/XM3rn/uxvXP3bj+uRvXn7HcbPvsotdyy72Nn//nZvz5/yeSU3bS5xvLXt/zfzCF65+7cf1zN65/7sb1z924/rkb1//Pr+Y/GeP6525cf8Zysyv9/Pn3b/n+hHv649qV/v1jjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMZY7nPOXaSHEf/WvdF6MMcYYY4wxxhj7/fi8/+6R+f7YRBhjjDHGGGOMMfYHAiGFEloEIo/IK2JEPpFfXCVixdWigLhGRMS1Ik5cJwqK60UhUVgUEUVFvCgmigsjUFhBIhQlREkRFTeIUuJGkSBKi0RRRjhRViSJcqK8uElUEDeLiuIWUUncKiqLKqKqqCZuE9XF7aKGqClqiTtEbVFH1BX1xJ2ivrhLNBB3i4biHtFI3Csai/tEE3G/aCoeEM3Eg6K5eEi0EA+LlqKVaC3aiLb/T/OfF33EC6Kv6CdSRH8xQLwoBopBYrAYIoaKl8Qw8bIYLl4RqWKEGCleFaPEa2K0eF2MEWPFOPGGGC8miIlikpgspog08aaYKt4S08TbYrqYIWaKWSJdzBZzxDtirpgn5ot3xQLxnlgoFonFYolYKt4XGWKZyBQfiOXiQ5ElVoiVYpVYLdaItWKdWC82iI1ik9gstoitYpvYLj4SO8ROsUvsFnvEXrFPfCz2i0/EAfGpyBaf/Q/nn/1v83uCAAESJGjQkAfyQAzEQH7ID7EQCwWgAEQgAnEQBwWhIBSCQlAEikA8xENxKA4ICAQEJaAERCEKpaAUJEACJEIiOHCQBElQHm6CClABKkJFqASVoDJUgSpQDapBdagONaAG1IJaUBtqQ12oC3fCnXAXNIAG0BAaQiNoBI2hMTSBJtAUmkIzaAbNoTm0gBbQElpCa2gNbaEttIN20B7aQ0foCJ2gE3SGzpAMydAFukBX6ArdoBt0h+7QA3pAT+gFveB5eB5egBegH9SW/WEADICBMBAGwxAYAi/BMHgZXoZXIBVGwEh4FV6F12A0nIExMBbGwTioLifARJgEJKdAGqTBVJgK02AaTIcZMANmQTrMhjkwB+bCPJgH78ICeA/eg0WwCJbAUlgKGbAMMiETlsNZyIIVsBJWwWpYA6thHayHdbARNsFG2AJbYBtsg4/gI9gJO2E37Ia9sBc+ho/hE/gEUiEbsuEgHIRDcAgOw2HIgRw4AkfgKByFY3AMjsNxOAEn4RSchNNwGs7AWTgH5+A8nIcL8Gz8l832lt6QKuQlWmqZR+aRMTJG5pf5ZayMlQVkARmRERkn42RBWVAWkoVkEVlExst4WVwWlyhRkgxlCVlCRmVUlpKlZIJMkIkyUTrpZJJMkuVleVlBVpAV5S2ykrxVVpZVZAdXTVaT1WVHV0PWlLVkLVlb1pF1ZT1ZT9aX9WUD2UA2lA1lI9lINpb3ySayPwyGB+SlyjSXI6CFHAktZSvZWraRr8Ejsp0cDe1lB9lRPibHwhjoLNu5ZPmk7CInQlf5tJwEz8jucgr0kM/JnrKX7C2fl31ke9dX9pPTob8cIGfBQDlIDpZD5FyoIy9VrK58RabKEXKkfFUugdfkaPm6HCPHynHyDTleTpAT5SQ5WU6RafJNOVW+JafJt+V0OUPOlLNkupwt58h35Fw5T86X78oF8j25UC6Si+USuVS+LzPkMpkpP5DL5YcyS66QK+UquVqukWvlOrlebpAb5Sa5WW6RW+U2uV1+JHfInXKX3C33yL1yn/xY7pefyAPyU5ktP5MH5V/kIfm5PCy/kDnyS3lEfiWPyq/lMfmNPC6/lSfkSXlKfidPy+/lGXlWnpM/yPPyR3lB/iQvSi+FAiWVUloFKo/Kq2JUPpVfXaVi1dWqgLpGRdS1Kk5dpwqq61UhVVgVUUVVvCqmiiujUFlFKlQlVEkVVTeoUupGlaBKq0RVRjlVViWpcqq8uklVUDeriuoWVUndqiqrKqqqqqZuU9XV7aqGqqlqqTtUbVVH1VX11J2qvrpLNVB3q4bqHtVI3asaq/tUE3W/aqoeUM3Ug6q5eki1UA+rlqqVaq3aqLbqEdVOParaqw6qo3pMdVKPq87qCZWsnlRd1FOqq3padVPPqO7qWdVDPad6ql6qt/pJXVRe9VX9VIrqrwaoF9VANUgNVkPUUPWSGqZeVsPVKypVjVAj1atqlHpNjVavqzFqrBqn3lDj1QQ1UU1Sk9UUlabeVFPVW2qaeltNVzPUTDVLpavZavAvK83/N+a/9XfmD//57NvUdvWR2qF2ql1qt9qj9qp9ap/ar/arA+qAylbZ6qA6qA6pQ+qwOqxyVI46oo6oo+qoOqaOqePquDqhTqof1HfqtPpenVFn1Vn1gzqvzqsLv7wHQoOWWmmtAf56PZBP59dX6Vh9tS6gr9ERfa2O09fpgvp6XUgX1kV0UR2vi+ni2mjUVpMOdQldUkf1DbqUvlEn6NI6UZfRTpfVSbrcfzz/cn6BzqPz6hj96/za6ra6nW6n2+v2uqPuqDvpTrqz7qyTdbLuorvorrqr7qa76e66u+6he+ieuqfurXvrPrqP7qv76hSdogfoF/VAPUgP1kP0UP2SHqaH6eF6uE7VqXqkHqlH6VF6tB6tx+gxepwep8fr8Xqinqgn68k6TafpqXqqnqan6el6up6pZ+p0na7n6Dl6rp6r5+v5eoFeoBfqhXqxXqyX6qU6Q2foTJ2pl+vlOkuv0Cv0Kr1Kr9Fr9Dq9Tm/QG/QmvUlv0Vt0lt6ut+sdeofepXfpPXqP3qf36f16vz6gD+hsna0P6oP6kD6kD+vDOkfn6CP6iD6qj+pj+pg+ro/rE/qEPqVP6dP6tD6jz+hz+pw+r8/rC/qCvqgvXrrsC2QgAx3oIE+QJ4gJYoL8Qf4gNogNCgQFgkgQCeKCuKBgcH1QKCgcFAmKBvFBsaB4YAIMbEBBGJQISgbR4IagVHBjkBCUDhKDMoELygZJQbmgfHBTUCG4OagY3BJUCm4NKgdVgqpBteC2oHpwe1AjqBnUCu4Iagd1grpBveDOoH5wV9AguDtoGNwTNAruDRoH9wVNgvuDpsEDQbPgwaB58FDQIng4aBm0CloHbYK2v+v63p8p/Kjra/qZFNPfDDAvmoFmkBlshpih5iUzzLxshptXTKoZYUaaV80o85oZbV43Y8xYM868YcabCWaimWQmmykmzbxpppq3zDTztpluZpiZZpZJN7PNHPOOmWvmmfnmXbPAvGcWmkVmsVlilpr3TYZZZjLNB2a5+dBkmRVmpVllVps1Zq1ZZ9abDWaj2WQ2my1mq9lmtpuPzA6z0+wyu80es9fsMx+b/eYTc8B8arLNZ+ag+Ys5ZD43h80XJsd8aY6Yr8xR87U5Zr4xx8235oQ5aU6Z78xp8705Y86ac+YHc978aC6Yn8xF4y9d3F/6eEeNGvNgHozBGMyP+TEWY7EAFsAIRjAO47AgFsRCWAiLYBGMx3gsjsXxEkLCElgCoxjFUlgKEzABEzERHTpMwiQsj+WxAlbAilgRK2ElrIyVsSpWxdvwNrwdb8eaWBPvwDuwDtbBelgP62N9bIANsCE2xEbYCBtjY2yCTbApNsVm2AybY3NsgS2wJbbE1tga22JbbIftsD22x47YETthJ+yMnTEZk7ELdsGu2BW7YTfsjt2xB/bAntgTe2Nv7IN9sC/2xRRMwQE4AAfiQByMg3EoDsVhOAyH43BMxVQciSNxFI7C0Tgax+BYHIdv4HicgBNxEk7GKZiGaTgVp+I0nIbTcTrOxJmYjuk4B+fgXJyL83E+LsAFuBAX4mJcjEtxKWZgBmZiJi7H5ZiFWbgSV+JqXI1rcS2ux/W4ETfiZtyMW3ErbsftuAN34C7chXtwD+7Dfbgf9+MBPIDZmI0H8SAewkN4GA9jDubgETyCR/EoHsNjeByP4wk8gafwFJ7G03gGz+A5PIfn8Ue8gD/hRfQYY6XIb6+ysfZqW8BeY2NsPvu3cRFb1MbbYra4NbaQLfyrGK21Cba0TbRlrLNlbZIt95u4sq1iq9pq9jZb3d5ua/wmrm/vsg3s3bahvcfWs3f+Km5k77WN7UO2iX3YNrWtbDPbxja3D9kW9mHb0rayrW0b28k+bjvbJ2yyfdJ2sU/9Js6wy+x6u8FutJvsfvuJPWd/sEft1/a8/dH2tf3sUPuSHWZftsPtKzbVjvhNPM6+YcfbCXainWQn2ym/iWfaWTbdzrZz7Dt2rp33m3ipfd8usJl2oV1kF9slP8eXcsq0H9jl9kObZVfYlXaVXW3X2LV23f/NdZXdYrfabXaf/djusDvtLrvb7rF7f44v7eOA/dRm28/sEfuVPWQ/t4ftMZtjv/w5vrS/Y/Ybe9x+a0/Yk/aU/c6ett/bM/bsz/u/tPfv7E/2ovVWEJAkRZoCykN5KYbyUX66imLpaipA11CErqU4uo4K0vVUiApTESpK8VSMipMhJEtEIZWgkhSlG6gU3UgJVJoSqQw5KktJVI7K001UgW6minQLVaJbqTJVoapUjW6j6nQ71aCaVIvuoNpUh+pSPbqT6tNd1IDupoZ0DzWie6kx3UdN6H5qSg9QM3qQmtND1IIeppbUilpTG2pLj1A7epTaUwfqSI9RJ3qcOtMTlExPUhd6irrS09SNnqHu9Cz1oOeoJ/Wi3vQ89aEXqC/1oxTqTwPoRRpIg2gwDaGh9BINo5dpOL1CqTSCRtKrNIpeo9H0Oo2hsTSO3qDxNIEm0iSaTFMojd6kqfQWTaO3aTrNoJk0i9JpNs2hd2guzaP59C4toPdoIS2ixbSEltL7lEHLKJM+oOX0IWXRClpJq2g1raG1tI7W0wbaSJtoM22hrbSNttNHtIN20i7aTXtoL+2jj2k/fUIH6FPKps/oIP2FDtHndJi+oBz6ko7QV3SUvqZj9A0dp2/pBJ2kU/Qdnabv6QydpXP0A52nH+kC/UQXyZMIIZShCnUYhHnCvGFMmC/MH14VxoZXhwXCa8JIeG0YF14XFgyvDwuFhcMiYdEwPiwWFg9NiKENKQzDEmHJMBreEJYKbwwTwtJhYlgmdGHZMCksF5YPbworhDeHFcNbwkrhrWHlsEr40D3VwtvC6uHtYY2wZlgrvCOsHdYJ64b1wjvD+uFdYYPw7rBheE9YIbw3bBzeFzYJ7w+bhg+EzcIHw+bhQ2GL8OGwZdgqbB22CduGj4TtwkfD9mGHsGP4WNgpfDzsHD4RJodPhl3Cp/7leErYPxwQvhi+GHp/t1ocXRJdGn0/mhFdFs2MfhBdHv0wmhVdEV0ZXRVdHV0TXRtdF10f3RDdGN0U3RzdEt0a3Rb1vl5e4cBJp5x2gcvj8roYl8/ld1e5WHe1K+CucRF3rYtz17mC7npXyBV2RVxRF++KueLOOHTWkQtdCVfSRd0NrpS70SW40i7RlXHOlXVJro1r69q6du5R1951cB3dY+4x97h73D3hnnBPui7uKdfVPe26uWdcd/ese9Y953q6Xq63e971cS+4vq6fS3EpboAb4Aa6gW6wG+yGuqFumBvmhrvhLtWlupFupBvlRrnRbrQb48a4cW6cG+/Gu4luopvsJrs0l+amuqlumpvmprvpbqab6dJdupvj5ri5bq6b7+a7BQkL3EK30C12i91St9RluAyX6TLdcrfcZbkst9KtdKvdarfWrXXr3Xq30W10m91mt9VtddvddrfD7XC73C63x+1x+9w+t9/tdwfcAZftst1Bd9AdcofcYfeFy3FfuiPuK3fUfe2OuW/ccfetO+FOulPuO3fafe/OuLPunPvBnXc/ugvuJ3fReZcWeTMyNfJWZFrk7cj0yIzIzMisSHpkdmRO5J3I3Mi8yPzIu5EFkfciCyOLIosjSyJLI+9HMiLLIpmRDyLLIx9GsiIrIisjqyKrI2si3hfbEfoSvqSP+ht8KX+jT/ClfaIv450v65N8OV/e3+Qr+Jt9RX+Lr+Rv9ZV9FV/VP+xb+la+tW/j2/pHfDv/qG/vO/iO/jHfyT/uO/snfLJ/0nfxT/mu/mnfzT/ju/tnfQ//nO/pe/ne/nnfx7/g+/p+PsX39wP8i36gH+QH+yF+qH/JD/Mv++H+FZ/qR/iR/lU/yr/mR/vX/Rg/1o/zb/jxfoKf6Cf5yX6KT/Nv+qn+LT/Nv+2n+xl+pp/l0/1sP8e/4+f6eX6+f9cv8O/5hT7PL8+O3/cZfpnP9B/45f5Dn+VX+JV+lV/t1/i1fp1f7zf4jX6T3+y3+K1SCOE/8jv8Tr/L7/Z7/F6/z3/s9/tP/AH/qc/2n/mD/i/+kP/cH/Zf+Bz/pT/iv/JH/df+mP/GH/ff+hP+pD/lv/On/ff+jD/rz/kf/Hn/o7/gf/IX/63/WSv3hz5JZ4wxxhj730D9i/H+f+c1+Uu7ZIAQ4uqdRXP++5qbC/21P0jGd4oIIZ7s1+OB/2q1a6ekpPxybJYSQclFQojI5fk/X13+Eq8QHcXjIll0EOX/bn6DZK/z9Kv19a/GL60fvUWI/H/zWoy4HF9e/6Z/sP4jj43LqBSei/vH+UcXCZFQ8vKcfOJyfHn9Cv9g/cLt6J+/P/k+TxOi/d/MiRWX48vrJ4lHxVMi+VdH/ob8Z4OMMcYYY4wxxv68Bsmq3f7F/efP9+fxf3NbnVdcjv/V/TljjDHGGGOMMcauvGd69X7ikeTkDt24wx3u/O/pJGoh/tBTXOm/TIwxxhhjjLHf2+WL/iudCWOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxlnv9//jGsiu9R8YYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY+xK+z8BAAD//+DHLUI=")
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
llistxattr(&(0x7f00000001c0)='./file0\x00', 0x0, 0xfffffffffffffdfa)

4.818766975s ago: executing program 5 (id=266):
socket$inet_mptcp(0x2, 0x1, 0x106)
openat$audio(0xffffffffffffff9c, &(0x7f0000000240), 0x4040c0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000e8ffffff8500000004000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a00)={&(0x7f0000000d00)='sched_switch\x00', r0}, 0x10)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
socket$netlink(0x10, 0x3, 0x0)
syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/mnt\x00')
syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r4)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r4, &(0x7f0000000480)={0x0, 0x0, 0x0}, 0x4000054)

4.712881997s ago: executing program 2 (id=267):
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000004c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x5, 0x0, 0x0, {0x7}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0x48}}, 0x0)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000800)={0xffffffffffffffff, 0x20, &(0x7f00000007c0)={&(0x7f0000000280)=""/2, 0x2, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0)
pipe(0x0)
socket(0x1e, 0x1, 0x0)
sendmsg$RDMA_NLDEV_CMD_STAT_DEL(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000500)={&(0x7f0000000440)={0x18, 0x1412, 0x20, 0x70bd27, 0x25dfdbfe, "", [@RDMA_NLDEV_ATTR_STAT_COUNTER_ID={0x8}]}, 0x18}, 0x1, 0x0, 0x0, 0x4010}, 0x40)
mount$overlay(0x0, 0x0, &(0x7f0000000080), 0x0, &(0x7f0000000140)={[{@lowerdir={'lowerdir', 0x3d, './file0'}}, {@default_permissions}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000300)={[{@init_itable_val}, {@jqfmt_vfsold}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6a}}, {@user_xattr}, {@nombcache}, {@quota}]}, 0x3, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x9, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, 0x0)
lsetxattr$trusted_overlay_upper(&(0x7f0000000100)='./file1\x00', &(0x7f00000000c0), &(0x7f0000000040)=ANY=[], 0xfe37, 0x0)
unlink(&(0x7f0000000180)='./file1\x00')

2.792889424s ago: executing program 5 (id=268):
creat(&(0x7f0000000240)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000001900)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000340)=ANY=[@ANYBLOB="1500000065ffff048000000800395032303030"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[], [], 0x6b}})
chmod(&(0x7f0000000140)='./file0\x00', 0x0)
r3 = creat(&(0x7f0000000300)='./file0\x00', 0x0)
r4 = syz_open_dev$loop(&(0x7f0000000080), 0x47ffffa, 0x62800)
mmap(&(0x7f0000001000/0x4000)=nil, 0x4000, 0x5, 0x12, r4, 0x0)
write$UHID_INPUT(r3, &(0x7f0000000540)={0x8, {"1a17924ab218eacb15a3fccf929e2dd2497903c1f853d95b995c65e99449ff953fa11c7723b2149ecdaa7f833f60e13b19a66e963f7e8da4297ebbfdda5b36fb4d01bd02e6c652dc4d99e2cb82c2a1d4a45e4c89ba9994e82f854bbc34a40b3a58aa256c9b4512fbf91b9846446c4909e4ec53982e7d7fd11ee0bdeab0bb4c469c9665dde8cb58f0ca148223b6cc4e2f306cfbeccedec8db5212f2fc4e14f836c68bdace4db1afbde9d463e5ac24567925b5fdf0e3af1a52dbd7669fe9227302c8f635bc2ddbf5bd7dccd7b92a9bd5c7363375a57851c2bc72509f2005f138f5a59cf85e9ddb1c972c89d50806e8941b7059cd3eca77527a7f20af70841b4d6f026614bdbb276a6814cc74d91856b968c5fdb52674d892a90d01ab91841b6811def78bdac9bc6f9df2598569fbdfef75079832b2750801dc83fd1987713c61136ac9e5f2f7e67f302109bb9a7fea75290b506a89a19d7e0e472937a8c9ecfe16ef6eb88c7a88a060756196d55d6a3d3f7cdf9915d22b6b3af69ec55017b821ec0621e8a59414efc2b46977a85846b53ae75a350947afcafbdef7233cc371bc2a6f29c0315b352ac2741c81df534303ddb30a4408db5679d05d245259c245c9d7f861711cc287cfd0462b948512623b921060386c587fd166df29e71ecfc8ed90031e95b2af1406b5ae73f6084e39e88194e3d37dc801982656b5b66342d74100f9f5b8c94c1e91b626bbf426a07b4be91dbdb76a6e40d0b788f89359e462e69bc4499fd4f9aa1e7f0c3f73a996b6ecef606c7651286e1f18a6823eed7191cd542057eaaf09aa32e8ce370c09050278b85fd359b8ca23e66e9d294ec57b3ddd90409d9b1ca28c6993b244f8ca46f6bf478ff22fb1df53e33abdda4b2b1e5cff7de19957bdc8e7ca39e4762204b1f9f33b9375b7282422b91841706751038e42023ba45c1cd0998c1794c1c2a5ff65466189bbb27bcbf01e5a48bfd8b6845f7d5c87d977df4ded5273ebf56b96c50b4eadc44bfaa0994259eeb1031644415fa9d729753d2138b06f9b7b624d9eeb1ef71dfdff0b639078f058c7a070451c4670af0c6eb1202f77be82faba9b6287995066b5f7e59b7967706d8d8c5bde48137e13df537ae54664fe4e8460b1bdf5b92a1dcf39ee1726bc6690d0ac5f799bcfab918c59cb132c45054ba17b8a44d505ad3eaeee95b4275b25b2087da8902552727a1e739014df348cfa3a1102661c35a6a38df6c410f5343577955dd57de5af089e3f1bcdf96d4ef1d5944243470b0ed10616144cccc5cac44e36fefd9441120c5d047867af0ea353da21fc0ae73b78b84d53a62efeb94ea8d441cc698c92fd7b36cf41472d036c5093bbdf943620c29ffa3b21ef4a0bb9274912b046834ee6f855ceadf18fb488040d5829ab6e8bf69a90315f7f84d002ac4e929e9f1010a8486746bd316799ba3a65744980c388202324ba50768c77a8481ba74d135da7507048c82714a8234837b69922126e4084a68f7418bfd26417cade786c7f8185e2492e3b64eb9d2c2c721504c7b4aeb383503f745fd69315c56b5b0158decd1b1606a63366b7e2d2b9124b6efca4480c703c8f37d6ddff55b0ec15f2ce6be6c902d06aec2ccabeba13b442b608076c33d19e690ab66cf6678d679758d22fb5d8d963f25d00c45576f8b2938543080297b9cb6c305e3131d2f412f00370c285251909f8ebefc3d18a23e25a183997b08251450b29fff32781e6a70e6e070ab3921f3f809392deb732d6f30cc034b5f77d41218bca86d515b16da0457dbf7aaefdcef9d5358e7b4f1e5d1a410f55449e765609d122f938fd57b71482244dff0523067cabfd322fc47aca1c331112e3d969f5fe3594c3c7adea7c36e9b9af6754cdea5ccf05b139f783d4b24540c50a6a9f7dff472d47c87c151d8439b5740cd1f423335dae2680050bd44766159cba66666b7dbc9e190130494327a0d8c9dbed5c8b831ce2b2bb236353ff7175a48b61a0f3209fa3db44f07a21a485ef1682a33cdf632ac2d6ca993b6cd90913e31704bb851711e1f2b5ebb19baaba102dd42d550933e9dfc17311665fef4d0206d7debbcbbd97efafffb905bf9a77b8eeb67d5f8bef8526f6f8607672bb3c50b14e16c264265594e05fa481f724290abdc9f60a899f26033236e3b90548c24288a7b627b51c4d7c638c359ec6325b0d79e1d69cf18cd9136a263b6aa84ad062b9831fc7c201b7ccec7d3b7ea2132ee4579632bf614bcde285527c36ef8a8e12651ef34a677a8d2f84360afa2f2245e4e0d61a12e8e446045fae61375082f983363795f11848edad24b3f7ae53f0eeb329fa62b6d7b446e3b2c1257981f9c0c3ea371c71021af834a285203b2e3177ddf5251044ea215c048f78701dec36a94ca3c435278d1fd889996adf5ea7c8db62f2b1331bc22c4b7798d587a5c4e619b7b576e19d92996bc0bdc0c8c15374e11b6eeda0e18b35aac4b96db9cdba025080bf5bea4ffdf4fa3c93ec5feede0a140f7f6727ef255783565935d59d348aaa6d12c060afd5f6d084346309d8cbf54b33050ecccf30ae083c4034165880214a94a5296427e2fcb6d90692a82212b6b8d86c6d163f0643944aaba4af1171aed463994f1374e1ec1654b89b04e9d635074e8d131bc2443daf1caad455671470329a287f4c711cb907403d5c05184cd3a647823b5b9c6dc4451fdde92dc1cb87010197026458b40d4809ab60aca1af6bb3702a3e0506cdd21faa6d9909f4ed74723de75fc48d44314fa3cc0c8e8ea226ec1d5875b9595aeacdff0a9f75b4a60dde781c58179f997ecb6479c91ecacc65bfe293a2d26c21ae7c1d7be1241cc1c4ea86a6cf8d93012bd98508aae8db723ff167026298cab227b7d0062c27ccc8e81df7268423ad063638760b44e77147ee9bd84140166ae2bfd592f845ca68c719f7520ae3c9988cc89db73bf93ad6f2f7d9394b2288f0176723acd167081ade4e066a26832f7b655cd874aa5026a7369bb9912c90599d1407f0488a9c540a31997890f5433bd1df91ba13a9e0721c9a707eac7cff1c3efef6cd716779c7ad631c3560caa2031d9d2591329c1867d0d5f96b5897cac2c6a381f0ce5c27969c2b3e7d188e1e896d815b01a3e177933817325953140272ad718a36ae522d43de109ba92255ee66d2a14897f2b2014dc9a495c108727e0eef54df617e269e43a0c48d28a91aaf14d58719e21ea39c1c534e39a1dfabb61377b55d2f69fe79c7d5111b8b952c388925ea8ab1503ae68bce95a34a10a85aa0e5da52add14b93eaac5861a6504e23dda8034e809253c1071ddda934663faac454cd378c5725f5c6f4d943779994357185e512a4b6993156e624f25d86d24e7254d3e9b231aa80ed5a32e108cb528d402f93e58c25ac937420ff7dcd7d9ec2126c7fe7cefa47c038f23de40523d5e026fe3bb4cfd3040f9bd9631cf5a2cde1e20a6032703cd64c2ad97ea95d05a7aa3ea3b3b9d5a86961116dd1338c0a2caae0ceab3178ac7736dfa8a949cd81d261748e6678cb730b57468fb2b7e22c5eb08ad496e76775dce0c31950a596580ad7d6c3fd9ce90dded340f20b77fe53e81fb6e2a7a6c450b8ac9009c7c077893f704457a90401fb758c0769fbfd38e40ae692e410b889bbf0b09a32dc731b6768c0fa3963a5b6279b6a5db611174339f3218fff567f6cfb7377ddc8e2c730da35cc3ec680a6bc95010dd03834caab7afb2c0023ad9ce3aae3c0fd1ece42ea840bf5fc798a0b5fbe7692f13549cdba4a0b68f722ef6877856a76fc3c39f7cfd760675a9f341d9f09f381972be9171e50455ed13e665e61a03b0c2a79276a871c25fc5c486639a71a8dfdf36174373b8995014752aba3026045be6b43074ac3824d687bbf5f6544228cea52791828f54980ee9f728534ea32edd205aaace717adcf61ce28f92719048d44b09812bcfd2d22cc9d7a45ed6b4634756f6b3189908c71728c373ea94aa5c74ce4a73c20138b8cb21db6e2dfb35329b86b1805a5208dd370b8342ca8aa3cbd3e7a3ec79d7b8ee677b04e19c524ddc6de0b22443ac15de908f61719399d0f9890ca2b0283a7db914944f424af10ba0ec9e3e253c060d7b28552eaae5eed1e906f8f93c2195293deabdad6cb38ddab51603e4a96ef1e086de911fb716ffbca467294d9e66e5d0f8225bc28d6c074c4ffba76706f61b0b386b7e4b6500a15fad291f34f6c84f1596a97512f31196a529a7a5725437c038e17d531da3838c8aef3bade6bc1d4c7624560d4fba72e5f8be2c5dc905e1e4bcb2aa7eddb275408ef4288ac69c7a18ae58fb26c2f5a6964f051b81d2e426fc2a5d8617050341b96d5a746e3419fbe94bd3752403868b655c2dba6f48ef109a2e6ec0041842fae52bfab70481ecfe8d27f3d5e444f1b941d871c8057cbe35df68665bc3aadea02d203b106d1179a428daa7d9fea9dbddd8955bb289a92ec790de74cd6a1edf925ab85471633dedf8ba46abe456963a2381addce2aa16c06dd80bb54d8e53d7c82607916af175061da29122afde8687add6b6f42233b76a1164893dcc1ec3dcf935576d2d0f3ab3b1adbace086da915234b4f9bad0afc2915608fc4f6611dc3b91d7e0e48cb0a0f3fdc70ef70ef82043afbd3325f0f6186390ab28ca9f0009184637530d79f0c5a77c6e912afbe6533988f543fc6c02d3d44fbdb0e2ebfad2680184f1ed451991667df958a71fb41cf4367bdb931389ea8b6340e225b312a09dadd8e2ac2d200db6e75323d48c73c6b819e13f92b01bf405e796a2e10b863e773598abcbcc196987e18b19530337809b56480778207103a12acfff1c0ad62846088251a1a0d0d6b300059a99698c84ccac78d53eb32e3984001978db7679960b4d75d71b49696909826c66320526fe02a060265821d15b8b2337121a201402a118ec03ff0d4f3dfa48f2dadd20b510ecdf4e6440b5b2466b9bf28e32327189f0405245694a6371dbe4eae7a8293cdc15193c284123d64690120634f808096a8f3f7a04a5bac9dd86c09f2e4e87c7d7c98d0b370e84ea5f265730f5480eb1375d4f82c7d4efbb6e58c5a92848331b2becd2531f6c456b5d0e690b102dd8faec55bde56f95727f4abf52c58543faaeb9cefd39bba788bd7e2b02b27ecbc1679a1ac00823c83e1ae29690cd25544d3ae0a8db25e963e9fb5bd94987637ac3546b9b312bf04d5c6211c135e806525d423fde9ccb5ef7962ec1e056e6f29adaeebb331f6c234586d1fe21577f56d620c6942a29d4915772144cc60008d1236db21100d5a3112c29396b9e18cdb5b104bed2df2b6ea72c9aa03bb6082f3eb07f0eae359864967a749492d21005b0d39c9613c20b1e21700ab66a4f5ca03ec08d67b95f759252d758743820ba243032e1708447fbaebc27e1316af4cf547cef3ac4966a1f04dd07012f257a0204107c23a0046b12493d9784b24dc561c1f88e591056bcc3b338ab1de65e5ad578021f26f93e9b12f00b5f8c8ae2db6b7b8f254303c7ff06514735974e65fb9a93dc79b115a12310040490ca11ef315340af104e20a2e22dcd132f7d7a61d9d3a12e832ee048a2170dbe03d747ed7402180eb964fde0ecb77e778b18a4e5a83479bb7e0ea0a7d5145ffed4607bd7e6b8f961625d5e3dcac2d4a05e71dc9c2e52195bd55aed4e6749dc1c329e2cda966d18e9bf882c05db627c1047fc71533bbba2c8a83d04db5bad6da349a9ad1992eb88e0274d32a16137e2396ad973c0ecbbc2d243e68b6959bf9b", 0x1000}}, 0x1006)

2.674508693s ago: executing program 1 (id=269):
openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r1, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(r1, &(0x7f0000000080), 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r1, 0x6, 0x1f, &(0x7f00000002c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r1, 0x11a, 0x2, &(0x7f0000000b80)=@gcm_128={{0x303}, "cfc85eb51b0ace6a", "4617a9f6040839230fb7fead776dd8dc", "3f4051c4", "a44a889722b66244"}, 0x28)

2.650287796s ago: executing program 0 (id=270):
syz_mount_image$hfsplus(&(0x7f00000000c0), &(0x7f0000000080)='./file2\x00', 0x1004800, &(0x7f0000000100)=ANY=[], 0x1, 0x6bb, &(0x7f00000018c0)="$eJzs3c1vXFfdB/DvHY8dT9ombpq0eR5VqtVIgIhI7FgpmA0BIWSkCqGyYG0lTmNlkhbHRW6FqMPrtov+Ad1kg1ghsWITqbBgA7vukJeVkNh0g1kNujN3XjJ+m+bF45TPJ7pzzj3nnnN/93fvnbfImgD/s5bOp34/RZbOv75Rrm/dW2hu3Vu41a0nOZZkM6knqSUp/t1qtT5OriRFb5piqNzhw9XFNz75bOvTzlq9Wtrb1/YbN6TabnOoebPbNptkoiofwQPzXX3k+Ype5FeSnKtKGLvJJK3WZFo9P/nrs72esvNkp2zsNnr68AIFnpii87pZvhjXBttnkuPVjV6+D+i+8tbGEuQIjo243fA7CAAAAHjajPIZ+OR2trNRnDiEcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOALYbP/+/9FtdS69dkU3d//n6raUtWPllc+3+b3n1QcAAAAAAAAAHCIXtnOdjZyorveKtr/5/9qe+V0+/GZvJM7WclaLmQjy1nPetYyn2RmYKKpjeX19bX5EUZe2nXkpQMCPVaVjcdz3AAAAAAAAADwBfOLLPX//x8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAI6CIpnoFCnuDjTPpFZPMp1kqmzYTP7erT/N7o87AAAAADgEJ7eznY2c6K63ipxO8mL7O4DpvJPbWc9q1tPMSq61vxfofOqvbd1baG7dW7hVLjvn/fa/HlidPiCM9ozpfPew+57Ptrdo5HpW2y0XcjVvpZlrqbVHls5W8XRnHYrrbhlT8a3KiAm6VpXlkX9QlTu8P+Jk+xv+MqWx/xcsM+2MTPYyMlfFVmbj+e6Z2f0MDZ2dgwzvaT61XmCnh/Y0FPBD5fx4VZbH85u9cj4Ww5m4NHD1vbh/zpMv//H3P56r6kfnkEYzUZWt9mNjZyYWBjLx0iiZuNG8ffPG9Tvnn7ZM7DDXzsSZ3vpSvpcf5Xxm88OsZTU/zXLWs5LZfLddW65OfjFwe++RqSudYnK33S71E9fN+1R1hU5UrZ8nplfbY09kNT/IW7mWlbzW/ncp8/l6LudyFgfO8Jn9z3D7rq89cNf3XwFaz+2axnNfqSrl095vq3JXe3Y8KWVenx/I6+Bz7ky7b7Cln6VTB2epTMsDz41/2j+U+v9XlXIfvxw49+M3nIn5gUy8sF8muhfynebtm2s3lt8ebXenPhgY/usj9ZRaXi+nypOV7gnqXx1l3wvdvqF8lX2ne321HX1nen2dO3Vzzzt1qnoPt3OmS+2+l3btW2j3nR3o2+391sHv5gAYs+NfPT7V+Gfjb42PGr9q3Gi8Pv2dY9849vJUJv88+c363MSXai8Xf8hH+Xn/8z8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDw7rz73s3lZnNlbajSarXe36Or2TqZ7NH1cJXanmGUlfoBoe6oZPYfz5QDui2t9Lq6P2f2GIM/qPJ/zyajj6p+gSedlvrjzfMYK/9ptVpVS7HHNr/7y85EPTdS6qZGvzYOqExXV3jlSKSuqtQPeadjekICDs3F9VtvX7zz7ntfW721/ObKmyu3Fy9fXpxbvPzawsXrq82Vuc7juKMEnoT+i/64IwEAAAAAAAAAAABGNdrfA+SR/pxg3McIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPN2Wzqd+P0Xm5y7Mletb9xaa5dKt97esJ6klKX6WFB8nV9JZMjMwXbHXfj5cXXzjk8+2Pu3PVS75/tUDxo1ms1oym2SiU959XPNdrcp9FfsdQtE7wjJh57qJg3H7bwAAAP//EOj9JQ==")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$unix(0x1, 0x2, 0x0)
bind$unix(r3, &(0x7f0000000100)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)

2.478907847s ago: executing program 4 (id=271):
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0)
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/timer_list\x00', 0x0, 0x0)
r3 = add_key$keyring(0x0, &(0x7f0000000040)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$setperm(0x5, r3, 0x30925)
keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r3, 0x1)
sendfile(r1, r2, 0x0, 0x20000023896)

2.304599535s ago: executing program 3 (id=272):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x40000, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x3)
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x2a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x1a01, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
futex(0x0, 0x2, 0x1, 0x0, 0x0, 0x2)
ioctl$EVIOCGPROP(r1, 0x40047438, &(0x7f0000000180)=""/246)
r2 = dup3(r1, r0, 0x80000)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x11, 0x3, &(0x7f0000000280)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffffffc}}, &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r3}, 0x10)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x6)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x7434, 0x0)

0s ago: executing program 0 (id=273):
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000004c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x5, 0x0, 0x0, {0x7}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0x48}}, 0x0)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000800)={0xffffffffffffffff, 0x20, &(0x7f00000007c0)={&(0x7f0000000280)=""/2, 0x2, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0x12, 0x5, 0x0, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0xf, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
pipe(0x0)
socket(0x1e, 0x1, 0x0)
sendmsg$RDMA_NLDEV_CMD_STAT_DEL(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000500)={&(0x7f0000000440)={0x18, 0x1412, 0x20, 0x70bd27, 0x25dfdbfe, "", [@RDMA_NLDEV_ATTR_STAT_COUNTER_ID={0x8}]}, 0x18}, 0x1, 0x0, 0x0, 0x4010}, 0x40)
mount$overlay(0x0, 0x0, &(0x7f0000000080), 0x0, &(0x7f0000000140)={[{@lowerdir={'lowerdir', 0x3d, './file0'}}, {@default_permissions}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000300)={[{@init_itable_val}, {@jqfmt_vfsold}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6a}}, {@user_xattr}, {@nombcache}, {@quota}]}, 0x3, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x9, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, 0x0)
lsetxattr$trusted_overlay_upper(&(0x7f0000000100)='./file1\x00', &(0x7f00000000c0), &(0x7f0000000040)=ANY=[], 0xfe37, 0x0)
unlink(&(0x7f0000000180)='./file1\x00')

kernel console output (not intermixed with test programs):

e
[  109.825358][ T5823] hsr_slave_0: entered promiscuous mode
[  109.832063][ T5823] hsr_slave_1: entered promiscuous mode
[  109.866489][ T5822] team0: Port device team_slave_0 added
[  109.876230][ T5822] team0: Port device team_slave_1 added
[  109.902488][ T5835] team0: Port device team_slave_0 added
[  109.909656][ T5832] batman_adv: batadv0: Adding interface: batadv_slave_0
[  109.916646][ T5832] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  109.943802][ T5832] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  110.028710][ T5835] team0: Port device team_slave_1 added
[  110.053040][ T5832] batman_adv: batadv0: Adding interface: batadv_slave_1
[  110.060154][ T5832] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  110.086214][ T5832] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  110.148743][ T5822] batman_adv: batadv0: Adding interface: batadv_slave_0
[  110.156320][ T5822] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  110.183212][ T5822] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  110.280640][ T5826] hsr_slave_0: entered promiscuous mode
[  110.287192][ T5826] hsr_slave_1: entered promiscuous mode
[  110.294172][ T5826] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  110.302030][ T5826] Cannot create hsr debugfs directory
[  110.308384][ T5822] batman_adv: batadv0: Adding interface: batadv_slave_1
[  110.316576][ T5822] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  110.342807][ T5822] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  110.363176][ T5835] batman_adv: batadv0: Adding interface: batadv_slave_0
[  110.370552][ T5835] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  110.396799][ T5835] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  110.415262][ T5831] hsr_slave_0: entered promiscuous mode
[  110.422135][ T5831] hsr_slave_1: entered promiscuous mode
[  110.428358][ T5831] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  110.436020][ T5831] Cannot create hsr debugfs directory
[  110.485655][ T5835] batman_adv: batadv0: Adding interface: batadv_slave_1
[  110.492819][ T5835] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  110.519982][ T5835] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  110.540171][ T5832] hsr_slave_0: entered promiscuous mode
[  110.546712][ T5832] hsr_slave_1: entered promiscuous mode
[  110.553567][ T5832] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  110.561251][ T5832] Cannot create hsr debugfs directory
[  110.659367][ T5134] Bluetooth: hci5: command tx timeout
[  110.739140][ T5844] Bluetooth: hci3: command tx timeout
[  110.739576][ T5824] Bluetooth: hci1: command tx timeout
[  110.744574][ T5844] Bluetooth: hci2: command tx timeout
[  110.750320][ T5833] Bluetooth: hci0: command tx timeout
[  110.755618][ T5134] Bluetooth: hci4: command tx timeout
[  110.815516][ T5822] hsr_slave_0: entered promiscuous mode
[  110.822525][ T5822] hsr_slave_1: entered promiscuous mode
[  110.828814][ T5822] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  110.836531][ T5822] Cannot create hsr debugfs directory
[  110.987742][ T5835] hsr_slave_0: entered promiscuous mode
[  110.994573][ T5835] hsr_slave_1: entered promiscuous mode
[  111.001906][ T5835] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  111.009575][ T5835] Cannot create hsr debugfs directory
[  111.397575][ T5823] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  111.483869][ T5823] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  111.508013][ T5823] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  111.571320][ T5823] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  111.689879][ T5831] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  111.703605][ T5831] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  111.716380][ T5831] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  111.741039][ T5831] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  111.852588][ T5832] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  111.875851][ T5832] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  111.887558][ T5832] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  111.917262][ T5832] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  112.022710][ T5826] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  112.045630][ T5826] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  112.069581][ T5826] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  112.085447][ T5826] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  112.213905][ T5823] 8021q: adding VLAN 0 to HW filter on device bond0
[  112.282956][ T5835] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  112.295472][ T5835] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  112.306755][ T5835] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  112.320267][ T5835] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  112.347402][ T5823] 8021q: adding VLAN 0 to HW filter on device team0
[  112.452105][ T5831] 8021q: adding VLAN 0 to HW filter on device bond0
[  112.461755][ T1155] bridge0: port 1(bridge_slave_0) entered blocking state
[  112.469089][ T1155] bridge0: port 1(bridge_slave_0) entered forwarding state
[  112.486589][ T1153] bridge0: port 2(bridge_slave_1) entered blocking state
[  112.493734][ T1153] bridge0: port 2(bridge_slave_1) entered forwarding state
[  112.525374][ T5832] 8021q: adding VLAN 0 to HW filter on device bond0
[  112.585591][ T5822] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  112.621595][ T5831] 8021q: adding VLAN 0 to HW filter on device team0
[  112.631510][ T5822] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  112.652683][ T5832] 8021q: adding VLAN 0 to HW filter on device team0
[  112.667797][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  112.674995][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  112.693430][ T5822] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  112.705749][ T5822] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  112.737884][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  112.745075][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  112.759558][ T5134] Bluetooth: hci5: command tx timeout
[  112.776012][ T5826] 8021q: adding VLAN 0 to HW filter on device bond0
[  112.815086][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  112.822425][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  112.831973][ T5134] Bluetooth: hci4: command tx timeout
[  112.832037][ T5833] Bluetooth: hci2: command tx timeout
[  112.837390][ T5134] Bluetooth: hci3: command tx timeout
[  112.843143][ T5824] Bluetooth: hci0: command tx timeout
[  112.855697][ T5830] Bluetooth: hci1: command tx timeout
[  112.887351][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  112.894561][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  112.961767][ T5826] 8021q: adding VLAN 0 to HW filter on device team0
[  113.024169][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  113.031373][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  113.087298][ T4474] bridge0: port 2(bridge_slave_1) entered blocking state
[  113.094497][ T4474] bridge0: port 2(bridge_slave_1) entered forwarding state
[  113.266579][ T5832] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  113.343213][ T5835] 8021q: adding VLAN 0 to HW filter on device bond0
[  113.588194][ T5835] 8021q: adding VLAN 0 to HW filter on device team0
[  113.667060][ T5822] 8021q: adding VLAN 0 to HW filter on device bond0
[  113.704509][   T36] bridge0: port 1(bridge_slave_0) entered blocking state
[  113.711741][   T36] bridge0: port 1(bridge_slave_0) entered forwarding state
[  113.806015][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[  113.813260][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[  113.832433][ T5822] 8021q: adding VLAN 0 to HW filter on device team0
[  113.875979][ T5831] 8021q: adding VLAN 0 to HW filter on device batadv0
[  113.925661][   T80] bridge0: port 1(bridge_slave_0) entered blocking state
[  113.932828][   T80] bridge0: port 1(bridge_slave_0) entered forwarding state
[  113.953769][ T5823] 8021q: adding VLAN 0 to HW filter on device batadv0
[  113.986221][   T80] bridge0: port 2(bridge_slave_1) entered blocking state
[  113.993435][   T80] bridge0: port 2(bridge_slave_1) entered forwarding state
[  114.049886][ T5826] 8021q: adding VLAN 0 to HW filter on device batadv0
[  114.074094][ T5832] 8021q: adding VLAN 0 to HW filter on device batadv0
[  114.211255][ T5831] veth0_vlan: entered promiscuous mode
[  114.265530][ T5823] veth0_vlan: entered promiscuous mode
[  114.316687][ T5831] veth1_vlan: entered promiscuous mode
[  114.377489][ T5823] veth1_vlan: entered promiscuous mode
[  114.476965][ T5832] veth0_vlan: entered promiscuous mode
[  114.533121][ T5831] veth0_macvtap: entered promiscuous mode
[  114.546336][ T5832] veth1_vlan: entered promiscuous mode
[  114.607644][ T5831] veth1_macvtap: entered promiscuous mode
[  114.683427][ T5835] 8021q: adding VLAN 0 to HW filter on device batadv0
[  114.725391][ T5823] veth0_macvtap: entered promiscuous mode
[  114.733320][ T5832] veth0_macvtap: entered promiscuous mode
[  114.746957][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_0
[  114.766367][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_1
[  114.784951][ T5823] veth1_macvtap: entered promiscuous mode
[  114.820670][ T5833] Bluetooth: hci5: command tx timeout
[  114.855356][ T5832] veth1_macvtap: entered promiscuous mode
[  114.894613][ T5831] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  114.903717][ T5833] Bluetooth: hci2: command tx timeout
[  114.903769][ T5833] Bluetooth: hci0: command tx timeout
[  114.903811][ T5833] Bluetooth: hci1: command tx timeout
[  114.909934][ T5824] Bluetooth: hci3: command tx timeout
[  114.909983][ T5824] Bluetooth: hci4: command tx timeout
[  114.932723][ T5831] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  114.941797][ T5831] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  114.950861][ T5831] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  115.015640][ T5835] veth0_vlan: entered promiscuous mode
[  115.053111][ T5823] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  115.064527][ T5823] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  115.076985][ T5823] batman_adv: batadv0: Interface activated: batadv_slave_0
[  115.103374][ T5826] veth0_vlan: entered promiscuous mode
[  115.114929][ T5822] 8021q: adding VLAN 0 to HW filter on device batadv0
[  115.126087][ T5835] veth1_vlan: entered promiscuous mode
[  115.138796][ T5823] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  115.151866][ T5823] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  115.164114][ T5823] batman_adv: batadv0: Interface activated: batadv_slave_1
[  115.174908][ T5832] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  115.188502][ T5832] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  115.199641][ T5832] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  115.210880][ T5832] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  115.223969][ T5832] batman_adv: batadv0: Interface activated: batadv_slave_0
[  115.246445][ T5826] veth1_vlan: entered promiscuous mode
[  115.265456][ T5823] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  115.276629][ T5823] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  115.285963][ T5823] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  115.295003][ T5823] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  115.322629][ T5832] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  115.334550][ T5832] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  115.346027][ T5832] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  115.359056][ T5832] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  115.371667][ T5832] batman_adv: batadv0: Interface activated: batadv_slave_1
[  115.417890][ T5832] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  115.432972][ T5832] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  115.442896][ T5832] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  115.452127][ T5832] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  115.535927][ T5826] veth0_macvtap: entered promiscuous mode
[  115.554530][ T5826] veth1_macvtap: entered promiscuous mode
[  115.632404][ T5835] veth0_macvtap: entered promiscuous mode
[  115.661276][ T5826] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  115.672452][ T5826] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  115.682772][ T5826] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  115.693553][ T5826] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  115.703593][ T5826] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  115.714195][ T5826] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  115.726045][ T5826] batman_adv: batadv0: Interface activated: batadv_slave_0
[  115.741656][ T5826] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  115.752248][ T5826] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  115.763812][ T5826] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  115.774531][ T5826] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  115.785071][ T5826] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  115.795618][ T5826] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  115.806843][ T5826] batman_adv: batadv0: Interface activated: batadv_slave_1
[  115.833904][   T80] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  115.847594][   T80] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  115.868281][ T5826] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  115.879607][ T5826] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  115.888336][ T5826] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  115.897094][ T5826] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  115.936302][ T5835] veth1_macvtap: entered promiscuous mode
[  116.042117][ T4474] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  116.054220][ T5835] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  116.064751][ T4474] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  116.072657][ T5835] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  116.083147][ T5835] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  116.094729][ T5835] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  116.105833][ T5835] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  116.117031][ T5835] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  116.130550][ T5835] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  116.141489][ T5835] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  116.153277][ T5835] batman_adv: batadv0: Interface activated: batadv_slave_0
[  116.164471][ T5835] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  116.175450][ T5835] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  116.185883][ T5835] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  116.197335][ T5835] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  116.207281][ T5835] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  116.217930][ T5835] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  116.227783][ T5835] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  116.238343][ T5835] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  116.250930][ T5835] batman_adv: batadv0: Interface activated: batadv_slave_1
[  116.298316][ T4474] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  116.302382][ T5835] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  116.306308][ T4474] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  116.324881][ T5835] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  116.334460][ T5835] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  116.343708][ T5835] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  116.402225][ T1155] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  116.417786][ T1155] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  116.461646][ T5831] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[  116.515654][ T4474] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  116.524239][ T4474] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  116.584524][ T5822] veth0_vlan: entered promiscuous mode
[  116.671046][ T5822] veth1_vlan: entered promiscuous mode
[  116.681123][ T1155] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  116.710094][ T1155] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  116.807354][ T1155] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  116.836518][ T1155] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  116.987344][ T4474] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  117.013989][ T5822] veth0_macvtap: entered promiscuous mode
[  117.021560][ T4474] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  117.102128][ T5822] veth1_macvtap: entered promiscuous mode
[  117.141832][   T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  117.175432][   T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  117.279147][   T80] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  117.289097][ T5822] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  117.307343][   T80] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  117.325191][ T5822] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  117.335869][ T5822] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  117.362396][ T5822] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  117.383808][ T5822] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  117.429953][ T5822] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  117.449796][ T5822] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  117.477058][ T5822] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  117.499085][ T5822] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  117.525866][ T5822] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  117.547453][ T5822] batman_adv: batadv0: Interface activated: batadv_slave_0
[  117.593793][ T5822] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  117.657285][ T5822] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  117.689364][ T5822] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  117.749039][ T5822] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  117.758895][ T5822] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  117.780915][ T5822] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  117.803912][ T5822] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  117.837003][ T5822] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  117.863614][ T5822] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  117.877400][ T5822] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  117.900483][ T5822] batman_adv: batadv0: Interface activated: batadv_slave_1
[  118.025809][ T5941] loop3: detected capacity change from 0 to 1024
[  118.027646][ T5822] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  118.060107][ T5941] =======================================================
[  118.060107][ T5941] WARNING: The mand mount option has been deprecated and
[  118.060107][ T5941]          and is ignored by this kernel. Remove the mand
[  118.060107][ T5941]          option from the mount to silence this warning.
[  118.060107][ T5941] =======================================================
[  118.068977][ T5822] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  118.142224][ T5822] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  118.155205][ T5822] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  118.186507][ T5941] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  118.261307][ T5947] syz.5.6 uses obsolete (PF_INET,SOCK_PACKET)
[  118.418310][ T5831] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  118.605914][ T5937] loop0: detected capacity change from 0 to 32768
[  118.795358][ T5937] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  118.858186][ T5962] loop1: detected capacity change from 0 to 128
[  118.950002][ T5962] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback.
[  118.964424][   T30] audit: type=1804 audit(1746435173.567:2): pid=5937 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.7" name="/newroot/1/file1/bus" dev="loop0" ino=17058 res=1 errno=0
[  118.987522][ T5962] ext4 filesystem being mounted at /3/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  119.094464][   T30] audit: type=1800 audit(1746435173.707:3): pid=5962 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.13" name="file2" dev="loop1" ino=13 res=0 errno=0
[  119.183466][ T3471] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  119.213152][ T3471] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  119.304259][ T5832] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  119.340561][ T5823] ocfs2: Unmounting device (7,0) on (node local)
[  119.482293][ T5968] macvtap0: entered promiscuous mode
[  119.502263][ T5968] macvtap0: left promiscuous mode
[  119.598828][   T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  119.610283][   T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  120.001171][ T5954] loop3: detected capacity change from 0 to 32768
[  120.068862][ T5954] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.10 (5954)
[  120.087081][ T5972] loop2: detected capacity change from 0 to 16
[  120.153345][ T5972] erofs (device loop2): mounted with root inode @ nid 36.
[  120.231152][ T5970] loop1: detected capacity change from 0 to 65536
[  120.301805][ T5972] erofs (device loop2): big pcluster head1/2 of compact indexes should be consistent for nid 36
[  120.359199][ T5970] XFS (loop1): Mounting V5 Filesystem d6f69dbd-8c5d-46be-b88e-92c0ae88ceb2
[  120.405625][ T5954] BTRFS info (device loop3): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  120.417406][ T5954] BTRFS info (device loop3): using sha256 (sha256-ni) checksum algorithm
[  120.419842][ T5984] erofs (device loop2): big pcluster head1/2 of compact indexes should be consistent for nid 36
[  120.447940][ T5970] XFS (loop1): Ending clean mount
[  120.518498][ T5972] erofs (device loop2): big pcluster head1/2 of compact indexes should be consistent for nid 36
[  120.664370][ T5972] erofs (device loop2): readahead error at folio 47 @ nid 36
[  120.682243][ T5972] erofs (device loop2): big pcluster head1/2 of compact indexes should be consistent for nid 36
[  120.814821][ T5972] erofs (device loop2): readahead error at folio 46 @ nid 36
[  120.925624][ T5972] erofs (device loop2): big pcluster head1/2 of compact indexes should be consistent for nid 36
[  120.973976][ T5972] erofs (device loop2): readahead error at folio 45 @ nid 36
[  121.029780][ T5972] erofs (device loop2): big pcluster head1/2 of compact indexes should be consistent for nid 36
[  121.112159][ T5972] erofs (device loop2): readahead error at folio 44 @ nid 36
[  121.122458][ T6009] loop4: detected capacity change from 0 to 2048
[  121.156021][ T5832] XFS (loop1): Unmounting Filesystem d6f69dbd-8c5d-46be-b88e-92c0ae88ceb2
[  121.162486][ T6007] loop5: detected capacity change from 0 to 2048
[  121.187380][ T5972] erofs (device loop2): big pcluster head1/2 of compact indexes should be consistent for nid 36
[  121.250251][ T5831] BTRFS info (device loop3): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  121.260690][ T5972] erofs (device loop2): readahead error at folio 43 @ nid 36
[  121.260740][ T5972] erofs (device loop2): big pcluster head1/2 of compact indexes should be consistent for nid 36
[  121.338633][ T6009] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  121.363065][ T6007] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  121.417902][ T5972] erofs (device loop2): readahead error at folio 42 @ nid 36
[  121.477677][ T5972] erofs (device loop2): big pcluster head1/2 of compact indexes should be consistent for nid 36
[  121.555967][ T5972] erofs (device loop2): readahead error at folio 41 @ nid 36
[  121.630879][ T6009] EXT4-fs error (device loop4): ext4_validate_block_bitmap:440: comm syz.4.5: bg 0: block 234: padding at end of block bitmap is not set
[  121.676077][ T5972] erofs (device loop2): big pcluster head1/2 of compact indexes should be consistent for nid 36
[  121.733530][ T5972] erofs (device loop2): readahead error at folio 40 @ nid 36
[  121.793029][ T6009] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 60 with error 28
[  121.803105][ T5972] erofs (device loop2): big pcluster head1/2 of compact indexes should be consistent for nid 36
[  121.854743][ T5826] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  121.882511][ T5972] erofs (device loop2): readahead error at folio 39 @ nid 36
[  121.919902][ T5972] erofs (device loop2): big pcluster head1/2 of compact indexes should be consistent for nid 36
[  121.964965][ T6009] EXT4-fs (loop4): This should not happen!! Data will be lost
[  121.964965][ T6009] 
[  121.988988][ T5972] erofs (device loop2): readahead error at folio 38 @ nid 36
[  122.042181][ T6009] EXT4-fs (loop4): Total free blocks count 0
[  122.069289][ T5972] erofs (device loop2): big pcluster head1/2 of compact indexes should be consistent for nid 36
[  122.092782][ T6009] EXT4-fs (loop4): Free/Dirty block details
[  122.140805][ T5972] erofs (device loop2): readahead error at folio 37 @ nid 36
[  122.165186][ T6009] EXT4-fs (loop4): free_blocks=0
[  122.199244][ T5972] erofs (device loop2): big pcluster head1/2 of compact indexes should be consistent for nid 36
[  122.202917][ T6009] EXT4-fs (loop4): dirty_blocks=64
[  122.260675][ T6009] EXT4-fs (loop4): Block reservation details
[  122.266732][ T6009] EXT4-fs (loop4): i_reserved_data_blocks=4
[  122.271200][ T5972] erofs (device loop2): readahead error at folio 36 @ nid 36
[  122.312343][ T5972] erofs (device loop2): big pcluster head1/2 of compact indexes should be consistent for nid 36
[  122.385430][ T5972] erofs (device loop2): readahead error at folio 35 @ nid 36
[  122.460061][ T5972] erofs (device loop2): big pcluster head1/2 of compact indexes should be consistent for nid 36
[  122.519215][ T5972] erofs (device loop2): readahead error at folio 34 @ nid 36
[  122.526684][ T5972] erofs (device loop2): big pcluster head1/2 of compact indexes should be consistent for nid 36
[  122.544953][ T6009] syz.4.5 (6009) used greatest stack depth: 21304 bytes left
[  122.586935][ T5972] erofs (device loop2): readahead error at folio 33 @ nid 36
[  122.601934][ T6028] syzkaller1: entered promiscuous mode
[  122.617746][ T6028] syzkaller1: entered allmulticast mode
[  122.625608][ T5972] erofs (device loop2): big pcluster head1/2 of compact indexes should be consistent for nid 36
[  122.636619][ T5822] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  122.647875][ T5883] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  122.669421][ T5972] erofs (device loop2): readahead error at folio 32 @ nid 36
[  122.709741][ T5972] erofs (device loop2): big pcluster head1/2 of compact indexes should be consistent for nid 36
[  122.752784][ T5972] erofs (device loop2): readahead error at folio 31 @ nid 36
[  122.799144][ T5972] erofs (device loop2): big pcluster head1/2 of compact indexes should be consistent for nid 36
[  122.851958][ T5883] usb 6-1: Using ep0 maxpacket: 16
[  122.859027][ T5972] erofs (device loop2): readahead error at folio 30 @ nid 36
[  122.892088][ T5883] usb 6-1: unable to get BOS descriptor or descriptor too short
[  122.919680][ T5972] erofs (device loop2): big pcluster head1/2 of compact indexes should be consistent for nid 36
[  122.920369][ T5883] usb 6-1: config 1 interface 0 altsetting 127 endpoint 0x81 has an invalid bInterval 39, changing to 9
[  122.987006][ T5883] usb 6-1: config 1 interface 0 altsetting 127 endpoint 0x81 has invalid maxpacket 1536, setting to 1024
[  123.008371][ T5972] erofs (device loop2): readahead error at folio 29 @ nid 36
[  123.059716][ T5883] usb 6-1: config 1 interface 0 altsetting 127 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  123.061479][ T5972] erofs (device loop2): big pcluster head1/2 of compact indexes should be consistent for nid 36
[  123.122508][ T5883] usb 6-1: config 1 interface 0 has no altsetting 0
[  123.155812][ T5972] erofs (device loop2): readahead error at folio 28 @ nid 36
[  123.163260][ T5883] usb 6-1: New USB device found, idVendor=05ac, idProduct=0242, bcdDevice= 0.40
[  123.163306][ T5883] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  123.163344][ T5883] usb 6-1: Product: syz
[  123.163372][ T5883] usb 6-1: Manufacturer: syz
[  123.249276][ T5972] erofs (device loop2): big pcluster head1/2 of compact indexes should be consistent for nid 36
[  123.264835][ T5883] usb 6-1: SerialNumber: syz
[  123.344575][ T6024] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  123.369464][ T5972] erofs (device loop2): readahead error at folio 27 @ nid 36
[  123.410679][ T5972] erofs (device loop2): big pcluster head1/2 of compact indexes should be consistent for nid 36
[  123.486421][ T5972] erofs (device loop2): readahead error at folio 26 @ nid 36
[  123.529603][ T5972] erofs (device loop2): big pcluster head1/2 of compact indexes should be consistent for nid 36
[  123.589395][ T5972] erofs (device loop2): readahead error at folio 25 @ nid 36
[  123.596839][ T5972] erofs (device loop2): big pcluster head1/2 of compact indexes should be consistent for nid 36
[  123.641018][ T5883] input: bcm5974 as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:1.0/input/input5
[  123.662410][ T5972] erofs (device loop2): readahead error at folio 24 @ nid 36
[  123.712491][ T5972] erofs (device loop2): big pcluster head1/2 of compact indexes should be consistent for nid 36
[  123.754787][ T6020] loop3: detected capacity change from 0 to 32768
[  123.827196][ T5972] erofs (device loop2): readahead error at folio 23 @ nid 36
[  123.930984][ T5972] erofs (device loop2): big pcluster head1/2 of compact indexes should be consistent for nid 36
[  124.038032][ T5972] erofs (device loop2): readahead error at folio 22 @ nid 36
[  124.135256][ T5972] erofs (device loop2): big pcluster head1/2 of compact indexes should be consistent for nid 36
[  124.282764][ T6036] loop1: detected capacity change from 0 to 65536
[  124.285974][ T5972] erofs (device loop2): readahead error at folio 21 @ nid 36
[  124.340028][ T5972] erofs (device loop2): big pcluster head1/2 of compact indexes should be consistent for nid 36
[  124.373184][ T5972] erofs (device loop2): readahead error at folio 20 @ nid 36
[  124.385222][ T5972] erofs (device loop2): big pcluster head1/2 of compact indexes should be consistent for nid 36
[  124.395804][ T5972] erofs (device loop2): readahead error at folio 19 @ nid 36
[  124.404845][ T5972] erofs (device loop2): big pcluster head1/2 of compact indexes should be consistent for nid 36
[  124.417734][ T6036] XFS (loop1): Mounting V5 Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3
[  124.474193][ T5972] erofs (device loop2): readahead error at folio 18 @ nid 36
[  124.482042][ T5972] erofs (device loop2): big pcluster head1/2 of compact indexes should be consistent for nid 36
[  124.495639][ T5972] erofs (device loop2): readahead error at folio 17 @ nid 36
[  124.518179][ T6036] XFS (loop1): Ending clean mount
[  124.529787][    C1] bcm5974 6-1:1.0: trackpad urb failed: -19
[  124.535785][ T5883] usb 6-1: USB disconnect, device number 2
[  124.536314][ T5972] erofs (device loop2): big pcluster head1/2 of compact indexes should be consistent for nid 36
[  124.554655][ T5883] bcm5974 6-1:1.0: could not read from device
[  124.630366][ T5972] erofs (device loop2): readahead error at folio 16 @ nid 36
[  124.637907][ T5972] erofs (device loop2): big pcluster head1/2 of compact indexes should be consistent for nid 36
[  124.721887][ T5972] erofs (device loop2): readahead error at folio 15 @ nid 36
[  124.743334][ T5832] XFS (loop1): Unmounting Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3
[  125.351526][ T6030] loop4: detected capacity change from 0 to 32768
[  125.483673][ T6030] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  125.881959][ T6066] loop3: detected capacity change from 0 to 64
[  125.891003][ T6030] XFS (loop4): Ending clean mount
[  125.932763][ T6030] XFS (loop4): Quotacheck needed: Please wait.
[  126.039460][ T6030] XFS (loop4): Quotacheck: Done.
[  126.186399][ T5822] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  126.235523][ T6050] loop0: detected capacity change from 0 to 32768
[  126.293881][ T6050] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.32 (6050)
[  126.400805][ T6050] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  126.489140][ T6050] BTRFS info (device loop0): using crc32c (crc32c-x86_64) checksum algorithm
[  126.547548][ T6050] BTRFS info (device loop0): using free-space-tree
[  126.739857][ T5883] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[  126.911046][ T5883] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  126.921127][ T5883] usb 4-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  126.950268][ T5883] usb 4-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  126.995630][ T5883] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  127.021391][ T5883] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  127.049203][ T5883] usb 4-1: Product: syz
[  127.069175][ T5883] usb 4-1: Manufacturer: syz
[  127.073809][ T5883] usb 4-1: SerialNumber: syz
[  127.217382][ T6061] loop2: detected capacity change from 0 to 40427
[  127.238314][ T5823] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  127.275557][ T6061] F2FS-fs (loop2): build fault injection attr: rate: 690, type: 0x3fffff
[  127.343030][ T6061] F2FS-fs (loop2): invalid crc value
[  127.404294][ T5883] usblp 4-1:1.0: usblp0: USB Unidirectional printer dev 2 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  127.582300][ T6068] loop5: detected capacity change from 0 to 32768
[  127.626290][   T10] usb 4-1: USB disconnect, device number 2
[  127.683196][   T10] usblp0: removed
[  127.707626][ T6068] ocfs2: Slot 0 on device (7,5) was already allocated to this node!
[  127.797174][ T6061] F2FS-fs (loop2): Start checkpoint disabled!
[  127.814504][ T6061] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[  127.815904][ T6068] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode.
[  127.928787][ T6061] F2FS-fs (loop2): inject no more block in inc_valid_block_count of f2fs_map_blocks+0x21c4/0x46f0
[  128.145285][ T4474] kworker/u8:8: attempt to access beyond end of device
[  128.145285][ T4474] loop2: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  128.185213][ T4474] CPU: 0 UID: 0 PID: 4474 Comm: kworker/u8:8 Not tainted 6.15.0-rc5-syzkaller #0 PREEMPT(full) 
[  128.185263][ T4474] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[  128.185287][ T4474] Workqueue: writeback wb_workfn (flush-7:2)
[  128.185339][ T4474] Call Trace:
[  128.185351][ T4474]  <TASK>
[  128.185365][ T4474]  dump_stack_lvl+0x16c/0x1f0
[  128.185422][ T4474]  f2fs_handle_critical_error+0x621/0x9f0
[  128.185474][ T4474]  ? srso_alias_return_thunk+0x5/0xfbef5
[  128.185520][ T4474]  ? __asan_memset+0x23/0x50
[  128.185565][ T4474]  ? srso_alias_return_thunk+0x5/0xfbef5
[  128.185624][ T4474]  f2fs_write_end_io+0x73d/0xac0
[  128.185681][ T4474]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  128.185741][ T4474]  ? srso_alias_return_thunk+0x5/0xfbef5
[  128.185799][ T4474]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  128.185850][ T4474]  bio_endio+0x6d2/0x810
[  128.185892][ T4474]  submit_bio_noacct+0x56d/0x1ec0
[  128.185954][ T4474]  __submit_merged_bio+0x33c/0x770
[  128.186014][ T4474]  __submit_merged_write_cond+0x319/0x3f0
[  128.186083][ T4474]  f2fs_sync_node_pages+0x1558/0x18b0
[  128.186154][ T4474]  ? __pfx_f2fs_sync_node_pages+0x10/0x10
[  128.186267][ T4474]  ? srso_alias_return_thunk+0x5/0xfbef5
[  128.186311][ T4474]  ? rcu_is_watching+0x12/0xc0
[  128.186355][ T4474]  ? srso_alias_return_thunk+0x5/0xfbef5
[  128.186410][ T4474]  f2fs_write_node_pages+0x27d/0x7a0
[  128.186468][ T4474]  ? __pfx_f2fs_write_node_pages+0x10/0x10
[  128.186541][ T4474]  ? __pfx_f2fs_write_node_pages+0x10/0x10
[  128.186592][ T4474]  do_writepages+0x1b5/0x820
[  128.186654][ T4474]  ? __pfx_do_writepages+0x10/0x10
[  128.186701][ T4474]  ? srso_alias_return_thunk+0x5/0xfbef5
[  128.186745][ T4474]  ? __lock_acquire+0xaa4/0x1ba0
[  128.186828][ T4474]  ? srso_alias_return_thunk+0x5/0xfbef5
[  128.186872][ T4474]  ? reacquire_held_locks+0xcd/0x1f0
[  128.186941][ T4474]  __writeback_single_inode+0x160/0xfb0
[  128.186986][ T4474]  ? __pfx___writeback_single_inode+0x10/0x10
[  128.187025][ T4474]  ? srso_alias_return_thunk+0x5/0xfbef5
[  128.187069][ T4474]  ? do_raw_spin_unlock+0x172/0x230
[  128.187109][ T4474]  ? srso_alias_return_thunk+0x5/0xfbef5
[  128.187162][ T4474]  writeback_sb_inodes+0x601/0xf90
[  128.187229][ T4474]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  128.187270][ T4474]  ? srso_alias_return_thunk+0x5/0xfbef5
[  128.187314][ T4474]  ? find_held_lock+0x2b/0x80
[  128.187435][ T4474]  ? srso_alias_return_thunk+0x5/0xfbef5
[  128.187481][ T4474]  ? rcu_is_watching+0x12/0xc0
[  128.187523][ T4474]  ? srso_alias_return_thunk+0x5/0xfbef5
[  128.187567][ T4474]  ? queue_io+0x3f6/0x520
[  128.187634][ T4474]  wb_writeback+0x419/0xb70
[  128.187686][ T4474]  ? __pfx_wb_writeback+0x10/0x10
[  128.187741][ T4474]  ? srso_alias_return_thunk+0x5/0xfbef5
[  128.187785][ T4474]  ? mark_held_locks+0x49/0x80
[  128.187842][ T4474]  ? _raw_spin_unlock_irq+0x23/0x50
[  128.187895][ T4474]  wb_workfn+0x14d/0xbe0
[  128.187942][ T4474]  ? srso_alias_return_thunk+0x5/0xfbef5
[  128.187986][ T4474]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  128.188037][ T4474]  ? __pfx_wb_workfn+0x10/0x10
[  128.188083][ T4474]  ? srso_alias_return_thunk+0x5/0xfbef5
[  128.188133][ T4474]  ? srso_alias_return_thunk+0x5/0xfbef5
[  128.188184][ T4474]  ? srso_alias_return_thunk+0x5/0xfbef5
[  128.188228][ T4474]  ? rcu_is_watching+0x12/0xc0
[  128.188280][ T4474]  process_one_work+0x9cf/0x1b70
[  128.188344][ T4474]  ? __pfx_process_one_work+0x10/0x10
[  128.188385][ T4474]  ? srso_alias_return_thunk+0x5/0xfbef5
[  128.188447][ T4474]  ? srso_alias_return_thunk+0x5/0xfbef5
[  128.188492][ T4474]  ? assign_work+0x1a0/0x250
[  128.188534][ T4474]  worker_thread+0x6c8/0xf10
[  128.188587][ T4474]  ? srso_alias_return_thunk+0x5/0xfbef5
[  128.188634][ T4474]  ? srso_alias_return_thunk+0x5/0xfbef5
[  128.188678][ T4474]  ? __kthread_parkme+0x19e/0x250
[  128.188730][ T4474]  ? srso_alias_return_thunk+0x5/0xfbef5
[  128.188778][ T4474]  ? __pfx_worker_thread+0x10/0x10
[  128.188818][ T4474]  kthread+0x3c5/0x780
[  128.188855][ T4474]  ? __pfx_kthread+0x10/0x10
[  128.188886][ T4474]  ? __pfx_kthread+0x10/0x10
[  128.188922][ T4474]  ? __pfx_kthread+0x10/0x10
[  128.188955][ T4474]  ? __pfx_kthread+0x10/0x10
[  128.188987][ T4474]  ? srso_alias_return_thunk+0x5/0xfbef5
[  128.189031][ T4474]  ? rcu_is_watching+0x12/0xc0
[  128.189076][ T4474]  ? __pfx_kthread+0x10/0x10
[  128.189113][ T4474]  ret_from_fork+0x48/0x80
[  128.189147][ T4474]  ? __pfx_kthread+0x10/0x10
[  128.189183][ T4474]  ret_from_fork_asm+0x1a/0x30
[  128.189267][ T4474]  </TASK>
[  128.680849][ T5826] ocfs2: Unmounting device (7,5) on (node local)
[  128.717061][ T6091] loop1: detected capacity change from 0 to 32768
[  128.755258][ T6093] loop4: detected capacity change from 0 to 32768
[  128.773295][ T4474] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  128.775747][ T6091] BTRFS: device fsid 5e4b7888-5e56-43f0-8345-635ad0fd87c6 devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.39 (6091)
[  128.783418][ T4474] CPU: 0 UID: 0 PID: 4474 Comm: kworker/u8:8 Not tainted 6.15.0-rc5-syzkaller #0 PREEMPT(full) 
[  128.783470][ T4474] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[  128.783495][ T4474] Workqueue: writeback wb_workfn (flush-7:2)
[  128.783545][ T4474] Call Trace:
[  128.783557][ T4474]  <TASK>
[  128.783570][ T4474]  dump_stack_lvl+0x16c/0x1f0
[  128.783626][ T4474]  f2fs_handle_critical_error+0x621/0x9f0
[  128.783673][ T4474]  ? srso_alias_return_thunk+0x5/0xfbef5
[  128.783717][ T4474]  ? __asan_memset+0x23/0x50
[  128.783761][ T4474]  ? srso_alias_return_thunk+0x5/0xfbef5
[  128.783818][ T4474]  f2fs_write_end_io+0x73d/0xac0
[  128.783875][ T4474]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  128.783934][ T4474]  ? srso_alias_return_thunk+0x5/0xfbef5
[  128.783991][ T4474]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  128.784041][ T4474]  bio_endio+0x6d2/0x810
[  128.784082][ T4474]  submit_bio_noacct+0x56d/0x1ec0
[  128.784143][ T4474]  __submit_merged_bio+0x33c/0x770
[  128.784202][ T4474]  __submit_merged_write_cond+0x319/0x3f0
[  128.784269][ T4474]  f2fs_sync_node_pages+0x1558/0x18b0
[  128.784343][ T4474]  ? __pfx_f2fs_sync_node_pages+0x10/0x10
[  128.784459][ T4474]  ? srso_alias_return_thunk+0x5/0xfbef5
[  128.784502][ T4474]  ? rcu_is_watching+0x12/0xc0
[  128.784546][ T4474]  ? srso_alias_return_thunk+0x5/0xfbef5
[  128.784599][ T4474]  f2fs_write_node_pages+0x27d/0x7a0
[  128.784652][ T4474]  ? __pfx_f2fs_write_node_pages+0x10/0x10
[  128.784723][ T4474]  ? __pfx_f2fs_write_node_pages+0x10/0x10
[  128.784773][ T4474]  do_writepages+0x1b5/0x820
[  128.784834][ T4474]  ? __pfx_do_writepages+0x10/0x10
[  128.784880][ T4474]  ? srso_alias_return_thunk+0x5/0xfbef5
[  128.784923][ T4474]  ? __lock_acquire+0xaa4/0x1ba0
[  128.785003][ T4474]  ? srso_alias_return_thunk+0x5/0xfbef5
[  128.785046][ T4474]  ? reacquire_held_locks+0xcd/0x1f0
[  128.785113][ T4474]  __writeback_single_inode+0x160/0xfb0
[  128.785159][ T4474]  ? __pfx___writeback_single_inode+0x10/0x10
[  128.785196][ T4474]  ? srso_alias_return_thunk+0x5/0xfbef5
[  128.785239][ T4474]  ? do_raw_spin_unlock+0x172/0x230
[  128.785278][ T4474]  ? srso_alias_return_thunk+0x5/0xfbef5
[  128.785330][ T4474]  writeback_sb_inodes+0x601/0xf90
[  128.785397][ T4474]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  128.785441][ T4474]  ? srso_alias_return_thunk+0x5/0xfbef5
[  128.785483][ T4474]  ? find_held_lock+0x2b/0x80
[  128.785602][ T4474]  ? srso_alias_return_thunk+0x5/0xfbef5
[  128.785645][ T4474]  ? rcu_is_watching+0x12/0xc0
[  128.785686][ T4474]  ? srso_alias_return_thunk+0x5/0xfbef5
[  128.785728][ T4474]  ? queue_io+0x3f6/0x520
[  128.785794][ T4474]  wb_writeback+0x419/0xb70
[  128.785846][ T4474]  ? __pfx_wb_writeback+0x10/0x10
[  128.785900][ T4474]  ? srso_alias_return_thunk+0x5/0xfbef5
[  128.785943][ T4474]  ? mark_held_locks+0x49/0x80
[  128.785997][ T4474]  ? _raw_spin_unlock_irq+0x23/0x50
[  128.786050][ T4474]  wb_workfn+0x14d/0xbe0
[  128.786096][ T4474]  ? srso_alias_return_thunk+0x5/0xfbef5
[  128.786139][ T4474]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  128.786188][ T4474]  ? __pfx_wb_workfn+0x10/0x10
[  128.786233][ T4474]  ? srso_alias_return_thunk+0x5/0xfbef5
[  128.786282][ T4474]  ? srso_alias_return_thunk+0x5/0xfbef5
[  128.786332][ T4474]  ? srso_alias_return_thunk+0x5/0xfbef5
[  128.786375][ T4474]  ? rcu_is_watching+0x12/0xc0
[  128.786426][ T4474]  process_one_work+0x9cf/0x1b70
[  128.786494][ T4474]  ? __pfx_process_one_work+0x10/0x10
[  128.786533][ T4474]  ? srso_alias_return_thunk+0x5/0xfbef5
[  128.786591][ T4474]  ? srso_alias_return_thunk+0x5/0xfbef5
[  128.786633][ T4474]  ? assign_work+0x1a0/0x250
[  128.786675][ T4474]  worker_thread+0x6c8/0xf10
[  128.786727][ T4474]  ? srso_alias_return_thunk+0x5/0xfbef5
[  128.786773][ T4474]  ? srso_alias_return_thunk+0x5/0xfbef5
[  128.786816][ T4474]  ? __kthread_parkme+0x19e/0x250
[  128.786866][ T4474]  ? srso_alias_return_thunk+0x5/0xfbef5
[  128.786913][ T4474]  ? __pfx_worker_thread+0x10/0x10
[  128.786952][ T4474]  kthread+0x3c5/0x780
[  128.786988][ T4474]  ? __pfx_kthread+0x10/0x10
[  128.787018][ T4474]  ? __pfx_kthread+0x10/0x10
[  128.787050][ T4474]  ? __pfx_kthread+0x10/0x10
[  128.787082][ T4474]  ? __pfx_kthread+0x10/0x10
[  128.787112][ T4474]  ? srso_alias_return_thunk+0x5/0xfbef5
[  128.787154][ T4474]  ? rcu_is_watching+0x12/0xc0
[  128.787198][ T4474]  ? __pfx_kthread+0x10/0x10
[  128.787235][ T4474]  ret_from_fork+0x48/0x80
[  128.787268][ T4474]  ? __pfx_kthread+0x10/0x10
[  128.787303][ T4474]  ret_from_fork_asm+0x1a/0x30
[  128.787386][ T4474]  </TASK>
[  128.789765][ T4474] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  129.207132][ T6102] loop3: detected capacity change from 0 to 2048
[  129.318180][ T6091] BTRFS info (device loop1): first mount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6
[  129.355245][ T6091] BTRFS info (device loop1): using blake2b (blake2b-256-generic) checksum algorithm
[  129.369766][ T6091] BTRFS info (device loop1): using free-space-tree
[  129.478710][ T6093] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): Using encoding defined by superblock: utf8-12.1.0
[  129.716261][ T6093] bcachefs (loop4): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,nojournal_transaction_names
[  129.716261][ T6093]   allowing incompatible features above 0.0: (unknown version)
[  129.767763][ T6093] bcachefs (loop4): initializing new filesystem
[  129.845138][ T6093] bcachefs (loop4): going read-write
[  129.900251][ T5832] BTRFS info (device loop1): last unmount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6
[  129.933011][ T6093] bcachefs (loop4): marking superblocks
[  130.154700][ T6093] bcachefs (loop4): initializing freespace
[  130.232406][ T6093] bcachefs (loop4): done initializing freespace
[  130.363813][ T6093] bcachefs (loop4): reading snapshots table
[  130.376588][ T6093] bcachefs (loop4): reading snapshots done
[  130.504740][ T6093] bcachefs (loop4): done starting filesystem
[  130.603317][ T6093] syz.4.37 (6093) used greatest stack depth: 18464 bytes left
[  130.670006][ T5822] bcachefs (loop4): shutting down
[  130.729265][ T5822] bcachefs (loop4): going read-only
[  130.736675][ T5822] bcachefs (loop4): finished waiting for writes to stop
[  130.807856][ T6149] netlink: 12 bytes leftover after parsing attributes in process `syz.0.52'.
[  130.867079][ T5822] bcachefs (loop4): flushing journal and stopping allocators, journal seq 3
[  131.042949][ T5822] bcachefs (loop4): flushing journal and stopping allocators complete, journal seq 3
[  131.112997][ T5822] bcachefs (loop4): clean shutdown complete, journal seq 4
[  131.182721][ T5822] bcachefs (loop4): marking filesystem clean
[  131.234656][ T6156] netlink: 'syz.5.54': attribute type 4 has an invalid length.
[  131.455156][ T5822] bcachefs (loop4): shutdown complete
[  131.915795][ T6172] loop1: detected capacity change from 0 to 47
[  132.256280][ T6172] syz.1.60: attempt to access beyond end of device
[  132.256280][ T6172] loop1: rw=2049, sector=48, nr_sectors = 2 limit=47
[  132.321855][ T6172] Buffer I/O error on dev loop1, logical block 24, lost async page write
[  132.377626][ T6172] syz.1.60: attempt to access beyond end of device
[  132.377626][ T6172] loop1: rw=2049, sector=50, nr_sectors = 2 limit=47
[  132.458974][ T6172] Buffer I/O error on dev loop1, logical block 25, lost async page write
[  132.706688][ T6180] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  132.973410][ T6166] loop3: detected capacity change from 0 to 32768
[  133.003250][ T6166] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.57 (6166)
[  133.130304][ T6185] loop5: detected capacity change from 0 to 65
[  133.149529][ T6166] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  133.188878][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  133.197530][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  133.237608][ T6185] BFS-fs: bfs_fill_super(): NOTE: filesystem loop5 was created with 512 inodes, the real maximum is 511, mounting anyway
[  133.252942][ T6166] BTRFS info (device loop3): using crc32c (crc32c-x86_64) checksum algorithm
[  133.274500][ T6187] IPVS: ovf: UDP 224.0.0.2:0 - no destination available
[  133.310926][ T5966] IPVS: starting estimator thread 0...
[  133.320373][ T6166] BTRFS info (device loop3): using free-space-tree
[  133.336305][ T6185] BFS-fs: bfs_fill_super(): Inode 0x00000002 corrupted on loop5
[  133.422786][ T6185] loop5: detected capacity change from 0 to 256
[  133.429106][ T6190] IPVS: using max 20 ests per chain, 48000 per kthread
[  133.528316][ T6185] exfat: Bad value for 'uid'
[  133.550276][ T6185] exfat: Bad value for 'uid'
[  133.711467][ T6175] loop2: detected capacity change from 0 to 32768
[  133.757293][ T6175] JBD2: Ignoring recovery information on journal
[  133.878695][   T30] audit: type=1800 audit(1746435188.487:4): pid=6166 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.57" name="file1" dev="loop3" ino=260 res=0 errno=0
[  134.034023][   T30] audit: type=1800 audit(1746435188.517:5): pid=6166 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.57" name="file1" dev="loop3" ino=260 res=0 errno=0
[  134.055384][    T0] NOHZ tick-stop error: local softirq work is pending, handler #10!!!
[  134.102492][ T6175] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  134.410514][ T6175] (syz.2.59,6175,0):ocfs2_check_set_options:1244 ERROR: Invalid heartbeat mount options
[  134.463121][ T6215] loop5: detected capacity change from 0 to 4096
[  134.530259][ T6215] UDF-fs: warning (device loop5): udf_load_vrs: No anchor found
[  134.581425][ T6215] UDF-fs: Scanning with blocksize 512 failed
[  134.605385][ T5884] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[  134.654904][ T6215] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  134.729361][ T5835] ocfs2: Unmounting device (7,2) on (node local)
[  134.805646][ T5884] usb 2-1: Using ep0 maxpacket: 32
[  134.833340][ T5884] usb 2-1: config 0 has an invalid interface number: 85 but max is 0
[  134.842933][ T5884] usb 2-1: config 0 has no interface number 0
[  134.880337][   T30] audit: type=1800 audit(1746435189.487:6): pid=6215 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.68" name="bus" dev="loop5" ino=1347 res=0 errno=0
[  134.919059][ T5884] usb 2-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  134.976144][ T5884] usb 2-1: config 0 interface 85 has no altsetting 0
[  135.008178][ T5884] usb 2-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72
[  135.029215][ T5884] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  135.038781][ T5884] usb 2-1: Product: syz
[  135.046453][ T5884] usb 2-1: Manufacturer: syz
[  135.059068][ T5884] usb 2-1: SerialNumber: syz
[  135.071184][ T5884] usb 2-1: config 0 descriptor??
[  135.453451][ T5831] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  135.691558][ T6209] loop0: detected capacity change from 0 to 32768
[  135.727963][ T5884] appletouch 2-1:0.85: Geyser mode initialized.
[  135.772487][ T5884] input: appletouch as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.85/input/input6
[  135.892826][ T6209] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  135.909045][ T5883] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  135.964268][ T5838] usb 2-1: USB disconnect, device number 2
[  136.069709][ T5883] usb 6-1: Using ep0 maxpacket: 8
[  136.082397][ T5883] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  136.094417][ T6209] (syz.0.67,6209,0):ocfs2_check_set_options:1244 ERROR: Invalid heartbeat mount options
[  136.123774][ T5883] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  136.129466][ T6225] loop2: detected capacity change from 0 to 4096
[  136.161269][ T5838] appletouch 2-1:0.85: input: appletouch disconnected
[  136.180052][ T5883] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  136.215640][ T5883] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  136.257551][ T5883] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  136.290312][ T5883] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  136.386273][ T6225] ntfs3(loop2): ino=1a, mi_enum_attr
[  136.415668][ T6225] ntfs3(loop2): Mark volume as dirty due to NTFS errors
[  136.468414][ T5823] ocfs2: Unmounting device (7,0) on (node local)
[  136.531398][ T5883] usb 6-1: GET_CAPABILITIES returned 0
[  136.536957][ T5883] usbtmc 6-1:16.0: can't read capabilities
[  136.749058][    T9] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  136.774692][ T6234] loop1: detected capacity change from 0 to 64
[  136.818517][ T5966] usb 6-1: USB disconnect, device number 3
[  136.910514][    T9] usb 4-1: Using ep0 maxpacket: 8
[  136.944614][    T9] usb 4-1: config 0 has an invalid interface number: 55 but max is 0
[  136.946665][   T30] audit: type=1800 audit(1746435191.547:7): pid=6234 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.74" name="file1" dev="loop1" ino=21 res=0 errno=0
[  136.954200][    T9] usb 4-1: config 0 has no interface number 0
[  137.016065][    T9] usb 4-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  137.037906][ T1155] ntfs3(loop2): ino=5, mi_enum_attr
[  137.060893][    T9] usb 4-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[  137.098146][    T9] usb 4-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  137.168235][    T9] usb 4-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  137.219135][    T9] usb 4-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  137.249348][    T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  137.304349][    T9] usb 4-1: config 0 descriptor??
[  137.310479][ T6229] loop4: detected capacity change from 0 to 40427
[  137.346329][    T9] ldusb 4-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[  137.367031][ T6229] F2FS-fs (loop4): build fault injection attr: rate: 771, type: 0x3fffff
[  137.440443][ T6229] F2FS-fs (loop4): invalid crc value
[  137.488139][ T6240] loop2: detected capacity change from 0 to 256
[  137.637031][ T5901] usb 4-1: USB disconnect, device number 3
[  137.642988][    C0] ldusb 4-1:0.55: usb_submit_urb failed (-19)
[  137.659401][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  137.674204][ T5901] ldusb 4-1:0.55: LD USB Device #0 now disconnected
[  137.712880][ T6240] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xb5fb52fc, utbl_chksum : 0xe619d30d)
[  137.829349][ T6244] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  137.934007][ T6229] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  138.389060][ T5838] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[  138.432054][ T5822] syz-executor: attempt to access beyond end of device
[  138.432054][ T5822] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  138.480181][ T5822] CPU: 1 UID: 0 PID: 5822 Comm: syz-executor Not tainted 6.15.0-rc5-syzkaller #0 PREEMPT(full) 
[  138.480227][ T5822] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[  138.480248][ T5822] Call Trace:
[  138.480260][ T5822]  <TASK>
[  138.480273][ T5822]  dump_stack_lvl+0x16c/0x1f0
[  138.480331][ T5822]  f2fs_handle_critical_error+0x621/0x9f0
[  138.480380][ T5822]  ? srso_alias_return_thunk+0x5/0xfbef5
[  138.480425][ T5822]  ? __asan_memset+0x23/0x50
[  138.480476][ T5822]  ? srso_alias_return_thunk+0x5/0xfbef5
[  138.480532][ T5822]  f2fs_write_end_io+0x73d/0xac0
[  138.480589][ T5822]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  138.480646][ T5822]  ? srso_alias_return_thunk+0x5/0xfbef5
[  138.480701][ T5822]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  138.480752][ T5822]  bio_endio+0x6d2/0x810
[  138.480792][ T5822]  submit_bio_noacct+0x56d/0x1ec0
[  138.480851][ T5822]  __submit_merged_bio+0x33c/0x770
[  138.480909][ T5822]  __submit_merged_write_cond+0x319/0x3f0
[  138.480975][ T5822]  f2fs_write_cache_pages+0x2139/0x2680
[  138.481062][ T5822]  ? __pfx_f2fs_write_cache_pages+0x10/0x10
[  138.481124][ T5822]  ? srso_alias_return_thunk+0x5/0xfbef5
[  138.481167][ T5822]  ? __lock_acquire+0x5ca/0x1ba0
[  138.481225][ T5822]  ? srso_alias_return_thunk+0x5/0xfbef5
[  138.481268][ T5822]  ? __kasan_check_byte+0x13/0x50
[  138.481324][ T5822]  ? srso_alias_return_thunk+0x5/0xfbef5
[  138.481370][ T5822]  ? srso_alias_return_thunk+0x5/0xfbef5
[  138.481414][ T5822]  ? rcu_is_watching+0x12/0xc0
[  138.481461][ T5822]  ? srso_alias_return_thunk+0x5/0xfbef5
[  138.481507][ T5822]  ? srso_alias_return_thunk+0x5/0xfbef5
[  138.481574][ T5822]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  138.481688][ T5822]  ? srso_alias_return_thunk+0x5/0xfbef5
[  138.481732][ T5822]  ? add_lock_to_list+0x9d/0x130
[  138.481786][ T5822]  ? srso_alias_return_thunk+0x5/0xfbef5
[  138.481838][ T5822]  f2fs_write_data_pages+0x4ad/0xd90
[  138.481908][ T5822]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  138.481982][ T5822]  ? srso_alias_return_thunk+0x5/0xfbef5
[  138.482031][ T5822]  ? srso_alias_return_thunk+0x5/0xfbef5
[  138.482077][ T5822]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  138.482140][ T5822]  do_writepages+0x1b5/0x820
[  138.482200][ T5822]  ? __pfx_do_writepages+0x10/0x10
[  138.482251][ T5822]  ? srso_alias_return_thunk+0x5/0xfbef5
[  138.482298][ T5822]  ? srso_alias_return_thunk+0x5/0xfbef5
[  138.482342][ T5822]  ? do_raw_spin_lock+0x12c/0x2b0
[  138.482379][ T5822]  ? srso_alias_return_thunk+0x5/0xfbef5
[  138.482423][ T5822]  ? find_held_lock+0x2b/0x80
[  138.482475][ T5822]  ? srso_alias_return_thunk+0x5/0xfbef5
[  138.482524][ T5822]  ? srso_alias_return_thunk+0x5/0xfbef5
[  138.482569][ T5822]  ? do_raw_spin_unlock+0x172/0x230
[  138.482608][ T5822]  ? srso_alias_return_thunk+0x5/0xfbef5
[  138.482661][ T5822]  filemap_fdatawrite_wbc+0x104/0x160
[  138.482713][ T5822]  ? stack_trace_save+0x8e/0xc0
[  138.482760][ T5822]  __filemap_fdatawrite_range+0xb2/0xf0
[  138.482825][ T5822]  ? __pfx___filemap_fdatawrite_range+0x10/0x10
[  138.482888][ T5822]  ? check_path.constprop.0+0x24/0x50
[  138.482994][ T5822]  ? find_held_lock+0x2b/0x80
[  138.483040][ T5822]  ? srso_alias_return_thunk+0x5/0xfbef5
[  138.483086][ T5822]  ? do_raw_spin_unlock+0x172/0x230
[  138.483126][ T5822]  ? srso_alias_return_thunk+0x5/0xfbef5
[  138.483177][ T5822]  f2fs_sync_dirty_inodes+0x2a9/0x990
[  138.483262][ T5822]  block_operations+0x2a3/0xfd0
[  138.483337][ T5822]  ? __pfx_block_operations+0x10/0x10
[  138.483396][ T5822]  ? add_lock_to_list+0x9d/0x130
[  138.483507][ T5822]  ? srso_alias_return_thunk+0x5/0xfbef5
[  138.483553][ T5822]  ? down_write+0x14d/0x200
[  138.483611][ T5822]  ? __pfx_down_write+0x10/0x10
[  138.483672][ T5822]  ? srso_alias_return_thunk+0x5/0xfbef5
[  138.483717][ T5822]  ? rcu_is_watching+0x12/0xc0
[  138.483766][ T5822]  f2fs_write_checkpoint+0x2b8/0x45b0
[  138.483807][ T5822]  ? srso_alias_return_thunk+0x5/0xfbef5
[  138.483851][ T5822]  ? kfree+0x2b6/0x4d0
[  138.483892][ T5822]  ? srso_alias_return_thunk+0x5/0xfbef5
[  138.483936][ T5822]  ? lockdep_hardirqs_on+0x7c/0x110
[  138.483986][ T5822]  ? f2fs_stop_gc_thread+0x79/0xd0
[  138.484027][ T5822]  ? srso_alias_return_thunk+0x5/0xfbef5
[  138.484084][ T5822]  kill_f2fs_super+0x3c2/0x470
[  138.484121][ T5822]  ? __pfx_kill_f2fs_super+0x10/0x10
[  138.484156][ T5822]  ? lockdep_hardirqs_on+0x7c/0x110
[  138.484226][ T5822]  deactivate_locked_super+0xc1/0x1a0
[  138.484275][ T5822]  deactivate_super+0xde/0x100
[  138.484323][ T5822]  cleanup_mnt+0x225/0x450
[  138.484375][ T5822]  task_work_run+0x150/0x240
[  138.484417][ T5822]  ? __pfx_task_work_run+0x10/0x10
[  138.484462][ T5822]  ? srso_alias_return_thunk+0x5/0xfbef5
[  138.484510][ T5822]  ? __pfx___x64_sys_umount+0x10/0x10
[  138.484574][ T5822]  syscall_exit_to_user_mode+0x27b/0x2a0
[  138.484631][ T5822]  do_syscall_64+0xda/0x260
[  138.484689][ T5822]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  138.484727][ T5822] RIP: 0033:0x7fde4e18fc97
[  138.484755][ T5822] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  138.484790][ T5822] RSP: 002b:00007ffe27a46588 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  138.484824][ T5822] RAX: 0000000000000000 RBX: 00007fde4e21089d RCX: 00007fde4e18fc97
[  138.484848][ T5822] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffe27a46640
[  138.484870][ T5822] RBP: 00007ffe27a46640 R08: 0000000000000000 R09: 0000000000000000
[  138.484893][ T5822] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffe27a476d0
[  138.484916][ T5822] R13: 00007fde4e21089d R14: 0000000000021c1a R15: 00007ffe27a47710
[  138.484966][ T5822]  </TASK>
[  138.484979][ T5822] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  139.079018][ T5838] usb 1-1: Using ep0 maxpacket: 32
[  139.086430][ T5838] usb 1-1: config 0 has an invalid interface number: 184 but max is 0
[  139.094972][ T5838] usb 1-1: config 0 has no interface number 0
[  139.101583][ T5838] usb 1-1: config 0 interface 184 has no altsetting 0
[  139.114898][ T5838] usb 1-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  139.124203][ T5838] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  139.133963][ T5838] usb 1-1: Product: syz
[  139.138151][ T5838] usb 1-1: Manufacturer: syz
[  139.168980][ T5838] usb 1-1: SerialNumber: syz
[  139.189541][ T5838] usb 1-1: config 0 descriptor??
[  139.223202][ T5838] smsc75xx v1.0.0
[  139.942586][ T6252] loop5: detected capacity change from 0 to 32768
[  140.062724][ T6252] XFS (loop5): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  140.227438][ T5838] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000040: -32
[  140.240995][ T5838] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  140.411260][ T6252] XFS (loop5): Ending clean mount
[  140.441657][ T6252] XFS (loop5): Quotacheck needed: Please wait.
[  140.460758][ T5838] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000010: -71
[  140.502283][ T5838] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): Failed to read HW_CFG: -71
[  140.503692][ T6283] loop4: detected capacity change from 0 to 2048
[  140.540057][ T5838] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71
[  140.575083][ T5838] smsc75xx 1-1:0.184: probe with driver smsc75xx failed with error -71
[  140.627704][ T6252] XFS (loop5): Quotacheck: Done.
[  140.648478][ T5838] usb 1-1: USB disconnect, device number 2
[  140.649700][ T6283] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  140.917228][ T6268] loop1: detected capacity change from 0 to 32768
[  140.943583][ T6268] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.87 (6268)
[  140.996761][ T5822] UDF-fs: warning (device loop4): udf_evict_inode: Inode 1367 (mode 100000) has inode size 4102 different from extent length 4608. Filesystem need not be standards compliant.
[  141.075301][ T6268] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  141.110680][ T6268] BTRFS info (device loop1): using crc32c (crc32c-x86_64) checksum algorithm
[  141.199025][ T6268] BTRFS info (device loop1): disk space caching is enabled
[  141.206441][ T6268] BTRFS warning (device loop1): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  141.340926][ T5826] XFS (loop5): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  141.605356][ T6268] BTRFS info (device loop1): rebuilding free space tree
[  141.698573][ T6285] loop3: detected capacity change from 0 to 32768
[  141.758391][ T6285] BTRFS: device /dev/loop3 (7:3) using temp-fsid 97f76ba0-7c57-4312-8c46-60a0ec1d103c
[  141.826919][ T6268] BTRFS info (device loop1): disabling free space tree
[  141.847871][ T6285] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.90 (6285)
[  141.867953][ T6268] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  141.906305][ T6268] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  141.971164][ T6285] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  142.032394][ T6285] BTRFS info (device loop3): using crc32c (crc32c-x86_64) checksum algorithm
[  142.033364][ T6281] loop2: detected capacity change from 0 to 32768
[  142.088580][ T6285] BTRFS info (device loop3): disk space caching is enabled
[  142.098258][ T6285] BTRFS warning (device loop3): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  142.226049][ T6281] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  142.313910][ T6285] BTRFS info (device loop3): rebuilding free space tree
[  142.428634][ T1292] ieee802154 phy0 wpan0: encryption failed: -22
[  142.436113][ T1292] ieee802154 phy1 wpan1: encryption failed: -22
[  142.472953][ T6285] BTRFS info (device loop3): disabling free space tree
[  142.498128][ T6285] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  142.572985][ T6285] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  142.662496][ T6281] XFS (loop2): Ending clean mount
[  142.708201][ T6281] XFS (loop2): Quotacheck needed: Please wait.
[  142.849198][ T6281] XFS (loop2): Quotacheck: Done.
[  143.029734][ T5831] BTRFS info (device loop3): last unmount of filesystem 97f76ba0-7c57-4312-8c46-60a0ec1d103c
[  143.086311][ T5832] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  143.125654][ T6293] loop0: detected capacity change from 0 to 32768
[  143.239227][ T5835] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  143.287565][ T6293] XFS (loop0): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  143.450929][ T6293] XFS (loop0): Ending clean mount
[  143.571029][ T6293] XFS (loop0): Quotacheck needed: Please wait.
[  143.654582][ T6288] loop4: detected capacity change from 0 to 40427
[  143.694950][ T6293] XFS (loop0): Quotacheck: Done.
[  143.763615][ T6288] F2FS-fs (loop4): build fault injection attr: rate: 690, type: 0x3fffff
[  143.854547][ T6288] F2FS-fs (loop4): Image doesn't support compression
[  143.906886][ T6288] F2FS-fs (loop4): Image doesn't support compression
[  143.990675][ T6288] F2FS-fs (loop4): invalid crc value
[  144.072262][ T6349] loop3: detected capacity change from 0 to 128
[  144.129676][ T6349] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256
[  144.256405][ T6333] loop5: detected capacity change from 0 to 40427
[  144.306096][ T6333] F2FS-fs (loop5): Insane cp_payload (553648128 >= 504)
[  144.361292][ T6333] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[  144.395874][ T6333] F2FS-fs (loop5): build fault injection attr: rate: 17008, type: 0x3fffff
[  144.441749][ T6333] F2FS-fs (loop5): build fault injection attr: rate: 0, type: 0x1f8
[  144.470730][ T6353] UDF-fs: error (device loop3): udf_bitmap_new_block: bitmap for partition 0 corrupted (block 264 marked as free, partition length is 40)
[  144.511776][ T6333] F2FS-fs (loop5): invalid crc value
[  144.547642][ T6288] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  144.686046][ T5823] XFS (loop0): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  144.864659][ T6362] loop1: detected capacity change from 0 to 512
[  144.968632][ T6362] EXT4-fs error (device loop1): ext4_free_branches:1020: inode #11: comm syz.1.99: invalid indirect mapped block 256 (level 2)
[  145.007791][ T6362] EXT4-fs (loop1): 2 truncates cleaned up
[  145.039056][ T6333] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0
[  145.046152][ T6333] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  145.105542][ T6362] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  145.259362][ T6362] EXT4-fs (loop1): shut down requested (2)
[  145.295293][ T6333] syz.5.93: attempt to access beyond end of device
[  145.295293][ T6333] loop5: rw=2049, sector=53248, nr_sectors = 8 limit=40427
[  145.534598][ T5832] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  145.626333][ T6374] loop2: detected capacity change from 0 to 128
[  145.699721][ T6374] FAT-fs (loop2): bogus number of FAT sectors
[  145.706621][ T5826] syz-executor: attempt to access beyond end of device
[  145.706621][ T5826] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  145.736758][ T6374] FAT-fs (loop2): Can't find a valid FAT filesystem
[  145.749325][ T5826] CPU: 0 UID: 0 PID: 5826 Comm: syz-executor Not tainted 6.15.0-rc5-syzkaller #0 PREEMPT(full) 
[  145.749371][ T5826] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[  145.749393][ T5826] Call Trace:
[  145.749404][ T5826]  <TASK>
[  145.749418][ T5826]  dump_stack_lvl+0x16c/0x1f0
[  145.749475][ T5826]  f2fs_handle_critical_error+0x621/0x9f0
[  145.749524][ T5826]  ? srso_alias_return_thunk+0x5/0xfbef5
[  145.749569][ T5826]  ? __asan_memset+0x23/0x50
[  145.749615][ T5826]  ? srso_alias_return_thunk+0x5/0xfbef5
[  145.749673][ T5826]  f2fs_write_end_io+0x73d/0xac0
[  145.749737][ T5826]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  145.749797][ T5826]  ? srso_alias_return_thunk+0x5/0xfbef5
[  145.749853][ T5826]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  145.749905][ T5826]  bio_endio+0x6d2/0x810
[  145.749945][ T5826]  submit_bio_noacct+0x56d/0x1ec0
[  145.750006][ T5826]  __submit_merged_bio+0x33c/0x770
[  145.750065][ T5826]  __submit_merged_write_cond+0x319/0x3f0
[  145.750131][ T5826]  f2fs_write_cache_pages+0x2139/0x2680
[  145.750219][ T5826]  ? __pfx_f2fs_write_cache_pages+0x10/0x10
[  145.750283][ T5826]  ? srso_alias_return_thunk+0x5/0xfbef5
[  145.750329][ T5826]  ? __lock_acquire+0x5ca/0x1ba0
[  145.750395][ T5826]  ? srso_alias_return_thunk+0x5/0xfbef5
[  145.750440][ T5826]  ? __lock_acquire+0x5ca/0x1ba0
[  145.750588][ T5826]  ? srso_alias_return_thunk+0x5/0xfbef5
[  145.750634][ T5826]  ? arch_stack_walk+0xa6/0x100
[  145.750689][ T5826]  ? srso_alias_return_thunk+0x5/0xfbef5
[  145.750748][ T5826]  f2fs_write_data_pages+0x4ad/0xd90
[  145.750818][ T5826]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  145.750888][ T5826]  ? srso_alias_return_thunk+0x5/0xfbef5
[  145.750932][ T5826]  ? lru_gen_add_folio+0x1a4/0xef0
[  145.751002][ T5826]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  145.751066][ T5826]  do_writepages+0x1b5/0x820
[  145.751121][ T5826]  ? srso_alias_return_thunk+0x5/0xfbef5
[  145.751170][ T5826]  ? __pfx_do_writepages+0x10/0x10
[  145.751222][ T5826]  ? srso_alias_return_thunk+0x5/0xfbef5
[  145.751270][ T5826]  ? srso_alias_return_thunk+0x5/0xfbef5
[  145.751315][ T5826]  ? do_raw_spin_lock+0x12c/0x2b0
[  145.751351][ T5826]  ? srso_alias_return_thunk+0x5/0xfbef5
[  145.751396][ T5826]  ? find_held_lock+0x2b/0x80
[  145.751443][ T5826]  ? srso_alias_return_thunk+0x5/0xfbef5
[  145.751493][ T5826]  ? srso_alias_return_thunk+0x5/0xfbef5
[  145.751537][ T5826]  ? do_raw_spin_unlock+0x172/0x230
[  145.751577][ T5826]  ? srso_alias_return_thunk+0x5/0xfbef5
[  145.751630][ T5826]  filemap_fdatawrite_wbc+0x104/0x160
[  145.751687][ T5826]  __filemap_fdatawrite_range+0xb2/0xf0
[  145.751757][ T5826]  ? __pfx___filemap_fdatawrite_range+0x10/0x10
[  145.751880][ T5826]  ? find_held_lock+0x2b/0x80
[  145.751926][ T5826]  ? srso_alias_return_thunk+0x5/0xfbef5
[  145.751973][ T5826]  ? do_raw_spin_unlock+0x172/0x230
[  145.752013][ T5826]  ? srso_alias_return_thunk+0x5/0xfbef5
[  145.752065][ T5826]  f2fs_sync_dirty_inodes+0x2a9/0x990
[  145.752150][ T5826]  block_operations+0x2a3/0xfd0
[  145.752226][ T5826]  ? __pfx_block_operations+0x10/0x10
[  145.752346][ T5826]  ? srso_alias_return_thunk+0x5/0xfbef5
[  145.752390][ T5826]  ? down_write+0x14d/0x200
[  145.752449][ T5826]  ? __pfx_down_write+0x10/0x10
[  145.752509][ T5826]  ? srso_alias_return_thunk+0x5/0xfbef5
[  145.752554][ T5826]  ? rcu_is_watching+0x12/0xc0
[  145.752604][ T5826]  f2fs_write_checkpoint+0x2b8/0x45b0
[  145.752645][ T5826]  ? srso_alias_return_thunk+0x5/0xfbef5
[  145.752689][ T5826]  ? kfree+0x2b6/0x4d0
[  145.752734][ T5826]  ? srso_alias_return_thunk+0x5/0xfbef5
[  145.752784][ T5826]  ? srso_alias_return_thunk+0x5/0xfbef5
[  145.752829][ T5826]  ? rcu_is_watching+0x12/0xc0
[  145.752872][ T5826]  ? srso_alias_return_thunk+0x5/0xfbef5
[  145.752917][ T5826]  ? kthread_stop+0x273/0x650
[  145.752984][ T5826]  kill_f2fs_super+0x3c2/0x470
[  145.753022][ T5826]  ? __pfx_kill_f2fs_super+0x10/0x10
[  145.753057][ T5826]  ? lockdep_hardirqs_on+0x7c/0x110
[  145.753129][ T5826]  deactivate_locked_super+0xc1/0x1a0
[  145.753178][ T5826]  deactivate_super+0xde/0x100
[  145.753226][ T5826]  cleanup_mnt+0x225/0x450
[  145.753278][ T5826]  task_work_run+0x150/0x240
[  145.753320][ T5826]  ? __pfx_task_work_run+0x10/0x10
[  145.753374][ T5826]  ? srso_alias_return_thunk+0x5/0xfbef5
[  145.753423][ T5826]  ? __pfx___x64_sys_umount+0x10/0x10
[  145.753488][ T5826]  syscall_exit_to_user_mode+0x27b/0x2a0
[  145.753546][ T5826]  do_syscall_64+0xda/0x260
[  145.753605][ T5826]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  145.753643][ T5826] RIP: 0033:0x7f627078fc97
[  145.753671][ T5826] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  145.753711][ T5826] RSP: 002b:00007ffd4198dcd8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  145.753749][ T5826] RAX: 0000000000000000 RBX: 00007f627081089d RCX: 00007f627078fc97
[  145.753773][ T5826] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd4198dd90
[  145.753796][ T5826] RBP: 00007ffd4198dd90 R08: 0000000000000000 R09: 0000000000000000
[  145.753819][ T5826] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffd4198ee20
[  145.753843][ T5826] R13: 00007f627081089d R14: 0000000000023812 R15: 00007ffd4198ee60
[  145.753892][ T5826]  </TASK>
[  145.756042][ T6378] loop0: detected capacity change from 0 to 128
[  146.057650][ T6376] loop3: detected capacity change from 0 to 4096
[  146.288999][ T5826] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  146.322162][ T6378] EXT4-fs: Ignoring removed nobh option
[  146.453880][ T6385] netlink: 4 bytes leftover after parsing attributes in process `syz.1.107'.
[  146.466072][ T6385] netlink: 12 bytes leftover after parsing attributes in process `syz.1.107'.
[  146.480977][ T6378] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  146.498391][ T6378] ext4 filesystem being mounted at /18/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  146.532853][ T6383] bridge_slave_0: left allmulticast mode
[  146.577233][ T6383] bridge_slave_0: left promiscuous mode
[  146.668348][ T6383] bridge0: port 1(bridge_slave_0) entered disabled state
[  146.763378][ T6383] bridge_slave_1: left allmulticast mode
[  146.774664][ T6383] bridge_slave_1: left promiscuous mode
[  146.781826][ T6383] bridge0: port 2(bridge_slave_1) entered disabled state
[  146.854429][ T6383] bond0: (slave bond_slave_0): Releasing backup interface
[  146.898046][ T5823] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  146.926440][ T6383] bond0: (slave bond_slave_1): Releasing backup interface
[  147.139638][ T6383] team0: Port device team_slave_0 removed
[  147.231937][ T6383] team0: Port device team_slave_1 removed
[  147.261780][ T6383] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  147.277205][ T6394] loop0: detected capacity change from 0 to 2048
[  147.325028][ T6383] batman_adv: batadv0: Removing interface: batadv_slave_0
[  147.376288][ T6394] UDF-fs: warning (device loop0): udf_load_vrs: No anchor found
[  147.391368][ T6383] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  147.399182][ T6383] batman_adv: batadv0: Removing interface: batadv_slave_1
[  147.430565][ T6394] UDF-fs: Scanning with blocksize 512 failed
[  147.484447][ T6394] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  147.661178][   T30] audit: type=1800 audit(1746435202.277:8): pid=6394 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.108" name="file1" dev="loop0" ino=818 res=0 errno=0
[  147.899384][ T5838] usb 6-1: new low-speed USB device number 4 using dummy_hcd
[  148.040678][ T6405] netlink: 4 bytes leftover after parsing attributes in process `syz.4.112'.
[  148.114202][ T5838] usb 6-1: config 0 has an invalid interface number: 55 but max is 0
[  148.119367][ T5966] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  148.123129][ T5838] usb 6-1: config 0 has no interface number 0
[  148.136169][ T5838] usb 6-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  148.150434][ T5838] usb 6-1: config 0 interface 55 altsetting 0 endpoint 0xE has invalid maxpacket 32, setting to 8
[  148.162850][ T5838] usb 6-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[  148.178334][ T5838] usb 6-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10
[  148.194351][ T5838] usb 6-1: config 0 interface 55 altsetting 0 endpoint 0x8B has invalid maxpacket 120, setting to 8
[  148.207551][ T5838] usb 6-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  148.220999][ T5838] usb 6-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  148.230165][ T5838] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  148.254532][ T5838] usb 6-1: config 0 descriptor??
[  148.272670][ T6400] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  148.280732][ T6400] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  148.298500][ T5838] ldusb 6-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[  148.341236][ T5966] usb 2-1: Using ep0 maxpacket: 8
[  148.350967][ T6407] loop0: detected capacity change from 0 to 512
[  148.357849][ T5966] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  148.379880][ T6407] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem
[  148.386050][ T5966] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 48, changing to 9
[  148.396900][ T6392] loop2: detected capacity change from 0 to 32768
[  148.405446][ T5966] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 24624, setting to 1024
[  148.442325][ T5966] usb 2-1: New USB device found, idVendor=0e9c, idProduct=0000, bcdDevice=5b.1e
[  148.454190][ T5966] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  148.457580][ T6407] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8042c119, mo2=0002]
[  148.462591][ T5966] usb 2-1: Product: syz
[  148.485078][ T5966] usb 2-1: Manufacturer: syz
[  148.485303][ T6407] EXT4-fs error (device loop0): ext4_iget_extra_inode:4692: inode #15: comm syz.0.113: corrupted in-inode xattr: e_value size too large
[  148.492937][ T5966] usb 2-1: SerialNumber: syz
[  148.541094][ T6407] EXT4-fs error (device loop0): ext4_orphan_get:1394: comm syz.0.113: couldn't read orphan inode 15 (err -117)
[  148.555062][ T6392] XFS (loop2): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  148.564397][   T10] usb 6-1: USB disconnect, device number 4
[  148.564558][    C1] ldusb 6-1:0.55: usb_submit_urb failed (-19)
[  148.571086][ T6400] ldusb 6-1:0.55: Couldn't submit interrupt_out_urb -19
[  148.603708][   T10] ldusb 6-1:0.55: LD USB Device #0 now disconnected
[  148.617718][ T5966] usb 2-1: config 0 descriptor??
[  148.624870][ T6407] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  148.707160][ T6392] XFS (loop2): Torn write (CRC failure) detected at log block 0x30. Truncating head block from 0x51.
[  148.773895][ T6392] XFS (loop2): Starting recovery (logdev: internal)
[  148.818117][ T6392] XFS (loop2): Ending recovery (logdev: internal)
[  148.860647][ T6402] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  148.891889][ T6402] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  149.019219][ T5966] rc_core: IR keymap rc-streamzap not found
[  149.028973][ T5966] Registered IR keymap rc-empty
[  149.035670][ T5966] rc rc0: Streamzap PC Remote Infrared Receiver as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0
[  149.050867][ T5966] input: Streamzap PC Remote Infrared Receiver as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0/input7
[  149.080116][   T30] audit: type=1800 audit(1746435203.697:9): pid=6419 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.113" name="file1" dev="loop0" ino=20 res=0 errno=0
[  149.126335][ T5835] XFS (loop2): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  149.129786][ T5966] usb 2-1: USB disconnect, device number 3
[  149.392688][ T5823] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  149.699534][ T6425] loop5: detected capacity change from 0 to 2048
[  149.815815][ T6425] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  150.769153][ T5966] usb 2-1: new full-speed USB device number 4 using dummy_hcd
[  151.135753][ T6440] loop2: detected capacity change from 0 to 512
[  151.204584][ T5966] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  151.224767][ T6444] netlink: 'syz.3.122': attribute type 10 has an invalid length.
[  151.243658][ T6440] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  151.248665][ T5966] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  151.296531][ T6440] ext4 filesystem being mounted at /17/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  151.328657][ T6444] syz_tun: entered promiscuous mode
[  151.400500][ T5966] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  151.410560][ T5966] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  151.411824][ T6444] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  151.707507][ T5833] Bluetooth: hci5: Malformed LE Event: 0x1d
[  151.719431][ T5966] usb 2-1: usb_control_msg returned -32
[  151.728214][ T5966] usbtmc 2-1:16.0: can't read capabilities
[  151.871475][ T5835] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  152.069612][ T6457] bridge_slave_0: left allmulticast mode
[  152.096427][ T6457] bridge_slave_0: left promiscuous mode
[  152.139423][ T6457] bridge0: port 1(bridge_slave_0) entered disabled state
[  152.199561][ T6458] usbtmc 2-1:16.0: usb_control_msg returned -32
[  152.225498][ T6457] bridge_slave_1: left allmulticast mode
[  152.235962][    T0] NOHZ tick-stop error: local softirq work is pending, handler #41!!!
[  152.246248][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  152.254695][ T5966] usb 2-1: USB disconnect, device number 4
[  152.261944][ T6457] bridge_slave_1: left promiscuous mode
[  152.268941][ T6457] bridge0: port 2(bridge_slave_1) entered disabled state
[  152.385932][ T6457] bond0: (slave bond_slave_0): Releasing backup interface
[  152.486718][ T6457] bond0: (slave bond_slave_1): Releasing backup interface
[  152.747125][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  152.849543][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  152.849565][    T0] NOHZ tick-stop error: local softirq work is pending, handler #c0!!!
[  152.951938][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  152.951970][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  153.087608][ T6457] team0: Port device team_slave_0 removed
[  153.274547][ T6457] team0: Port device team_slave_1 removed
[  153.313531][ T6457] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  153.373093][ T6457] batman_adv: batadv0: Removing interface: batadv_slave_0
[  153.506467][ T6457] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  153.579776][ T6457] batman_adv: batadv0: Removing interface: batadv_slave_1
[  153.621641][ T6468] loop1: detected capacity change from 0 to 128
[  153.623056][ T6470] netlink: 24 bytes leftover after parsing attributes in process `syz.3.129'.
[  153.720718][ T6468] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[  153.794349][ T6468] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  153.889056][   T30] audit: type=1804 audit(1746435208.497:10): pid=6468 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.128" name="/newroot/26/file0/bus" dev="loop1" ino=115 res=1 errno=0
[  154.923564][ T6485] loop0: detected capacity change from 0 to 32768
[  155.661228][ T6485] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): Using encoding defined by superblock: utf8-12.1.0
[  155.696750][ T6485] bcachefs (loop0): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[  155.696750][ T6485]   allowing incompatible features above 0.0: (unknown version)
[  155.729375][ T6485] bcachefs (loop0): initializing new filesystem
[  155.736800][ T6485] bcachefs (loop0): going read-write
[  155.789312][ T6485] bcachefs (loop0): marking superblocks
[  155.807662][ T6485] bcachefs (loop0): initializing freespace
[  155.815945][ T6485] bcachefs (loop0): done initializing freespace
[  155.829220][ T6485] bcachefs (loop0): reading snapshots table
[  155.835204][ T6485] bcachefs (loop0): reading snapshots done
[  155.887402][ T6485] bcachefs (loop0): done starting filesystem
[  156.282330][ T6485] syz.0.133 (6485) used greatest stack depth: 17672 bytes left
[  156.403917][ T6509] loop3: detected capacity change from 0 to 512
[  156.408518][ T6511] loop5: detected capacity change from 0 to 4096
[  156.467664][ T5823] bcachefs (loop0): shutting down
[  156.475456][ T6514] loop1: detected capacity change from 0 to 256
[  156.480152][ T6509] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  156.488121][ T5823] bcachefs (loop0): going read-only
[  156.548651][ T6509] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  156.565350][ T5823] bcachefs (loop0): finished waiting for writes to stop
[  156.583208][ T6515] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  156.595549][ T6514] exFAT-fs (loop1): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[  156.614712][ T5823] bcachefs (loop0): flushing journal and stopping allocators, journal seq 5
[  156.626557][ T6509] EXT4-fs warning (device loop3): ext4_expand_extra_isize_ea:2847: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  156.670194][ T6509] EXT4-fs (loop3): 1 truncate cleaned up
[  156.686909][ T6511] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  156.721856][ T6509] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  156.735071][ T5823] bcachefs (loop0): flushing journal and stopping allocators complete, journal seq 5
[  156.765487][ T5823] bcachefs (loop0): clean shutdown complete, journal seq 6
[  156.856734][ T5823] bcachefs (loop0): marking filesystem clean
[  157.248693][ T5831] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  157.378161][ T5823] bcachefs (loop0): shutdown complete
[  157.692173][ T6527] loop5: detected capacity change from 0 to 512
[  157.798849][ T6527] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  157.819368][    T9] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  157.914772][ T6527] EXT4-fs (loop5): 1 truncate cleaned up
[  157.933890][ T6527] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  158.011714][    T9] usb 2-1: Using ep0 maxpacket: 16
[  158.525029][ T6527] EXT4-fs (loop5): shut down requested (0)
[  158.622362][    T9] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[  158.640218][    T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  158.679485][    T9] usb 2-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  158.690739][    T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  158.698771][    T9] usb 2-1: Product: syz
[  158.718984][    T9] usb 2-1: Manufacturer: syz
[  158.723651][    T9] usb 2-1: SerialNumber: syz
[  158.742068][    T9] usb 2-1: config 0 descriptor??
[  158.785113][    T9] em28xx 2-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  158.828973][    T9] em28xx 2-1:0.0: Audio interface 0 found (Vendor Class)
[  158.851192][ T6536] binder: BINDER_SET_CONTEXT_MGR already set
[  158.868431][ T6536] binder: 6535:6536 ioctl 4018620d 200000000040 returned -16
[  158.878356][ T5826] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  158.882472][ T6520] loop2: detected capacity change from 0 to 32768
[  159.348148][   T30] audit: type=1800 audit(1746435213.947:11): pid=6539 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.149" name="/" dev="fuse" ino=1 res=0 errno=0
[  159.390463][    T9] em28xx 2-1:0.0: unknown em28xx chip ID (0)
[  159.398181][    T9] em28xx 2-1:0.0: Config register raw data: 0xfffffffb
[  159.654339][ T6547] syz_tun: entered allmulticast mode
[  159.756426][ T6544] syz_tun: left allmulticast mode
[  160.021475][ T5824] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0
[  160.030536][ T5824] Bluetooth: hci2: Injecting HCI hardware error event
[  160.039870][ T5824] Bluetooth: hci2: hardware error 0x00
[  160.064902][    T9] em28xx 2-1:0.0: Unknown AC97 audio processor detected!
[  160.290065][    T9] em28xx 2-1:0.0: couldn't setup AC97 register 2
[  160.299712][    T9] em28xx 2-1:0.0: couldn't setup AC97 register 4
[  160.309567][    T9] em28xx 2-1:0.0: couldn't setup AC97 register 6
[  160.390274][    T9] em28xx 2-1:0.0: couldn't setup AC97 register 54
[  160.488263][    T9] em28xx 2-1:0.0: couldn't setup AC97 register 56
[  160.914882][    T9] usb 2-1: USB disconnect, device number 5
[  161.239293][ T6558] loop4: detected capacity change from 0 to 32768
[  161.494586][ T6558] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): Using encoding defined by superblock: utf8-12.1.0
[  161.528167][ T6558] bcachefs (loop4): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[  161.528167][ T6558]   allowing incompatible features above 0.0: (unknown version)
[  161.559473][ T6558] bcachefs (loop4): initializing new filesystem
[  161.566915][ T6558] bcachefs (loop4): going read-write
[  161.587373][ T6563] loop1: detected capacity change from 0 to 2048
[  161.711554][ T6558] bcachefs (loop4): marking superblocks
[  161.730778][ T6558] bcachefs (loop4): initializing freespace
[  161.738312][ T6558] bcachefs (loop4): done initializing freespace
[  161.747281][ T6558] bcachefs (loop4): reading snapshots table
[  161.753270][ T6558] bcachefs (loop4): reading snapshots done
[  161.781878][ T6563] UDF-fs: warning (device loop1): udf_load_vrs: No anchor found
[  161.795236][ T6563] UDF-fs: Scanning with blocksize 512 failed
[  161.817349][ T6558] bcachefs (loop4): done starting filesystem
[  161.875630][ T6563] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  162.179387][ T5824] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[  162.191080][   T30] audit: type=1800 audit(1746435216.797:12): pid=6580 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.156" name="file1" dev="loop1" ino=818 res=0 errno=0
[  162.808561][ T5822] bcachefs (loop4): shutting down
[  162.813759][ T5822] bcachefs (loop4): going read-only
[  162.825462][ T5822] bcachefs (loop4): finished waiting for writes to stop
[  162.889289][ T5822] bcachefs (loop4): flushing journal and stopping allocators, journal seq 6
[  162.904017][ T6588] loop0: detected capacity change from 0 to 16
[  162.957837][ T6591] loop5: detected capacity change from 0 to 256
[  162.962842][ T6588] erofs (device loop0): mounted with root inode @ nid 36.
[  162.982154][ T6585] loop2: detected capacity change from 0 to 512
[  163.020381][ T5822] bcachefs (loop4): flushing journal and stopping allocators complete, journal seq 6
[  163.035353][ T6591] FAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  163.055920][ T6585] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  163.067586][ T6588] erofs (device loop0): big pcluster head1/2 of compact indexes should be consistent for nid 36
[  163.118693][ T5822] bcachefs (loop4): clean shutdown complete, journal seq 7
[  163.131647][ T6585] EXT4-fs (loop2): 1 truncate cleaned up
[  163.140053][ T6585] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  163.156963][ T6588] erofs (device loop0): big pcluster head1/2 of compact indexes should be consistent for nid 36
[  163.180471][ T5822] bcachefs (loop4): marking filesystem clean
[  163.184935][ T6593] erofs (device loop0): big pcluster head1/2 of compact indexes should be consistent for nid 36
[  163.382838][ T6588] erofs (device loop0): readahead error at folio 47 @ nid 36
[  163.454409][ T6588] erofs (device loop0): big pcluster head1/2 of compact indexes should be consistent for nid 36
[  163.686602][ T6588] erofs (device loop0): readahead error at folio 46 @ nid 36
[  163.754222][ T6588] erofs (device loop0): big pcluster head1/2 of compact indexes should be consistent for nid 36
[  163.772566][ T6588] erofs (device loop0): readahead error at folio 45 @ nid 36
[  163.783911][ T6588] erofs (device loop0): big pcluster head1/2 of compact indexes should be consistent for nid 36
[  163.787874][ T5835] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  163.795000][ T6588] erofs (device loop0): readahead error at folio 44 @ nid 36
[  163.826484][ T6588] erofs (device loop0): big pcluster head1/2 of compact indexes should be consistent for nid 36
[  163.841132][ T5822] bcachefs (loop4): shutdown complete
[  163.873972][ T6588] erofs (device loop0): readahead error at folio 43 @ nid 36
[  163.874258][ T5883] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  163.910023][ T6588] erofs (device loop0): big pcluster head1/2 of compact indexes should be consistent for nid 36
[  163.958521][ T6588] erofs (device loop0): readahead error at folio 42 @ nid 36
[  163.982632][ T6588] erofs (device loop0): big pcluster head1/2 of compact indexes should be consistent for nid 36
[  164.018588][ T6588] erofs (device loop0): readahead error at folio 41 @ nid 36
[  164.061807][ T6588] erofs (device loop0): big pcluster head1/2 of compact indexes should be consistent for nid 36
[  164.098375][ T6588] erofs (device loop0): readahead error at folio 40 @ nid 36
[  164.111972][ T5883] usb 2-1: unable to get BOS descriptor or descriptor too short
[  164.134352][ T5883] usb 2-1: config 1 interface 0 altsetting 64 bulk endpoint 0x82 has invalid maxpacket 32
[  164.148298][ T6588] erofs (device loop0): big pcluster head1/2 of compact indexes should be consistent for nid 36
[  164.162030][ T5883] usb 2-1: config 1 interface 0 has no altsetting 0
[  164.164868][ T6588] erofs (device loop0): readahead error at folio 39 @ nid 36
[  164.174946][ T5883] usb 2-1: string descriptor 0 read error: -22
[  164.186564][ T5883] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  164.187378][ T6588] erofs (device loop0): big pcluster head1/2 of compact indexes should be consistent for nid 36
[  164.222248][ T6588] erofs (device loop0): readahead error at folio 38 @ nid 36
[  164.229605][ T5883] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  164.234109][ T6597] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  164.299017][ T6588] erofs (device loop0): big pcluster head1/2 of compact indexes should be consistent for nid 36
[  164.407859][ T6588] erofs (device loop0): readahead error at folio 37 @ nid 36
[  164.439212][ T6588] erofs (device loop0): big pcluster head1/2 of compact indexes should be consistent for nid 36
[  164.464779][ T6588] erofs (device loop0): readahead error at folio 36 @ nid 36
[  164.478432][ T6588] erofs (device loop0): big pcluster head1/2 of compact indexes should be consistent for nid 36
[  164.506733][ T6588] erofs (device loop0): readahead error at folio 35 @ nid 36
[  164.529358][ T6588] erofs (device loop0): big pcluster head1/2 of compact indexes should be consistent for nid 36
[  164.569421][ T6588] erofs (device loop0): readahead error at folio 34 @ nid 36
[  164.574582][ T5883] usblp 2-1:1.0: usblp0: USB Bidirectional printer dev 6 if 0 alt 64 proto 2 vid 0x0525 pid 0xA4A8
[  164.610542][ T6608] loop3: detected capacity change from 0 to 1024
[  164.639138][ T6588] erofs (device loop0): big pcluster head1/2 of compact indexes should be consistent for nid 36
[  164.649687][ T6588] erofs (device loop0): readahead error at folio 33 @ nid 36
[  164.657102][ T6588] erofs (device loop0): big pcluster head1/2 of compact indexes should be consistent for nid 36
[  164.673145][ T6588] erofs (device loop0): readahead error at folio 32 @ nid 36
[  164.699901][ T6588] erofs (device loop0): big pcluster head1/2 of compact indexes should be consistent for nid 36
[  164.746318][ T6588] erofs (device loop0): readahead error at folio 31 @ nid 36
[  164.763645][ T6588] erofs (device loop0): big pcluster head1/2 of compact indexes should be consistent for nid 36
[  164.781527][ T6608] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a842c028, mo2=0002]
[  164.816739][ T6608] System zones: 1-12
[  164.823452][ T6588] erofs (device loop0): readahead error at folio 30 @ nid 36
[  164.853687][ T6608] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  164.865880][ T6588] erofs (device loop0): big pcluster head1/2 of compact indexes should be consistent for nid 36
[  164.947048][ T6588] erofs (device loop0): readahead error at folio 29 @ nid 36
[  164.981843][ T6588] erofs (device loop0): big pcluster head1/2 of compact indexes should be consistent for nid 36
[  165.003312][ T6588] erofs (device loop0): readahead error at folio 28 @ nid 36
[  165.029522][ T6588] erofs (device loop0): big pcluster head1/2 of compact indexes should be consistent for nid 36
[  165.088378][ T6588] erofs (device loop0): readahead error at folio 27 @ nid 36
[  165.149187][ T6588] erofs (device loop0): big pcluster head1/2 of compact indexes should be consistent for nid 36
[  165.159856][ T6588] erofs (device loop0): readahead error at folio 26 @ nid 36
[  165.167263][ T6588] erofs (device loop0): big pcluster head1/2 of compact indexes should be consistent for nid 36
[  165.178191][ T6588] erofs (device loop0): readahead error at folio 25 @ nid 36
[  165.222873][ T6588] erofs (device loop0): big pcluster head1/2 of compact indexes should be consistent for nid 36
[  165.411356][ T6588] erofs (device loop0): readahead error at folio 24 @ nid 36
[  165.426416][ T6588] erofs (device loop0): big pcluster head1/2 of compact indexes should be consistent for nid 36
[  165.451676][ T5831] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  165.466325][ T6588] erofs (device loop0): readahead error at folio 23 @ nid 36
[  165.496539][ T6588] erofs (device loop0): big pcluster head1/2 of compact indexes should be consistent for nid 36
[  165.528805][ T6588] erofs (device loop0): readahead error at folio 22 @ nid 36
[  165.575581][ T6588] erofs (device loop0): big pcluster head1/2 of compact indexes should be consistent for nid 36
[  165.591482][    C0] usblp0: nonzero read bulk status received: -71
[  165.608415][ T6619] usblp0: error -71 reading from printer
[  165.617572][    C0] usblp0: nonzero read bulk status received: -71
[  165.660669][ T6588] erofs (device loop0): readahead error at folio 21 @ nid 36
[  165.728962][ T6588] erofs (device loop0): big pcluster head1/2 of compact indexes should be consistent for nid 36
[  165.758989][ T6588] erofs (device loop0): readahead error at folio 20 @ nid 36
[  165.852833][ T6588] erofs (device loop0): big pcluster head1/2 of compact indexes should be consistent for nid 36
[  165.866202][ T6588] erofs (device loop0): readahead error at folio 19 @ nid 36
[  165.907870][ T6588] erofs (device loop0): big pcluster head1/2 of compact indexes should be consistent for nid 36
[  165.946518][ T6623] loop2: detected capacity change from 0 to 512
[  165.973822][ T6588] erofs (device loop0): readahead error at folio 18 @ nid 36
[  165.976009][ T6622] loop3: detected capacity change from 0 to 4096
[  165.991755][ T6623] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  166.039252][ T6588] erofs (device loop0): big pcluster head1/2 of compact indexes should be consistent for nid 36
[  166.056572][ T6622] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  166.072967][ T6588] erofs (device loop0): readahead error at folio 17 @ nid 36
[  166.081045][ T6623] EXT4-fs (loop2): 1 truncate cleaned up
[  166.157671][ T6623] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  166.176206][ T6622] EXT4-fs error (device loop3): ext4_empty_dir:3094: inode #12: block 80: comm syz.3.171: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=6, rec_len=0, size=4096 fake=0
[  166.206215][ T6588] erofs (device loop0): big pcluster head1/2 of compact indexes should be consistent for nid 36
[  166.247551][ T6588] erofs (device loop0): readahead error at folio 16 @ nid 36
[  166.491870][ T6588] erofs (device loop0): big pcluster head1/2 of compact indexes should be consistent for nid 36
[  166.549621][ T6622] EXT4-fs warning (device loop3): ext4_empty_dir:3097: inode #12: comm syz.3.171: directory missing '..'
[  166.584613][ T6588] erofs (device loop0): readahead error at folio 15 @ nid 36
[  166.719803][ T5883] usb 2-1: USB disconnect, device number 6
[  166.898716][ T5835] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  166.929916][ T5883] usblp0: removed
[  166.944163][ T5831] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  167.999704][ T6633] loop2: detected capacity change from 0 to 32768
[  168.150235][ T6633] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): Using encoding defined by superblock: utf8-12.1.0
[  168.184516][ T6633] bcachefs (loop2): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[  168.184516][ T6633]   allowing incompatible features above 0.0: (unknown version)
[  168.216540][ T6633] bcachefs (loop2): initializing new filesystem
[  168.223717][ T6633] bcachefs (loop2): going read-write
[  168.339269][ T6633] bcachefs (loop2): marking superblocks
[  168.357848][ T6633] bcachefs (loop2): initializing freespace
[  168.367569][ T6633] bcachefs (loop2): done initializing freespace
[  168.377371][ T6633] bcachefs (loop2): reading snapshots table
[  168.383474][ T6633] bcachefs (loop2): reading snapshots done
[  168.448408][ T6633] bcachefs (loop2): done starting filesystem
[  168.455593][ T6651] loop3: detected capacity change from 0 to 16
[  168.546839][ T6651] erofs (device loop3): mounted with root inode @ nid 36.
[  168.994192][ T5833] erofs (device loop3): failed to decompress -26 in[46, 0] out[9000]
[  169.012804][ T6655] erofs (device loop3): failed to decompress -26 in[46, 4050] out[8192]
[  169.039259][ T6655] erofs (device loop3): read error -117 @ 0 of nid 89
[  169.059811][   T30] audit: type=1800 audit(1746435223.677:13): pid=6655 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.176" name="file2" dev="loop3" ino=89 res=0 errno=0
[  169.849749][ T5835] bcachefs (loop2): shutting down
[  169.871237][ T5835] bcachefs (loop2): going read-only
[  169.895652][ T5835] bcachefs (loop2): finished waiting for writes to stop
[  169.907655][ T5835] bcachefs (loop2): flushing journal and stopping allocators, journal seq 3
[  169.959945][ T5835] bcachefs (loop2): flushing journal and stopping allocators complete, journal seq 4
[  170.028989][ T5835] bcachefs (loop2): clean shutdown complete, journal seq 5
[  170.080756][ T6667] loop4: detected capacity change from 0 to 4096
[  170.093462][ T5835] bcachefs (loop2): marking filesystem clean
[  170.430110][ T5835] bcachefs (loop2): shutdown complete
[  171.240661][ T6682] loop0: detected capacity change from 0 to 512
[  171.300379][ T6682] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  171.371821][ T6682] EXT4-fs (loop0): 1 truncate cleaned up
[  171.473199][ T6682] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  171.825402][ T6686] loop4: detected capacity change from 0 to 1024
[  171.921180][ T6686] EXT4-fs: Ignoring removed orlov option
[  172.158282][ T5823] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  172.173130][ T6686] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  172.298788][ T5822] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  172.544447][ T6695] loop0: detected capacity change from 0 to 2048
[  172.642130][ T6695] UDF-fs: warning (device loop0): udf_load_vrs: No anchor found
[  172.719068][ T6695] UDF-fs: Scanning with blocksize 512 failed
[  172.774822][ T6695] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  175.111544][ T6714] loop3: detected capacity change from 0 to 32768
[  175.452754][ T6717] loop1: detected capacity change from 0 to 1024
[  175.466772][ T6721] loop5: detected capacity change from 0 to 3
[  176.373817][ T6721] syz.5.198: attempt to access beyond end of device
[  176.373817][ T6721] loop5: rw=2048, sector=0, nr_sectors = 8 limit=3
[  176.380997][ T6714] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): Using encoding defined by superblock: utf8-12.1.0
[  176.421682][ T6714] bcachefs (loop3): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[  176.421682][ T6714]   allowing incompatible features above 0.0: (unknown version)
[  176.451875][ T6714] bcachefs (loop3): initializing new filesystem
[  176.459077][ T6714] bcachefs (loop3): going read-write
[  176.559352][ T6721] SQUASHFS error: Failed to read block 0x0: -5
[  176.566090][ T6721] unable to read squashfs_super_block
[  176.599090][   T30] audit: type=1800 audit(1746435231.197:14): pid=6735 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.199" name="file1" dev="loop1" ino=20 res=0 errno=0
[  176.630233][ T6714] bcachefs (loop3): marking superblocks
[  176.647306][ T6714] bcachefs (loop3): initializing freespace
[  176.655602][ T6714] bcachefs (loop3): done initializing freespace
[  176.665236][ T6714] bcachefs (loop3): reading snapshots table
[  176.671285][ T6714] bcachefs (loop3): reading snapshots done
[  176.739624][ T6714] bcachefs (loop3): done starting filesystem
[  177.102011][   T30] audit: type=1800 audit(1746435231.707:15): pid=6717 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.199" name="file1" dev="loop1" ino=20 res=0 errno=0
[  177.213280][ T6739] loop0: detected capacity change from 0 to 4096
[  177.243445][ T5831] bcachefs (loop3): shutting down
[  177.248492][ T5831] bcachefs (loop3): going read-only
[  177.259470][ T5831] bcachefs (loop3): finished waiting for writes to stop
[  177.421292][ T5831] bcachefs (loop3): flushing journal and stopping allocators, journal seq 5
[  177.601820][ T5831] bcachefs (loop3): flushing journal and stopping allocators complete, journal seq 5
[  177.674635][ T5831] bcachefs (loop3): clean shutdown complete, journal seq 6
[  177.791677][ T5831] bcachefs (loop3): marking filesystem clean
[  178.998357][ T6745] loop2: detected capacity change from 0 to 131072
[  179.051187][ T5831] bcachefs (loop3): shutdown complete
[  179.345346][ T6745] F2FS-fs (loop2): Test dummy encryption mode enabled
[  179.452055][ T6745] F2FS-fs (loop2): invalid crc value
[  179.744959][ T6745] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  180.985119][ T6745] fscrypt (loop2, inode 10): Missing crypto API support for AES-256-XTS (API name: "xts(aes)")
[  181.140775][ T6784] loop5: detected capacity change from 0 to 1024
[  181.659535][ T6796] netlink: 8 bytes leftover after parsing attributes in process `syz.0.219'.
[  182.448540][ T6798] loop4: detected capacity change from 0 to 512
[  182.593494][ T6798] EXT4-fs: Ignoring removed nobh option
[  182.774626][ T6798] EXT4-fs error (device loop4): ext4_free_branches:1020: inode #11: comm syz.4.220: invalid indirect mapped block 256 (level 2)
[  182.816293][ T6798] EXT4-fs (loop4): 2 truncates cleaned up
[  182.824827][ T6798] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  183.161375][ T6806] loop1: detected capacity change from 0 to 32768
[  183.168802][ T6806] XFS: ikeep mount option is deprecated.
[  183.292382][ T6806] XFS (loop1): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  183.928782][ T6806] XFS (loop1): Ending clean mount
[  184.141879][ T5822] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  184.195691][ T5832] XFS (loop1): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  185.122582][ T5824] Bluetooth: hci6: command 0x1003 tx timeout
[  185.129899][ T5833] Bluetooth: hci6: Opcode 0x1003 failed: -110
[  187.093414][ T6858] loop0: detected capacity change from 0 to 512
[  187.137173][ T6858] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem
[  187.143547][ T6861] loop3: detected capacity change from 0 to 128
[  187.184565][ T6858] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8042c119, mo2=0002]
[  187.206803][ T6858] EXT4-fs error (device loop0): ext4_iget_extra_inode:4692: inode #15: comm syz.0.231: corrupted in-inode xattr: e_value size too large
[  187.234967][ T6858] EXT4-fs error (device loop0): ext4_orphan_get:1394: comm syz.0.231: couldn't read orphan inode 15 (err -117)
[  187.328747][ T6861] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  187.353349][ T6861] ext4 filesystem being mounted at /35/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  187.387429][ T6830] loop5: detected capacity change from 0 to 32768
[  187.395647][ T6830] btrfs: Deprecated parameter 'usebackuproot'
[  187.401818][ T6830] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  187.412338][ T6830] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.226 (6830)
[  187.447360][ T6858] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  187.462959][ T6830] BTRFS info (device loop5): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  187.507573][ T6830] BTRFS info (device loop5): using crc32c (crc32c-x86_64) checksum algorithm
[  187.534779][ T6830] BTRFS info (device loop5): using free-space-tree
[  187.573349][ T6830] workqueue: Failed to create a rescuer kthread for wq "btrfs-worker": -EINTR
[  187.655700][ T6830] workqueue: Failed to create a rescuer kthread for wq "btrfs-delalloc": -EINTR
[  187.756070][ T6830] workqueue: Failed to create a rescuer kthread for wq "btrfs-fixup": -EINTR
[  187.833850][ T6830] workqueue: Failed to create a rescuer kthread for wq "btrfs-compressed-write": -EINTR
[  187.877816][ T6830] workqueue: Failed to create a rescuer kthread for wq "btrfs-freespace-write": -EINTR
[  187.893934][ T6830] workqueue: Failed to create a rescuer kthread for wq "btrfs-delayed-meta": -EINTR
[  187.905598][ T6830] workqueue: Failed to create a rescuer kthread for wq "btrfs-qgroup-rescan": -EINTR
[  187.996287][   T30] audit: type=1800 audit(1746435242.597:16): pid=6890 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.231" name="file1" dev="loop0" ino=19 res=0 errno=0
[  188.363952][    C1] vcan0: j1939_tp_rxtimer: 0xffff88805819e800: rx timeout, send abort
[  188.374803][    C1] vcan0: j1939_tp_rxtimer: 0xffff888079e69000: rx timeout, send abort
[  188.497238][ T5831] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  188.636563][ T6830] BTRFS error (device loop5): open_ctree failed: -12
[  188.699049][    T9] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[  188.721535][ T5823] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  188.873932][    C1] vcan0: j1939_tp_rxtimer: 0xffff88805819e800: abort rx timeout. Force session deactivation
[  188.887210][    C1] vcan0: j1939_tp_rxtimer: 0xffff888079e69000: abort rx timeout. Force session deactivation
[  188.949067][    T9] usb 3-1: Using ep0 maxpacket: 8
[  189.185481][    T9] usb 3-1: config 0 has no interfaces?
[  189.505364][    T9] usb 3-1: New USB device found, idVendor=07c0, idProduct=1505, bcdDevice=b8.c5
[  189.613036][    T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  189.677561][    T9] usb 3-1: Product: syz
[  189.714630][    T9] usb 3-1: Manufacturer: syz
[  189.731503][    T9] usb 3-1: SerialNumber: syz
[  189.781547][    T9] usb 3-1: config 0 descriptor??
[  190.138648][ T6892] delete_channel: no stack
[  190.559476][   T10] usb 3-1: USB disconnect, device number 2
[  190.733223][ T6923] process 'syz.3.239' launched './file0' with NULL argv: empty string added
[  191.265037][ T6930] loop5: detected capacity change from 0 to 64
[  191.360746][ T6930] syz.5.243: attempt to access beyond end of device
[  191.360746][ T6930] loop5: rw=0, sector=268435468, nr_sectors = 2 limit=64
[  191.375059][ T6930] Buffer I/O error on dev loop5, logical block 134217734, async page read
[  193.214442][ T6947] loop0: detected capacity change from 0 to 512
[  193.225148][ T6947] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem
[  193.236690][ T6947] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8042c119, mo2=0002]
[  193.248975][   T47] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  193.262501][ T6949] loop1: detected capacity change from 0 to 512
[  193.273463][ T6949] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  194.257839][ T6947] EXT4-fs error (device loop0): ext4_iget_extra_inode:4692: inode #15: comm syz.0.248: corrupted in-inode xattr: e_value size too large
[  194.300596][ T6950] loop2: detected capacity change from 0 to 32768
[  194.308853][ T6950] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.249 (6950)
[  194.326622][   T47] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  194.331298][ T6950] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  194.347023][ T6950] BTRFS info (device loop2): using crc32c (crc32c-x86_64) checksum algorithm
[  194.356009][ T6950] BTRFS info (device loop2): using free-space-tree
[  194.393563][   T47] usb 6-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  194.414408][ T6947] EXT4-fs error (device loop0): ext4_orphan_get:1394: comm syz.0.248: couldn't read orphan inode 15 (err -117)
[  194.451142][   T47] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  194.456173][ T6949] EXT4-fs (loop1): 1 truncate cleaned up
[  194.485453][   T47] usb 6-1: config 0 descriptor??
[  194.505806][ T6947] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  194.507557][   T47] pwc: Askey VC010 type 2 USB webcam detected.
[  194.541114][ T6949] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  194.983012][   T30] audit: type=1800 audit(1746435249.587:17): pid=6977 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.248" name="file1" dev="loop0" ino=19 res=0 errno=0
[  195.004036][   T10] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  195.486949][   T47] pwc: recv_control_msg error -32 req 02 val 2b00
[  195.809306][   T47] pwc: recv_control_msg error -32 req 02 val 2700
[  195.883857][   T47] pwc: recv_control_msg error -32 req 02 val 2c00
[  195.930578][   T47] pwc: recv_control_msg error -32 req 04 val 1000
[  195.966215][   T47] pwc: recv_control_msg error -32 req 04 val 1300
[  195.973582][ T5823] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  195.990768][   T47] pwc: recv_control_msg error -32 req 04 val 1400
[  196.012895][   T47] pwc: recv_control_msg error -32 req 02 val 2000
[  196.033287][ T5832] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  196.048828][   T47] pwc: recv_control_msg error -32 req 02 val 2100
[  196.059017][   T10] usb 4-1: Using ep0 maxpacket: 16
[  196.106999][   T47] pwc: recv_control_msg error -32 req 04 val 1500
[  196.118515][   T10] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[  196.182561][   T10] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  196.304531][   T10] usb 4-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  196.336510][   T10] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  196.353690][   T47] pwc: recv_control_msg error -71 req 02 val 2400
[  196.399196][   T47] pwc: recv_control_msg error -71 req 02 val 2600
[  196.410804][   T10] usb 4-1: Product: syz
[  196.420002][   T10] usb 4-1: Manufacturer: syz
[  196.420272][   T47] pwc: recv_control_msg error -71 req 02 val 2900
[  196.424621][   T10] usb 4-1: SerialNumber: syz
[  196.489139][   T47] pwc: recv_control_msg error -71 req 02 val 2800
[  196.539541][   T10] usb 4-1: config 0 descriptor??
[  196.579050][   T10] em28xx 4-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  196.596482][   T47] pwc: recv_control_msg error -71 req 04 val 1100
[  196.599729][   T10] em28xx 4-1:0.0: Audio interface 0 found (Vendor Class)
[  196.604040][ T6991] netlink: 4 bytes leftover after parsing attributes in process `syz.0.252'.
[  196.648568][   T47] pwc: recv_control_msg error -71 req 04 val 1200
[  196.799531][   T47] pwc: Registered as video103.
[  196.883619][   T47] input: PWC snapshot button as /devices/platform/dummy_hcd.5/usb6/6-1/input/input8
[  196.907555][ T5835] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  197.076584][   T47] usb 6-1: USB disconnect, device number 5
[  197.256713][   T10] em28xx 4-1:0.0: unknown em28xx chip ID (0)
[  197.329511][   T10] em28xx 4-1:0.0: Config register raw data: 0xfffffffb
[  197.979143][   T10] em28xx 4-1:0.0: Unknown AC97 audio processor detected!
[  198.662184][   T10] em28xx 4-1:0.0: couldn't setup AC97 register 4
[  199.027663][   T10] em28xx 4-1:0.0: couldn't setup AC97 register 6
[  199.099677][   T10] em28xx 4-1:0.0: couldn't setup AC97 register 54
[  199.137830][   T10] em28xx 4-1:0.0: couldn't setup AC97 register 56
[  199.189699][   T10] usb 4-1: USB disconnect, device number 4
[  201.228650][ T7028] netlink: 4 bytes leftover after parsing attributes in process `syz.4.262'.
[  201.320953][ T7030] loop3: detected capacity change from 0 to 16
[  201.371650][ T7035] loop0: detected capacity change from 0 to 16
[  201.379227][ T7028] netlink: 12 bytes leftover after parsing attributes in process `syz.4.262'.
[  201.398715][ T7030] erofs (device loop3): mounted with root inode @ nid 36.
[  201.412049][ T7035] erofs (device loop0): mounted with root inode @ nid 36.
[  201.493040][ T7030] erofs (device loop3): readahead error at folio 2 @ nid 89
[  201.550983][ T5833] erofs (device loop3): failed to decompress -5 in[4096, 0] out[8192]
[  201.583960][ T7030] erofs (device loop3): failed to decompress -5 in[4096, 0] out[8192]
[  201.879029][ T7030] erofs (device loop3): read error -117 @ 0 of nid 89
[  201.887331][   T30] audit: type=1800 audit(1746435256.497:18): pid=7030 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.264" name="file2" dev="loop3" ino=89 res=0 errno=0
[  201.894225][ T7041] erofs (device loop3): failed to decompress -5 in[4096, 0] out[8192]
[  203.418367][ T7041] erofs (device loop3): read error -117 @ 0 of nid 89
[  203.488993][   T30] audit: type=1800 audit(1746435258.077:19): pid=7041 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.264" name="file3" dev="loop3" ino=89 res=0 errno=0
[  203.709455][ T7055] loop2: detected capacity change from 0 to 512
[  203.786170][ T7055] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  203.820227][ T7056] netfs: Couldn't get user pages (rc=-14)
[  203.832433][ T7058] loop0: detected capacity change from 0 to 1024
[  203.879412][ T1292] ieee802154 phy0 wpan0: encryption failed: -22
[  203.885798][ T1292] ieee802154 phy1 wpan1: encryption failed: -22
[  203.942975][ T7055] EXT4-fs (loop2): 1 truncate cleaned up
[  204.489926][ T7055] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  206.149578][ T6821] ==================================================================
[  206.157699][ T6821] BUG: KASAN: slab-out-of-bounds in iov_iter_revert+0x443/0x5a0
[  206.165386][ T6821] Read of size 4 at addr ffff88804f260278 by task kworker/u8:10/6821
[  206.173478][ T6821] 
[  206.175808][ T6821] CPU: 1 UID: 0 PID: 6821 Comm: kworker/u8:10 Not tainted 6.15.0-rc5-syzkaller #0 PREEMPT(full) 
[  206.175851][ T6821] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[  206.175874][ T6821] Workqueue: events_unbound netfs_write_collection_worker
[  206.175939][ T6821] Call Trace:
[  206.175950][ T6821]  <TASK>
[  206.175963][ T6821]  dump_stack_lvl+0x116/0x1f0
[  206.176015][ T6821]  print_report+0xc3/0x670
[  206.176065][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  206.176108][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  206.176149][ T6821]  ? __phys_addr+0xc6/0x150
[  206.176199][ T6821]  ? iov_iter_revert+0x443/0x5a0
[  206.176248][ T6821]  kasan_report+0xe0/0x110
[  206.176302][ T6821]  ? iov_iter_revert+0x443/0x5a0
[  206.176357][ T6821]  iov_iter_revert+0x443/0x5a0
[  206.176410][ T6821]  netfs_retry_writes+0x166d/0x1a50
[  206.176449][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  206.176500][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  206.176542][ T6821]  ? __lock_acquire+0xaa4/0x1ba0
[  206.176598][ T6821]  ? __pfx_netfs_retry_writes+0x10/0x10
[  206.176634][ T6821]  ? __pfx_netdev_run_todo+0x10/0x10
[  206.176675][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  206.176720][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  206.176761][ T6821]  ? register_lock_class+0x41/0x4c0
[  206.176815][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  206.176856][ T6821]  ? do_raw_spin_lock+0x12c/0x2b0
[  206.176891][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  206.176937][ T6821]  netfs_write_collection_worker+0x23fd/0x3830
[  206.177021][ T6821]  process_one_work+0x9cf/0x1b70
[  206.177065][ T6821]  ? __pfx_addrconf_dad_work+0x10/0x10
[  206.177108][ T6821]  ? __pfx_process_one_work+0x10/0x10
[  206.177144][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  206.177192][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  206.177233][ T6821]  ? assign_work+0x1a0/0x250
[  206.177268][ T6821]  worker_thread+0x6c8/0xf10
[  206.177309][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  206.177351][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  206.177392][ T6821]  ? __kthread_parkme+0x19e/0x250
[  206.177440][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  206.177488][ T6821]  ? __pfx_worker_thread+0x10/0x10
[  206.177523][ T6821]  kthread+0x3c5/0x780
[  206.177555][ T6821]  ? __pfx_kthread+0x10/0x10
[  206.177583][ T6821]  ? __pfx_kthread+0x10/0x10
[  206.177613][ T6821]  ? __pfx_kthread+0x10/0x10
[  206.177643][ T6821]  ? __pfx_kthread+0x10/0x10
[  206.177672][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  206.177714][ T6821]  ? rcu_is_watching+0x12/0xc0
[  206.177754][ T6821]  ? __pfx_kthread+0x10/0x10
[  206.177786][ T6821]  ret_from_fork+0x48/0x80
[  206.177817][ T6821]  ? __pfx_kthread+0x10/0x10
[  206.177848][ T6821]  ret_from_fork_asm+0x1a/0x30
[  206.177911][ T6821]  </TASK>
[  206.177923][ T6821] 
[  206.445584][ T6821] Allocated by task 7056:
[  206.449915][ T6821]  kasan_save_stack+0x33/0x60
[  206.454623][ T6821]  kasan_save_track+0x14/0x30
[  206.459328][ T6821]  __kasan_kmalloc+0xaa/0xb0
[  206.463943][ T6821]  kmem_cache_free+0x148/0x4d0
[  206.468734][ T6821]  vms_complete_munmap_vmas+0x573/0x970
[  206.474308][ T6821]  __mmap_region+0xb81/0x27c0
[  206.479021][ T6821]  mmap_region+0x1ab/0x3f0
[  206.483476][ T6821]  do_mmap+0xd8e/0x11b0
[  206.487647][ T6821]  vm_mmap_pgoff+0x281/0x450
[  206.492251][ T6821]  ksys_mmap_pgoff+0x32c/0x5c0
[  206.497028][ T6821]  __x64_sys_mmap+0x125/0x190
[  206.501720][ T6821]  do_syscall_64+0xcd/0x260
[  206.506262][ T6821]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  206.512182][ T6821] 
[  206.514510][ T6821] Freed by task 23:
[  206.518313][ T6821]  kasan_save_stack+0x33/0x60
[  206.523018][ T6821]  kasan_save_track+0x14/0x30
[  206.527722][ T6821]  kasan_save_free_info+0x3b/0x60
[  206.532767][ T6821]  __kasan_slab_free+0x51/0x70
[  206.537558][ T6821]  kfree+0x2b6/0x4d0
[  206.541477][ T6821]  slab_free_after_rcu_debug+0x69/0x350
[  206.547048][ T6821]  rcu_core+0x79c/0x14e0
[  206.551303][ T6821]  handle_softirqs+0x219/0x8e0
[  206.556088][ T6821]  run_ksoftirqd+0x3a/0x60
[  206.560523][ T6821]  smpboot_thread_fn+0x3f7/0xae0
[  206.565488][ T6821]  kthread+0x3c5/0x780
[  206.569571][ T6821]  ret_from_fork+0x48/0x80
[  206.574000][ T6821]  ret_from_fork_asm+0x1a/0x30
[  206.578791][ T6821] 
[  206.581113][ T6821] Last potentially related work creation:
[  206.586827][ T6821]  kasan_save_stack+0x33/0x60
[  206.591532][ T6821]  kasan_record_aux_stack+0xb8/0xd0
[  206.596752][ T6821]  __call_rcu_common.constprop.0+0x9a/0x9f0
[  206.602685][ T6821]  kmem_cache_free+0x173/0x4d0
[  206.607479][ T6821]  vms_complete_munmap_vmas+0x573/0x970
[  206.613054][ T6821]  __mmap_region+0xb81/0x27c0
[  206.617762][ T6821]  mmap_region+0x1ab/0x3f0
[  206.622210][ T6821]  do_mmap+0xd8e/0x11b0
[  206.626386][ T6821]  vm_mmap_pgoff+0x281/0x450
[  206.630998][ T6821]  ksys_mmap_pgoff+0x32c/0x5c0
[  206.635776][ T6821]  __x64_sys_mmap+0x125/0x190
[  206.640471][ T6821]  do_syscall_64+0xcd/0x260
[  206.645003][ T6821]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  206.650910][ T6821] 
[  206.653232][ T6821] The buggy address belongs to the object at ffff88804f260240
[  206.653232][ T6821]  which belongs to the cache kmalloc-32 of size 32
[  206.667147][ T6821] The buggy address is located 24 bytes to the right of
[  206.667147][ T6821]  allocated 32-byte region [ffff88804f260240, ffff88804f260260)
[  206.681654][ T6821] 
[  206.683975][ T6821] The buggy address belongs to the physical page:
[  206.690380][ T6821] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x4f260
[  206.699151][ T6821] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  206.706272][ T6821] page_type: f5(slab)
[  206.710264][ T6821] raw: 00fff00000000000 ffff88801b441780 dead000000000122 0000000000000000
[  206.718870][ T6821] raw: 0000000000000000 0000000000400040 00000000f5000000 0000000000000000
[  206.727466][ T6821] page dumped because: kasan: bad access detected
[  206.733882][ T6821] page_owner tracks the page as allocated
[  206.739593][ T6821] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x52800(GFP_NOWAIT|__GFP_NORETRY|__GFP_COMP), pid 7030, tgid 7029 (syz.3.264), ts 203785479480, free_ts 203783675340
[  206.757683][ T6821]  post_alloc_hook+0x181/0x1b0
[  206.762482][ T6821]  get_page_from_freelist+0x135c/0x3920
[  206.768055][ T6821]  __alloc_frozen_pages_noprof+0x263/0x23a0
[  206.773976][ T6821]  alloc_pages_mpol+0x1fb/0x550
[  206.778857][ T6821]  new_slab+0x244/0x340
[  206.783037][ T6821]  ___slab_alloc+0xd9c/0x1940
[  206.787735][ T6821]  __slab_alloc.constprop.0+0x56/0xb0
[  206.793128][ T6821]  __kmalloc_cache_noprof+0xfb/0x3e0
[  206.798434][ T6821]  kmem_cache_free+0x148/0x4d0
[  206.803226][ T6821]  exit_mmap+0x511/0xb90
[  206.807488][ T6821]  __mmput+0x12a/0x410
[  206.811581][ T6821]  mmput+0x62/0x70
[  206.815328][ T6821]  do_exit+0x9d1/0x2c30
[  206.819517][ T6821]  do_group_exit+0xd3/0x2a0
[  206.824062][ T6821]  get_signal+0x2673/0x26d0
[  206.828586][ T6821]  arch_do_signal_or_restart+0x8f/0x7d0
[  206.834161][ T6821] page last free pid 7030 tgid 7029 stack trace:
[  206.840493][ T6821]  __free_frozen_pages+0x69d/0xff0
[  206.845627][ T6821]  tlb_finish_mmu+0x237/0x7b0
[  206.850329][ T6821]  exit_mmap+0x403/0xb90
[  206.854589][ T6821]  __mmput+0x12a/0x410
[  206.858679][ T6821]  mmput+0x62/0x70
[  206.862422][ T6821]  do_exit+0x9d1/0x2c30
[  206.866610][ T6821]  do_group_exit+0xd3/0x2a0
[  206.871144][ T6821]  get_signal+0x2673/0x26d0
[  206.875668][ T6821]  arch_do_signal_or_restart+0x8f/0x7d0
[  206.881241][ T6821]  syscall_exit_to_user_mode+0x150/0x2a0
[  206.886902][ T6821]  do_syscall_64+0xda/0x260
[  206.891433][ T6821]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  206.897344][ T6821] 
[  206.899666][ T6821] Memory state around the buggy address:
[  206.905297][ T6821]  ffff88804f260100: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc
[  206.913368][ T6821]  ffff88804f260180: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc
[  206.921441][ T6821] >ffff88804f260200: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc
[  206.929512][ T6821]                                                                 ^
[  206.937495][ T6821]  ffff88804f260280: 00 00 00 00 fc fc fc fc fa fb fb fb fc fc fc fc
[  206.945563][ T6821]  ffff88804f260300: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc
[  206.953631][ T6821] ==================================================================
[  207.286344][ T6821] Disabling lock debugging due to kernel taint
[  207.293500][ T6821] ==================================================================
[  207.301598][ T6821] BUG: KASAN: slab-out-of-bounds in iov_iter_revert+0x521/0x5a0
[  207.309294][ T6821] Read of size 4 at addr ffff88804f260268 by task kworker/u8:10/6821
[  207.317389][ T6821] 
[  207.319735][ T6821] CPU: 0 UID: 0 PID: 6821 Comm: kworker/u8:10 Tainted: G    B               6.15.0-rc5-syzkaller #0 PREEMPT(full) 
[  207.319778][ T6821] Tainted: [B]=BAD_PAGE
[  207.319788][ T6821] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[  207.319808][ T6821] Workqueue: events_unbound netfs_write_collection_worker
[  207.319861][ T6821] Call Trace:
[  207.319871][ T6821]  <TASK>
[  207.319881][ T6821]  dump_stack_lvl+0x116/0x1f0
[  207.319922][ T6821]  print_report+0xc3/0x670
[  207.319962][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  207.319997][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  207.320030][ T6821]  ? __phys_addr+0xc6/0x150
[  207.320070][ T6821]  ? iov_iter_revert+0x521/0x5a0
[  207.320109][ T6821]  kasan_report+0xe0/0x110
[  207.320151][ T6821]  ? iov_iter_revert+0x521/0x5a0
[  207.320196][ T6821]  iov_iter_revert+0x521/0x5a0
[  207.320238][ T6821]  netfs_retry_writes+0x166d/0x1a50
[  207.320269][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  207.320307][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  207.320341][ T6821]  ? __lock_acquire+0xaa4/0x1ba0
[  207.320385][ T6821]  ? __pfx_netfs_retry_writes+0x10/0x10
[  207.320414][ T6821]  ? __pfx_netdev_run_todo+0x10/0x10
[  207.320448][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  207.320484][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  207.320517][ T6821]  ? register_lock_class+0x41/0x4c0
[  207.320560][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  207.320593][ T6821]  ? do_raw_spin_lock+0x12c/0x2b0
[  207.320622][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  207.320659][ T6821]  netfs_write_collection_worker+0x23fd/0x3830
[  207.320737][ T6821]  process_one_work+0x9cf/0x1b70
[  207.320772][ T6821]  ? __pfx_addrconf_dad_work+0x10/0x10
[  207.320808][ T6821]  ? __pfx_process_one_work+0x10/0x10
[  207.320837][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  207.320876][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  207.320908][ T6821]  ? assign_work+0x1a0/0x250
[  207.320936][ T6821]  worker_thread+0x6c8/0xf10
[  207.320968][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  207.321003][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  207.321036][ T6821]  ? __kthread_parkme+0x19e/0x250
[  207.321074][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  207.321109][ T6821]  ? __pfx_worker_thread+0x10/0x10
[  207.321137][ T6821]  kthread+0x3c5/0x780
[  207.321163][ T6821]  ? __pfx_kthread+0x10/0x10
[  207.321187][ T6821]  ? __pfx_kthread+0x10/0x10
[  207.321211][ T6821]  ? __pfx_kthread+0x10/0x10
[  207.321235][ T6821]  ? __pfx_kthread+0x10/0x10
[  207.321259][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  207.321292][ T6821]  ? rcu_is_watching+0x12/0xc0
[  207.321325][ T6821]  ? __pfx_kthread+0x10/0x10
[  207.321350][ T6821]  ret_from_fork+0x48/0x80
[  207.321376][ T6821]  ? __pfx_kthread+0x10/0x10
[  207.321401][ T6821]  ret_from_fork_asm+0x1a/0x30
[  207.321451][ T6821]  </TASK>
[  207.321460][ T6821] 
[  207.594442][ T6821] Allocated by task 7056:
[  207.598766][ T6821]  kasan_save_stack+0x33/0x60
[  207.603463][ T6821]  kasan_save_track+0x14/0x30
[  207.608152][ T6821]  __kasan_kmalloc+0xaa/0xb0
[  207.612754][ T6821]  kmem_cache_free+0x148/0x4d0
[  207.617532][ T6821]  vms_complete_munmap_vmas+0x573/0x970
[  207.623092][ T6821]  __mmap_region+0xb81/0x27c0
[  207.627785][ T6821]  mmap_region+0x1ab/0x3f0
[  207.632218][ T6821]  do_mmap+0xd8e/0x11b0
[  207.636393][ T6821]  vm_mmap_pgoff+0x281/0x450
[  207.640990][ T6821]  ksys_mmap_pgoff+0x32c/0x5c0
[  207.645757][ T6821]  __x64_sys_mmap+0x125/0x190
[  207.650438][ T6821]  do_syscall_64+0xcd/0x260
[  207.654958][ T6821]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  207.660854][ T6821] 
[  207.663168][ T6821] Freed by task 23:
[  207.666966][ T6821]  kasan_save_stack+0x33/0x60
[  207.671690][ T6821]  kasan_save_track+0x14/0x30
[  207.676385][ T6821]  kasan_save_free_info+0x3b/0x60
[  207.681414][ T6821]  __kasan_slab_free+0x51/0x70
[  207.686197][ T6821]  kfree+0x2b6/0x4d0
[  207.690100][ T6821]  slab_free_after_rcu_debug+0x69/0x350
[  207.695664][ T6821]  rcu_core+0x79c/0x14e0
[  207.699911][ T6821]  handle_softirqs+0x219/0x8e0
[  207.704683][ T6821]  run_ksoftirqd+0x3a/0x60
[  207.709111][ T6821]  smpboot_thread_fn+0x3f7/0xae0
[  207.714064][ T6821]  kthread+0x3c5/0x780
[  207.718132][ T6821]  ret_from_fork+0x48/0x80
[  207.722556][ T6821]  ret_from_fork_asm+0x1a/0x30
[  207.727337][ T6821] 
[  207.729654][ T6821] Last potentially related work creation:
[  207.735371][ T6821]  kasan_save_stack+0x33/0x60
[  207.740112][ T6821]  kasan_record_aux_stack+0xb8/0xd0
[  207.745320][ T6821]  __call_rcu_common.constprop.0+0x9a/0x9f0
[  207.751241][ T6821]  kmem_cache_free+0x173/0x4d0
[  207.756017][ T6821]  vms_complete_munmap_vmas+0x573/0x970
[  207.761578][ T6821]  __mmap_region+0xb81/0x27c0
[  207.766272][ T6821]  mmap_region+0x1ab/0x3f0
[  207.770704][ T6821]  do_mmap+0xd8e/0x11b0
[  207.774866][ T6821]  vm_mmap_pgoff+0x281/0x450
[  207.779460][ T6821]  ksys_mmap_pgoff+0x32c/0x5c0
[  207.784229][ T6821]  __x64_sys_mmap+0x125/0x190
[  207.788916][ T6821]  do_syscall_64+0xcd/0x260
[  207.793447][ T6821]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  207.799345][ T6821] 
[  207.801661][ T6821] The buggy address belongs to the object at ffff88804f260240
[  207.801661][ T6821]  which belongs to the cache kmalloc-32 of size 32
[  207.815549][ T6821] The buggy address is located 8 bytes to the right of
[  207.815549][ T6821]  allocated 32-byte region [ffff88804f260240, ffff88804f260260)
[  207.829978][ T6821] 
[  207.832295][ T6821] The buggy address belongs to the physical page:
[  207.838702][ T6821] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x4f260
[  207.847479][ T6821] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  207.854592][ T6821] page_type: f5(slab)
[  207.858597][ T6821] raw: 00fff00000000000 ffff88801b441780 dead000000000122 0000000000000000
[  207.867193][ T6821] raw: 0000000000000000 0000000000400040 00000000f5000000 0000000000000000
[  207.875779][ T6821] page dumped because: kasan: bad access detected
[  207.882186][ T6821] page_owner tracks the page as allocated
[  207.887888][ T6821] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x52800(GFP_NOWAIT|__GFP_NORETRY|__GFP_COMP), pid 7030, tgid 7029 (syz.3.264), ts 203785479480, free_ts 203783675340
[  207.905968][ T6821]  post_alloc_hook+0x181/0x1b0
[  207.910756][ T6821]  get_page_from_freelist+0x135c/0x3920
[  207.916317][ T6821]  __alloc_frozen_pages_noprof+0x263/0x23a0
[  207.922227][ T6821]  alloc_pages_mpol+0x1fb/0x550
[  207.927094][ T6821]  new_slab+0x244/0x340
[  207.931262][ T6821]  ___slab_alloc+0xd9c/0x1940
[  207.935953][ T6821]  __slab_alloc.constprop.0+0x56/0xb0
[  207.941337][ T6821]  __kmalloc_cache_noprof+0xfb/0x3e0
[  207.946656][ T6821]  kmem_cache_free+0x148/0x4d0
[  207.951428][ T6821]  exit_mmap+0x511/0xb90
[  207.955678][ T6821]  __mmput+0x12a/0x410
[  207.959757][ T6821]  mmput+0x62/0x70
[  207.963485][ T6821]  do_exit+0x9d1/0x2c30
[  207.967652][ T6821]  do_group_exit+0xd3/0x2a0
[  207.972167][ T6821]  get_signal+0x2673/0x26d0
[  207.976678][ T6821]  arch_do_signal_or_restart+0x8f/0x7d0
[  207.982244][ T6821] page last free pid 7030 tgid 7029 stack trace:
[  207.988567][ T6821]  __free_frozen_pages+0x69d/0xff0
[  207.993694][ T6821]  tlb_finish_mmu+0x237/0x7b0
[  207.998386][ T6821]  exit_mmap+0x403/0xb90
[  208.002639][ T6821]  __mmput+0x12a/0x410
[  208.006721][ T6821]  mmput+0x62/0x70
[  208.010452][ T6821]  do_exit+0x9d1/0x2c30
[  208.014625][ T6821]  do_group_exit+0xd3/0x2a0
[  208.019149][ T6821]  get_signal+0x2673/0x26d0
[  208.023664][ T6821]  arch_do_signal_or_restart+0x8f/0x7d0
[  208.029225][ T6821]  syscall_exit_to_user_mode+0x150/0x2a0
[  208.034873][ T6821]  do_syscall_64+0xda/0x260
[  208.039390][ T6821]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  208.045295][ T6821] 
[  208.047609][ T6821] Memory state around the buggy address:
[  208.053233][ T6821]  ffff88804f260100: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc
[  208.061296][ T6821]  ffff88804f260180: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc
[  208.069361][ T6821] >ffff88804f260200: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc
[  208.077430][ T6821]                                                           ^
[  208.084884][ T6821]  ffff88804f260280: 00 00 00 00 fc fc fc fc fa fb fb fb fc fc fc fc
[  208.092941][ T6821]  ffff88804f260300: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc
[  208.100992][ T6821] ==================================================================
[  208.172298][ T7085] loop0: detected capacity change from 0 to 512
[  208.211404][ T6821] ==================================================================
[  208.219481][ T6821] BUG: KASAN: slab-out-of-bounds in iov_iter_advance+0x652/0x6c0
[  208.227242][ T6821] Read of size 4 at addr ffff88804f260268 by task kworker/u8:10/6821
[  208.235304][ T6821] 
[  208.237630][ T6821] CPU: 0 UID: 0 PID: 6821 Comm: kworker/u8:10 Tainted: G    B               6.15.0-rc5-syzkaller #0 PREEMPT(full) 
[  208.237672][ T6821] Tainted: [B]=BAD_PAGE
[  208.237683][ T6821] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[  208.237702][ T6821] Workqueue: events_unbound netfs_write_collection_worker
[  208.237757][ T6821] Call Trace:
[  208.237766][ T6821]  <TASK>
[  208.237776][ T6821]  dump_stack_lvl+0x116/0x1f0
[  208.237818][ T6821]  print_report+0xc3/0x670
[  208.237859][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  208.237893][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  208.237926][ T6821]  ? __phys_addr+0xc6/0x150
[  208.237967][ T6821]  ? iov_iter_advance+0x652/0x6c0
[  208.238006][ T6821]  kasan_report+0xe0/0x110
[  208.238052][ T6821]  ? iov_iter_advance+0x652/0x6c0
[  208.238113][ T6821]  iov_iter_advance+0x652/0x6c0
[  208.238157][ T6821]  netfs_reissue_write+0x13d/0x240
[  208.238186][ T6821]  netfs_retry_writes+0x168a/0x1a50
[  208.238216][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  208.238253][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  208.238287][ T6821]  ? __lock_acquire+0xaa4/0x1ba0
[  208.238332][ T6821]  ? __pfx_netfs_retry_writes+0x10/0x10
[  208.238361][ T6821]  ? __pfx_netdev_run_todo+0x10/0x10
[  208.238394][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  208.238430][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  208.238463][ T6821]  ? register_lock_class+0x41/0x4c0
[  208.238508][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  208.238542][ T6821]  ? do_raw_spin_lock+0x12c/0x2b0
[  208.238570][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  208.238606][ T6821]  netfs_write_collection_worker+0x23fd/0x3830
[  208.238672][ T6821]  process_one_work+0x9cf/0x1b70
[  208.238707][ T6821]  ? __pfx_addrconf_dad_work+0x10/0x10
[  208.238745][ T6821]  ? __pfx_process_one_work+0x10/0x10
[  208.238774][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  208.238813][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  208.238846][ T6821]  ? assign_work+0x1a0/0x250
[  208.238873][ T6821]  worker_thread+0x6c8/0xf10
[  208.238917][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  208.238966][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  208.239004][ T6821]  ? __kthread_parkme+0x19e/0x250
[  208.239042][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  208.239077][ T6821]  ? __pfx_worker_thread+0x10/0x10
[  208.239106][ T6821]  kthread+0x3c5/0x780
[  208.239131][ T6821]  ? __pfx_kthread+0x10/0x10
[  208.239162][ T6821]  ? __pfx_kthread+0x10/0x10
[  208.239197][ T6821]  ? __pfx_kthread+0x10/0x10
[  208.239227][ T6821]  ? __pfx_kthread+0x10/0x10
[  208.239251][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  208.239285][ T6821]  ? rcu_is_watching+0x12/0xc0
[  208.239317][ T6821]  ? __pfx_kthread+0x10/0x10
[  208.239343][ T6821]  ret_from_fork+0x48/0x80
[  208.239370][ T6821]  ? __pfx_kthread+0x10/0x10
[  208.239394][ T6821]  ret_from_fork_asm+0x1a/0x30
[  208.239444][ T6821]  </TASK>
[  208.239454][ T6821] 
[  208.517800][ T6821] Allocated by task 7056:
[  208.522127][ T6821]  kasan_save_stack+0x33/0x60
[  208.526823][ T6821]  kasan_save_track+0x14/0x30
[  208.531519][ T6821]  __kasan_kmalloc+0xaa/0xb0
[  208.536133][ T6821]  kmem_cache_free+0x148/0x4d0
[  208.540918][ T6821]  vms_complete_munmap_vmas+0x573/0x970
[  208.546479][ T6821]  __mmap_region+0xb81/0x27c0
[  208.551174][ T6821]  mmap_region+0x1ab/0x3f0
[  208.555609][ T6821]  do_mmap+0xd8e/0x11b0
[  208.559769][ T6821]  vm_mmap_pgoff+0x281/0x450
[  208.564363][ T6821]  ksys_mmap_pgoff+0x32c/0x5c0
[  208.569130][ T6821]  __x64_sys_mmap+0x125/0x190
[  208.573812][ T6821]  do_syscall_64+0xcd/0x260
[  208.578333][ T6821]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  208.584230][ T6821] 
[  208.586547][ T6821] Freed by task 23:
[  208.590349][ T6821]  kasan_save_stack+0x33/0x60
[  208.595042][ T6821]  kasan_save_track+0x14/0x30
[  208.599739][ T6821]  kasan_save_free_info+0x3b/0x60
[  208.604770][ T6821]  __kasan_slab_free+0x51/0x70
[  208.609551][ T6821]  kfree+0x2b6/0x4d0
[  208.613454][ T6821]  slab_free_after_rcu_debug+0x69/0x350
[  208.619014][ T6821]  rcu_core+0x79c/0x14e0
[  208.623267][ T6821]  handle_softirqs+0x219/0x8e0
[  208.628064][ T6821]  run_ksoftirqd+0x3a/0x60
[  208.632490][ T6821]  smpboot_thread_fn+0x3f7/0xae0
[  208.637439][ T6821]  kthread+0x3c5/0x780
[  208.641507][ T6821]  ret_from_fork+0x48/0x80
[  208.645922][ T6821]  ret_from_fork_asm+0x1a/0x30
[  208.650699][ T6821] 
[  208.653015][ T6821] Last potentially related work creation:
[  208.658721][ T6821]  kasan_save_stack+0x33/0x60
[  208.663414][ T6821]  kasan_record_aux_stack+0xb8/0xd0
[  208.668617][ T6821]  __call_rcu_common.constprop.0+0x9a/0x9f0
[  208.674532][ T6821]  kmem_cache_free+0x173/0x4d0
[  208.679309][ T6821]  vms_complete_munmap_vmas+0x573/0x970
[  208.684869][ T6821]  __mmap_region+0xb81/0x27c0
[  208.689588][ T6821]  mmap_region+0x1ab/0x3f0
[  208.694015][ T6821]  do_mmap+0xd8e/0x11b0
[  208.698169][ T6821]  vm_mmap_pgoff+0x281/0x450
[  208.702759][ T6821]  ksys_mmap_pgoff+0x32c/0x5c0
[  208.707530][ T6821]  __x64_sys_mmap+0x125/0x190
[  208.712210][ T6821]  do_syscall_64+0xcd/0x260
[  208.716728][ T6821]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  208.722622][ T6821] 
[  208.724933][ T6821] The buggy address belongs to the object at ffff88804f260240
[  208.724933][ T6821]  which belongs to the cache kmalloc-32 of size 32
[  208.738814][ T6821] The buggy address is located 8 bytes to the right of
[  208.738814][ T6821]  allocated 32-byte region [ffff88804f260240, ffff88804f260260)
[  208.753231][ T6821] 
[  208.755547][ T6821] The buggy address belongs to the physical page:
[  208.761947][ T6821] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x4f260
[  208.770706][ T6821] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  208.777811][ T6821] page_type: f5(slab)
[  208.781793][ T6821] raw: 00fff00000000000 ffff88801b441780 dead000000000122 0000000000000000
[  208.790379][ T6821] raw: 0000000000000000 0000000000400040 00000000f5000000 0000000000000000
[  208.798958][ T6821] page dumped because: kasan: bad access detected
[  208.805361][ T6821] page_owner tracks the page as allocated
[  208.811063][ T6821] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x52800(GFP_NOWAIT|__GFP_NORETRY|__GFP_COMP), pid 7030, tgid 7029 (syz.3.264), ts 203785479480, free_ts 203783675340
[  208.829138][ T6821]  post_alloc_hook+0x181/0x1b0
[  208.833914][ T6821]  get_page_from_freelist+0x135c/0x3920
[  208.839474][ T6821]  __alloc_frozen_pages_noprof+0x263/0x23a0
[  208.845387][ T6821]  alloc_pages_mpol+0x1fb/0x550
[  208.850255][ T6821]  new_slab+0x244/0x340
[  208.854418][ T6821]  ___slab_alloc+0xd9c/0x1940
[  208.859111][ T6821]  __slab_alloc.constprop.0+0x56/0xb0
[  208.864494][ T6821]  __kmalloc_cache_noprof+0xfb/0x3e0
[  208.869788][ T6821]  kmem_cache_free+0x148/0x4d0
[  208.874584][ T6821]  exit_mmap+0x511/0xb90
[  208.878828][ T6821]  __mmput+0x12a/0x410
[  208.882905][ T6821]  mmput+0x62/0x70
[  208.886630][ T6821]  do_exit+0x9d1/0x2c30
[  208.890799][ T6821]  do_group_exit+0xd3/0x2a0
[  208.895314][ T6821]  get_signal+0x2673/0x26d0
[  208.899823][ T6821]  arch_do_signal_or_restart+0x8f/0x7d0
[  208.905382][ T6821] page last free pid 7030 tgid 7029 stack trace:
[  208.911702][ T6821]  __free_frozen_pages+0x69d/0xff0
[  208.916826][ T6821]  tlb_finish_mmu+0x237/0x7b0
[  208.921512][ T6821]  exit_mmap+0x403/0xb90
[  208.925767][ T6821]  __mmput+0x12a/0x410
[  208.929845][ T6821]  mmput+0x62/0x70
[  208.933571][ T6821]  do_exit+0x9d1/0x2c30
[  208.937740][ T6821]  do_group_exit+0xd3/0x2a0
[  208.942257][ T6821]  get_signal+0x2673/0x26d0
[  208.946765][ T6821]  arch_do_signal_or_restart+0x8f/0x7d0
[  208.952327][ T6821]  syscall_exit_to_user_mode+0x150/0x2a0
[  208.957971][ T6821]  do_syscall_64+0xda/0x260
[  208.962485][ T6821]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  208.968383][ T6821] 
[  208.970697][ T6821] Memory state around the buggy address:
[  208.976323][ T6821]  ffff88804f260100: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc
[  208.984381][ T6821]  ffff88804f260180: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc
[  208.992443][ T6821] >ffff88804f260200: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc
[  209.000496][ T6821]                                                           ^
[  209.007942][ T6821]  ffff88804f260280: 00 00 00 00 fc fc fc fc fa fb fb fb fc fc fc fc
[  209.016000][ T6821]  ffff88804f260300: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc
[  209.024053][ T6821] ==================================================================
[  209.083119][ T7085] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  209.109457][ T6821] ==================================================================
[  209.112744][ T7085] EXT4-fs (loop0): 1 truncate cleaned up
[  209.117561][ T6821] BUG: KASAN: slab-out-of-bounds in iov_iter_advance+0x652/0x6c0
[  209.129571][ T5835] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  209.130866][ T6821] Read of size 4 at addr ffff88804f260278 by task kworker/u8:10/6821
[  209.141663][ T7085] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  209.147834][ T6821] 
[  209.147858][ T6821] CPU: 0 UID: 0 PID: 6821 Comm: kworker/u8:10 Tainted: G    B               6.15.0-rc5-syzkaller #0 PREEMPT(full) 
[  209.147913][ T6821] Tainted: [B]=BAD_PAGE
[  209.147926][ T6821] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[  209.147952][ T6821] Workqueue: events_unbound netfs_write_collection_worker
[  209.148020][ T6821] Call Trace:
[  209.148032][ T6821]  <TASK>
[  209.148045][ T6821]  dump_stack_lvl+0x116/0x1f0
[  209.148098][ T6821]  print_report+0xc3/0x670
[  209.148152][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  209.148197][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  209.148241][ T6821]  ? __phys_addr+0xc6/0x150
[  209.148293][ T6821]  ? iov_iter_advance+0x652/0x6c0
[  209.148345][ T6821]  kasan_report+0xe0/0x110
[  209.148401][ T6821]  ? iov_iter_advance+0x652/0x6c0
[  209.148458][ T6821]  iov_iter_advance+0x652/0x6c0
[  209.148514][ T6821]  netfs_reissue_write+0x13d/0x240
[  209.148551][ T6821]  netfs_retry_writes+0x168a/0x1a50
[  209.148592][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  209.148641][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  209.148685][ T6821]  ? __lock_acquire+0xaa4/0x1ba0
[  209.148750][ T6821]  ? __pfx_netfs_retry_writes+0x10/0x10
[  209.148787][ T6821]  ? __pfx_netdev_run_todo+0x10/0x10
[  209.148831][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  209.148878][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  209.148923][ T6821]  ? register_lock_class+0x41/0x4c0
[  209.148979][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  209.149023][ T6821]  ? do_raw_spin_lock+0x12c/0x2b0
[  209.149061][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  209.149109][ T6821]  netfs_write_collection_worker+0x23fd/0x3830
[  209.149194][ T6821]  process_one_work+0x9cf/0x1b70
[  209.149240][ T6821]  ? __pfx_addrconf_dad_work+0x10/0x10
[  209.149286][ T6821]  ? __pfx_process_one_work+0x10/0x10
[  209.149325][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  209.149374][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  209.149418][ T6821]  ? assign_work+0x1a0/0x250
[  209.149454][ T6821]  worker_thread+0x6c8/0xf10
[  209.149496][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  209.149541][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  209.149585][ T6821]  ? __kthread_parkme+0x19e/0x250
[  209.149636][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  209.149681][ T6821]  ? __pfx_worker_thread+0x10/0x10
[  209.149724][ T6821]  kthread+0x3c5/0x780
[  209.149756][ T6821]  ? __pfx_kthread+0x10/0x10
[  209.149788][ T6821]  ? __pfx_kthread+0x10/0x10
[  209.149819][ T6821]  ? __pfx_kthread+0x10/0x10
[  209.149851][ T6821]  ? __pfx_kthread+0x10/0x10
[  209.149883][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  209.149927][ T6821]  ? rcu_is_watching+0x12/0xc0
[  209.149969][ T6821]  ? __pfx_kthread+0x10/0x10
[  209.150003][ T6821]  ret_from_fork+0x48/0x80
[  209.150037][ T6821]  ? __pfx_kthread+0x10/0x10
[  209.150071][ T6821]  ret_from_fork_asm+0x1a/0x30
[  209.150135][ T6821]  </TASK>
[  209.150148][ T6821] 
[  209.441246][ T6821] Allocated by task 7056:
[  209.445576][ T6821]  kasan_save_stack+0x33/0x60
[  209.450286][ T6821]  kasan_save_track+0x14/0x30
[  209.454991][ T6821]  __kasan_kmalloc+0xaa/0xb0
[  209.459607][ T6821]  kmem_cache_free+0x148/0x4d0
[  209.464398][ T6821]  vms_complete_munmap_vmas+0x573/0x970
[  209.469976][ T6821]  __mmap_region+0xb81/0x27c0
[  209.474685][ T6821]  mmap_region+0x1ab/0x3f0
[  209.479140][ T6821]  do_mmap+0xd8e/0x11b0
[  209.483314][ T6821]  vm_mmap_pgoff+0x281/0x450
[  209.487918][ T6821]  ksys_mmap_pgoff+0x32c/0x5c0
[  209.492701][ T6821]  __x64_sys_mmap+0x125/0x190
[  209.497397][ T6821]  do_syscall_64+0xcd/0x260
[  209.501934][ T6821]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  209.507843][ T6821] 
[  209.510169][ T6821] Freed by task 23:
[  209.513975][ T6821]  kasan_save_stack+0x33/0x60
[  209.518680][ T6821]  kasan_save_track+0x14/0x30
[  209.523391][ T6821]  kasan_save_free_info+0x3b/0x60
[  209.528431][ T6821]  __kasan_slab_free+0x51/0x70
[  209.533227][ T6821]  kfree+0x2b6/0x4d0
[  209.537142][ T6821]  slab_free_after_rcu_debug+0x69/0x350
[  209.542715][ T6821]  rcu_core+0x79c/0x14e0
[  209.546973][ T6821]  handle_softirqs+0x219/0x8e0
[  209.551760][ T6821]  run_ksoftirqd+0x3a/0x60
[  209.556197][ T6821]  smpboot_thread_fn+0x3f7/0xae0
[  209.561162][ T6821]  kthread+0x3c5/0x780
[  209.565240][ T6821]  ret_from_fork+0x48/0x80
[  209.569669][ T6821]  ret_from_fork_asm+0x1a/0x30
[  209.574467][ T6821] 
[  209.576791][ T6821] Last potentially related work creation:
[  209.582503][ T6821]  kasan_save_stack+0x33/0x60
[  209.587208][ T6821]  kasan_record_aux_stack+0xb8/0xd0
[  209.592425][ T6821]  __call_rcu_common.constprop.0+0x9a/0x9f0
[  209.598359][ T6821]  kmem_cache_free+0x173/0x4d0
[  209.603150][ T6821]  vms_complete_munmap_vmas+0x573/0x970
[  209.608728][ T6821]  __mmap_region+0xb81/0x27c0
[  209.613435][ T6821]  mmap_region+0x1ab/0x3f0
[  209.617883][ T6821]  do_mmap+0xd8e/0x11b0
[  209.622056][ T6821]  vm_mmap_pgoff+0x281/0x450
[  209.626660][ T6821]  ksys_mmap_pgoff+0x32c/0x5c0
[  209.631443][ T6821]  __x64_sys_mmap+0x125/0x190
[  209.636136][ T6821]  do_syscall_64+0xcd/0x260
[  209.640670][ T6821]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  209.646580][ T6821] 
[  209.648902][ T6821] The buggy address belongs to the object at ffff88804f260240
[  209.648902][ T6821]  which belongs to the cache kmalloc-32 of size 32
[  209.662793][ T6821] The buggy address is located 24 bytes to the right of
[  209.662793][ T6821]  allocated 32-byte region [ffff88804f260240, ffff88804f260260)
[  209.677302][ T6821] 
[  209.679627][ T6821] The buggy address belongs to the physical page:
[  209.686040][ T6821] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x4f260
[  209.694813][ T6821] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  209.701932][ T6821] page_type: f5(slab)
[  209.705923][ T6821] raw: 00fff00000000000 ffff88801b441780 dead000000000122 0000000000000000
[  209.714522][ T6821] raw: 0000000000000000 0000000000400040 00000000f5000000 0000000000000000
[  209.723110][ T6821] page dumped because: kasan: bad access detected
[  209.729525][ T6821] page_owner tracks the page as allocated
[  209.735236][ T6821] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x52800(GFP_NOWAIT|__GFP_NORETRY|__GFP_COMP), pid 7030, tgid 7029 (syz.3.264), ts 203785479480, free_ts 203783675340
[  209.753329][ T6821]  post_alloc_hook+0x181/0x1b0
[  209.758124][ T6821]  get_page_from_freelist+0x135c/0x3920
[  209.763703][ T6821]  __alloc_frozen_pages_noprof+0x263/0x23a0
[  209.769631][ T6821]  alloc_pages_mpol+0x1fb/0x550
[  209.774516][ T6821]  new_slab+0x244/0x340
[  209.778692][ T6821]  ___slab_alloc+0xd9c/0x1940
[  209.783399][ T6821]  __slab_alloc.constprop.0+0x56/0xb0
[  209.788811][ T6821]  __kmalloc_cache_noprof+0xfb/0x3e0
[  209.794127][ T6821]  kmem_cache_free+0x148/0x4d0
[  209.798921][ T6821]  exit_mmap+0x511/0xb90
[  209.803185][ T6821]  __mmput+0x12a/0x410
[  209.807275][ T6821]  mmput+0x62/0x70
[  209.811017][ T6821]  do_exit+0x9d1/0x2c30
[  209.815204][ T6821]  do_group_exit+0xd3/0x2a0
[  209.819744][ T6821]  get_signal+0x2673/0x26d0
[  209.824270][ T6821]  arch_do_signal_or_restart+0x8f/0x7d0
[  209.829846][ T6821] page last free pid 7030 tgid 7029 stack trace:
[  209.836173][ T6821]  __free_frozen_pages+0x69d/0xff0
[  209.841308][ T6821]  tlb_finish_mmu+0x237/0x7b0
[  209.846010][ T6821]  exit_mmap+0x403/0xb90
[  209.850275][ T6821]  __mmput+0x12a/0x410
[  209.854368][ T6821]  mmput+0x62/0x70
[  209.858110][ T6821]  do_exit+0x9d1/0x2c30
[  209.862295][ T6821]  do_group_exit+0xd3/0x2a0
[  209.866830][ T6821]  get_signal+0x2673/0x26d0
[  209.871357][ T6821]  arch_do_signal_or_restart+0x8f/0x7d0
[  209.876932][ T6821]  syscall_exit_to_user_mode+0x150/0x2a0
[  209.882594][ T6821]  do_syscall_64+0xda/0x260
[  209.887132][ T6821]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  209.893046][ T6821] 
[  209.895367][ T6821] Memory state around the buggy address:
[  209.901001][ T6821]  ffff88804f260100: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc
[  209.909071][ T6821]  ffff88804f260180: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc
[  209.917142][ T6821] >ffff88804f260200: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc
[  209.925213][ T6821]                                                                 ^
[  209.933195][ T6821]  ffff88804f260280: 00 00 00 00 fc fc fc fc fa fb fb fb fc fc fc fc
[  209.941267][ T6821]  ffff88804f260300: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc
[  209.949337][ T6821] ==================================================================
[  209.971946][ T6821] ==================================================================
[  209.980084][ T6821] BUG: KASAN: slab-out-of-bounds in _copy_from_iter+0x132f/0x15b0
[  209.987956][ T6821] Read of size 4 at addr ffff88804f26026c by task kworker/u8:10/6821
[  209.996048][ T6821] 
[  209.998399][ T6821] CPU: 1 UID: 0 PID: 6821 Comm: kworker/u8:10 Tainted: G    B               6.15.0-rc5-syzkaller #0 PREEMPT(full) 
[  209.998456][ T6821] Tainted: [B]=BAD_PAGE
[  209.998480][ T6821] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[  209.998505][ T6821] Workqueue: events_unbound netfs_write_collection_worker
[  209.998577][ T6821] Call Trace:
[  209.998588][ T6821]  <TASK>
[  209.998601][ T6821]  dump_stack_lvl+0x116/0x1f0
[  209.998655][ T6821]  print_report+0xc3/0x670
[  209.998711][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  209.998756][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  209.998801][ T6821]  ? __phys_addr+0xc6/0x150
[  209.998856][ T6821]  ? _copy_from_iter+0x132f/0x15b0
[  209.998911][ T6821]  kasan_report+0xe0/0x110
[  209.998969][ T6821]  ? _copy_from_iter+0x132f/0x15b0
[  209.999030][ T6821]  _copy_from_iter+0x132f/0x15b0
[  209.999087][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  209.999132][ T6821]  ? p9pdu_writef+0xc3/0x100
[  209.999169][ T6821]  ? __pfx__copy_from_iter+0x10/0x10
[  209.999227][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  209.999272][ T6821]  ? lock_acquire+0x2cd/0x350
[  209.999331][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  209.999377][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  209.999423][ T6821]  ? __asan_memcpy+0x3c/0x60
[  209.999481][ T6821]  p9pdu_vwritef+0x2da/0x1d30
[  209.999523][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  209.999569][ T6821]  ? p9pdu_writef+0xc3/0x100
[  209.999603][ T6821]  ? __pfx_p9pdu_vwritef+0x10/0x10
[  209.999640][ T6821]  ? __pfx_p9_tag_alloc+0x10/0x10
[  209.999695][ T6821]  ? rcu_is_watching+0x12/0xc0
[  209.999739][ T6821]  ? rcu_is_watching+0x12/0xc0
[  209.999782][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  209.999832][ T6821]  p9_client_prepare_req+0x247/0x4d0
[  209.999890][ T6821]  ? __pfx_p9_client_prepare_req+0x10/0x10
[  209.999946][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  209.999994][ T6821]  ? trace_sched_exit_tp+0xde/0x130
[  210.000049][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  210.000095][ T6821]  ? __schedule+0x1186/0x5de0
[  210.000141][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  210.000190][ T6821]  p9_client_rpc+0x1c4/0xc50
[  210.000247][ T6821]  ? __pfx_p9_client_rpc+0x10/0x10
[  210.000304][ T6821]  ? __pfx___schedule+0x10/0x10
[  210.000351][ T6821]  ? __pfx_vprintk_emit+0x10/0x10
[  210.000398][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  210.000444][ T6821]  ? rcu_is_watching+0x12/0xc0
[  210.000494][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  210.000542][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  210.000592][ T6821]  p9_client_write+0x245/0x6f0
[  210.000664][ T6821]  ? __pfx_p9_client_write+0x10/0x10
[  210.000734][ T6821]  v9fs_issue_write+0xe3/0x1b0
[  210.000787][ T6821]  ? __pfx_v9fs_issue_write+0x10/0x10
[  210.000841][ T6821]  ? iov_iter_advance+0x380/0x6c0
[  210.000893][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  210.000935][ T6821]  ? rcu_is_watching+0x12/0xc0
[  210.000978][ T6821]  netfs_do_issue_write+0x95/0x110
[  210.001014][ T6821]  netfs_retry_writes+0x168a/0x1a50
[  210.001052][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  210.001100][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  210.001144][ T6821]  ? __lock_acquire+0xaa4/0x1ba0
[  210.001203][ T6821]  ? __pfx_netfs_retry_writes+0x10/0x10
[  210.001240][ T6821]  ? __pfx_netdev_run_todo+0x10/0x10
[  210.001281][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  210.001326][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  210.001371][ T6821]  ? register_lock_class+0x41/0x4c0
[  210.001429][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  210.001481][ T6821]  ? do_raw_spin_lock+0x12c/0x2b0
[  210.001517][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  210.001568][ T6821]  netfs_write_collection_worker+0x23fd/0x3830
[  210.001656][ T6821]  process_one_work+0x9cf/0x1b70
[  210.001704][ T6821]  ? __pfx_addrconf_dad_work+0x10/0x10
[  210.001752][ T6821]  ? __pfx_process_one_work+0x10/0x10
[  210.001793][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  210.001845][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  210.001889][ T6821]  ? assign_work+0x1a0/0x250
[  210.001926][ T6821]  worker_thread+0x6c8/0xf10
[  210.001970][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  210.002016][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  210.002062][ T6821]  ? __kthread_parkme+0x19e/0x250
[  210.002115][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  210.002162][ T6821]  ? __pfx_worker_thread+0x10/0x10
[  210.002201][ T6821]  kthread+0x3c5/0x780
[  210.002235][ T6821]  ? __pfx_kthread+0x10/0x10
[  210.002268][ T6821]  ? __pfx_kthread+0x10/0x10
[  210.002300][ T6821]  ? __pfx_kthread+0x10/0x10
[  210.002333][ T6821]  ? __pfx_kthread+0x10/0x10
[  210.002366][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  210.002411][ T6821]  ? rcu_is_watching+0x12/0xc0
[  210.002455][ T6821]  ? __pfx_kthread+0x10/0x10
[  210.002497][ T6821]  ret_from_fork+0x48/0x80
[  210.002532][ T6821]  ? __pfx_kthread+0x10/0x10
[  210.002565][ T6821]  ret_from_fork_asm+0x1a/0x30
[  210.002632][ T6821]  </TASK>
[  210.002646][ T6821] 
[  210.476921][ T6821] Allocated by task 7056:
[  210.481241][ T6821]  kasan_save_stack+0x33/0x60
[  210.485932][ T6821]  kasan_save_track+0x14/0x30
[  210.490620][ T6821]  __kasan_kmalloc+0xaa/0xb0
[  210.495219][ T6821]  kmem_cache_free+0x148/0x4d0
[  210.500009][ T6821]  vms_complete_munmap_vmas+0x573/0x970
[  210.505605][ T6821]  __mmap_region+0xb81/0x27c0
[  210.510308][ T6821]  mmap_region+0x1ab/0x3f0
[  210.514747][ T6821]  do_mmap+0xd8e/0x11b0
[  210.518922][ T6821]  vm_mmap_pgoff+0x281/0x450
[  210.523535][ T6821]  ksys_mmap_pgoff+0x32c/0x5c0
[  210.528300][ T6821]  __x64_sys_mmap+0x125/0x190
[  210.532979][ T6821]  do_syscall_64+0xcd/0x260
[  210.537512][ T6821]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  210.543408][ T6821] 
[  210.545721][ T6821] Freed by task 23:
[  210.549522][ T6821]  kasan_save_stack+0x33/0x60
[  210.554219][ T6821]  kasan_save_track+0x14/0x30
[  210.558912][ T6821]  kasan_save_free_info+0x3b/0x60
[  210.563951][ T6821]  __kasan_slab_free+0x51/0x70
[  210.568725][ T6821]  kfree+0x2b6/0x4d0
[  210.572630][ T6821]  slab_free_after_rcu_debug+0x69/0x350
[  210.578188][ T6821]  rcu_core+0x79c/0x14e0
[  210.582431][ T6821]  handle_softirqs+0x219/0x8e0
[  210.587204][ T6821]  run_ksoftirqd+0x3a/0x60
[  210.591628][ T6821]  smpboot_thread_fn+0x3f7/0xae0
[  210.596578][ T6821]  kthread+0x3c5/0x780
[  210.600643][ T6821]  ret_from_fork+0x48/0x80
[  210.605061][ T6821]  ret_from_fork_asm+0x1a/0x30
[  210.609842][ T6821] 
[  210.612157][ T6821] Last potentially related work creation:
[  210.617856][ T6821]  kasan_save_stack+0x33/0x60
[  210.622548][ T6821]  kasan_record_aux_stack+0xb8/0xd0
[  210.627751][ T6821]  __call_rcu_common.constprop.0+0x9a/0x9f0
[  210.633673][ T6821]  kmem_cache_free+0x173/0x4d0
[  210.638447][ T6821]  vms_complete_munmap_vmas+0x573/0x970
[  210.644011][ T6821]  __mmap_region+0xb81/0x27c0
[  210.648699][ T6821]  mmap_region+0x1ab/0x3f0
[  210.653130][ T6821]  do_mmap+0xd8e/0x11b0
[  210.657289][ T6821]  vm_mmap_pgoff+0x281/0x450
[  210.661881][ T6821]  ksys_mmap_pgoff+0x32c/0x5c0
[  210.666648][ T6821]  __x64_sys_mmap+0x125/0x190
[  210.671331][ T6821]  do_syscall_64+0xcd/0x260
[  210.675851][ T6821]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  210.681761][ T6821] 
[  210.684074][ T6821] The buggy address belongs to the object at ffff88804f260240
[  210.684074][ T6821]  which belongs to the cache kmalloc-32 of size 32
[  210.697955][ T6821] The buggy address is located 12 bytes to the right of
[  210.697955][ T6821]  allocated 32-byte region [ffff88804f260240, ffff88804f260260)
[  210.712452][ T6821] 
[  210.714768][ T6821] The buggy address belongs to the physical page:
[  210.721167][ T6821] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x4f260
[  210.729929][ T6821] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  210.737058][ T6821] page_type: f5(slab)
[  210.741044][ T6821] raw: 00fff00000000000 ffff88801b441780 dead000000000122 0000000000000000
[  210.749632][ T6821] raw: 0000000000000000 0000000000400040 00000000f5000000 0000000000000000
[  210.758224][ T6821] page dumped because: kasan: bad access detected
[  210.764631][ T6821] page_owner tracks the page as allocated
[  210.770342][ T6821] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x52800(GFP_NOWAIT|__GFP_NORETRY|__GFP_COMP), pid 7030, tgid 7029 (syz.3.264), ts 203785479480, free_ts 203783675340
[  210.788422][ T6821]  post_alloc_hook+0x181/0x1b0
[  210.793254][ T6821]  get_page_from_freelist+0x135c/0x3920
[  210.798821][ T6821]  __alloc_frozen_pages_noprof+0x263/0x23a0
[  210.804742][ T6821]  alloc_pages_mpol+0x1fb/0x550
[  210.809615][ T6821]  new_slab+0x244/0x340
[  210.813779][ T6821]  ___slab_alloc+0xd9c/0x1940
[  210.818460][ T6821]  __slab_alloc.constprop.0+0x56/0xb0
[  210.823846][ T6821]  __kmalloc_cache_noprof+0xfb/0x3e0
[  210.829148][ T6821]  kmem_cache_free+0x148/0x4d0
[  210.833928][ T6821]  exit_mmap+0x511/0xb90
[  210.838175][ T6821]  __mmput+0x12a/0x410
[  210.842254][ T6821]  mmput+0x62/0x70
[  210.845983][ T6821]  do_exit+0x9d1/0x2c30
[  210.850150][ T6821]  do_group_exit+0xd3/0x2a0
[  210.854669][ T6821]  get_signal+0x2673/0x26d0
[  210.859180][ T6821]  arch_do_signal_or_restart+0x8f/0x7d0
[  210.864740][ T6821] page last free pid 7030 tgid 7029 stack trace:
[  210.871060][ T6821]  __free_frozen_pages+0x69d/0xff0
[  210.876185][ T6821]  tlb_finish_mmu+0x237/0x7b0
[  210.880872][ T6821]  exit_mmap+0x403/0xb90
[  210.885145][ T6821]  __mmput+0x12a/0x410
[  210.889224][ T6821]  mmput+0x62/0x70
[  210.892951][ T6821]  do_exit+0x9d1/0x2c30
[  210.897116][ T6821]  do_group_exit+0xd3/0x2a0
[  210.901633][ T6821]  get_signal+0x2673/0x26d0
[  210.906159][ T6821]  arch_do_signal_or_restart+0x8f/0x7d0
[  210.911723][ T6821]  syscall_exit_to_user_mode+0x150/0x2a0
[  210.917370][ T6821]  do_syscall_64+0xda/0x260
[  210.921891][ T6821]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  210.927872][ T6821] 
[  210.930185][ T6821] Memory state around the buggy address:
[  210.935806][ T6821]  ffff88804f260100: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc
[  210.943863][ T6821]  ffff88804f260180: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc
[  210.951923][ T6821] >ffff88804f260200: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc
[  210.959995][ T6821]                                                           ^
[  210.967440][ T6821]  ffff88804f260280: 00 00 00 00 fc fc fc fc fa fb fb fb fc fc fc fc
[  210.975504][ T6821]  ffff88804f260300: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc
[  210.983561][ T6821] ==================================================================
[  210.996756][ T6821] ==================================================================
[  211.004856][ T6821] BUG: KASAN: slab-out-of-bounds in _copy_from_iter+0x1447/0x15b0
[  211.012725][ T6821] Read of size 8 at addr ffff88804f260260 by task kworker/u8:10/6821
[  211.020808][ T6821] 
[  211.023143][ T6821] CPU: 1 UID: 0 PID: 6821 Comm: kworker/u8:10 Tainted: G    B               6.15.0-rc5-syzkaller #0 PREEMPT(full) 
[  211.023195][ T6821] Tainted: [B]=BAD_PAGE
[  211.023206][ T6821] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[  211.023230][ T6821] Workqueue: events_unbound netfs_write_collection_worker
[  211.023295][ T6821] Call Trace:
[  211.023305][ T6821]  <TASK>
[  211.023318][ T6821]  dump_stack_lvl+0x116/0x1f0
[  211.023368][ T6821]  print_report+0xc3/0x670
[  211.023419][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  211.023461][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  211.023506][ T6821]  ? __phys_addr+0xc6/0x150
[  211.023556][ T6821]  ? _copy_from_iter+0x1447/0x15b0
[  211.023606][ T6821]  kasan_report+0xe0/0x110
[  211.023658][ T6821]  ? _copy_from_iter+0x1447/0x15b0
[  211.023714][ T6821]  _copy_from_iter+0x1447/0x15b0
[  211.023766][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  211.023807][ T6821]  ? p9pdu_writef+0xc3/0x100
[  211.023840][ T6821]  ? __pfx__copy_from_iter+0x10/0x10
[  211.023893][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  211.023934][ T6821]  ? lock_acquire+0x2cd/0x350
[  211.023986][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  211.024028][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  211.024070][ T6821]  ? __asan_memcpy+0x3c/0x60
[  211.024114][ T6821]  p9pdu_vwritef+0x2da/0x1d30
[  211.024151][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  211.024193][ T6821]  ? p9pdu_writef+0xc3/0x100
[  211.024224][ T6821]  ? __pfx_p9pdu_vwritef+0x10/0x10
[  211.024257][ T6821]  ? __pfx_p9_tag_alloc+0x10/0x10
[  211.024308][ T6821]  ? rcu_is_watching+0x12/0xc0
[  211.024349][ T6821]  ? rcu_is_watching+0x12/0xc0
[  211.024388][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  211.024433][ T6821]  p9_client_prepare_req+0x247/0x4d0
[  211.024490][ T6821]  ? __pfx_p9_client_prepare_req+0x10/0x10
[  211.024540][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  211.024583][ T6821]  ? trace_sched_exit_tp+0xde/0x130
[  211.024634][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  211.024675][ T6821]  ? __schedule+0x1186/0x5de0
[  211.024717][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  211.024763][ T6821]  p9_client_rpc+0x1c4/0xc50
[  211.024815][ T6821]  ? __pfx_p9_client_rpc+0x10/0x10
[  211.024867][ T6821]  ? __pfx___schedule+0x10/0x10
[  211.024910][ T6821]  ? __pfx_vprintk_emit+0x10/0x10
[  211.024953][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  211.024995][ T6821]  ? rcu_is_watching+0x12/0xc0
[  211.025033][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  211.025076][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  211.025122][ T6821]  p9_client_write+0x245/0x6f0
[  211.025185][ T6821]  ? __pfx_p9_client_write+0x10/0x10
[  211.025247][ T6821]  v9fs_issue_write+0xe3/0x1b0
[  211.025296][ T6821]  ? __pfx_v9fs_issue_write+0x10/0x10
[  211.025344][ T6821]  ? iov_iter_advance+0x380/0x6c0
[  211.025393][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  211.025435][ T6821]  ? rcu_is_watching+0x12/0xc0
[  211.025479][ T6821]  netfs_do_issue_write+0x95/0x110
[  211.025514][ T6821]  netfs_retry_writes+0x168a/0x1a50
[  211.025552][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  211.025597][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  211.025638][ T6821]  ? __lock_acquire+0xaa4/0x1ba0
[  211.025693][ T6821]  ? __pfx_netfs_retry_writes+0x10/0x10
[  211.025729][ T6821]  ? __pfx_netdev_run_todo+0x10/0x10
[  211.025770][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  211.025813][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  211.025855][ T6821]  ? register_lock_class+0x41/0x4c0
[  211.025909][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  211.025950][ T6821]  ? do_raw_spin_lock+0x12c/0x2b0
[  211.025985][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  211.026030][ T6821]  netfs_write_collection_worker+0x23fd/0x3830
[  211.026110][ T6821]  process_one_work+0x9cf/0x1b70
[  211.026153][ T6821]  ? __pfx_addrconf_dad_work+0x10/0x10
[  211.026195][ T6821]  ? __pfx_process_one_work+0x10/0x10
[  211.026232][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  211.026279][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  211.026320][ T6821]  ? assign_work+0x1a0/0x250
[  211.026354][ T6821]  worker_thread+0x6c8/0xf10
[  211.026394][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  211.026436][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  211.026481][ T6821]  ? __kthread_parkme+0x19e/0x250
[  211.026530][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  211.026573][ T6821]  ? __pfx_worker_thread+0x10/0x10
[  211.026609][ T6821]  kthread+0x3c5/0x780
[  211.026639][ T6821]  ? __pfx_kthread+0x10/0x10
[  211.026669][ T6821]  ? __pfx_kthread+0x10/0x10
[  211.026698][ T6821]  ? __pfx_kthread+0x10/0x10
[  211.026728][ T6821]  ? __pfx_kthread+0x10/0x10
[  211.026757][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  211.026798][ T6821]  ? rcu_is_watching+0x12/0xc0
[  211.026837][ T6821]  ? __pfx_kthread+0x10/0x10
[  211.026869][ T6821]  ret_from_fork+0x48/0x80
[  211.026901][ T6821]  ? __pfx_kthread+0x10/0x10
[  211.026931][ T6821]  ret_from_fork_asm+0x1a/0x30
[  211.026993][ T6821]  </TASK>
[  211.027005][ T6821] 
[  211.501571][ T6821] Allocated by task 7056:
[  211.505899][ T6821]  kasan_save_stack+0x33/0x60
[  211.510606][ T6821]  kasan_save_track+0x14/0x30
[  211.515307][ T6821]  __kasan_kmalloc+0xaa/0xb0
[  211.519921][ T6821]  kmem_cache_free+0x148/0x4d0
[  211.524710][ T6821]  vms_complete_munmap_vmas+0x573/0x970
[  211.530289][ T6821]  __mmap_region+0xb81/0x27c0
[  211.534992][ T6821]  mmap_region+0x1ab/0x3f0
[  211.539437][ T6821]  do_mmap+0xd8e/0x11b0
[  211.543614][ T6821]  vm_mmap_pgoff+0x281/0x450
[  211.548216][ T6821]  ksys_mmap_pgoff+0x32c/0x5c0
[  211.552997][ T6821]  __x64_sys_mmap+0x125/0x190
[  211.557690][ T6821]  do_syscall_64+0xcd/0x260
[  211.562223][ T6821]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  211.568129][ T6821] 
[  211.570449][ T6821] Freed by task 23:
[  211.574257][ T6821]  kasan_save_stack+0x33/0x60
[  211.578959][ T6821]  kasan_save_track+0x14/0x30
[  211.583659][ T6821]  kasan_save_free_info+0x3b/0x60
[  211.588698][ T6821]  __kasan_slab_free+0x51/0x70
[  211.593493][ T6821]  kfree+0x2b6/0x4d0
[  211.597405][ T6821]  slab_free_after_rcu_debug+0x69/0x350
[  211.602980][ T6821]  rcu_core+0x79c/0x14e0
[  211.607233][ T6821]  handle_softirqs+0x219/0x8e0
[  211.612017][ T6821]  run_ksoftirqd+0x3a/0x60
[  211.616451][ T6821]  smpboot_thread_fn+0x3f7/0xae0
[  211.621419][ T6821]  kthread+0x3c5/0x780
[  211.625498][ T6821]  ret_from_fork+0x48/0x80
[  211.629931][ T6821]  ret_from_fork_asm+0x1a/0x30
[  211.634725][ T6821] 
[  211.637047][ T6821] Last potentially related work creation:
[  211.642756][ T6821]  kasan_save_stack+0x33/0x60
[  211.647456][ T6821]  kasan_record_aux_stack+0xb8/0xd0
[  211.652675][ T6821]  __call_rcu_common.constprop.0+0x9a/0x9f0
[  211.658605][ T6821]  kmem_cache_free+0x173/0x4d0
[  211.663394][ T6821]  vms_complete_munmap_vmas+0x573/0x970
[  211.668969][ T6821]  __mmap_region+0xb81/0x27c0
[  211.673674][ T6821]  mmap_region+0x1ab/0x3f0
[  211.678118][ T6821]  do_mmap+0xd8e/0x11b0
[  211.682287][ T6821]  vm_mmap_pgoff+0x281/0x450
[  211.686889][ T6821]  ksys_mmap_pgoff+0x32c/0x5c0
[  211.691666][ T6821]  __x64_sys_mmap+0x125/0x190
[  211.696356][ T6821]  do_syscall_64+0xcd/0x260
[  211.700889][ T6821]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  211.706797][ T6821] 
[  211.709122][ T6821] The buggy address belongs to the object at ffff88804f260240
[  211.709122][ T6821]  which belongs to the cache kmalloc-32 of size 32
[  211.723014][ T6821] The buggy address is located 0 bytes to the right of
[  211.723014][ T6821]  allocated 32-byte region [ffff88804f260240, ffff88804f260260)
[  211.737437][ T6821] 
[  211.739771][ T6821] The buggy address belongs to the physical page:
[  211.746178][ T6821] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x4f260
[  211.754952][ T6821] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  211.762068][ T6821] page_type: f5(slab)
[  211.766058][ T6821] raw: 00fff00000000000 ffff88801b441780 dead000000000122 0000000000000000
[  211.774654][ T6821] raw: 0000000000000000 0000000000400040 00000000f5000000 0000000000000000
[  211.783239][ T6821] page dumped because: kasan: bad access detected
[  211.789654][ T6821] page_owner tracks the page as allocated
[  211.795363][ T6821] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x52800(GFP_NOWAIT|__GFP_NORETRY|__GFP_COMP), pid 7030, tgid 7029 (syz.3.264), ts 203785479480, free_ts 203783675340
[  211.813475][ T6821]  post_alloc_hook+0x181/0x1b0
[  211.818269][ T6821]  get_page_from_freelist+0x135c/0x3920
[  211.823844][ T6821]  __alloc_frozen_pages_noprof+0x263/0x23a0
[  211.829772][ T6821]  alloc_pages_mpol+0x1fb/0x550
[  211.834659][ T6821]  new_slab+0x244/0x340
[  211.838836][ T6821]  ___slab_alloc+0xd9c/0x1940
[  211.843536][ T6821]  __slab_alloc.constprop.0+0x56/0xb0
[  211.848932][ T6821]  __kmalloc_cache_noprof+0xfb/0x3e0
[  211.854241][ T6821]  kmem_cache_free+0x148/0x4d0
[  211.859028][ T6821]  exit_mmap+0x511/0xb90
[  211.863288][ T6821]  __mmput+0x12a/0x410
[  211.867376][ T6821]  mmput+0x62/0x70
[  211.871117][ T6821]  do_exit+0x9d1/0x2c30
[  211.875300][ T6821]  do_group_exit+0xd3/0x2a0
[  211.879832][ T6821]  get_signal+0x2673/0x26d0
[  211.884354][ T6821]  arch_do_signal_or_restart+0x8f/0x7d0
[  211.889929][ T6821] page last free pid 7030 tgid 7029 stack trace:
[  211.896255][ T6821]  __free_frozen_pages+0x69d/0xff0
[  211.901391][ T6821]  tlb_finish_mmu+0x237/0x7b0
[  211.906092][ T6821]  exit_mmap+0x403/0xb90
[  211.910354][ T6821]  __mmput+0x12a/0x410
[  211.914444][ T6821]  mmput+0x62/0x70
[  211.918187][ T6821]  do_exit+0x9d1/0x2c30
[  211.922370][ T6821]  do_group_exit+0xd3/0x2a0
[  211.926903][ T6821]  get_signal+0x2673/0x26d0
[  211.931427][ T6821]  arch_do_signal_or_restart+0x8f/0x7d0
[  211.937005][ T6821]  syscall_exit_to_user_mode+0x150/0x2a0
[  211.942671][ T6821]  do_syscall_64+0xda/0x260
[  211.947204][ T6821]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  211.953113][ T6821] 
[  211.955450][ T6821] Memory state around the buggy address:
[  211.961084][ T6821]  ffff88804f260100: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc
[  211.969151][ T6821]  ffff88804f260180: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc
[  211.977220][ T6821] >ffff88804f260200: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc
[  211.985282][ T6821]                                                        ^
[  211.992481][ T6821]  ffff88804f260280: 00 00 00 00 fc fc fc fc fa fb fb fb fc fc fc fc
[  212.000551][ T6821]  ffff88804f260300: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc
[  212.008612][ T6821] ==================================================================
[  212.049358][ T6821] ==================================================================
[  212.057468][ T6821] BUG: KASAN: slab-out-of-bounds in _copy_from_iter+0x1459/0x15b0
[  212.065341][ T6821] Read of size 4 at addr ffff88804f260268 by task kworker/u8:10/6821
[  212.073428][ T6821] 
[  212.075777][ T6821] CPU: 1 UID: 0 PID: 6821 Comm: kworker/u8:10 Tainted: G    B               6.15.0-rc5-syzkaller #0 PREEMPT(full) 
[  212.075837][ T6821] Tainted: [B]=BAD_PAGE
[  212.075851][ T6821] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[  212.075878][ T6821] Workqueue: events_unbound netfs_write_collection_worker
[  212.075949][ T6821] Call Trace:
[  212.075962][ T6821]  <TASK>
[  212.075976][ T6821]  dump_stack_lvl+0x116/0x1f0
[  212.076033][ T6821]  print_report+0xc3/0x670
[  212.076090][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  212.076137][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  212.076184][ T6821]  ? __phys_addr+0xc6/0x150
[  212.076240][ T6821]  ? _copy_from_iter+0x1459/0x15b0
[  212.076296][ T6821]  kasan_report+0xe0/0x110
[  212.076356][ T6821]  ? _copy_from_iter+0x1459/0x15b0
[  212.076418][ T6821]  _copy_from_iter+0x1459/0x15b0
[  212.076482][ T6821]  ? p9pdu_writef+0xc3/0x100
[  212.076520][ T6821]  ? __pfx__copy_from_iter+0x10/0x10
[  212.076579][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  212.076626][ T6821]  ? lock_acquire+0x2cd/0x350
[  212.076684][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  212.076732][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  212.076779][ T6821]  ? __asan_memcpy+0x3c/0x60
[  212.076829][ T6821]  p9pdu_vwritef+0x2da/0x1d30
[  212.076871][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  212.076918][ T6821]  ? p9pdu_writef+0xc3/0x100
[  212.076954][ T6821]  ? __pfx_p9pdu_vwritef+0x10/0x10
[  212.076992][ T6821]  ? __pfx_p9_tag_alloc+0x10/0x10
[  212.077049][ T6821]  ? rcu_is_watching+0x12/0xc0
[  212.077095][ T6821]  ? rcu_is_watching+0x12/0xc0
[  212.077138][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  212.077190][ T6821]  p9_client_prepare_req+0x247/0x4d0
[  212.077250][ T6821]  ? __pfx_p9_client_prepare_req+0x10/0x10
[  212.077307][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  212.077355][ T6821]  ? trace_sched_exit_tp+0xde/0x130
[  212.077412][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  212.077459][ T6821]  ? __schedule+0x1186/0x5de0
[  212.077511][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  212.077563][ T6821]  p9_client_rpc+0x1c4/0xc50
[  212.077622][ T6821]  ? __pfx_p9_client_rpc+0x10/0x10
[  212.077681][ T6821]  ? __pfx___schedule+0x10/0x10
[  212.077729][ T6821]  ? __pfx_vprintk_emit+0x10/0x10
[  212.077778][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  212.077825][ T6821]  ? rcu_is_watching+0x12/0xc0
[  212.077869][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  212.077917][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  212.077970][ T6821]  p9_client_write+0x245/0x6f0
[  212.078040][ T6821]  ? __pfx_p9_client_write+0x10/0x10
[  212.078111][ T6821]  v9fs_issue_write+0xe3/0x1b0
[  212.078166][ T6821]  ? __pfx_v9fs_issue_write+0x10/0x10
[  212.078220][ T6821]  ? iov_iter_advance+0x380/0x6c0
[  212.078276][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  212.078322][ T6821]  ? rcu_is_watching+0x12/0xc0
[  212.078369][ T6821]  netfs_do_issue_write+0x95/0x110
[  212.078408][ T6821]  netfs_retry_writes+0x168a/0x1a50
[  212.078451][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  212.078508][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  212.078556][ T6821]  ? __lock_acquire+0xaa4/0x1ba0
[  212.078618][ T6821]  ? __pfx_netfs_retry_writes+0x10/0x10
[  212.078659][ T6821]  ? __pfx_netdev_run_todo+0x10/0x10
[  212.078704][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  212.078754][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  212.078800][ T6821]  ? register_lock_class+0x41/0x4c0
[  212.078860][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  212.078907][ T6821]  ? do_raw_spin_lock+0x12c/0x2b0
[  212.078947][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  212.078998][ T6821]  netfs_write_collection_worker+0x23fd/0x3830
[  212.079089][ T6821]  process_one_work+0x9cf/0x1b70
[  212.079138][ T6821]  ? __pfx_addrconf_dad_work+0x10/0x10
[  212.079187][ T6821]  ? __pfx_process_one_work+0x10/0x10
[  212.079228][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  212.079280][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  212.079327][ T6821]  ? assign_work+0x1a0/0x250
[  212.079364][ T6821]  worker_thread+0x6c8/0xf10
[  212.079410][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  212.079457][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  212.079510][ T6821]  ? __kthread_parkme+0x19e/0x250
[  212.079564][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  212.079613][ T6821]  ? __pfx_worker_thread+0x10/0x10
[  212.079653][ T6821]  kthread+0x3c5/0x780
[  212.079688][ T6821]  ? __pfx_kthread+0x10/0x10
[  212.079722][ T6821]  ? __pfx_kthread+0x10/0x10
[  212.079755][ T6821]  ? __pfx_kthread+0x10/0x10
[  212.079789][ T6821]  ? __pfx_kthread+0x10/0x10
[  212.079822][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  212.079868][ T6821]  ? rcu_is_watching+0x12/0xc0
[  212.079913][ T6821]  ? __pfx_kthread+0x10/0x10
[  212.079947][ T6821]  ret_from_fork+0x48/0x80
[  212.079984][ T6821]  ? __pfx_kthread+0x10/0x10
[  212.080018][ T6821]  ret_from_fork_asm+0x1a/0x30
[  212.080087][ T6821]  </TASK>
[  212.080099][ T6821] 
[  212.550148][ T6821] Allocated by task 7056:
[  212.554506][ T6821]  kasan_save_stack+0x33/0x60
[  212.559236][ T6821]  kasan_save_track+0x14/0x30
[  212.563963][ T6821]  __kasan_kmalloc+0xaa/0xb0
[  212.568597][ T6821]  kmem_cache_free+0x148/0x4d0
[  212.573404][ T6821]  vms_complete_munmap_vmas+0x573/0x970
[  212.578996][ T6821]  __mmap_region+0xb81/0x27c0
[  212.583728][ T6821]  mmap_region+0x1ab/0x3f0
[  212.588190][ T6821]  do_mmap+0xd8e/0x11b0
[  212.592381][ T6821]  vm_mmap_pgoff+0x281/0x450
[  212.596999][ T6821]  ksys_mmap_pgoff+0x32c/0x5c0
[  212.601793][ T6821]  __x64_sys_mmap+0x125/0x190
[  212.606499][ T6821]  do_syscall_64+0xcd/0x260
[  212.611048][ T6821]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  212.616972][ T6821] 
[  212.619305][ T6821] Freed by task 23:
[  212.623124][ T6821]  kasan_save_stack+0x33/0x60
[  212.627845][ T6821]  kasan_save_track+0x14/0x30
[  212.632568][ T6821]  kasan_save_free_info+0x3b/0x60
[  212.637624][ T6821]  __kasan_slab_free+0x51/0x70
[  212.642434][ T6821]  kfree+0x2b6/0x4d0
[  212.646361][ T6821]  slab_free_after_rcu_debug+0x69/0x350
[  212.651950][ T6821]  rcu_core+0x79c/0x14e0
[  212.656222][ T6821]  handle_softirqs+0x219/0x8e0
[  212.661022][ T6821]  run_ksoftirqd+0x3a/0x60
[  212.665474][ T6821]  smpboot_thread_fn+0x3f7/0xae0
[  212.670461][ T6821]  kthread+0x3c5/0x780
[  212.674558][ T6821]  ret_from_fork+0x48/0x80
[  212.679003][ T6821]  ret_from_fork_asm+0x1a/0x30
[  212.683816][ T6821] 
[  212.686149][ T6821] Last potentially related work creation:
[  212.691872][ T6821]  kasan_save_stack+0x33/0x60
[  212.696590][ T6821]  kasan_record_aux_stack+0xb8/0xd0
[  212.701823][ T6821]  __call_rcu_common.constprop.0+0x9a/0x9f0
[  212.707772][ T6821]  kmem_cache_free+0x173/0x4d0
[  212.712581][ T6821]  vms_complete_munmap_vmas+0x573/0x970
[  212.718171][ T6821]  __mmap_region+0xb81/0x27c0
[  212.722894][ T6821]  mmap_region+0x1ab/0x3f0
[  212.727355][ T6821]  do_mmap+0xd8e/0x11b0
[  212.731542][ T6821]  vm_mmap_pgoff+0x281/0x450
[  212.736159][ T6821]  ksys_mmap_pgoff+0x32c/0x5c0
[  212.740954][ T6821]  __x64_sys_mmap+0x125/0x190
[  212.745660][ T6821]  do_syscall_64+0xcd/0x260
[  212.750222][ T6821]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  212.756147][ T6821] 
[  212.758480][ T6821] The buggy address belongs to the object at ffff88804f260240
[  212.758480][ T6821]  which belongs to the cache kmalloc-32 of size 32
[  212.772385][ T6821] The buggy address is located 8 bytes to the right of
[  212.772385][ T6821]  allocated 32-byte region [ffff88804f260240, ffff88804f260260)
[  212.786820][ T6821] 
[  212.789154][ T6821] The buggy address belongs to the physical page:
[  212.795577][ T6821] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x4f260
[  212.804363][ T6821] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  212.811494][ T6821] page_type: f5(slab)
[  212.815499][ T6821] raw: 00fff00000000000 ffff88801b441780 dead000000000122 0000000000000000
[  212.824156][ T6821] raw: 0000000000000000 0000000000400040 00000000f5000000 0000000000000000
[  212.832759][ T6821] page dumped because: kasan: bad access detected
[  212.839184][ T6821] page_owner tracks the page as allocated
[  212.844908][ T6821] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x52800(GFP_NOWAIT|__GFP_NORETRY|__GFP_COMP), pid 7030, tgid 7029 (syz.3.264), ts 203785479480, free_ts 203783675340
[  212.863015][ T6821]  post_alloc_hook+0x181/0x1b0
[  212.867822][ T6821]  get_page_from_freelist+0x135c/0x3920
[  212.873413][ T6821]  __alloc_frozen_pages_noprof+0x263/0x23a0
[  212.879355][ T6821]  alloc_pages_mpol+0x1fb/0x550
[  212.884254][ T6821]  new_slab+0x244/0x340
[  212.888446][ T6821]  ___slab_alloc+0xd9c/0x1940
[  212.893157][ T6821]  __slab_alloc.constprop.0+0x56/0xb0
[  212.898566][ T6821]  __kmalloc_cache_noprof+0xfb/0x3e0
[  212.903889][ T6821]  kmem_cache_free+0x148/0x4d0
[  212.908696][ T6821]  exit_mmap+0x511/0xb90
[  212.912978][ T6821]  __mmput+0x12a/0x410
[  212.917085][ T6821]  mmput+0x62/0x70
[  212.920845][ T6821]  do_exit+0x9d1/0x2c30
[  212.925046][ T6821]  do_group_exit+0xd3/0x2a0
[  212.929597][ T6821]  get_signal+0x2673/0x26d0
[  212.934140][ T6821]  arch_do_signal_or_restart+0x8f/0x7d0
[  212.939736][ T6821] page last free pid 7030 tgid 7029 stack trace:
[  212.946074][ T6821]  __free_frozen_pages+0x69d/0xff0
[  212.951223][ T6821]  tlb_finish_mmu+0x237/0x7b0
[  212.955942][ T6821]  exit_mmap+0x403/0xb90
[  212.960220][ T6821]  __mmput+0x12a/0x410
[  212.964328][ T6821]  mmput+0x62/0x70
[  212.968084][ T6821]  do_exit+0x9d1/0x2c30
[  212.972285][ T6821]  do_group_exit+0xd3/0x2a0
[  212.976837][ T6821]  get_signal+0x2673/0x26d0
[  212.981376][ T6821]  arch_do_signal_or_restart+0x8f/0x7d0
[  212.986967][ T6821]  syscall_exit_to_user_mode+0x150/0x2a0
[  212.992647][ T6821]  do_syscall_64+0xda/0x260
[  212.997201][ T6821]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  213.003127][ T6821] 
[  213.005462][ T6821] Memory state around the buggy address:
[  213.011108][ T6821]  ffff88804f260100: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc
[  213.019194][ T6821]  ffff88804f260180: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc
[  213.027278][ T6821] >ffff88804f260200: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc
[  213.035357][ T6821]                                                           ^
[  213.042826][ T6821]  ffff88804f260280: 00 00 00 00 fc fc fc fc fa fb fb fb fc fc fc fc
[  213.050911][ T6821]  ffff88804f260300: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc
[  213.059014][ T6821] ==================================================================
[  213.136769][ T6821] ==================================================================
[  213.144885][ T6821] BUG: KASAN: wild-memory-access in _copy_from_iter+0x8c9/0x15b0
[  213.152665][ T6821] Read of size 59 at addr 928573c00672e172 by task kworker/u8:10/6821
[  213.160827][ T6821] 
[  213.163162][ T6821] CPU: 0 UID: 0 PID: 6821 Comm: kworker/u8:10 Tainted: G    B               6.15.0-rc5-syzkaller #0 PREEMPT(full) 
[  213.163214][ T6821] Tainted: [B]=BAD_PAGE
[  213.163225][ T6821] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[  213.163252][ T6821] Workqueue: events_unbound netfs_write_collection_worker
[  213.163316][ T6821] Call Trace:
[  213.163326][ T6821]  <TASK>
[  213.163339][ T6821]  dump_stack_lvl+0x116/0x1f0
[  213.163389][ T6821]  kasan_report+0xe0/0x110
[  213.163443][ T6821]  ? _copy_from_iter+0x8c9/0x15b0
[  213.163505][ T6821]  kasan_check_range+0xef/0x1a0
[  213.163540][ T6821]  __asan_memcpy+0x23/0x60
[  213.163581][ T6821]  _copy_from_iter+0x8c9/0x15b0
[  213.163635][ T6821]  ? p9pdu_writef+0xc3/0x100
[  213.163670][ T6821]  ? __pfx__copy_from_iter+0x10/0x10
[  213.163723][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  213.163765][ T6821]  ? lock_acquire+0x2cd/0x350
[  213.163817][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  213.163859][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  213.163900][ T6821]  ? __asan_memcpy+0x3c/0x60
[  213.163944][ T6821]  p9pdu_vwritef+0x2da/0x1d30
[  213.163982][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  213.164023][ T6821]  ? p9pdu_writef+0xc3/0x100
[  213.164056][ T6821]  ? __pfx_p9pdu_vwritef+0x10/0x10
[  213.164089][ T6821]  ? __pfx_p9_tag_alloc+0x10/0x10
[  213.164139][ T6821]  ? rcu_is_watching+0x12/0xc0
[  213.164180][ T6821]  ? rcu_is_watching+0x12/0xc0
[  213.164218][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  213.164266][ T6821]  p9_client_prepare_req+0x247/0x4d0
[  213.164318][ T6821]  ? __pfx_p9_client_prepare_req+0x10/0x10
[  213.164369][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  213.164412][ T6821]  ? trace_sched_exit_tp+0xde/0x130
[  213.164463][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  213.164508][ T6821]  ? __schedule+0x1186/0x5de0
[  213.164549][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  213.164595][ T6821]  p9_client_rpc+0x1c4/0xc50
[  213.164650][ T6821]  ? __pfx_p9_client_rpc+0x10/0x10
[  213.164703][ T6821]  ? __pfx___schedule+0x10/0x10
[  213.164746][ T6821]  ? __pfx_vprintk_emit+0x10/0x10
[  213.164789][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  213.164831][ T6821]  ? rcu_is_watching+0x12/0xc0
[  213.164869][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  213.164912][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  213.164958][ T6821]  p9_client_write+0x245/0x6f0
[  213.165020][ T6821]  ? __pfx_p9_client_write+0x10/0x10
[  213.165083][ T6821]  v9fs_issue_write+0xe3/0x1b0
[  213.165132][ T6821]  ? __pfx_v9fs_issue_write+0x10/0x10
[  213.165180][ T6821]  ? iov_iter_advance+0x380/0x6c0
[  213.165231][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  213.165273][ T6821]  ? rcu_is_watching+0x12/0xc0
[  213.165314][ T6821]  netfs_do_issue_write+0x95/0x110
[  213.165348][ T6821]  netfs_retry_writes+0x168a/0x1a50
[  213.165386][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  213.165431][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  213.165476][ T6821]  ? __lock_acquire+0xaa4/0x1ba0
[  213.165531][ T6821]  ? __pfx_netfs_retry_writes+0x10/0x10
[  213.165566][ T6821]  ? __pfx_netdev_run_todo+0x10/0x10
[  213.165607][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  213.165653][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  213.165695][ T6821]  ? register_lock_class+0x41/0x4c0
[  213.165748][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  213.165790][ T6821]  ? do_raw_spin_lock+0x12c/0x2b0
[  213.165825][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  213.165871][ T6821]  netfs_write_collection_worker+0x23fd/0x3830
[  213.165951][ T6821]  process_one_work+0x9cf/0x1b70
[  213.165993][ T6821]  ? __pfx_addrconf_dad_work+0x10/0x10
[  213.166037][ T6821]  ? __pfx_process_one_work+0x10/0x10
[  213.166073][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  213.166120][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  213.166161][ T6821]  ? assign_work+0x1a0/0x250
[  213.166194][ T6821]  worker_thread+0x6c8/0xf10
[  213.166236][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  213.166279][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  213.166320][ T6821]  ? __kthread_parkme+0x19e/0x250
[  213.166368][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  213.166411][ T6821]  ? __pfx_worker_thread+0x10/0x10
[  213.166448][ T6821]  kthread+0x3c5/0x780
[  213.166481][ T6821]  ? __pfx_kthread+0x10/0x10
[  213.166511][ T6821]  ? __pfx_kthread+0x10/0x10
[  213.166540][ T6821]  ? __pfx_kthread+0x10/0x10
[  213.166570][ T6821]  ? __pfx_kthread+0x10/0x10
[  213.166599][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  213.166640][ T6821]  ? rcu_is_watching+0x12/0xc0
[  213.166682][ T6821]  ? __pfx_kthread+0x10/0x10
[  213.166713][ T6821]  ret_from_fork+0x48/0x80
[  213.166745][ T6821]  ? __pfx_kthread+0x10/0x10
[  213.166776][ T6821]  ret_from_fork_asm+0x1a/0x30
[  213.166838][ T6821]  </TASK>
[  213.166849][ T6821] ==================================================================
[  213.656976][ T5823] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  213.745089][ T6821] ==================================================================
[  213.753211][ T6821] BUG: KASAN: slab-out-of-bounds in _copy_from_iter+0x1416/0x15b0
[  213.761044][ T6821] Read of size 4 at addr ffff88804f260268 by task kworker/u8:10/6821
[  213.769110][ T6821] 
[  213.771443][ T6821] CPU: 0 UID: 0 PID: 6821 Comm: kworker/u8:10 Tainted: G    B               6.15.0-rc5-syzkaller #0 PREEMPT(full) 
[  213.771490][ T6821] Tainted: [B]=BAD_PAGE
[  213.771501][ T6821] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[  213.771520][ T6821] Workqueue: events_unbound netfs_write_collection_worker
[  213.771575][ T6821] Call Trace:
[  213.771584][ T6821]  <TASK>
[  213.771596][ T6821]  dump_stack_lvl+0x116/0x1f0
[  213.771637][ T6821]  print_report+0xc3/0x670
[  213.771678][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  213.771712][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  213.771747][ T6821]  ? __phys_addr+0xc6/0x150
[  213.771787][ T6821]  ? _copy_from_iter+0x1416/0x15b0
[  213.771827][ T6821]  kasan_report+0xe0/0x110
[  213.771869][ T6821]  ? _copy_from_iter+0x1416/0x15b0
[  213.771914][ T6821]  _copy_from_iter+0x1416/0x15b0
[  213.771957][ T6821]  ? p9pdu_writef+0xc3/0x100
[  213.771984][ T6821]  ? __pfx__copy_from_iter+0x10/0x10
[  213.772026][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  213.772059][ T6821]  ? lock_acquire+0x2cd/0x350
[  213.772101][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  213.772135][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  213.772169][ T6821]  ? __asan_memcpy+0x3c/0x60
[  213.772206][ T6821]  p9pdu_vwritef+0x2da/0x1d30
[  213.772236][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  213.772282][ T6821]  ? p9pdu_writef+0xc3/0x100
[  213.772319][ T6821]  ? __pfx_p9pdu_vwritef+0x10/0x10
[  213.772355][ T6821]  ? __pfx_p9_tag_alloc+0x10/0x10
[  213.772396][ T6821]  ? rcu_is_watching+0x12/0xc0
[  213.772429][ T6821]  ? rcu_is_watching+0x12/0xc0
[  213.772460][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  213.772502][ T6821]  p9_client_prepare_req+0x247/0x4d0
[  213.772544][ T6821]  ? __pfx_p9_client_prepare_req+0x10/0x10
[  213.772585][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  213.772620][ T6821]  ? trace_sched_exit_tp+0xde/0x130
[  213.772661][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  213.772695][ T6821]  ? __schedule+0x1186/0x5de0
[  213.772729][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  213.772766][ T6821]  p9_client_rpc+0x1c4/0xc50
[  213.772809][ T6821]  ? __pfx_p9_client_rpc+0x10/0x10
[  213.772850][ T6821]  ? __pfx___schedule+0x10/0x10
[  213.772885][ T6821]  ? __pfx_vprintk_emit+0x10/0x10
[  213.772920][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  213.772953][ T6821]  ? rcu_is_watching+0x12/0xc0
[  213.772984][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  213.773019][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  213.773056][ T6821]  p9_client_write+0x245/0x6f0
[  213.773107][ T6821]  ? __pfx_p9_client_write+0x10/0x10
[  213.773157][ T6821]  v9fs_issue_write+0xe3/0x1b0
[  213.773197][ T6821]  ? __pfx_v9fs_issue_write+0x10/0x10
[  213.773236][ T6821]  ? iov_iter_advance+0x380/0x6c0
[  213.773276][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  213.773309][ T6821]  ? rcu_is_watching+0x12/0xc0
[  213.773344][ T6821]  netfs_do_issue_write+0x95/0x110
[  213.773382][ T6821]  netfs_retry_writes+0x168a/0x1a50
[  213.773425][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  213.773462][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  213.773499][ T6821]  ? __lock_acquire+0xaa4/0x1ba0
[  213.773544][ T6821]  ? __pfx_netfs_retry_writes+0x10/0x10
[  213.773573][ T6821]  ? __pfx_netdev_run_todo+0x10/0x10
[  213.773606][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  213.773642][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  213.773675][ T6821]  ? register_lock_class+0x41/0x4c0
[  213.773719][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  213.773752][ T6821]  ? do_raw_spin_lock+0x12c/0x2b0
[  213.773781][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  213.773817][ T6821]  netfs_write_collection_worker+0x23fd/0x3830
[  213.773882][ T6821]  process_one_work+0x9cf/0x1b70
[  213.773917][ T6821]  ? __pfx_addrconf_dad_work+0x10/0x10
[  213.773951][ T6821]  ? __pfx_process_one_work+0x10/0x10
[  213.773981][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  213.774019][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  213.774052][ T6821]  ? assign_work+0x1a0/0x250
[  213.774080][ T6821]  worker_thread+0x6c8/0xf10
[  213.774113][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  213.774147][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  213.774180][ T6821]  ? __kthread_parkme+0x19e/0x250
[  213.774218][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  213.774253][ T6821]  ? __pfx_worker_thread+0x10/0x10
[  213.774282][ T6821]  kthread+0x3c5/0x780
[  213.774307][ T6821]  ? __pfx_kthread+0x10/0x10
[  213.774331][ T6821]  ? __pfx_kthread+0x10/0x10
[  213.774356][ T6821]  ? __pfx_kthread+0x10/0x10
[  213.774380][ T6821]  ? __pfx_kthread+0x10/0x10
[  213.774404][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  213.774437][ T6821]  ? rcu_is_watching+0x12/0xc0
[  213.774485][ T6821]  ? __pfx_kthread+0x10/0x10
[  213.774521][ T6821]  ret_from_fork+0x48/0x80
[  213.774548][ T6821]  ? __pfx_kthread+0x10/0x10
[  213.774573][ T6821]  ret_from_fork_asm+0x1a/0x30
[  213.774623][ T6821]  </TASK>
[  213.774632][ T6821] 
[  214.243372][ T6821] Allocated by task 7056:
[  214.247696][ T6821]  kasan_save_stack+0x33/0x60
[  214.252396][ T6821]  kasan_save_track+0x14/0x30
[  214.257088][ T6821]  __kasan_kmalloc+0xaa/0xb0
[  214.261696][ T6821]  kmem_cache_free+0x148/0x4d0
[  214.266472][ T6821]  vms_complete_munmap_vmas+0x573/0x970
[  214.272031][ T6821]  __mmap_region+0xb81/0x27c0
[  214.276727][ T6821]  mmap_region+0x1ab/0x3f0
[  214.281159][ T6821]  do_mmap+0xd8e/0x11b0
[  214.285317][ T6821]  vm_mmap_pgoff+0x281/0x450
[  214.289944][ T6821]  ksys_mmap_pgoff+0x32c/0x5c0
[  214.294726][ T6821]  __x64_sys_mmap+0x125/0x190
[  214.299438][ T6821]  do_syscall_64+0xcd/0x260
[  214.303999][ T6821]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  214.309898][ T6821] 
[  214.312234][ T6821] Freed by task 23:
[  214.316034][ T6821]  kasan_save_stack+0x33/0x60
[  214.320735][ T6821]  kasan_save_track+0x14/0x30
[  214.325441][ T6821]  kasan_save_free_info+0x3b/0x60
[  214.330482][ T6821]  __kasan_slab_free+0x51/0x70
[  214.335267][ T6821]  kfree+0x2b6/0x4d0
[  214.339180][ T6821]  slab_free_after_rcu_debug+0x69/0x350
[  214.344787][ T6821]  rcu_core+0x79c/0x14e0
[  214.349037][ T6821]  handle_softirqs+0x219/0x8e0
[  214.353814][ T6821]  run_ksoftirqd+0x3a/0x60
[  214.358240][ T6821]  smpboot_thread_fn+0x3f7/0xae0
[  214.363206][ T6821]  kthread+0x3c5/0x780
[  214.367286][ T6821]  ret_from_fork+0x48/0x80
[  214.371710][ T6821]  ret_from_fork_asm+0x1a/0x30
[  214.376497][ T6821] 
[  214.378812][ T6821] Last potentially related work creation:
[  214.384520][ T6821]  kasan_save_stack+0x33/0x60
[  214.389216][ T6821]  kasan_record_aux_stack+0xb8/0xd0
[  214.394434][ T6821]  __call_rcu_common.constprop.0+0x9a/0x9f0
[  214.400397][ T6821]  kmem_cache_free+0x173/0x4d0
[  214.405176][ T6821]  vms_complete_munmap_vmas+0x573/0x970
[  214.410741][ T6821]  __mmap_region+0xb81/0x27c0
[  214.415448][ T6821]  mmap_region+0x1ab/0x3f0
[  214.419885][ T6821]  do_mmap+0xd8e/0x11b0
[  214.424048][ T6821]  vm_mmap_pgoff+0x281/0x450
[  214.428642][ T6821]  ksys_mmap_pgoff+0x32c/0x5c0
[  214.433415][ T6821]  __x64_sys_mmap+0x125/0x190
[  214.438103][ T6821]  do_syscall_64+0xcd/0x260
[  214.442623][ T6821]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  214.448532][ T6821] 
[  214.450865][ T6821] The buggy address belongs to the object at ffff88804f260240
[  214.450865][ T6821]  which belongs to the cache kmalloc-32 of size 32
[  214.464755][ T6821] The buggy address is located 8 bytes to the right of
[  214.464755][ T6821]  allocated 32-byte region [ffff88804f260240, ffff88804f260260)
[  214.479181][ T6821] 
[  214.481514][ T6821] The buggy address belongs to the physical page:
[  214.487912][ T6821] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x4f260
[  214.496678][ T6821] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  214.503801][ T6821] page_type: f5(slab)
[  214.507783][ T6821] raw: 00fff00000000000 ffff88801b441780 dead000000000122 0000000000000000
[  214.516367][ T6821] raw: 0000000000000000 0000000000400040 00000000f5000000 0000000000000000
[  214.524942][ T6821] page dumped because: kasan: bad access detected
[  214.531344][ T6821] page_owner tracks the page as allocated
[  214.537047][ T6821] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x52800(GFP_NOWAIT|__GFP_NORETRY|__GFP_COMP), pid 7030, tgid 7029 (syz.3.264), ts 203785479480, free_ts 203783675340
[  214.555118][ T6821]  post_alloc_hook+0x181/0x1b0
[  214.559894][ T6821]  get_page_from_freelist+0x135c/0x3920
[  214.565452][ T6821]  __alloc_frozen_pages_noprof+0x263/0x23a0
[  214.571362][ T6821]  alloc_pages_mpol+0x1fb/0x550
[  214.576233][ T6821]  new_slab+0x244/0x340
[  214.580400][ T6821]  ___slab_alloc+0xd9c/0x1940
[  214.585087][ T6821]  __slab_alloc.constprop.0+0x56/0xb0
[  214.590498][ T6821]  __kmalloc_cache_noprof+0xfb/0x3e0
[  214.595832][ T6821]  kmem_cache_free+0x148/0x4d0
[  214.600653][ T6821]  exit_mmap+0x511/0xb90
[  214.604913][ T6821]  __mmput+0x12a/0x410
[  214.609017][ T6821]  mmput+0x62/0x70
[  214.612784][ T6821]  do_exit+0x9d1/0x2c30
[  214.616961][ T6821]  do_group_exit+0xd3/0x2a0
[  214.621500][ T6821]  get_signal+0x2673/0x26d0
[  214.626032][ T6821]  arch_do_signal_or_restart+0x8f/0x7d0
[  214.631606][ T6821] page last free pid 7030 tgid 7029 stack trace:
[  214.637940][ T6821]  __free_frozen_pages+0x69d/0xff0
[  214.643082][ T6821]  tlb_finish_mmu+0x237/0x7b0
[  214.647797][ T6821]  exit_mmap+0x403/0xb90
[  214.652053][ T6821]  __mmput+0x12a/0x410
[  214.656137][ T6821]  mmput+0x62/0x70
[  214.659883][ T6821]  do_exit+0x9d1/0x2c30
[  214.664061][ T6821]  do_group_exit+0xd3/0x2a0
[  214.668604][ T6821]  get_signal+0x2673/0x26d0
[  214.673135][ T6821]  arch_do_signal_or_restart+0x8f/0x7d0
[  214.678706][ T6821]  syscall_exit_to_user_mode+0x150/0x2a0
[  214.684363][ T6821]  do_syscall_64+0xda/0x260
[  214.688889][ T6821]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  214.694813][ T6821] 
[  214.697130][ T6821] Memory state around the buggy address:
[  214.702763][ T6821]  ffff88804f260100: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc
[  214.710836][ T6821]  ffff88804f260180: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc
[  214.718923][ T6821] >ffff88804f260200: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc
[  214.727009][ T6821]                                                           ^
[  214.734472][ T6821]  ffff88804f260280: 00 00 00 00 fc fc fc fc fa fb fb fb fc fc fc fc
[  214.742557][ T6821]  ffff88804f260300: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc
[  214.750625][ T6821] ==================================================================
[  214.764468][ T6821] ==================================================================
[  214.772596][ T6821] BUG: KASAN: slab-out-of-bounds in _copy_from_iter+0x132f/0x15b0
[  214.780466][ T6821] Read of size 4 at addr ffff88804f26027c by task kworker/u8:10/6821
[  214.788563][ T6821] 
[  214.790913][ T6821] CPU: 0 UID: 0 PID: 6821 Comm: kworker/u8:10 Tainted: G    B               6.15.0-rc5-syzkaller #0 PREEMPT(full) 
[  214.790970][ T6821] Tainted: [B]=BAD_PAGE
[  214.790983][ T6821] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[  214.791009][ T6821] Workqueue: events_unbound netfs_write_collection_worker
[  214.791078][ T6821] Call Trace:
[  214.791089][ T6821]  <TASK>
[  214.791103][ T6821]  dump_stack_lvl+0x116/0x1f0
[  214.791158][ T6821]  print_report+0xc3/0x670
[  214.791214][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  214.791261][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  214.791307][ T6821]  ? __phys_addr+0xc6/0x150
[  214.791363][ T6821]  ? _copy_from_iter+0x132f/0x15b0
[  214.791419][ T6821]  kasan_report+0xe0/0x110
[  214.791487][ T6821]  ? _copy_from_iter+0x132f/0x15b0
[  214.791553][ T6821]  _copy_from_iter+0x132f/0x15b0
[  214.791610][ T6821]  ? p9pdu_writef+0xc3/0x100
[  214.791648][ T6821]  ? __pfx__copy_from_iter+0x10/0x10
[  214.791706][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  214.791752][ T6821]  ? lock_acquire+0x2cd/0x350
[  214.791810][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  214.791858][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  214.791905][ T6821]  ? __asan_memcpy+0x3c/0x60
[  214.791954][ T6821]  p9pdu_vwritef+0x2da/0x1d30
[  214.791997][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  214.792043][ T6821]  ? p9pdu_writef+0xc3/0x100
[  214.792078][ T6821]  ? __pfx_p9pdu_vwritef+0x10/0x10
[  214.792114][ T6821]  ? __pfx_p9_tag_alloc+0x10/0x10
[  214.792168][ T6821]  ? rcu_is_watching+0x12/0xc0
[  214.792212][ T6821]  ? rcu_is_watching+0x12/0xc0
[  214.792253][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  214.792302][ T6821]  p9_client_prepare_req+0x247/0x4d0
[  214.792366][ T6821]  ? __pfx_p9_client_prepare_req+0x10/0x10
[  214.792422][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  214.792481][ T6821]  ? trace_sched_exit_tp+0xde/0x130
[  214.792537][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  214.792584][ T6821]  ? __schedule+0x1186/0x5de0
[  214.792631][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  214.792682][ T6821]  p9_client_rpc+0x1c4/0xc50
[  214.792739][ T6821]  ? __pfx_p9_client_rpc+0x10/0x10
[  214.792798][ T6821]  ? __pfx___schedule+0x10/0x10
[  214.792845][ T6821]  ? __pfx_vprintk_emit+0x10/0x10
[  214.792894][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  214.792940][ T6821]  ? rcu_is_watching+0x12/0xc0
[  214.792981][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  214.793029][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  214.793080][ T6821]  p9_client_write+0x245/0x6f0
[  214.793149][ T6821]  ? __pfx_p9_client_write+0x10/0x10
[  214.793218][ T6821]  v9fs_issue_write+0xe3/0x1b0
[  214.793273][ T6821]  ? __pfx_v9fs_issue_write+0x10/0x10
[  214.793327][ T6821]  ? iov_iter_advance+0x380/0x6c0
[  214.793382][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  214.793428][ T6821]  ? rcu_is_watching+0x12/0xc0
[  214.793482][ T6821]  netfs_do_issue_write+0x95/0x110
[  214.793520][ T6821]  netfs_retry_writes+0x168a/0x1a50
[  214.793563][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  214.793614][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  214.793661][ T6821]  ? __lock_acquire+0xaa4/0x1ba0
[  214.793722][ T6821]  ? __pfx_netfs_retry_writes+0x10/0x10
[  214.793763][ T6821]  ? __pfx_netdev_run_todo+0x10/0x10
[  214.793807][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  214.793855][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  214.793899][ T6821]  ? register_lock_class+0x41/0x4c0
[  214.793957][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  214.794004][ T6821]  ? do_raw_spin_lock+0x12c/0x2b0
[  214.794042][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  214.794092][ T6821]  netfs_write_collection_worker+0x23fd/0x3830
[  214.794185][ T6821]  process_one_work+0x9cf/0x1b70
[  214.794237][ T6821]  ? __pfx_addrconf_dad_work+0x10/0x10
[  214.794284][ T6821]  ? __pfx_process_one_work+0x10/0x10
[  214.794325][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  214.794378][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  214.794424][ T6821]  ? assign_work+0x1a0/0x250
[  214.794461][ T6821]  worker_thread+0x6c8/0xf10
[  214.794512][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  214.794560][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  214.794606][ T6821]  ? __kthread_parkme+0x19e/0x250
[  214.794660][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  214.794708][ T6821]  ? __pfx_worker_thread+0x10/0x10
[  214.794749][ T6821]  kthread+0x3c5/0x780
[  214.794784][ T6821]  ? __pfx_kthread+0x10/0x10
[  214.794816][ T6821]  ? __pfx_kthread+0x10/0x10
[  214.794849][ T6821]  ? __pfx_kthread+0x10/0x10
[  214.794882][ T6821]  ? __pfx_kthread+0x10/0x10
[  214.794913][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  214.794958][ T6821]  ? rcu_is_watching+0x12/0xc0
[  214.795003][ T6821]  ? __pfx_kthread+0x10/0x10
[  214.795038][ T6821]  ret_from_fork+0x48/0x80
[  214.795074][ T6821]  ? __pfx_kthread+0x10/0x10
[  214.795108][ T6821]  ret_from_fork_asm+0x1a/0x30
[  214.795175][ T6821]  </TASK>
[  214.795187][ T6821] 
[  215.264257][ T6821] Allocated by task 7056:
[  215.268587][ T6821]  kasan_save_stack+0x33/0x60
[  215.273298][ T6821]  kasan_save_track+0x14/0x30
[  215.278024][ T6821]  __kasan_kmalloc+0xaa/0xb0
[  215.282643][ T6821]  kmem_cache_free+0x148/0x4d0
[  215.287436][ T6821]  vms_complete_munmap_vmas+0x573/0x970
[  215.293024][ T6821]  __mmap_region+0xb81/0x27c0
[  215.297741][ T6821]  mmap_region+0x1ab/0x3f0
[  215.302194][ T6821]  do_mmap+0xd8e/0x11b0
[  215.306369][ T6821]  vm_mmap_pgoff+0x281/0x450
[  215.310973][ T6821]  ksys_mmap_pgoff+0x32c/0x5c0
[  215.315763][ T6821]  __x64_sys_mmap+0x125/0x190
[  215.320463][ T6821]  do_syscall_64+0xcd/0x260
[  215.324999][ T6821]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  215.330911][ T6821] 
[  215.333235][ T6821] Freed by task 23:
[  215.337041][ T6821]  kasan_save_stack+0x33/0x60
[  215.341750][ T6821]  kasan_save_track+0x14/0x30
[  215.346457][ T6821]  kasan_save_free_info+0x3b/0x60
[  215.351504][ T6821]  __kasan_slab_free+0x51/0x70
[  215.356299][ T6821]  kfree+0x2b6/0x4d0
[  215.360216][ T6821]  slab_free_after_rcu_debug+0x69/0x350
[  215.365791][ T6821]  rcu_core+0x79c/0x14e0
[  215.370047][ T6821]  handle_softirqs+0x219/0x8e0
[  215.374836][ T6821]  run_ksoftirqd+0x3a/0x60
[  215.379277][ T6821]  smpboot_thread_fn+0x3f7/0xae0
[  215.384246][ T6821]  kthread+0x3c5/0x780
[  215.388326][ T6821]  ret_from_fork+0x48/0x80
[  215.392761][ T6821]  ret_from_fork_asm+0x1a/0x30
[  215.397562][ T6821] 
[  215.399886][ T6821] Last potentially related work creation:
[  215.405599][ T6821]  kasan_save_stack+0x33/0x60
[  215.410305][ T6821]  kasan_record_aux_stack+0xb8/0xd0
[  215.415530][ T6821]  __call_rcu_common.constprop.0+0x9a/0x9f0
[  215.421478][ T6821]  kmem_cache_free+0x173/0x4d0
[  215.426269][ T6821]  vms_complete_munmap_vmas+0x573/0x970
[  215.431845][ T6821]  __mmap_region+0xb81/0x27c0
[  215.436554][ T6821]  mmap_region+0x1ab/0x3f0
[  215.441004][ T6821]  do_mmap+0xd8e/0x11b0
[  215.445178][ T6821]  vm_mmap_pgoff+0x281/0x450
[  215.449784][ T6821]  ksys_mmap_pgoff+0x32c/0x5c0
[  215.454564][ T6821]  __x64_sys_mmap+0x125/0x190
[  215.459258][ T6821]  do_syscall_64+0xcd/0x260
[  215.463793][ T6821]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  215.469701][ T6821] 
[  215.472023][ T6821] The buggy address belongs to the object at ffff88804f260240
[  215.472023][ T6821]  which belongs to the cache kmalloc-32 of size 32
[  215.485923][ T6821] The buggy address is located 28 bytes to the right of
[  215.485923][ T6821]  allocated 32-byte region [ffff88804f260240, ffff88804f260260)
[  215.500452][ T6821] 
[  215.502795][ T6821] The buggy address belongs to the physical page:
[  215.509202][ T6821] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x4f260
[  215.517977][ T6821] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  215.525095][ T6821] page_type: f5(slab)
[  215.529086][ T6821] raw: 00fff00000000000 ffff88801b441780 dead000000000122 0000000000000000
[  215.537681][ T6821] raw: 0000000000000000 0000000000400040 00000000f5000000 0000000000000000
[  215.546266][ T6821] page dumped because: kasan: bad access detected
[  215.552680][ T6821] page_owner tracks the page as allocated
[  215.558389][ T6821] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x52800(GFP_NOWAIT|__GFP_NORETRY|__GFP_COMP), pid 7030, tgid 7029 (syz.3.264), ts 203785479480, free_ts 203783675340
[  215.576484][ T6821]  post_alloc_hook+0x181/0x1b0
[  215.581279][ T6821]  get_page_from_freelist+0x135c/0x3920
[  215.586855][ T6821]  __alloc_frozen_pages_noprof+0x263/0x23a0
[  215.592781][ T6821]  alloc_pages_mpol+0x1fb/0x550
[  215.597675][ T6821]  new_slab+0x244/0x340
[  215.601850][ T6821]  ___slab_alloc+0xd9c/0x1940
[  215.606546][ T6821]  __slab_alloc.constprop.0+0x56/0xb0
[  215.611937][ T6821]  __kmalloc_cache_noprof+0xfb/0x3e0
[  215.617241][ T6821]  kmem_cache_free+0x148/0x4d0
[  215.622029][ T6821]  exit_mmap+0x511/0xb90
[  215.626291][ T6821]  __mmput+0x12a/0x410
[  215.630382][ T6821]  mmput+0x62/0x70
[  215.634126][ T6821]  do_exit+0x9d1/0x2c30
[  215.638310][ T6821]  do_group_exit+0xd3/0x2a0
[  215.642846][ T6821]  get_signal+0x2673/0x26d0
[  215.647369][ T6821]  arch_do_signal_or_restart+0x8f/0x7d0
[  215.652943][ T6821] page last free pid 7030 tgid 7029 stack trace:
[  215.659270][ T6821]  __free_frozen_pages+0x69d/0xff0
[  215.664404][ T6821]  tlb_finish_mmu+0x237/0x7b0
[  215.669102][ T6821]  exit_mmap+0x403/0xb90
[  215.673365][ T6821]  __mmput+0x12a/0x410
[  215.677455][ T6821]  mmput+0x62/0x70
[  215.681198][ T6821]  do_exit+0x9d1/0x2c30
[  215.685380][ T6821]  do_group_exit+0xd3/0x2a0
[  215.689911][ T6821]  get_signal+0x2673/0x26d0
[  215.694436][ T6821]  arch_do_signal_or_restart+0x8f/0x7d0
[  215.700012][ T6821]  syscall_exit_to_user_mode+0x150/0x2a0
[  215.705681][ T6821]  do_syscall_64+0xda/0x260
[  215.710211][ T6821]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  215.716120][ T6821] 
[  215.718440][ T6821] Memory state around the buggy address:
[  215.724071][ T6821]  ffff88804f260100: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc
[  215.732142][ T6821]  ffff88804f260180: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc
[  215.740211][ T6821] >ffff88804f260200: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc
[  215.748272][ T6821]                                                                 ^
[  215.756256][ T6821]  ffff88804f260280: 00 00 00 00 fc fc fc fc fa fb fb fb fc fc fc fc
[  215.764324][ T6821]  ffff88804f260300: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc
[  215.772390][ T6821] ==================================================================
[  215.795030][ T6821] ==================================================================
[  215.803119][ T6821] BUG: KASAN: slab-out-of-bounds in _copy_from_iter+0x1447/0x15b0
[  215.810972][ T6821] Read of size 8 at addr ffff88804f260270 by task kworker/u8:10/6821
[  215.819044][ T6821] 
[  215.821381][ T6821] CPU: 0 UID: 0 PID: 6821 Comm: kworker/u8:10 Tainted: G    B               6.15.0-rc5-syzkaller #0 PREEMPT(full) 
[  215.821433][ T6821] Tainted: [B]=BAD_PAGE
[  215.821445][ T6821] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[  215.821469][ T6821] Workqueue: events_unbound netfs_write_collection_worker
[  215.821538][ T6821] Call Trace:
[  215.821551][ T6821]  <TASK>
[  215.821565][ T6821]  dump_stack_lvl+0x116/0x1f0
[  215.821616][ T6821]  print_report+0xc3/0x670
[  215.821666][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  215.821708][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  215.821750][ T6821]  ? __phys_addr+0xc6/0x150
[  215.821800][ T6821]  ? _copy_from_iter+0x1447/0x15b0
[  215.821850][ T6821]  kasan_report+0xe0/0x110
[  215.821902][ T6821]  ? _copy_from_iter+0x1447/0x15b0
[  215.821958][ T6821]  _copy_from_iter+0x1447/0x15b0
[  215.822010][ T6821]  ? p9pdu_writef+0xc3/0x100
[  215.822043][ T6821]  ? __pfx__copy_from_iter+0x10/0x10
[  215.822096][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  215.822138][ T6821]  ? lock_acquire+0x2cd/0x350
[  215.822190][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  215.822232][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  215.822274][ T6821]  ? __asan_memcpy+0x3c/0x60
[  215.822319][ T6821]  p9pdu_vwritef+0x2da/0x1d30
[  215.822356][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  215.822398][ T6821]  ? p9pdu_writef+0xc3/0x100
[  215.822430][ T6821]  ? __pfx_p9pdu_vwritef+0x10/0x10
[  215.822464][ T6821]  ? __pfx_p9_tag_alloc+0x10/0x10
[  215.822518][ T6821]  ? rcu_is_watching+0x12/0xc0
[  215.822558][ T6821]  ? rcu_is_watching+0x12/0xc0
[  215.822597][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  215.822642][ T6821]  p9_client_prepare_req+0x247/0x4d0
[  215.822695][ T6821]  ? __pfx_p9_client_prepare_req+0x10/0x10
[  215.822746][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  215.822789][ T6821]  ? trace_sched_exit_tp+0xde/0x130
[  215.822840][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  215.822882][ T6821]  ? __schedule+0x1186/0x5de0
[  215.822923][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  215.822969][ T6821]  p9_client_rpc+0x1c4/0xc50
[  215.823021][ T6821]  ? __pfx_p9_client_rpc+0x10/0x10
[  215.823074][ T6821]  ? __pfx___schedule+0x10/0x10
[  215.823116][ T6821]  ? __pfx_vprintk_emit+0x10/0x10
[  215.823160][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  215.823202][ T6821]  ? rcu_is_watching+0x12/0xc0
[  215.823240][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  215.823283][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  215.823329][ T6821]  p9_client_write+0x245/0x6f0
[  215.823391][ T6821]  ? __pfx_p9_client_write+0x10/0x10
[  215.823454][ T6821]  v9fs_issue_write+0xe3/0x1b0
[  215.823506][ T6821]  ? __pfx_v9fs_issue_write+0x10/0x10
[  215.823554][ T6821]  ? iov_iter_advance+0x380/0x6c0
[  215.823603][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  215.823644][ T6821]  ? rcu_is_watching+0x12/0xc0
[  215.823685][ T6821]  netfs_do_issue_write+0x95/0x110
[  215.823718][ T6821]  netfs_retry_writes+0x168a/0x1a50
[  215.823757][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  215.823802][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  215.823843][ T6821]  ? __lock_acquire+0xaa4/0x1ba0
[  215.823898][ T6821]  ? __pfx_netfs_retry_writes+0x10/0x10
[  215.823934][ T6821]  ? __pfx_netdev_run_todo+0x10/0x10
[  215.823975][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  215.824019][ T6821]  ? srso_alias_return_thunk+0x5/0xfbef5
[  215.824060][ T6821]  ? register_lock_class+0x41/0x4c0