last executing test programs:

19m7.064885669s ago: executing program 32 (id=3343):
r0 = socket$nl_route(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000040)={0x0, r0}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x20, 0x20, 0x3, [@int={0x0, 0x0, 0x0, 0x1, 0x5, 0x10}, @var={0x1, 0x0, 0x0, 0xe, 0x1}]}, {0x0, [0x61]}}, 0x0, 0x3b, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=@ipv6_newnexthop={0x1c, 0x68, 0x309, 0x0, 0x0, {}, [@NHA_BLACKHOLE={0x4}]}, 0x1c}}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_FILL_RING(r2, 0x11b, 0x5, &(0x7f0000000280)=0x200800, 0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r5], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='syzkaller\x00', 0x0, 0xfffffffffffffc73, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r6}, 0x18)
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000006c0)='net/route\x00')
preadv(r7, &(0x7f00000025c0)=[{&(0x7f0000002500)=""/79, 0x4f}], 0x1, 0x10006c, 0x2f)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_START_AP(r8, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x0)

18m50.388795245s ago: executing program 33 (id=3461):
r0 = syz_mount_image$f2fs(&(0x7f0000000000), &(0x7f0000000080)='./file1\x00', 0x0, &(0x7f00000069c0)=ANY=[@ANYBLOB="6c617a7974696d652c6e6f696e6c696e655f78617474722c6c617a7974696d652c6e6f626172726965722c6163746976655f6c6f67733d342c757365725f78617474722c6d6f64653d6c66732c616c6c6f635f6d6f64653d64656661756c742c00be9ee044c45511e65887f6fac9eba6d787c3684a836f23dbf8ad3dd5931c08b4d8bde7e8acbbf3bf3326f2faa5952a332ad2ced40c98a2affa2dad4d623f9ff3ffa81e45095548ab6200f069d0f63d20fd71d3043b0dd5c4cf9785f3f531abc19bc1678f5e0b33006bd1049ca45fd8500d67a5aa6e1c23d900000000007867738729e703bb122283fb2fae9813a0cfefcdf3dc968af1cf80e96649d943198a96d9b1af9c91506b30922be8537f54e65cf60c6b6a5798955796aea325770d6ccc93a95fad93b2c7bad114fcbc55036a301c23b07073c71555791db8919235022bb0ee4294211ab9b43f3fbedecd223722d937aa22b31e2e9c97e5ea94e4ab83d4e5811c7556813c334aec856af0a0c12b3c93ba5aa906c6e2268a0c6cbbb13f496d87c608604eb02b2c031d5ae40c75"], 0x1, 0x5531, &(0x7f0000000b00)="$eJzs3EtvG1UUAODrpOmbEiEW7DpShZRItVWnSQW7AK14iFQRjwUr6tiO5db2RLHjhKxYsEQs+CcIJFYs+Q0sWLNDLEDskIo89wY1PCpQHJsk3ydNz8yd6zPnjqpEZyZyAM6s+ezXn0vhWrgUQpgNIVwNodgvpa2wGsMLIYTrIYSZJ7ZSGv9j4HwI4XII4dooecxZSqc+vzm8sfLTW798892Fc1e++Pr76a0amLYXQwjdrbi/240xb8X4MI3Xhu0idpeHKcYT3UfpOI9xt7lRZNitHcyrFfF2K87Pt3b6o7jZqdVHsdXeLMa3evGC/WHrIE/xgYe17eK40dwoYrufF7G1H+va248/2/b7g5inkfJ9VKQPg8FBjOPNvWZcz9ajItZ7gzQe8+aN5t4oDlNMlwv1vNMo6tg4yp3+f3u73dvZy4bN7X4772UrlepLleqdcnU7bzQHzeVyrdu4s5wttDqjaeVBs9ZdbeV5q9Os1PPuYrbQqtfL1Wq2cLe50a71smq1crtyq7yymPZuZq/ffz/rNLKFUXy13dsZtDv9bDPfzuInFrOlyu2XF7Mb1ezdtfVs/Z1799bW3/vw7gf3X1l787U06S9lZQtLt5aWytVb5aXq4sld/+h3/X9a/yep6DGuH46k9LSTDyZXB8AJov8HpmGi/f9cGHv/H/T/Y6H/P7Prf5wc7QZytj21/wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4DT7Ye7LN4qd+Xh8JY0/k4aeS8elEMJMCOHx35gN5w/lnE155v5h/tyfavi2FIoMo2tcSNvlEMJq2n579rjvAgAAAJxeX318/bPYrcd/5qddEJMUH9rMXH0wpnylEMLc/I9jyBLSw6bw/NGrikb/v8+FvTFlKx5gXRxTsvjI7dy4sv0rs4fCxSdCKYaZg5nnJ1oXAABwnA53ApPtQgAAAJikT6ddANNRvGlNf4ufXvNdiCG9ELx06AgAAAA4gUrTLgAAAAA4dkX/7/v/AAAA4HSL3/8HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAL+zcze5aQNRAICfDS609AdV3fcq3cExeoQuu4y4CkcgV8gFOAPZZZtdBBH2JAoRhBAbE6Lvk+xhbOvxjPDijUcDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABzTdTEbX1787teNs1zV08zdAAAAANssitm4/DCs+oN0/Fs69DP1s4jII2Jb7d6JTxsxOylOseP64lkOVxFlhPV39NL2JSL+pO3ux7F/BQAAAPi45pPpqKrWq93w1AnRpmrQJv/6t6F4WUQUw5uGouXr3a9XXbraPz60/n934/+Os9lhqZUDW1F7ysyDcsit21S0/TrpcX9s+k+arGry9tIBAADaslkJtFiFAAAA0LJ/p06A0yjfeqa5+GkCf69q0gvBzxs9AAAA4AwdOusZAAAAeI8GL54t6/8zWP/v+631/wAAAODNqvX/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOKZFMRvPJ9NR3TjLVT3N3A0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAPfvzjsIwDAZhcJMor07oAr7/Lc2C3bp1MwOCj38rAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABceRwvzzNejZlso9eZ5N3zSvLp1Ph2avw6N/5Jxrr7NwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7+/OSAiEQBFEwZ/zvpO9/WEnQM4gQAQ2PKmrRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAF/3ul/8TU+NMMnfaWDoeSdauGltXjb0HjaMH4+3fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXO/fvGzcVBwD8e+fzlRYQIaAMQYhKDLDQ9FpaujKAIgb+BKQovZbAlR9tBlpVoCxsKHMXBCNCSKCw9X/o3EpdytbhhiIxMYDss5PXo4iDKvaRfD7S8/vacvy+z4mifP2cAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKA2fnMvzorNwiTuVsduP7i+XvR3pvrCze27y0Ur4s7fXP+L/Up8/r2Y7nSW2ksEAACAwyOr6/uIfuQ7q0XQXSjr/7w+p6j5v3l6Etf1/HTdX/d17V+0n3+6//zuQAuTcYqLXtgYDU/+NZVeto/znGfP/OMZvfLOl89esvIb0n1n67lxXt7Pzle3br3VL8MjTWQLAPwXJ+q+Cuq/h4p+0GZiABwavaoV7lX1f7bQbk4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAATehvxZN13ImI5d5eXLjz4Pp62U/t39y+u1y3szdubKfXLC6RR8SFjdHwZFMT+R+4cvXah2uj0fBy88FLEdHe6FXw3gznRLSZoeBxg271sz7bVx2PiPZzbj9o+RcTAAAHTl61oq6/l++sFsc6ixF/fPtw/f9KEkda/0/1af1///2zt9Ox0vp/0NgM59/K5qVPVq5cvfbaxqW1i8OLw49ePzV4Y3D63Jkz51bKZyUrnpgAAADwePpVS+v/7mLEeGr9/1gSx4z1/6dfDz5Px8rU/4+0t+jXdiYAAACH27PHf/u184jjnX4/Plvb3Lw8mGx3909Nti2k+q8dqVpa/2eLbWcFAAAANGG81Xlo/f98EseM6/9PfffCD+k1s4g4Wq3/n1j/eHS+uem05PeZzmri34n3faoAAADMtaNVS9f/8/L9/+7uKw/diHj15UlcfQzgTPV/9vaX36djpe//n25uinOpuzS5H2W/FNFbajsjAAAADrInqlYU+7/kO6sf/Hjs3b73/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACa9mcAAAD//6vIRLE=")
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000012c0)={&(0x7f0000000040)='kfree\x00', r1}, 0x10)
r3 = socket$inet(0x2, 0x2, 0x1)
sendmsg$inet(r3, &(0x7f0000000200)={&(0x7f0000000000)={0x2, 0x3, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10, &(0x7f00000000c0)=[{&(0x7f0000002100)="0800a9fc0da6b30a", 0x8}], 0x1, &(0x7f0000001d00)=ANY=[@ANYBLOB="18000000000000000000000007000000890704ac1414aa0011000000000000000000000001"], 0x30}, 0x0)
r4 = openat(0xffffffffffffff9c, 0x0, 0x80202, 0x1ff)
close(r4)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
socket(0x10, 0x3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000006040)={0x11, 0x4, &(0x7f0000000940)=ANY=[], 0x0, 0xf, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3c, @void, @value}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r7}, 0x10)
r8 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r8, &(0x7f00000007c0)={0x300, 0x0, &(0x7f0000000780)={&(0x7f0000000b00)=ANY=[@ANYBLOB="020a06000300000028bd7008fcd1df25010018"], 0x18}}, 0x40)
fcntl$setlease(r5, 0x400, 0x0)
r9 = gettid()
fcntl$getownex(r0, 0x10, &(0x7f0000000480)={0x0, <r10=>0x0})
fcntl$getownex(r3, 0x10, &(0x7f00000004c0))
r11 = getpid()
sched_setscheduler(r11, 0x2, 0x0)
r12 = getpgrp(0xffffffffffffffff)
syz_clone(0x48800000, &(0x7f0000000500)="7da160794bd505110856cbe02862523a238dd1c7a254e4b4b7712087ce6da24a3cbda0dfa9f87ce189439a437195b29fc55d63376763ceac05c73901e61ea0b4dc9156ed58af9e0743dcd25c61bce3ed045fc4d7e74d27ba60d9e81c7b082f658c754b7599ce39fb84528bece029355dabba11abd20fd8e1c855dc0451164a81c668a11589745e7cdb735e621d0ee51297032bab38d3dcdf1b08c001752890d6feda3cd18df35288871f73ac4b2d5764e3cbf697762cbf3a90c926fbaf5f38e6746db180f338e519cb6e95c94253e44ee865988c332f7953e2e3829652048d2f", 0xe0, &(0x7f0000000600), &(0x7f0000000640), &(0x7f0000000680)="0e2a81c62a11023569eee6c7bc156ddb6011c49c7adf73568a4cd7bc0d5b22fc641e295e663305895318fd7f02f64667ab216f959064e878c823c9e65ed50ef0b50d1ae68af2cbaba352a7e56bd6e1c2c959f23da817851c9ef60140e86c637809175792df3b09c2dc302096f30f80c75020788a319eea0234dc33b640545f1e1ecd8f38f46f115c579101fe78dd47ee232afcc5ca9b4a4aa6d85c26181e")
syz_emit_ethernet(0x6e, &(0x7f00000001c0)=ANY=[@ANYBLOB="ffffffffffffaaaaaaaaaae920dd6000021000383a00fe8000000000000000000000000000bbff020000000000000000000000000001010090780000000060030722000065982c3af3a6aeb500000000000000000001fe80db638be7f0bab500000000000000000000000000aaa4"], 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r3, 0xc0502100, &(0x7f0000000740)={0x0, <r13=>0x0})
fcntl$getownex(r2, 0x10, &(0x7f00000007c0)={0x0, <r14=>0x0})
ioctl$sock_SIOCGPGRP(r5, 0x8904, &(0x7f0000000800)=<r15=>0x0)
syz_clone3(&(0x7f0000000880)={0x100000300, &(0x7f0000000900), &(0x7f0000000140), &(0x7f00000001c0), {0x15}, &(0x7f00000002c0)=""/152, 0x98, &(0x7f0000000380)=""/234, &(0x7f0000000840)=[r9, r10, r14, 0xffffffffffffffff, r11, r12, r9, r13, r14, r15], 0xa, {r5}}, 0x58)
unlink(&(0x7f0000000180)='./file1\x00')

18m41.519297701s ago: executing program 34 (id=3515):
fcntl$lock(0xffffffffffffffff, 0x7, 0x0)
syz_init_net_socket$bt_rfcomm(0x1f, 0x1, 0x3)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="17000000000000000400000003"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb70300000800"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x800)
write$P9_RVERSION(r3, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r4 = dup(r3)
write$FUSE_BMAP(r4, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r4, &(0x7f0000000600)=ANY=[@ANYBLOB="b0"], 0xb0)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x800, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r4, @ANYBLOB=',privport,access='])
statfs(&(0x7f00000001c0)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000))
sendmsg$unix(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="14000000000000000100000001000000", @ANYRES32], 0x18}, 0x0)

18m39.923498937s ago: executing program 35 (id=3530):
socket$packet(0x11, 0x3, 0x300)
openat$vga_arbiter(0xffffffffffffff9c, 0x0, 0x1c0002, 0x0)
epoll_create(0x3e4)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000040)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_emit_ethernet(0x7e, &(0x7f0000000380)=ANY=[@ANYBLOB="0180c200000000000000000086dd600107000048110120010000000000000000000000000001ff02000000000000000000000000000100000e22004890780300000004000000e4574f9d3c5e7270660f5f1a296ebd2c3bbadb735eeb8cf520487988bca1150e96992f4fcc6c008ca257253847b6da45ad42d5cce94cda59"], 0x0)
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x6000, 0x1)
openat(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', 0x0, 0x0)
sendto$packet(0xffffffffffffffff, 0x0, 0x0, 0x20000800, &(0x7f0000000dc0)={0x11, 0x1a, 0x0, 0x1, 0x0, 0x6, @link_local}, 0x14)
mount(&(0x7f0000000240), 0x0, &(0x7f0000000140)='f2fs\x00', 0x0, 0x0)

18m30.463484734s ago: executing program 36 (id=3577):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000680), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PAUSE_GET(r2, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001940)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01dfffffff0000000000210000000c00018008000100", @ANYRES32=r1], 0x20}}, 0x0)

18m17.728879835s ago: executing program 37 (id=3670):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000240), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKINFO_SET(r0, 0x0, 0x4000080)
futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0)
futex(&(0x7f000000cffc), 0x5, 0x2, 0x0, &(0x7f0000000000), 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={0xffffffffffffffff, 0x18000000000002a0, 0x86, 0x0, &(0x7f0000000100)="b9ff030f6044238cb89e14f088ca1bff430500001100630377fbac141414e000000162079f4b4d2f87e56dca6aab845013f2325f1a3901050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc", 0x0, 0xfe, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
sendmsg$inet(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)=[{0x0}, {&(0x7f0000000180)='-', 0x1}], 0x2}, 0x20000000)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000000800000008"], 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x9, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000210018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='block_plug\x00', r2}, 0x10)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x25, &(0x7f0000000080)=0x474c, 0x4)
pipe2$watch_queue(&(0x7f0000000200), 0x80)
sendmmsg(0xffffffffffffffff, &(0x7f0000007fc0), 0x800001d, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000000040), 0x291962b, 0x45833af92e4b39ff, 0x0)

13m34.939004332s ago: executing program 38 (id=5410):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_GET_NEXT_KEY(0x2, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000001e00100000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000fcffffffb702000004000000b7030000000000de850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket(0x10, 0x3, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x13, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000ba20702500000000002003007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000006000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000009b00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = creat(&(0x7f0000000200)='./file0\x00', 0x0)
close(r1)
dup(0xffffffffffffffff)
setfsuid(0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r0, 0x0, 0x10, 0x10, &(0x7f00000002c0)='\x00\x00\x00\x00\x00\b\x00\x00', &(0x7f0000000300)=""/8, 0x6c00, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)

13m23.004561929s ago: executing program 39 (id=5494):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r0}, &(0x7f0000000280), &(0x7f0000000400)=r1}, 0x20)
syz_emit_ethernet(0xd2, &(0x7f0000000d00)=ANY=[@ANYBLOB="0182c2000000ffffffffffff86dd60000000009c1100fe8000000000000000000000000000bbff020000000000000000000000000001"], 0x0) (fail_nth: 5)

12m18.709273771s ago: executing program 5 (id=5851):
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, 0x0, &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000000c0)='sched_switch\x00', r3}, 0x10)
epoll_create1(0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="020000000400000006000000aa0b000000000000", @ANYRES32, @ANYBLOB="0000000000000000dfffffffffffffff00000000", @ANYRES32=0x0, @ANYBLOB='\x00'/24], 0x48)
syz_mount_image$ext4(&(0x7f0000000740)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1810714, &(0x7f0000000c00)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x200000}}, {@user_xattr}, {@grpjquota_path={'grpjquota', 0x3d, '.'}}, {@sysvgroups}, {@prjquota}, {@debug}, {@usrjquota}, {@min_batch_time={'min_batch_time', 0x3d, 0x409e}}, {@nodiscard}]}, 0xff, 0x468, &(0x7f0000000780)="$eJzs289vFFUcAPDvzG4BQdmKiIIgVTRp/NHSgsrBxGg08aCJiR7wWNtCkIUaWhMhjVZj8GhIvBuPJv4FnjwZ9WTiFY8mhoQoMQG9uGZ2Z0q77JbWbtlN9/NJBt6befve+3bmzb6dtxtA3xrK/kki7o6IyxFRaWSXFxhq/Hfj2vzk39fmJ5Oo1d78I6mXu35tfrKWK163I69zOI1IP03yRmJgabWz5y+cnqhWp8/l+dG5M++Nzp6/8PSpMxMnp09Onx0/duzokbHnnh1/pkWvf7u01jiz+K7v+3Bm/95X3770+uTxS+/8+E3W3z0HGsezONZa5+0MZYH/2fjbNB97vNONddm/tZtxJuVu94bVKkVEOR+cl6MSpbh58irxyidd7RywobJ79tb2hxdqwCaWRLd7AHRH8Uafff4ttjs09egJV19sfADK4r6Rb40j5UjzMgMb2P5QRBxf+OfLbIum5xC1Fs8NAADW67ts/vNUq/lfGnuWlNuZrw0NRsS9EbErIu6LiN0RcX9EvewDEfHgGtsfasrfOv9Mr/yvwFYpm/89n69tLZ//FbO/GCzluXvq8Q8kJ05Vpw/nf5PhGNia5cdaVV5U8fIvn7drf+n8L9uy9ou5YF7JlXLjAd22Ys/UxNxEpyalVz+O2FduFX+yuBKQRMTeiNi3tqp3FolTT3y9v12h28e/gg6sM9W+KiqZX4im+AvJyuuTo9uiOn14tLgqbvXTzxffaNf+uuLvgOz8b19+/TeVqPyVLF2vnV088MJq27j462dtP1OWV3/9L8qu/y3JW/U13S35vg8m5ubOjUVsSV6r55ftH7/52iJflM/iHz7Uevzvyl+Txf9QRGQX8YGIeDgiDubn7pGIeDQiDq0Q/w8vPfZuu2O9cP6nWt7/Fq//weXnf+2J0unvv23X/uruf0frqeF8T/3+dxvtu1PcRpuuZgAAANjE0vp345N0ZDGdpiMjje/w747taXVmdu7JEzPvn51qfId+MAbS4klXZcnz0LFkIa+xkR/PnxUXx4/kz42/KN1Vz49MzlSnuhw79LsdbcZ/5vdSt3sHbDi/14L+1Tz+0y71A7jzvP9D/zL+oX8Z/9C/Wo3/j5ry1gJgM6pVut0DoHvM/6F/Gf/Qv4x/6Evr+V3/RiXKK/x6X6JXEpH2RDd6JnGwh0ZTuQOju8s3JgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgA75LwAA///foPki")

12m15.362089649s ago: executing program 5 (id=5856):
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
epoll_create1(0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="020000000400000006000000aa0b000000000000", @ANYRES32, @ANYBLOB="0000000000000000dfffffffffffffff00000000", @ANYRES32=0x0, @ANYBLOB='\x00'/24], 0x48)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f00000003c0)={0x0, &(0x7f00000002c0)=""/251, &(0x7f0000000940), &(0x7f0000000200), 0xa7c, r3}, 0x38)
syz_mount_image$ext4(&(0x7f0000000740)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1810714, &(0x7f0000000c00)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x200000}}, {@user_xattr}, {@grpjquota_path={'grpjquota', 0x3d, '.'}}, {@sysvgroups}, {@prjquota}, {@debug}, {@usrjquota}, {@min_batch_time={'min_batch_time', 0x3d, 0x409e}}, {@nodiscard}]}, 0xff, 0x468, &(0x7f0000000780)="$eJzs289vFFUcAPDvzG4BQdmKiIIgVTRp/NHSgsrBxGg08aCJiR7wWNtCkIUaWhMhjVZj8GhIvBuPJv4FnjwZ9WTiFY8mhoQoMQG9uGZ2Z0q77JbWbtlN9/NJBt6befve+3bmzb6dtxtA3xrK/kki7o6IyxFRaWSXFxhq/Hfj2vzk39fmJ5Oo1d78I6mXu35tfrKWK163I69zOI1IP03yRmJgabWz5y+cnqhWp8/l+dG5M++Nzp6/8PSpMxMnp09Onx0/duzokbHnnh1/pkWvf7u01jiz+K7v+3Bm/95X3770+uTxS+/8+E3W3z0HGsezONZa5+0MZYH/2fjbNB97vNONddm/tZtxJuVu94bVKkVEOR+cl6MSpbh58irxyidd7RywobJ79tb2hxdqwCaWRLd7AHRH8Uafff4ttjs09egJV19sfADK4r6Rb40j5UjzMgMb2P5QRBxf+OfLbIum5xC1Fs8NAADW67ts/vNUq/lfGnuWlNuZrw0NRsS9EbErIu6LiN0RcX9EvewDEfHgGtsfasrfOv9Mr/yvwFYpm/89n69tLZ//FbO/GCzluXvq8Q8kJ05Vpw/nf5PhGNia5cdaVV5U8fIvn7drf+n8L9uy9ou5YF7JlXLjAd22Ys/UxNxEpyalVz+O2FduFX+yuBKQRMTeiNi3tqp3FolTT3y9v12h28e/gg6sM9W+KiqZX4im+AvJyuuTo9uiOn14tLgqbvXTzxffaNf+uuLvgOz8b19+/TeVqPyVLF2vnV088MJq27j462dtP1OWV3/9L8qu/y3JW/U13S35vg8m5ubOjUVsSV6r55ftH7/52iJflM/iHz7Uevzvyl+Txf9QRGQX8YGIeDgiDubn7pGIeDQiDq0Q/w8vPfZuu2O9cP6nWt7/Fq//weXnf+2J0unvv23X/uruf0frqeF8T/3+dxvtu1PcRpuuZgAAANjE0vp345N0ZDGdpiMjje/w747taXVmdu7JEzPvn51qfId+MAbS4klXZcnz0LFkIa+xkR/PnxUXx4/kz42/KN1Vz49MzlSnuhw79LsdbcZ/5vdSt3sHbDi/14L+1Tz+0y71A7jzvP9D/zL+oX8Z/9C/Wo3/j5ry1gJgM6pVut0DoHvM/6F/Gf/Qv4x/6Evr+V3/RiXKK/x6X6JXEpH2RDd6JnGwh0ZTuQOju8s3JgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgA75LwAA///foPki")

12m13.508824151s ago: executing program 5 (id=5863):
syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000480)='./file0\x00', 0x10, &(0x7f0000000140)={[{@norecovery}]}, 0xee, 0x477, &(0x7f0000000940)="$eJzs3EtsG0UYAOB/13k0fZBQyqOlhUBBVDySJn3QAxcQSBxAQoJDEaeQpFWp26AmSLSqoHAoR1QJzogjEnckTnBBwAEhcYU7qlRVvbRwMlp7N3UcO3HqNG7x90lrz3jXmfl3duzxjJ0AetZodpNEbI2IPyNiuJZdesBo7e7GtfPT/1w7P51EpfLm1aR63PVr56eLQ4vnballKpWIwSw52KTci+9ETJXLs2fy/PjCqffH58+ee+7Eqanjs8dnT08eOXLwwJ6Bw5OHOoovze+zuK7v+mhu985X3770+vTRS+/+8m1W3635/vo4bkkWbYPR2tlt9Gh282RHhd1RfstuttU9kPS1PnhsAypE+0oRkTVXf7X/D0cphhb3Dccrn3a1csBtValUKs3en3MXKsD/WBLdrgHQHcUbffb5t9g2aOhxR7jyYu0DUBb3jXyr7elbnDvob/h8u55GI+LohX+/yrZYj3kIAIBV/JCNf55tNv5L44G64+7J11BGIuLeiNgeEfdFxI6IuD+ieuyDEfHQGstvXCFZPv5JL99SYG3Kxn8v5GtbS8d/xegvRkp5bls1/v7k2Iny7P78nOyL/sEsP7FCGT++/MfnRXpTw7768V+2ZeUXY8G8Hpf7GiboZqYWpjqNu3Dlk4hdfc3iT6JYxkkiYmdE7LrFMk48/c3uVvtWj38FK6wztavydcRTtfa/EEviv9lUScv1yYnnD08eGt8U5dn948VVsdyvv198o1X5bcQ/0HmUrWXtv7np9b+4CjySbIqYP3vuZHW9dn7tZVz867O6Pr1kdTmLP/0uYs3X/0DyVjVdnJwPpxYWzkxEDCSvLX988uZzi3xxfBb/vr3N+//2uho/HBHZRbwnIh7JF3GztnssIh6PiL0rxP/zS0+812rfsvYfKuJfYVZ+HWXxz6zW/lHf/mtPlE7+9H3b8Tdt/4PV1L78kXZe/9qtYCfnDgAAAO4WafU78Ek6tphO07Gx2nf4d8TmtDw3v/DMsbkPTs/Uvis/Ev1pMdM1XDcfOpHPDRf5yYb8gXze+IvSUDU/Nj1Xnul28NDjtrTo/5m/S92uHXDbrcM6GnCX0v+hd+n/0Lv0f+hd+j/0rmb9/+Mu1APYeN7/oXfp/9C79H/oXfo/9KSWv41PO/rJf5cTxf9O6ODvXO1+FB0nhm5nEZF2P8CeSPR1chmvnvgyBpvu6vILEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwDr5LwAA///KL+IF")
socket$nl_route(0x10, 0x3, 0x0)
syz_mount_image$vfat(&(0x7f0000000100), &(0x7f0000000640)='./bus\x00', 0x0, &(0x7f0000000440)=ANY=[], 0x1, 0x1268, &(0x7f0000002500)="$eJzs3U9rI2UcB/Bf2vTv2qbquroL4oNeFCFue/DkpcguiAWl2gUVhFmbamialCYUIuLWkyfBlyHq0ZsgvoFevHgWBJFePO5BHGmT1aZJu7ptU5HP5zIPzzzfeWYyzMCE+TF7L32+sb7WLK9lrRgpFKK4ORbFuylSjMRodOzEc7d+/OnJN956+9XFpaUbyyndXHxz/sWU0uxT373z0ddPf9+6dOub2W8nYnfu3b3fFn7evbJ7de+Pr6LaTNVmqjdaKUu3G41WdrtWSavV5no5pddrlaxZSdV6s7LVs36t1tjcbKesvjozvblVaTZTVm+n9Uo7tQqptdVO2ftZtZ7K5XKamQ5OY+XLu3meR+T5WIxHnuf5VEzHpXgoZmI2SjEXD8cj8WhcjsfiSjweT8TVg1EXvd8AAAAAAAAAAAAAAAAAAADw/3Kf+v+C+n8AAAAAAAAAAAAAAAAAAAA4f0fr/4sRvv8PAAAAAAAAAAAAAAAAAAAAQ3af7/8fqf9/Xv0/AAAAAAAAAAAAAAAAAAAAnIfJzmI5pcmIjU+3V7ZXOstO/+JaVKMWlbgepfg9Dqr/Ozrtm68s3bieDszFCxt3uvk72yujvfn5sVLMFQbm5zv51JufiOnD+YUoxeXB8y8MzE/Gs8/s5z/p5MtRih/ei0bUYjWi0D36g/zH8ym9/NrSVG/+2v64Y42e82kBAACAs1ROf+l/ft/pDhq4vrOq+3yeuiMLJ/w/cOT5vBjXihd11NzTbH+4ntVqla0HbIwfv53x0225r1GIiCwO98xO/7K8P/mZTfGgjdGhTjp28phTnNMo/gd+zDNo/PrFoZ7JGO7sI91LIqvt3z//WSp28vxcd2zgxThxUur4e0ZhCPclhuPvk37RewIAAAAAAAAAAMC/MfDtv6mI6Hsf8IO+nnuvh/fG+7d8/OyfDeEIAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/mQHjgUAAAAAhPlbp9GxAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwFcBAAD///ME0UM=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000900)='.\x00', 0x0, 0x0)
mkdirat(r0, &(0x7f0000000180)='./bus\x00', 0x0)
rename(&(0x7f0000000240)='./file0\x00', &(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')

12m13.227704066s ago: executing program 5 (id=5868):
syz_emit_ethernet(0x12a, &(0x7f0000000000)=ANY=[], 0x0)
bpf$OBJ_GET_MAP(0x7, 0x0, 0x0)
close(0xffffffffffffffff)
clock_gettime(0xfffffffffffffff9, &(0x7f00000005c0))
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x10, 0x80002, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
openat$vcsu(0xffffffffffffff9c, &(0x7f0000000000), 0xb063422a5e59f481, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prctl$PR_SET_NAME(0xf, &(0x7f0000000500)='kfree\x00')
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x41, &(0x7f0000000080), 0x64, 0x50a, &(0x7f0000000200)="$eJzs3UFvG1kdAPD/OHZp2nSTBQ6wEsvCLkorqJ1s2DbiUIqE4FQJKPcSEieK4sRR7LRNVEEqPgASQoDECS5ckPgASKgSF44IqRKcQYBACFo4cIDOyvY4TVM7cVs3TuPfT5rMmzfz/H/P0YznzTzNBDC03oqIqxHxKE3TCxExnuXnsil2WlNju4cP7sw3piTS9Po/k0iyvPZnJdn8bFbsdER87csR30yejlvb2l6Zq1TKG9lyqb66XqptbV9cXp1bKi+V12Zmpi/NXp59b3aqL+08FxFXvvjXH3z3Z1+68qvP3PrTjb+f/1ajWmPZ+r3teEb5g1a2ml5ofhd7C2w8Z7DjKN9sYWa00xYjT+Xcfcl1AgCgs8Y5/gcj4pMRcSHGY+Tg01kAAADgFZR+fiz+l0SknZ3qkg8AAAC8QnLNMbBJrpiNBRiLXK5YbI3h/XCcyVWqtfqnF6ubawutsbITUcgtLlfKU9lY4YkoJI3l6Wb68fK7+5ZnIuL1iPj++GhzuThfrSwM+uIHAAAADImz+/r//xlv9f8BAACAE2Zi0BUAAAAAXjr9fwAAADj59P8BAADgRPvKtWuNKW2//3rh5tbmSvXmxYVybaW4ujlfnK9urBeXqtWl5jP7Vg/7vEq1uv7ZWNu8XaqXa/VSbWv7xmp1c61+Y/mJV2ADAAAAR+j1j9/7QxIRO58bbU4Np3or2uNmwHGV300l2bzDbv3H11rzvxxRpYAjMTLoCgADkx90BYCBKQy6AsDAJYes7zp457fZ/BP9rQ8AANB/kx/tfv8/d2DJnYNXA8eenRiGl/v/MLya9/97HcnrZAFOlIIzABh6L3z//1Bp+kwVAgAA+m6sOSW5YnZ5byxyuWIx4lzztQCFZHG5Up6KiNci4vfjhQ80lqebJZND+wwAAAAAAAAAAAAAAAAAAAAAAAAAQEuaJpECAAAAJ1pE7m/Jr1vP8p8cf2ds//WBU8l/xyN7ReitH1//4e25en1jupH/r938+o+y/HcHcQUDAAAAhsIzvcC/3U9v9+MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoJ8ePrgz356OMu4/vhARE53i5+N0c346ChFx5t9J5PeUy0XESB/ijzb+fKRT/KRRrd2Q++Mn7bIvaOfugfFjIvsWOsU/24f4MMzuNY4/Vzvtf7l4qznvvP/lI55Yfl7dj3+xe/wb6bL/n+sxxhv3f1HqGv9uxBv5zsefdvykS/y3e4z/ja9vb3dbl/4kYrLj70/yRKxSfXW9VNvavri8OrdUXiqvzcxMX5q9PPve7FRpcblSzv52jPG9j/3y0UHtP9Ml/sQh7X+nx/b///7tBx9qJQud4p9/u0P83/w02+Lp+O3fvk9l6cb6yXZ6p5Xe682f/+7Ng9q/0KX9h/3/z/fY/gtf/c6fe9wUADgCta3tlblKpbxxYhONXvoxqIbEMUx8u68fmKZp2tinXuBzkjgOX0szMegjEwAA0G+PT/oHXRMAAAAAAAAAAAAAAAAAAAAYXkfxOLH9MXd2U0k/HqENAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANAX7wcAAP//ZWfZVg==")
r3 = fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0)
r4 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
write$binfmt_register(r4, &(0x7f00000000c0)={0x3a, 'syz3', 0x3a, 'M', 0x3a, 0x9, 0x3a, '+\'', 0x3a, '', 0x3a, './file2', 0x3a, [0x4f, 0x4f, 0x46, 0x43, 0x50]}, 0x2e)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r3, 0x7, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0b00000005000000010001000900000001"], 0x48)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$nl_audit(0x10, 0x3, 0x9)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000200)='kmem_cache_free\x00', r5}, 0x10)

12m11.318880169s ago: executing program 5 (id=5875):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0500000004000000020000000c00000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="d032678407e851e6855fa80902a600000000000000000000000000000000000000000000000000000000f0ed2dd9ebd1722ddf16afc8dceb23acb20f106ec44e75993a1a97c66555a3c19a1a7e057580e37fbf7d186b12c157c423e0"], 0x73)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r0}, &(0x7f0000000200), &(0x7f0000000240)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001300)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000300)='./binderfs/binder0\x00', 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000740)=ANY=[@ANYBLOB="9feb01001800000000000000280000002800000003000000000000000200000d0000000000000000020000000100000002000000000000000000000500000000002e"], &(0x7f0000000100)=""/236, 0x43, 0xec, 0x1, 0x0, 0x0, @void, @value}, 0x20)
r3 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
openat$tun(0xffffffffffffff9c, &(0x7f0000000500), 0x400002, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x17, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r4}, 0x10)
r5 = syz_io_uring_setup(0x4333, &(0x7f0000000000), &(0x7f0000ff5000), &(0x7f0000ff4000))
io_uring_register$IORING_REGISTER_BUFFERS(r5, 0x0, &(0x7f0000002300)=[{0x0}], 0x1)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000480)=@base={0x2, 0x4, 0x8, 0xc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000028000000b704000000000000850000000300000095"], &(0x7f0000000040)='GPL\x00', 0xfffffffc, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket(0x1, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x10001, 0x8, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB="0c04000010000104000000000000000000480000", @ANYRES32=r7, @ANYBLOB="101000000000000008000d0005000000e4031680a40001800c0007"], 0x40c}}, 0x0)
io_uring_register$IORING_UNREGISTER_BUFFERS(r5, 0x1, 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000900)={0x18, 0x0, &(0x7f0000000780)=[@clear_death, @acquire={0x40046305, 0x2}], 0x0, 0x0, 0x0})
r8 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/cpuinfo\x00', 0x0, 0x0)
pread64(r8, &(0x7f0000000300)=""/94, 0x5e, 0x81ffffffffffffc)
syz_emit_ethernet(0x66, &(0x7f0000000340)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c200000086dd60d9000200302f00fe8000000000000000000000000000aaff0200000000000000000000000000010000883e00300ebddf62"], 0x0)
ioctl$USBDEVFS_GET_CAPABILITIES(r8, 0x8004551a, &(0x7f0000000400))

12m10.856839687s ago: executing program 5 (id=5876):
bpf$PROG_LOAD(0x5, 0x0, 0x23)
bpf$MAP_DELETE_ELEM(0x2, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000400007b8af8ff00000000bfa200000000000007020000fcffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000400)={0x0, 0x0})
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
socket$inet6(0xa, 0x80002, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='percpu_free_percpu\x00'}, 0x10)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="4c00000010004b0400f4ed00000000007a000900", @ANYRES32=0x0, @ANYBLOB="00000000000000002c0012800b00010062726964676500001c00028008000400000000000600060000000000060009"], 0x4c}}, 0x0)

12m10.850383087s ago: executing program 40 (id=5876):
bpf$PROG_LOAD(0x5, 0x0, 0x23)
bpf$MAP_DELETE_ELEM(0x2, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000400007b8af8ff00000000bfa200000000000007020000fcffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000400)={0x0, 0x0})
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
socket$inet6(0xa, 0x80002, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='percpu_free_percpu\x00'}, 0x10)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="4c00000010004b0400f4ed00000000007a000900", @ANYRES32=0x0, @ANYBLOB="00000000000000002c0012800b00010062726964676500001c00028008000400000000000600060000000000060009"], 0x4c}}, 0x0)

5m52.434943958s ago: executing program 4 (id=7445):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f0000000180)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="01000000040000000800000008"], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r5}, 0x10)
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xa, 0x0, 0x0)
r6 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r6, <r7=>0xffffffffffffffff}, 0x4)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r6, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sys_enter\x00', r8}, 0x10)
getitimer(0x2, &(0x7f0000000200))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r9 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000005c0)={&(0x7f0000000940)=ANY=[@ANYBLOB="9feb01001800000000000000b8000000b8000000070000000d00ed037b2de3d5c546320000080000047f0000000900000001000000070000000d00000004000000040000000500000005000000000000000c00000001000000760b00000c000000020000000000000005000000020000000100000000000000050000003c0000001000000000000000000000000000000000000003000000000500000003000000000000000a0000000000000c040000001000000000000001000000004e00590201000000000000020400000006000000000000100200000000211e2e5f5f00ae01f78106b2096df091a8a7c371bd60c5612060020ba8cc53f84037254c8ab3f6eccbee33f264eeded1a7515b200f6050a61fe257a5f0c3ef6176b30775b2b4e263911c6175ad617732d1fdf0fe265eed295e38bec75a"], &(0x7f0000000280)=""/124, 0xd7, 0x7c, 0x0, 0x1, 0x10000, @value}, 0x28)
tee(r3, r8, 0x8, 0x2)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000780)={0x43f, <r10=>0x0}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x17, 0x16, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000ffffffff00000000a80f000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000181a0000", @ANYRES32, @ANYBLOB="000000000000000018190000", @ANYRES32=r7, @ANYBLOB="00000000000000001026ff7ff9ffffff183d00e8020000000000000000000000bf91000000000000b7020000020000008500000084000000b7000000000000009500000000000000"], &(0x7f0000000000)='syzkaller\x00', 0x2, 0x9b, &(0x7f00000004c0)=""/155, 0x0, 0x14, '\x00', 0x0, @fallback=0xa, r9, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000740)={0x2, 0x3, 0x9c83, 0x8}, 0x10, r10, r4, 0x1, &(0x7f0000000800)=[0xffffffffffffffff], &(0x7f0000000840)=[{0x0, 0x4, 0x2, 0xb}], 0x10, 0xb, @void, @value}, 0x94)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000007c0))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
unshare(0x40000000)

5m51.506907474s ago: executing program 4 (id=7452):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0500000004000000020000000c00000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="d032678407e851e6855fa80902a600000000000000000000000000000000000000000000000000000000f0ed2dd9ebd1722ddf16afc8dceb23acb20f106ec44e75993a1a97c66555a3c19a1a7e057580e37fbf7d186b12c157c423e0"], 0x73)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r0}, &(0x7f0000000200), &(0x7f0000000240)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001300)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000300)='./binderfs/binder0\x00', 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000740)=ANY=[@ANYBLOB="9feb01001800000000000000280000002800000003000000000000000200000d0000000000000000020000000100000002000000000000000000000500000000002e"], &(0x7f0000000100)=""/236, 0x43, 0xec, 0x1, 0x0, 0x0, @void, @value}, 0x20)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
openat$tun(0xffffffffffffff9c, &(0x7f0000000500), 0x400002, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x17, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r4}, 0x10)
r5 = syz_io_uring_setup(0x4333, &(0x7f0000000000), 0x0, &(0x7f0000ff4000))
io_uring_register$IORING_REGISTER_BUFFERS(r5, 0x0, &(0x7f0000002300)=[{0x0}], 0x1)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000480)=@base={0x2, 0x4, 0x8, 0xc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000028000000b704000000000000850000000300000095"], &(0x7f0000000040)='GPL\x00', 0xfffffffc, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket(0x1, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x10001, 0x8, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB="0c04000010000104000000000000000000480000", @ANYRES32=r7, @ANYBLOB="101000000000000008000d0005000000e4031680a40001800c0007"], 0x40c}}, 0x0)
io_uring_register$IORING_UNREGISTER_BUFFERS(r5, 0x1, 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000900)={0x18, 0x0, &(0x7f0000000780)=[@clear_death, @acquire={0x40046305, 0x2}], 0x0, 0x0, 0x0})
r8 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/cpuinfo\x00', 0x0, 0x0)
pread64(r8, &(0x7f0000000300)=""/94, 0x5e, 0x81ffffffffffffc)
syz_emit_ethernet(0x66, &(0x7f0000000340)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c200000086dd60d9000200302f00fe8000000000000000000000000000aaff0200000000000000000000000000010000883e00300ebddf62"], 0x0)
ioctl$USBDEVFS_GET_CAPABILITIES(r8, 0x8004551a, &(0x7f0000000400))

5m51.408191516s ago: executing program 4 (id=7454):
socket$inet6_udp(0xa, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000d8d60b007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
syz_emit_ethernet(0x42, 0x0, 0x0)
io_uring_setup(0x79ae, &(0x7f0000000100)={0x0, 0xaa00, 0x2, 0x4, 0x2})
socket(0x840000000002, 0x3, 0xff)
syz_mount_image$exfat(&(0x7f0000000400), &(0x7f0000000240)='./file0\x00', 0x2000084c, &(0x7f0000000540)=ANY=[@ANYBLOB='iocharset=ascii,discard,dmask=00000000000000000000007,uid=', @ANYRESHEX, @ANYBLOB=',dmask=00000000000000000000152,fmask=00000000000000000000006,gid=', @ANYRESHEX, @ANYBLOB=',uid=', @ANYRESHEX, @ANYBLOB="2c646973636172642c00fb278330ab3b4884d36adf6908d31f57832035e96a151323e6f5a66fbca6bae94686c25de12000"/68], 0x81, 0x14f5, &(0x7f0000001580)="$eJzs3AuYjlXXOPC99t43Y5r0NMlh2GuvmycNtkmSHBJySJIkSXJKSJokSUgMOSUNSchxkhyGkBymMWmcz4eckyavNEkSklPY/0vv+33e9+v9vr7v//b/u65v1u+69jV7zf2s9ax71lzz3PdzXfP80HNUvRb1azcjIvEvgb9+SRFCxAghhgkhbhBCBEKISvGV4q8cL6Ag5V97EvbnejT9WnfAriWef97G88/beP55G88/b+P55208/7yN55+38fwZy8u2zyl2I6+8u/j9/7yMX///F8ktP/mbjeVv7vU/SOH55208/7yN55+38fzzNp5/3sbz/9+v1n9xjOeft/H8GcvLrvX7z7yu7brWv3+MMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxvKGc/4qLYT4t/217osxxhhjjDHGGGN/Hp//WnfAGGOMMcYYY4yx//dASKGEFoHIJ/KLGFFAxIrrRJy4XhQUN4iIuFHEi5tEIXGzKCyKiKKimEgQxUUJYQQKK0iEoqQoJaLiFlFa3CoSRRlRVpQTTpQXSeI2UUHcLiqKO0QlcaeoLO4SVURVUU1UF3eLGuIeUVPUErXFvaKOqCvqifriPtFA3C8aigdEI/GgaCweEk3Ew6KpeEQ0E4+K5uIx0UI8LlqKJ0Qr0Vq0EW1Fu/+r/FdEX/Gq6Cf6ixQxQAwUr4lBYrAYIoaKYeJ1MVy8IUaIN0WqGClGibfEaPG2GCPeEWPFODFevCsmiIlikpgspoipIk28J6aJ98V08YGYIWaKWWK2SBdzxFzxoZgn5osF4iOxUHwsFonFYolYKjLEJyJTLBNZ4lOxXHwmssUKsVKsEqvFGrFWrBPrxQaxUWwSm8UWsVVsE9vF52KH2Cl2id1ij9gr9okvxH7xpTggvhI54uv/Yf7Z/5DfCwQIkCBBg4Z8kA9iIAZiIRbiIA4KQkGIQATiIR4KQSEoDIWhKBSFBEiAElACEBAICEpCSYhCFEpDaUiERCgLZcGBgyRIggpwO1SEilAJKkFlqAxVoCpUhepQHWpADagJNaE21IY6UAfqQT24D+6D+6EhNIRG0AgaQ2NoAk2gKTSFZtAMmkNzaAEtoCW0hFbQCtpAG2gH7aA9tIcO0AE6QSfoDJ2hC3SBZEiGrtAVukE36A7doQf0gJ7QE3pBb+gNr8Ar8Cq8Cv2hjhwAA2EgDIJBMASGwlB4HYbDG/AGvAmpMBJGwVvwFrwNY+AMjIVxMB7GQw05ESbBZCA5FdIgDabBNJgO02EGzISZMBvSYQ7MhbkwD+bDfPgIFsLH8DEshsWwFDIgAzJhGWRBFiyHs5ANK2AlrILVsAZWwzpYD+tgI2yCjbAFtsA22Aafw+ewE3bCbtgNe2EvfAFfwJfwJaRCDuTAQTgIh+AQHIbDkAu5cASOwFE4CsfgGByH43ACTsIpOAmn4TScgbNwDs7BBbgAF+GlhO+a7y2zIVXIK7TUMp/MJ2NkjIyVsTJOxsmCsqCMyIiMl/GykCwkC8vCsqgsKhNkgiwhS0iUKEmGsqQsKaMyKkvL0jJRJsqysqx00skkmSQryAqyoqwoK8k7ZWV5l6wiq8qOrrqsLmvITq6mrCVry9qyjqwr68n6sr5sIBvIhrKhbCQbycaysWwiH5ZN5QAYAo/KK5NpIUdCSzkKWsnWso1sK9+GJ2V7OQY6yI6yk3xajoOx0EW2d8nyOdlVToJu8gU5GV6UPeRU6Clflr1kb9lHviL7yg6un+wvZ8AAOVDOhkFysBwih8p5UFdemVg9+aZMlSPlKPmWXApvyzHyHTlWjpPj5btygpwoJ8nJcoqcKtPke3KafF9Olx/IGXKmnCVny3Q5R86VH8p5cr5cID+SC+XHcpFcLJfIpTJDfiIz5TKZJT+Vy+VnMluukCvlKrlarpFr5Tq5Xm6QG+UmuVlukVvlNrldfi53yJ1yl9wt98i9cp/8Qu6XX8oD8iuZI7+WB+Vf5CH5jTwsv5W58jt5RH4vj8of5DH5ozwuf5In5El5Sv4sT8tf5Bl5Vp6T5+UF+au8KC/Jy9JLoUBJpZRWgcqn8qsYVUDFqutUnLpeFVQ3qIi6UcWrm1QhdbMqrIqooqqYSlDFVQllFCqrSIWqpCqlouoWVVrdqhJVGVVWlVNOlVdJ6jZVQd2uKqo7VCV1p6qs7lJVVFVVTVVXd6sa6h5VU9VStdW9qo6qq+qp+uo+1UDdrxqqB1Qj9aBqrB5STdTDqql6RDVTj6rm6jHVQj2uWqonVCvVWrVRbVU79aRqr55SHVRH1Uk9rTqrZ1QX9axKVs+prup51U29oLqrF1UP9ZLqqV5WvVRv1UddUpeVV/1Uf5WiBqiB6jU1SA1WQ9RQNUy9roarN9QI9aZKVSPVKPWWGq3eVmPUO2qsGqfGq3fVBDVRTVKT1RQ1VaWp99Q09b6arj5QM9RMNUvNVulqjhryt0oL/hv57/+T/BG/Pfs2tV19rnaonWqX2q32qL1qn9qn9qv96oA6oHJUjjqoDqpD6pA6rA6rXJWrjqgj6qg6qo6pY+q4Oq5OqJPqvPpZnVa/qDPqrDqrzqsL6oK6+LefgdCgpVZa60Dn0/l1jC6gY/V1Ok5frwvqG3RE36jj9U26kL5ZF9ZFdFFdTCfo4rqENhq11aRDXVKX0lF9iy6tb9WJuowuq8tpp8vrJH3bv5z/R/210+10e91ed9AddCfdSXfWnXUX3UUn62TdVXfV3XQ33V131z10D91T99S9dC/dR/fRfXVf3U/30yk6RQ/Ur+lBerAeoofqYfp1PVwP1yP0CJ2qU/UoPUqP1qP1GD1Gj9Vj9Xg9Xk/QE/QkPUlP0VN0mk7T0/Q0PV1P1zP0DD1Lz9LpOl3P1XP1PD1PL9AL9EK9UC/Si/QSvURn6AydqTN1ls7Sy/Vyna1X6BV6lV6l1+g1ep1epzfoDXqT3qS36C06W2/X2/UOvUPv0rv0Hr1H79P79H69Xx/QB3SOztEH9UF9SB/Sh/Vhnatz9RF9RB/VR/UxfUwf18f1CX1Cn9Kn9Gl9Wp/RZ/Q5fU5f0Bf0RX1RX9aXr1z2BTKQgQ50kC/IF8QEMUFsEBvEBXFBwaBgEAkiQXwQHxQKbg4KB0WCokGxICEoHpQITICBDSgIg5JBqSAa3BKUDm4NEoMyQdmgXOCC8kFScFtQIbg9qBjcEVQK7gwqB3cFVYKqQbWgenB3UCO4J6gZ1ApqB/cGdYK6Qb2gfnBf0CC4P2gYPBA0Ch4MGgcPBU2Ch4OmwSNBs+DRoHnwWNAieDxoGTwRtApaB22CtkG7P7W+92eKPOX6mf4mxQwwA81rZpAZbIaYoWaYed0MN2+YEeZNk2pGmlHmLTPavG3GmHfMWDPOjDfvmglmoplkJpspZqpJM++ZaeZ9M918YGaYmWaWmW3SzRwz13xo5pn5ZoH5yCw0H5tFZrFZYpaaDPOJyTTLTJb51Cw3n5lss8KsNKvMarPGrDXrzHqzwWw0m8xms8VsNdvMdvO52WF2ml1mt9lj9pp95guz33xpDpivTI752hw0fzGHzDfmsPnW5JrvzBHzvTlqfjDHzI/muPnJnDAnzSnzszltfjFnzFlzzpw3F8yv5qK5ZC4bf+Xi/srLO2rUmA/zYQzGYCzGYhzGYUEsiBGMYDzGYyEshIWxMBbFopiACVgCS+AVhIQlsSRGMYqlsTQmYiKWxbLo0GESJmEFrIAVsSJWwkpYGStjFayC1bAa3o134z14D9bCWngv3ot1sS7Wx/rYABtgQ2yIjbARNsbG2ASbYFNsis2wGTbH5tgCW2BLbImtsBW2wTbYDtthe2yPHbADdsJO2Bk7YxfsgsmYjF2xK3bDbtgdu2MP7IE9sSf2wl7YB/tgX+yL/bAfpmAKDsSBOAgH4RAcgsNwGA7H4TgCR2AqpuIoHIWjcTSOwTE4FsfheHwXJ+BEnISTcQpOxTRMw2k4DafjdJyBM3AWzsJ0TMe5OBfn4TxcgAtwIS7ERbgIl+ASzMAMzMRMzMIsXI7LMRuzcSWuxNW4GtfiWlyP63EjbsTNuBm34lbcjttxB+7AXbgL9+Ae3If7cD/uxwN4AHMwBw/iQTyEh/AwHsZczMUjeASP4lE8hsfwOB7HE3gCT+EpPI2n8QyewXN4Di/gr3gRL+Fl9BhjpYi119k4e70taG+wMbaA/fu4qC1mE2xxW8IaW9gW+YcYrbWJtowta8tZZ8vbJHvb7+IqtqqtZqvbu20Ne4+t+bu4gb3fNrQP2Eb2QVvf3vcPcWP7kG1iH7dN7RO2mW1tm9u2toV93La0T9hWtrVtY9vazvYZ28U+a5Ptc7arff53caZdZtfbDXaj3WT32y/tOXveHrU/2Av2V9vP9rfD7Ot2uH3DjrBv2lQ78nfxePuunWAn2kl2sp1ip/4unmVn23Q7x861H9p5dv7v4gz7iV1os+wiu9gusUt/i6/0lGU/tcvtZzbbrrAr7Sq72q6xa+26f+91ld1it9ptdp/9wu6wO+0uu9vusXt/i6+cxwH7lc2xX9sj9nt7yH5jD9tjNtd+91t85fyO2R/tcfuTPWFP2lP2Z3va/mLP2LO/nf+Vc//ZXrKXrbeCgCQp0hRQPspPMVSAYuk6iqPrqSDdQBG6keLpJipEN1NhKkJFqRglUHEqQYaQLBGFVJJKUZRuodJ0KyVSGSpL5chReUqi26gC3U4V6Q6qRHdSZbqLqlBVqkbV6W6qQfdQTapFteleqkN1qR7Vp/uoAd1PDekBakQPUmN6iJrQw9SUHqFm9Cg1p8eoBT1OLekJakWtqQ21pXb0JLWnp6gDdaRO9DR1pmeoCz1LyfQcdaXnqRu9QN3pRepBL1FPepl6UW/qQ69QX3qV+lF/SqEBNJBeo0E0mIbQUBpGr9NweoNG0JuUSiNpFL1Fo+ltGkPv0FgaR+PpXZpAE2kSTaYpNJXS6D2aRu/TdPqAZtBMmkWzKZ3m0Fz6kObRfFpAH9FC+pgW0WJaQkspgz6hTFpGWfQpLafPKJtW0EpaRatpDa2ldbSeNtBG2kSbaQttpW20nT6nHbSTdtFu2kN7aR99QfvpSzpAX1EOfU0H6S90iL6hw/Qt5dJ3dIS+p6P0Ax2jH+k4/UQn6CSdop/pNP1CZ+gsnaPzdIF+pYt0iS6TJxFCKEMV6jAI84X5w5iwQBgbXhfGhdeHBcMbwkh4Yxgf3hQWCm8OC4dFwqJhsTAhLB6WCE2IoQ0pDMOSYakwGt4Slg5vDRPDMmHZsFzowvJhUnhbWCG8PawY3hFWCu8MK4d3hVXCquHjD1YP7w5rhPeENcNaYe3w3rBOWDesF9YP7wsbhPeHDcMHwkbhg2HF8KGwSfhw2DR8JGwWPho2Dx8LW4SPhy3DJ8JWYeuwTdg2bBc+GbYPnwo7hB3DTuHTYefwmbBL+GyYHD4Xdg2f/8PjKeGAcGD4Wvha6P0Dakl0aTQj+kk0M7osmhX9NLo8+lk0O7oiujK6Kro6uia6Nrouuj66Iboxuim6ObolujW6Lep9/fzCgZNOOe0Cl8/ldzGugIt117k4d70r6G5wEXeji3c3uULuZlfYFXFFXTGX4Iq7Es44dNaRC11JV8pF3S2utLvVJboyrqwr55wr75JcW9fOtXPt3VOug+voOrmn3dPuGfeMe9Y9655zXd3zrpt7wXV3L7oe7iX3knvZ9XK9XR/3iuvrXnX9XH+X4lLcQDfQDXKD3BA3xA1zw9xwN9yNcCNcqkt1o9woN9qNdmPcGDfWjXXj3Xg3wU1wk9wkN8VNcWkuzU1z09x0N93NcDPcLDfLpbt0N9fNdfPcPLfALXALExe6RW6RW+KWuAyX4TJdpstyWW65W+6yXbZb6Va61W61W+vWuvVuvdvoNrrNbrPb6ra67W672+F2uF1ul9vj9rh9bp/b7/a7A+6Ay3E57qA76A65Q+6w+9bluu/cEfe9O+p+cMfcj+64+8mdcCfdKfezO+1+cWfcWXfOnXcX3K/uorvkLjvv0iLvRaZF3o9Mj3wQmRGZGZkVmR1Jj8yJzI18GJkXmR9ZEPkosjDycWRRZHFkSWRpJCPySSQzsiySFfk0sjzyWSQ7siKyMrIqsjqyJuJ98R2hL+lL+ai/xZf2t/pEX8aX9eW88+V9kr/NV/C3+4r+Dl/J3+kr+7t8FV/VV/NP+Fa+tW/j2/p2/knf3j/lO/iOvpN/2nf2z/gu/lmf7J/zXf3zvpt/wXf3L/oe/iXf07/se/nevo9/xff1r/p+vr9P8QP8QP+aH+QH+yF+qB/mX/fD/Rt+hH/Tp/qRfpR/y4/2b/sx/h0/1o/z4/27foKf6Cf5yX6Kn+rT/Ht+mn/fT/cf+Bl+pp/lZ/t0P8fP9R/6eX6+X+A/8gv9x36RX+yX+KU+w3/iM/0yn+U/9cv9Zz7br/Ar/Sq/2q/xa/06v95v8Bv9Jr/Zb/Fb/Ta/3X/ud/idfpff7ff4vX6f/8Lv91/6A/4rn+O/9gf9X/wh/40/7L/1uf47f8R/74/6H/wx/6M/7n/yJ/xJf8r/7E/7X/wZf9af8+f9Bf+rv+gv+cv8P2uMMcYYY/8t6g+OD/gn35N/W1cMFEJcv7NY7n+subnwX/eDZULniBDiuf49H/23VadOSkrK3x6brURQarEQInI1P5+4Gq8QncQzIll0FBX+aX+DZe8L9Af1o3cKEft3OTHiany1/u3/Sf0nnx6fWTk8F/9f1F8sRGKpqzkFxNX4av2K/0n9Iu3/oP8C36QJ0eHvcuLE1fhq/STxlHheJP/DIxljjDHGGGOMsb8aLKt1/6P75yv35wn6ak5+cTX+o/tzxhhjjDHGGGOMXXsv9u7z7JPJyR2784Y3vOHNv2+u9V8mxhhjjDHG2J/t6kX/te6EMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhjLu/5/fJzYtT5HxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhj7Fr7PwEAAP//SOc8Mw==")
ioctl$sock_inet_tcp_SIOCOUTQNSD(0xffffffffffffffff, 0x894b, &(0x7f0000000000))

5m50.516172632s ago: executing program 4 (id=7463):
r0 = socket(0x2, 0x3, 0xff)
r1 = syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000280)='./file0\x00', 0x414, &(0x7f0000000000)=ANY=[@ANYBLOB="6e6f6e756d7461696c2c6e66732c73686f72746e616d653d6c6f7765722c757466383d312c64656275672c696f636861727365743d757466382c73686f72746e616d653d6d697865642c757466383d312c004845160000000000"], 0x3, 0x2a1, &(0x7f0000000f40)="$eJzs3MFqE18Ux/Hzb/pv0pQ2EURQUA+60c3QxgfQIC2IAaU2RV0IUzvRkDEpM0MlIjYbcetzFJfuBPUFuhE37t0VQXDThTjiTKZN2rSmbdLE9PuBck9y7o+5bdNyUuis3339pFRwjYLpyVBCZUikJhsi6T9V3X/1dSioR6RRTS6P/fhy9s69+zezudz0rOpMdu5KRlUnzr9/+vzNhY/e2PzbiXdxWUs/WP+e+bp2au30+q+5x0VXi66WK56aulCpeOaCbeli0S0Zqrdty3QtLZZdy2nqF+zK0lJVzfLieHLJsVxXzXJVS1ZVvYp6TlXNR2axrIZh6HhSjrfhNvbkV2dnzeyubT/W0ROh60ZbPek42VrrZn71CM4EAAD6zN7zfzjr7z7/5+bDtcPzvwjzf5fUmh79Zf7HQHCcrJms//w2Y/4HAAAAAAAAAAAAAAAAAAAAAOBfsOH7Kd/3U9EafcRFJCEi0eNenxPdccDv/9UeHRcd1vCPewkR+9VyfjkfrmE/W5Ci2GLJpKTkZ/B6qAvrmRu56UkNpOWDvVLPryznYxKP8pF0q/y5E1NhXpvz/0uy8foZScnJ1tfPtMyPyKWLDXlDUvLpoVTElsXgdb2VfzGlev1Wblt+NNgHAAAAAMAgMHTTjvfvQT/YkJCd/TC/j78PbHt/PSxn2rlFJQAAAAAAODS3+qxk2rblHKCIi8gh4oNaxKQvjrGtuCYifXCMoyoSIhI+oweJf9uMt5Xy29gzLCI9/7Lso+j1byYAAAAAnbY19O8j9PllF08EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDx0+79wKL9O1pRY494w+ViR/4JAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAH3kdwAAAP//R8IgDA==")
bpf$BPF_PROG_QUERY(0x10, &(0x7f00000003c0)={@fallback=r1, 0x5, 0x0, 0x5, &(0x7f00000001c0), 0x0, 0x0, &(0x7f0000000240)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000340)=[0x0, 0x0], &(0x7f0000000380)=[0x0, 0x0, 0x0, 0x0, 0x0]}, 0x40)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r5)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0))
ioctl$SIOCSIFHWADDR(r5, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
write$cgroup_subtree(r4, &(0x7f0000000380)=ANY=[@ANYBLOB="8fedcb5d07081196f37538e486dd6372ce22ff893a"], 0xffbf)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000800000000000000000000009500000000000000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r7}, 0x10)
r8 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$VT_RESIZEX(r8, 0x560a, &(0x7f0000000040)={0x0, 0x1, 0x0, 0x2, 0x3, 0x3})
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000680)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x804051, 0x0, 0x1, 0x0, &(0x7f0000000d40))
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0x1214040, 0x0)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x0, @local}, 0x10)
bpf$MAP_CREATE(0x0, 0x0, 0x48)

5m50.172101108s ago: executing program 4 (id=7464):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000", @ANYRES32=r0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
sendmsg$ETHTOOL_MSG_WOL_SET(0xffffffffffffffff, 0x0, 0x4884)
r2 = socket$nl_route(0x10, 0x3, 0x0)
syz_mount_image$erofs(&(0x7f0000000340), &(0x7f0000000180)='./file2\x00', 0x200008, &(0x7f0000000080)=ANY=[], 0x1, 0x22f, &(0x7f0000001380)="$eJzsmL+LE0EUx78zu9kkIqLNFTYKHhjRSy57KNeE8wTByuZO1EqDtx5n9i6SrGACgoeNjXYWgo2F/4DFFVfb+Q8IWqggWJjCwkaEkdmZ3Uyc5PZY0937FMN39r2Z92OTVywIgjiwfP3y6/OzS4ur5wAcxiyK+vl3B2BMaW74f3r54OyLxuVXbz++ebd15NHuv/fJI0L8EeaD0h7xXQCVZQdRGkkkZ39LMas3qyim+ho4zmh9HQxVrW+DF5J7AzDc1PqeodvSv1q9uxEG1TvtcE2KebnU5eLLZaRemd9gm2FN74UQghn2bq/faoZh0DGEq21jTLlEGqw1Y/WvAA+DZY6GkZ/M/8bTJ9tyn/RmHjztXx0cdV3EAhhW9PNFFJPeqJYY9R93h/c7Vv1jq5Wu0pBVZCkMA6fba/ycSrNMcWwu3/GKLOeibTqKPGlgeGoJQaeAoUl2ctT55HSbAMTCNd4Oxjsv6ReaI9ZVq4oJ4nkZwNTfsi1yVZGImcHue9v0Leu4YNkh2Mjvx9vLubTfnJM/Yv6OldFv8f/p2KTEPuyo+SFeM5w25pNrzI9atHm/1u315zY2m+vBerDl+wsXGPD4vF+LB5Farbk3nM/leD4dMu4vTPD1uIeHzSjq1NXqMQ9lRFHHj/e+8bdZ2Wn/uKWPRbgC4JTayLHppTc6VgzmKR8e+0pVsZ0IgiAIgiAIgiAIgiAIgiD2y8gHzxNg8VfQDHzl/TcAAP//Mn1h+Q==")
setrlimit(0x2, &(0x7f00000000c0)={0x2, 0xa})
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8)
getpid()
r3 = socket$netlink(0x10, 0x3, 0x9)
recvmmsg(r3, &(0x7f0000004bc0)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x41, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, 0x0, 0x0, 0x2, 0x0)
r6 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x18)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8b07, 0x0)
socket$inet6(0xa, 0x800000000000002, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r7 = socket(0x10, 0x803, 0x0)
sendmsg$BATADV_CMD_GET_MESH(r7, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x32}}, 0x0)
getsockname$packet(r7, 0x0, &(0x7f0000000200))
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000580)=ANY=[@ANYBLOB="60000000100039042abd7000eaffffff000003e4", @ANYRES32=0x0, @ANYBLOB="03000000c310061d4000120034000280080001000000601297c300000e0230d4f3ac82aa2e5d7292f5fe6c1643e05d514a564843b248e8579766cfa32266b2a6b8dc055e080554417f3984a221357f49577281a34d2126bc286d2c171ef2f24a8bddc8bdb69e7e8d4dffb7f01d5a88fc90a8e44919509487baeea6d66e7c41b3ac92a7fbe57782654e87f43400bdae762a478d8d2021fc8d2a9b0761cc136e0956bc1ff7d8fa830d", @ANYRES32=0x0, @ANYBLOB="08000300ac1414bb08000200ac14142d060010000070000008000c00ee0000000800140001000100"], 0x60}, 0x1, 0x0, 0x0, 0x8000}, 0x4008040)

5m49.860731463s ago: executing program 4 (id=7469):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000786c6c2500000000002020207b1af8ff00000000bf"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x4004)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000008c0)=ANY=[@ANYBLOB="1800000000000005000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
write$FUSE_BMAP(0xffffffffffffffff, &(0x7f0000000100)={0x18}, 0x18)
mount$9p_fd(0x0, &(0x7f0000000400)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB="2c77ace1ac7c3d", @ANYRESHEX, @ANYBLOB=',access=', @ANYRESDEC=0x0, @ANYBLOB=',\x00'])

5m49.860037103s ago: executing program 41 (id=7469):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000786c6c2500000000002020207b1af8ff00000000bf"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x4004)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000008c0)=ANY=[@ANYBLOB="1800000000000005000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
write$FUSE_BMAP(0xffffffffffffffff, &(0x7f0000000100)={0x18}, 0x18)
mount$9p_fd(0x0, &(0x7f0000000400)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB="2c77ace1ac7c3d", @ANYRESHEX, @ANYBLOB=',access=', @ANYRESDEC=0x0, @ANYBLOB=',\x00'])

3m49.171377255s ago: executing program 7 (id=8428):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000fc8500000004000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_emit_ethernet(0x4a, &(0x7f00000006c0)={@local, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "8a37f2", 0x14, 0x2c, 0x1, @remote, @local, {[], {{0x3a00, 0x5, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x0, 0x2}}}}}}}, 0x0)

3m49.116780237s ago: executing program 7 (id=8431):
socket$inet6_udp(0xa, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000d8d60b007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
syz_emit_ethernet(0x42, 0x0, 0x0)
io_uring_setup(0x79ae, &(0x7f0000000100)={0x0, 0xaa00, 0x2, 0x4, 0x2})
r5 = socket(0x840000000002, 0x3, 0xff)
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000000100), &(0x7f0000000140)=0xc)

3m47.850826819s ago: executing program 7 (id=8435):
socket$inet6_udp(0xa, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
syz_emit_ethernet(0x42, 0x0, 0x0)
io_uring_setup(0x79ae, &(0x7f0000000100)={0x0, 0xaa00, 0x2, 0x4, 0x2})
socket(0x840000000002, 0x3, 0xff)
syz_mount_image$exfat(&(0x7f0000000400), &(0x7f0000000240)='./file0\x00', 0x2000084c, &(0x7f0000000540)=ANY=[@ANYBLOB='iocharset=ascii,discard,dmask=00000000000000000000007,uid=', @ANYRESHEX, @ANYBLOB=',dmask=00000000000000000000152,fmask=00000000000000000000006,gid=', @ANYRESHEX, @ANYBLOB=',uid=', @ANYRESHEX, @ANYBLOB="2c646973636172642c00fb278330ab3b4884d36adf6908d31f57832035e96a151323e6f5a66fbca6bae94686c25de12000"/68], 0x81, 0x14f5, &(0x7f0000001580)="$eJzs3AuYjlXXOPC99t43Y5r0NMlh2GuvmycNtkmSHBJySJIkSXJKSJokSUgMOSUNSchxkhyGkBymMWmcz4eckyavNEkSklPY/0vv+33e9+v9vr7v//b/u65v1u+69jV7zf2s9ax71lzz3PdzXfP80HNUvRb1azcjIvEvgb9+SRFCxAghhgkhbhBCBEKISvGV4q8cL6Ag5V97EvbnejT9WnfAriWef97G88/beP55G88/b+P55208/7yN55+38fwZy8u2zyl2I6+8u/j9/7yMX///F8ktP/mbjeVv7vU/SOH55208/7yN55+38fzzNp5/3sbz/9+v1n9xjOeft/H8GcvLrvX7z7yu7brWv3+MMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxvKGc/4qLYT4t/217osxxhhjjDHGGGN/Hp//WnfAGGOMMcYYY4yx//dASKGEFoHIJ/KLGFFAxIrrRJy4XhQUN4iIuFHEi5tEIXGzKCyKiKKimEgQxUUJYQQKK0iEoqQoJaLiFlFa3CoSRRlRVpQTTpQXSeI2UUHcLiqKO0QlcaeoLO4SVURVUU1UF3eLGuIeUVPUErXFvaKOqCvqifriPtFA3C8aigdEI/GgaCweEk3Ew6KpeEQ0E4+K5uIx0UI8LlqKJ0Qr0Vq0EW1Fu/+r/FdEX/Gq6Cf6ixQxQAwUr4lBYrAYIoaKYeJ1MVy8IUaIN0WqGClGibfEaPG2GCPeEWPFODFevCsmiIlikpgspoipIk28J6aJ98V08YGYIWaKWWK2SBdzxFzxoZgn5osF4iOxUHwsFonFYolYKjLEJyJTLBNZ4lOxXHwmssUKsVKsEqvFGrFWrBPrxQaxUWwSm8UWsVVsE9vF52KH2Cl2id1ij9gr9okvxH7xpTggvhI54uv/Yf7Z/5DfCwQIkCBBg4Z8kA9iIAZiIRbiIA4KQkGIQATiIR4KQSEoDIWhKBSFBEiAElACEBAICEpCSYhCFEpDaUiERCgLZcGBgyRIggpwO1SEilAJKkFlqAxVoCpUhepQHWpADagJNaE21IY6UAfqQT24D+6D+6EhNIRG0AgaQ2NoAk2gKTSFZtAMmkNzaAEtoCW0hFbQCtpAG2gH7aA9tIcO0AE6QSfoDJ2hC3SBZEiGrtAVukE36A7doQf0gJ7QE3pBb+gNr8Ar8Cq8Cv2hjhwAA2EgDIJBMASGwlB4HYbDG/AGvAmpMBJGwVvwFrwNY+AMjIVxMB7GQw05ESbBZCA5FdIgDabBNJgO02EGzISZMBvSYQ7MhbkwD+bDfPgIFsLH8DEshsWwFDIgAzJhGWRBFiyHs5ANK2AlrILVsAZWwzpYD+tgI2yCjbAFtsA22Aafw+ewE3bCbtgNe2EvfAFfwJfwJaRCDuTAQTgIh+AQHIbDkAu5cASOwFE4CsfgGByH43ACTsIpOAmn4TScgbNwDs7BBbgAF+GlhO+a7y2zIVXIK7TUMp/MJ2NkjIyVsTJOxsmCsqCMyIiMl/GykCwkC8vCsqgsKhNkgiwhS0iUKEmGsqQsKaMyKkvL0jJRJsqysqx00skkmSQryAqyoqwoK8k7ZWV5l6wiq8qOrrqsLmvITq6mrCVry9qyjqwr68n6sr5sIBvIhrKhbCQbycaysWwiH5ZN5QAYAo/KK5NpIUdCSzkKWsnWso1sK9+GJ2V7OQY6yI6yk3xajoOx0EW2d8nyOdlVToJu8gU5GV6UPeRU6Clflr1kb9lHviL7yg6un+wvZ8AAOVDOhkFysBwih8p5UFdemVg9+aZMlSPlKPmWXApvyzHyHTlWjpPj5btygpwoJ8nJcoqcKtPke3KafF9Olx/IGXKmnCVny3Q5R86VH8p5cr5cID+SC+XHcpFcLJfIpTJDfiIz5TKZJT+Vy+VnMluukCvlKrlarpFr5Tq5Xm6QG+UmuVlukVvlNrldfi53yJ1yl9wt98i9cp/8Qu6XX8oD8iuZI7+WB+Vf5CH5jTwsv5W58jt5RH4vj8of5DH5ozwuf5In5El5Sv4sT8tf5Bl5Vp6T5+UF+au8KC/Jy9JLoUBJpZRWgcqn8qsYVUDFqutUnLpeFVQ3qIi6UcWrm1QhdbMqrIqooqqYSlDFVQllFCqrSIWqpCqlouoWVVrdqhJVGVVWlVNOlVdJ6jZVQd2uKqo7VCV1p6qs7lJVVFVVTVVXd6sa6h5VU9VStdW9qo6qq+qp+uo+1UDdrxqqB1Qj9aBqrB5STdTDqql6RDVTj6rm6jHVQj2uWqonVCvVWrVRbVU79aRqr55SHVRH1Uk9rTqrZ1QX9axKVs+prup51U29oLqrF1UP9ZLqqV5WvVRv1UddUpeVV/1Uf5WiBqiB6jU1SA1WQ9RQNUy9roarN9QI9aZKVSPVKPWWGq3eVmPUO2qsGqfGq3fVBDVRTVKT1RQ1VaWp99Q09b6arj5QM9RMNUvNVulqjhryt0oL/hv57/+T/BG/Pfs2tV19rnaonWqX2q32qL1qn9qn9qv96oA6oHJUjjqoDqpD6pA6rA6rXJWrjqgj6qg6qo6pY+q4Oq5OqJPqvPpZnVa/qDPqrDqrzqsL6oK6+LefgdCgpVZa60Dn0/l1jC6gY/V1Ok5frwvqG3RE36jj9U26kL5ZF9ZFdFFdTCfo4rqENhq11aRDXVKX0lF9iy6tb9WJuowuq8tpp8vrJH3bv5z/R/210+10e91ed9AddCfdSXfWnXUX3UUn62TdVXfV3XQ33V131z10D91T99S9dC/dR/fRfXVf3U/30yk6RQ/Ur+lBerAeoofqYfp1PVwP1yP0CJ2qU/UoPUqP1qP1GD1Gj9Vj9Xg9Xk/QE/QkPUlP0VN0mk7T0/Q0PV1P1zP0DD1Lz9LpOl3P1XP1PD1PL9AL9EK9UC/Si/QSvURn6AydqTN1ls7Sy/Vyna1X6BV6lV6l1+g1ep1epzfoDXqT3qS36C06W2/X2/UOvUPv0rv0Hr1H79P79H69Xx/QB3SOztEH9UF9SB/Sh/Vhnatz9RF9RB/VR/UxfUwf18f1CX1Cn9Kn9Gl9Wp/RZ/Q5fU5f0Bf0RX1RX9aXr1z2BTKQgQ50kC/IF8QEMUFsEBvEBXFBwaBgEAkiQXwQHxQKbg4KB0WCokGxICEoHpQITICBDSgIg5JBqSAa3BKUDm4NEoMyQdmgXOCC8kFScFtQIbg9qBjcEVQK7gwqB3cFVYKqQbWgenB3UCO4J6gZ1ApqB/cGdYK6Qb2gfnBf0CC4P2gYPBA0Ch4MGgcPBU2Ch4OmwSNBs+DRoHnwWNAieDxoGTwRtApaB22CtkG7P7W+92eKPOX6mf4mxQwwA81rZpAZbIaYoWaYed0MN2+YEeZNk2pGmlHmLTPavG3GmHfMWDPOjDfvmglmoplkJpspZqpJM++ZaeZ9M918YGaYmWaWmW3SzRwz13xo5pn5ZoH5yCw0H5tFZrFZYpaaDPOJyTTLTJb51Cw3n5lss8KsNKvMarPGrDXrzHqzwWw0m8xms8VsNdvMdvO52WF2ml1mt9lj9pp95guz33xpDpivTI752hw0fzGHzDfmsPnW5JrvzBHzvTlqfjDHzI/muPnJnDAnzSnzszltfjFnzFlzzpw3F8yv5qK5ZC4bf+Xi/srLO2rUmA/zYQzGYCzGYhzGYUEsiBGMYDzGYyEshIWxMBbFopiACVgCS+AVhIQlsSRGMYqlsTQmYiKWxbLo0GESJmEFrIAVsSJWwkpYGStjFayC1bAa3o134z14D9bCWngv3ot1sS7Wx/rYABtgQ2yIjbARNsbG2ASbYFNsis2wGTbH5tgCW2BLbImtsBW2wTbYDtthe2yPHbADdsJO2Bk7YxfsgsmYjF2xK3bDbtgdu2MP7IE9sSf2wl7YB/tgX+yL/bAfpmAKDsSBOAgH4RAcgsNwGA7H4TgCR2AqpuIoHIWjcTSOwTE4FsfheHwXJ+BEnISTcQpOxTRMw2k4DafjdJyBM3AWzsJ0TMe5OBfn4TxcgAtwIS7ERbgIl+ASzMAMzMRMzMIsXI7LMRuzcSWuxNW4GtfiWlyP63EjbsTNuBm34lbcjttxB+7AXbgL9+Ae3If7cD/uxwN4AHMwBw/iQTyEh/AwHsZczMUjeASP4lE8hsfwOB7HE3gCT+EpPI2n8QyewXN4Di/gr3gRL+Fl9BhjpYi119k4e70taG+wMbaA/fu4qC1mE2xxW8IaW9gW+YcYrbWJtowta8tZZ8vbJHvb7+IqtqqtZqvbu20Ne4+t+bu4gb3fNrQP2Eb2QVvf3vcPcWP7kG1iH7dN7RO2mW1tm9u2toV93La0T9hWtrVtY9vazvYZ28U+a5Ptc7arff53caZdZtfbDXaj3WT32y/tOXveHrU/2Av2V9vP9rfD7Ot2uH3DjrBv2lQ78nfxePuunWAn2kl2sp1ip/4unmVn23Q7x861H9p5dv7v4gz7iV1os+wiu9gusUt/i6/0lGU/tcvtZzbbrrAr7Sq72q6xa+26f+91ld1it9ptdp/9wu6wO+0uu9vusXt/i6+cxwH7lc2xX9sj9nt7yH5jD9tjNtd+91t85fyO2R/tcfuTPWFP2lP2Z3va/mLP2LO/nf+Vc//ZXrKXrbeCgCQp0hRQPspPMVSAYuk6iqPrqSDdQBG6keLpJipEN1NhKkJFqRglUHEqQYaQLBGFVJJKUZRuodJ0KyVSGSpL5chReUqi26gC3U4V6Q6qRHdSZbqLqlBVqkbV6W6qQfdQTapFteleqkN1qR7Vp/uoAd1PDekBakQPUmN6iJrQw9SUHqFm9Cg1p8eoBT1OLekJakWtqQ21pXb0JLWnp6gDdaRO9DR1pmeoCz1LyfQcdaXnqRu9QN3pRepBL1FPepl6UW/qQ69QX3qV+lF/SqEBNJBeo0E0mIbQUBpGr9NweoNG0JuUSiNpFL1Fo+ltGkPv0FgaR+PpXZpAE2kSTaYpNJXS6D2aRu/TdPqAZtBMmkWzKZ3m0Fz6kObRfFpAH9FC+pgW0WJaQkspgz6hTFpGWfQpLafPKJtW0EpaRatpDa2ldbSeNtBG2kSbaQttpW20nT6nHbSTdtFu2kN7aR99QfvpSzpAX1EOfU0H6S90iL6hw/Qt5dJ3dIS+p6P0Ax2jH+k4/UQn6CSdop/pNP1CZ+gsnaPzdIF+pYt0iS6TJxFCKEMV6jAI84X5w5iwQBgbXhfGhdeHBcMbwkh4Yxgf3hQWCm8OC4dFwqJhsTAhLB6WCE2IoQ0pDMOSYakwGt4Slg5vDRPDMmHZsFzowvJhUnhbWCG8PawY3hFWCu8MK4d3hVXCquHjD1YP7w5rhPeENcNaYe3w3rBOWDesF9YP7wsbhPeHDcMHwkbhg2HF8KGwSfhw2DR8JGwWPho2Dx8LW4SPhy3DJ8JWYeuwTdg2bBc+GbYPnwo7hB3DTuHTYefwmbBL+GyYHD4Xdg2f/8PjKeGAcGD4Wvha6P0Dakl0aTQj+kk0M7osmhX9NLo8+lk0O7oiujK6Kro6uia6Nrouuj66Iboxuim6ObolujW6Lep9/fzCgZNOOe0Cl8/ldzGugIt117k4d70r6G5wEXeji3c3uULuZlfYFXFFXTGX4Iq7Es44dNaRC11JV8pF3S2utLvVJboyrqwr55wr75JcW9fOtXPt3VOug+voOrmn3dPuGfeMe9Y9655zXd3zrpt7wXV3L7oe7iX3knvZ9XK9XR/3iuvrXnX9XH+X4lLcQDfQDXKD3BA3xA1zw9xwN9yNcCNcqkt1o9woN9qNdmPcGDfWjXXj3Xg3wU1wk9wkN8VNcWkuzU1z09x0N93NcDPcLDfLpbt0N9fNdfPcPLfALXALExe6RW6RW+KWuAyX4TJdpstyWW65W+6yXbZb6Va61W61W+vWuvVuvdvoNrrNbrPb6ra67W672+F2uF1ul9vj9rh9bp/b7/a7A+6Ay3E57qA76A65Q+6w+9bluu/cEfe9O+p+cMfcj+64+8mdcCfdKfezO+1+cWfcWXfOnXcX3K/uorvkLjvv0iLvRaZF3o9Mj3wQmRGZGZkVmR1Jj8yJzI18GJkXmR9ZEPkosjDycWRRZHFkSWRpJCPySSQzsiySFfk0sjzyWSQ7siKyMrIqsjqyJuJ98R2hL+lL+ai/xZf2t/pEX8aX9eW88+V9kr/NV/C3+4r+Dl/J3+kr+7t8FV/VV/NP+Fa+tW/j2/p2/knf3j/lO/iOvpN/2nf2z/gu/lmf7J/zXf3zvpt/wXf3L/oe/iXf07/se/nevo9/xff1r/p+vr9P8QP8QP+aH+QH+yF+qB/mX/fD/Rt+hH/Tp/qRfpR/y4/2b/sx/h0/1o/z4/27foKf6Cf5yX6Kn+rT/Ht+mn/fT/cf+Bl+pp/lZ/t0P8fP9R/6eX6+X+A/8gv9x36RX+yX+KU+w3/iM/0yn+U/9cv9Zz7br/Ar/Sq/2q/xa/06v95v8Bv9Jr/Zb/Fb/Ta/3X/ud/idfpff7ff4vX6f/8Lv91/6A/4rn+O/9gf9X/wh/40/7L/1uf47f8R/74/6H/wx/6M/7n/yJ/xJf8r/7E/7X/wZf9af8+f9Bf+rv+gv+cv8P2uMMcYYY/8t6g+OD/gn35N/W1cMFEJcv7NY7n+subnwX/eDZULniBDiuf49H/23VadOSkrK3x6brURQarEQInI1P5+4Gq8QncQzIll0FBX+aX+DZe8L9Af1o3cKEft3OTHiany1/u3/Sf0nnx6fWTk8F/9f1F8sRGKpqzkFxNX4av2K/0n9Iu3/oP8C36QJ0eHvcuLE1fhq/STxlHheJP/DIxljjDHGGGOMsb8aLKt1/6P75yv35wn6ak5+cTX+o/tzxhhjjDHGGGOMXXsv9u7z7JPJyR2784Y3vOHNv2+u9V8mxhhjjDHG2J/t6kX/te6EMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhjLu/5/fJzYtT5HxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhj7Fr7PwEAAP//SOc8Mw==")
ioctl$sock_inet_tcp_SIOCOUTQNSD(0xffffffffffffffff, 0x894b, &(0x7f0000000000))

3m46.419153873s ago: executing program 7 (id=8439):
socket$inet_udp(0x2, 0x2, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000000e00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x12, 0xffffffffffffffff, 0x3000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = socket(0x10, 0x3, 0xfffffffe)
setsockopt$netlink_NETLINK_TX_RING(r4, 0x10e, 0xc, &(0x7f0000000100)={0x209d, 0x3, 0x0, 0xfffffffc}, 0x10)
write(r4, &(0x7f00000000c0)="1800000016005f0214fffffffffffff881ff000001000000", 0x18)
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000180)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x2c, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{}, &(0x7f0000000040), 0x0}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x24, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000000c0)='./file1\x00', 0x121081e, &(0x7f0000000240)={[{@grpquota}, {@nolazytime}, {@minixdf}]}, 0x1, 0x50c, &(0x7f0000000ac0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLEaGVEHsEqRsSN4pix1HsLJvQQ3rmikQlTvTIH8C5Jw7cuCC4cSkHJH5EoAaJg9GMJ6mb2o3VJHYUfz7SaObNm/r7fXH8Xuc59gtgZF2PiP2ImIiITyNiNjufy7b4qL0l1z05uLdyeHBvJRet1if/zKX1ybno+DeJa9ljFiPihw8jfpJ7Pm5jd29juVqtbGfl+WZta76xu3drvba8VlmrbJbLS4tLCx/cfr98bm19qzaRHX318R/2v/WzJK2Z7ExnO85Tu+mF4ziJ8Yj4/kUEG4KxrD0Tw06El5KPiNcj4u309T8bY+mzCQBcZa3WbLRmO8sAwFWXT+fAcvlSNhcwE/l8qdSew3sjpvPVeqN58259Z3O1PVc2F4X83fVqZSGbK5yLQi4pL6bHT8vlE+XbEfFaRPxiciotl1bq1dVh/scHAEbYtRPj/38m2+M/AHDFFYedAAAwcD3G//1B5wEADI77fwAYPcZ/ABg97fF/athpAAAD5P4fAEaP8R8ARsoPPv442VqH2fdfr362u7NR/+zWaqWxUartrJRW6ttbpbV6fS39zp7aaY9Xrde3Ft+Lnc/nvr3VaM43dvfu1Oo7m8076fd636kU0qt8sgAAhum1tx79OZeMyB9OpVt0rOVQGGpmwEXLDzsBYGjGhp0AMDRW+4LRdYZ7fNMDcEV0WaL3GcVuHxBqtVqti0sJuGA3vmT+H0ZVx/y/vwKGEWP+H0aX+X8YXa1Wrt81/6PfCwGAy80cP9Dj/f/Xs/1vsjcHfrx68ooHF5kVAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXG5H6/+WsrXAZyKfL5UiXomIuSjk7q5XKwsR8WpE/GmyMJmUF4ecMwBwVvm/5bL1v27MvjvzTNWb144PJyLip7/65JefLzeb23+MmMj9a/LofPNBdr48+OwBgNMdjdPpvuNG/snBvZWjbZD5/P27EVFsxz88mIjD4/jjMZ7ui1GIiOl/57JyW65j7uIs9u9HxBe7tT8XM+kcSHvl05Pxk9ivDDR+/pn4+bSuvU9+Fl84h1xg1DxK+p+Pur3+8nE93Xd//RfTHurssv4veaiVw7QPfBr/qP8b69H/Xe83xnu/+177aOr5uvsRXx6POIp92NH/HMXP9Yj/bp/x//KVN9/uVdf6dcSN6B6/M9Z8s7Y139jdu7VeW16rrFU2y+WlxaWFD26/X55P56jne48G//jw5qu96pL2T/eIXzyl/V/vs/0P//fpj772gvjffKdb/Hy88YL4yZj4jT7jL0//ttirLom/2qP9pz3/N/uM//ive88tGw4ADE9jd29juVqtbI/kQfR38e+zH9alyHmkD5Jn4RKk0fXgO4OKNRHdq37+TvvXdDKi8xe71XqpWL16jPOYdQMug+MXfUT8d9jJAAAAAAAAAAAAAAAAXQ3iE0vDbiMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABX1/8DAAD//9RMyv0=")
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$MON_IOCX_MFETCH(0xffffffffffffffff, 0xc0109207, &(0x7f0000000180)={0x0, 0x0, 0xfffffffd})
ioctl$MON_IOCH_MFLUSH(0xffffffffffffffff, 0x9208, 0x0)

3m46.060629719s ago: executing program 7 (id=8443):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="d032678407e851e6855fa80902a600000000000000000000000000000000000000000000000000000000f0ed2dd9ebd1722ddf16afc8dceb23acb20f106ec44e75993a1a97c66555a3c19a1a7e057580e37fbf7d186b12c157c423e0"], 0x73)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r0}, &(0x7f0000000200), &(0x7f0000000240)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001300)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000300)='./binderfs/binder0\x00', 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000740)=ANY=[@ANYBLOB="9feb01001800000000000000280000002800000003000000000000000200000d0000000000000000020000000100000002000000000000000000000500000000002e"], &(0x7f0000000100)=""/236, 0x43, 0xec, 0x1, 0x0, 0x0, @void, @value}, 0x20)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
openat$tun(0xffffffffffffff9c, &(0x7f0000000500), 0x400002, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x17, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r4}, 0x10)
r5 = syz_io_uring_setup(0x4333, &(0x7f0000000000), &(0x7f0000ff5000), &(0x7f0000ff4000))
io_uring_register$IORING_REGISTER_BUFFERS(r5, 0x0, &(0x7f0000002300)=[{0x0}], 0x1)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000480)=@base={0x2, 0x4, 0x8, 0xc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000028000000b704000000000000850000000300000095"], &(0x7f0000000040)='GPL\x00', 0xfffffffc, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket(0x1, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x10001, 0x8, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB="0c04000010000104000000000000000000480000", @ANYRES32=r7, @ANYBLOB="101000000000000008000d0005000000e4031680a40001800c0007"], 0x40c}}, 0x0)
io_uring_register$IORING_UNREGISTER_BUFFERS(r5, 0x1, 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000900)={0x18, 0x0, &(0x7f0000000780)=[@clear_death, @acquire={0x40046305, 0x2}], 0x0, 0x0, 0x0})
r8 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/cpuinfo\x00', 0x0, 0x0)
pread64(r8, &(0x7f0000000300)=""/94, 0x5e, 0x81ffffffffffffc)
syz_emit_ethernet(0x66, &(0x7f0000000340)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c200000086dd60d9000200302f00fe8000000000000000000000000000aaff0200000000000000000000000000010000883e00300ebddf62"], 0x0)
ioctl$USBDEVFS_GET_CAPABILITIES(r8, 0x8004551a, &(0x7f0000000400))

3m46.02783853s ago: executing program 6 (id=8444):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket$inet6(0x10, 0x3, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x48)
r1 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=@base={0x1b, 0x0, 0x0, 0x2000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000380)='neigh_update\x00', r2}, 0x10)
sendto$inet6(r0, &(0x7f00000000c0)="900000001c001f4d154a817393278bff0a80a578020000000104740014000100ac1414bb0542d6401051a2d708f37ac8da1a297e0099c5ac0000c5b068d0bf46d323456536016466fcb78dcaaf6c3efed495a46215be0000760700c0c80cefd28581d158ba86c9d2896c6d3bca2d0000000b0015009e49a6560641263da4de1df32c1739d7fbee9aa241731ae9e0b390", 0x90, 0x0, 0x0, 0x0)

3m45.528098419s ago: executing program 6 (id=8448):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0500000004000000020000000c00000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="d032678407e851e6855fa80902a600000000000000000000000000000000000000000000000000000000f0ed2dd9ebd1722ddf16afc8dceb23acb20f106ec44e75993a1a97c66555a3c19a1a7e057580e37fbf7d186b12c157c423e0"], 0x73)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r0}, &(0x7f0000000200), &(0x7f0000000240)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001300)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000300)='./binderfs/binder0\x00', 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000740)=ANY=[@ANYBLOB="9feb01001800000000000000280000002800000003000000000000000200000d0000000000000000020000000100000002000000000000000000000500000000002e"], &(0x7f0000000100)=""/236, 0x43, 0xec, 0x1, 0x0, 0x0, @void, @value}, 0x20)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
openat$tun(0xffffffffffffff9c, &(0x7f0000000500), 0x400002, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x17, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r4}, 0x10)
r5 = syz_io_uring_setup(0x4333, &(0x7f0000000000), &(0x7f0000ff5000), &(0x7f0000ff4000))
io_uring_register$IORING_REGISTER_BUFFERS(r5, 0x0, &(0x7f0000002300)=[{0x0}], 0x1)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000480)=@base={0x2, 0x4, 0x8, 0xc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000028000000b704000000000000850000000300000095"], &(0x7f0000000040)='GPL\x00', 0xfffffffc, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket(0x1, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x10001, 0x8, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYRES32=r7, @ANYBLOB="101000000000000008000d0005000000e4031680a40001800c0007"], 0x40c}}, 0x0)
io_uring_register$IORING_UNREGISTER_BUFFERS(r5, 0x1, 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000900)={0x18, 0x0, &(0x7f0000000780)=[@clear_death, @acquire={0x40046305, 0x2}], 0x0, 0x0, 0x0})
r8 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/cpuinfo\x00', 0x0, 0x0)
pread64(r8, &(0x7f0000000300)=""/94, 0x5e, 0x81ffffffffffffc)
syz_emit_ethernet(0x66, &(0x7f0000000340)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c200000086dd60d9000200302f00fe8000000000000000000000000000aaff0200000000000000000000000000010000883e00300ebddf62"], 0x0)
ioctl$USBDEVFS_GET_CAPABILITIES(r8, 0x8004551a, &(0x7f0000000400))

3m44.955954648s ago: executing program 6 (id=8451):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prlimit64(0x0, 0x7, &(0x7f0000000180)={0x2, 0x3}, 0x0)
socket(0x1e, 0x1, 0x0)

3m44.326653499s ago: executing program 6 (id=8453):
socket$inet_udp(0x2, 0x2, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000000e00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x12, 0xffffffffffffffff, 0x3000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = socket(0x10, 0x3, 0xfffffffe)
setsockopt$netlink_NETLINK_TX_RING(r4, 0x10e, 0xc, &(0x7f0000000100)={0x209d, 0x3, 0x0, 0xfffffffc}, 0x10)
write(r4, &(0x7f00000000c0)="1800000016005f0214fffffffffffff881ff000001000000", 0x18)
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000180)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x2c, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{}, &(0x7f0000000040), 0x0}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x24, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000000c0)='./file1\x00', 0x121081e, &(0x7f0000000240)={[{@grpquota}, {@nolazytime}, {@minixdf}]}, 0x1, 0x50c, &(0x7f0000000ac0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLEaGVEHsEqRsSN4pix1HsLJvQQ3rmikQlTvTIH8C5Jw7cuCC4cSkHJH5EoAaJg9GMJ6mb2o3VJHYUfz7SaObNm/r7fXH8Xuc59gtgZF2PiP2ImIiITyNiNjufy7b4qL0l1z05uLdyeHBvJRet1if/zKX1ybno+DeJa9ljFiPihw8jfpJ7Pm5jd29juVqtbGfl+WZta76xu3drvba8VlmrbJbLS4tLCx/cfr98bm19qzaRHX318R/2v/WzJK2Z7ExnO85Tu+mF4ziJ8Yj4/kUEG4KxrD0Tw06El5KPiNcj4u309T8bY+mzCQBcZa3WbLRmO8sAwFWXT+fAcvlSNhcwE/l8qdSew3sjpvPVeqN58259Z3O1PVc2F4X83fVqZSGbK5yLQi4pL6bHT8vlE+XbEfFaRPxiciotl1bq1dVh/scHAEbYtRPj/38m2+M/AHDFFYedAAAwcD3G//1B5wEADI77fwAYPcZ/ABg97fF/athpAAAD5P4fAEaP8R8ARsoPPv442VqH2fdfr362u7NR/+zWaqWxUartrJRW6ttbpbV6fS39zp7aaY9Xrde3Ft+Lnc/nvr3VaM43dvfu1Oo7m8076fd636kU0qt8sgAAhum1tx79OZeMyB9OpVt0rOVQGGpmwEXLDzsBYGjGhp0AMDRW+4LRdYZ7fNMDcEV0WaL3GcVuHxBqtVqti0sJuGA3vmT+H0ZVx/y/vwKGEWP+H0aX+X8YXa1Wrt81/6PfCwGAy80cP9Dj/f/Xs/1vsjcHfrx68ooHF5kVAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXG5H6/+WsrXAZyKfL5UiXomIuSjk7q5XKwsR8WpE/GmyMJmUF4ecMwBwVvm/5bL1v27MvjvzTNWb144PJyLip7/65JefLzeb23+MmMj9a/LofPNBdr48+OwBgNMdjdPpvuNG/snBvZWjbZD5/P27EVFsxz88mIjD4/jjMZ7ui1GIiOl/57JyW65j7uIs9u9HxBe7tT8XM+kcSHvl05Pxk9ivDDR+/pn4+bSuvU9+Fl84h1xg1DxK+p+Pur3+8nE93Xd//RfTHurssv4veaiVw7QPfBr/qP8b69H/Xe83xnu/+177aOr5uvsRXx6POIp92NH/HMXP9Yj/bp/x//KVN9/uVdf6dcSN6B6/M9Z8s7Y139jdu7VeW16rrFU2y+WlxaWFD26/X55P56jne48G//jw5qu96pL2T/eIXzyl/V/vs/0P//fpj772gvjffKdb/Hy88YL4yZj4jT7jL0//ttirLom/2qP9pz3/N/uM//ive88tGw4ADE9jd29juVqtbI/kQfR38e+zH9alyHmkD5Jn4RKk0fXgO4OKNRHdq37+TvvXdDKi8xe71XqpWL16jPOYdQMug+MXfUT8d9jJAAAAAAAAAAAAAAAAXQ3iE0vDbiMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABX1/8DAAD//9RMyv0=")
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$MON_IOCX_MFETCH(0xffffffffffffffff, 0xc0109207, &(0x7f0000000180)={0x0, 0x0, 0xfffffffd})
ioctl$MON_IOCH_MFLUSH(0xffffffffffffffff, 0x9208, 0x0)

3m44.195863872s ago: executing program 6 (id=8454):
fsopen(0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0x8, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r0}, &(0x7f0000000040), &(0x7f0000000280)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10)
r2 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r2, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'veth0_to_bridge\x00', <r3=>0x0})
sendto$packet(r2, &(0x7f0000000180)="0b0312002e0064000200475400f6a13bb1000000086086dd4803", 0x100a6, 0x0, &(0x7f0000000140)={0x11, 0x8100, r3}, 0x14)

3m36.872439279s ago: executing program 7 (id=8510):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @multicast1}, 0x10)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000000)=[@mss, @sack_perm, @mss={0x2, 0xfff}, @window={0x3, 0x0, 0x401}, @window], 0x5)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0), 0x4)
sendto$inet(r0, &(0x7f0000000340)='\x00', 0x1, 0x0, 0x0, 0x0)
sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff94, 0xb, 0x0, 0x11)
recvfrom$inet(r0, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0xc9100120, 0x0, 0xfffffffffffffd25)

3m36.80944371s ago: executing program 42 (id=8510):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @multicast1}, 0x10)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000000)=[@mss, @sack_perm, @mss={0x2, 0xfff}, @window={0x3, 0x0, 0x401}, @window], 0x5)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0), 0x4)
sendto$inet(r0, &(0x7f0000000340)='\x00', 0x1, 0x0, 0x0, 0x0)
sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff94, 0xb, 0x0, 0x11)
recvfrom$inet(r0, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0xc9100120, 0x0, 0xfffffffffffffd25)

3m35.259661337s ago: executing program 6 (id=8521):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="01000000040000000800000008"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
bpf$BPF_BTF_GET_NEXT_ID(0x17, 0x0, 0x0)

3m35.172058578s ago: executing program 43 (id=8521):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="01000000040000000800000008"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
bpf$BPF_BTF_GET_NEXT_ID(0x17, 0x0, 0x0)

1m55.083568784s ago: executing program 9 (id=9529):
socket$inet6_udp(0xa, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000d8d60b007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
syz_emit_ethernet(0x42, 0x0, 0x0)
io_uring_setup(0x79ae, &(0x7f0000000100)={0x0, 0xaa00, 0x2, 0x4, 0x2})
r5 = socket(0x840000000002, 0x3, 0xff)
getsockopt$sock_cred(r5, 0x1, 0x11, 0x0, &(0x7f0000000140))

1m54.198958279s ago: executing program 9 (id=9537):
socket$inet6_udp(0xa, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000d8d60b007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
syz_emit_ethernet(0x42, 0x0, 0x0)
io_uring_setup(0x79ae, &(0x7f0000000100)={0x0, 0xaa00, 0x2, 0x4, 0x2})
socket(0x840000000002, 0x3, 0xff)
syz_mount_image$exfat(&(0x7f0000000400), &(0x7f0000000240)='./file0\x00', 0x2000084c, &(0x7f0000000540)=ANY=[@ANYBLOB='iocharset=ascii,discard,dmask=00000000000000000000007,uid=', @ANYRESHEX, @ANYBLOB=',dmask=00000000000000000000152,fmask=00000000000000000000006,gid=', @ANYRESHEX, @ANYBLOB=',uid=', @ANYRESHEX, @ANYBLOB="2c646973636172642c00fb278330ab3b4884d36adf6908d31f57832035e96a151323e6f5a66fbca6bae94686c25de12000"/68], 0x81, 0x14f5, &(0x7f0000001580)="$eJzs3AuYjlXXOPC99t43Y5r0NMlh2GuvmycNtkmSHBJySJIkSXJKSJokSUgMOSUNSchxkhyGkBymMWmcz4eckyavNEkSklPY/0vv+33e9+v9vr7v//b/u65v1u+69jV7zf2s9ax71lzz3PdzXfP80HNUvRb1azcjIvEvgb9+SRFCxAghhgkhbhBCBEKISvGV4q8cL6Ag5V97EvbnejT9WnfAriWef97G88/beP55G88/b+P55208/7yN55+38fwZy8u2zyl2I6+8u/j9/7yMX///F8ktP/mbjeVv7vU/SOH55208/7yN55+38fzzNp5/3sbz/9+v1n9xjOeft/H8GcvLrvX7z7yu7brWv3+MMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxvKGc/4qLYT4t/217osxxhhjjDHGGGN/Hp//WnfAGGOMMcYYY4yx//dASKGEFoHIJ/KLGFFAxIrrRJy4XhQUN4iIuFHEi5tEIXGzKCyKiKKimEgQxUUJYQQKK0iEoqQoJaLiFlFa3CoSRRlRVpQTTpQXSeI2UUHcLiqKO0QlcaeoLO4SVURVUU1UF3eLGuIeUVPUErXFvaKOqCvqifriPtFA3C8aigdEI/GgaCweEk3Ew6KpeEQ0E4+K5uIx0UI8LlqKJ0Qr0Vq0EW1Fu/+r/FdEX/Gq6Cf6ixQxQAwUr4lBYrAYIoaKYeJ1MVy8IUaIN0WqGClGibfEaPG2GCPeEWPFODFevCsmiIlikpgspoipIk28J6aJ98V08YGYIWaKWWK2SBdzxFzxoZgn5osF4iOxUHwsFonFYolYKjLEJyJTLBNZ4lOxXHwmssUKsVKsEqvFGrFWrBPrxQaxUWwSm8UWsVVsE9vF52KH2Cl2id1ij9gr9okvxH7xpTggvhI54uv/Yf7Z/5DfCwQIkCBBg4Z8kA9iIAZiIRbiIA4KQkGIQATiIR4KQSEoDIWhKBSFBEiAElACEBAICEpCSYhCFEpDaUiERCgLZcGBgyRIggpwO1SEilAJKkFlqAxVoCpUhepQHWpADagJNaE21IY6UAfqQT24D+6D+6EhNIRG0AgaQ2NoAk2gKTSFZtAMmkNzaAEtoCW0hFbQCtpAG2gH7aA9tIcO0AE6QSfoDJ2hC3SBZEiGrtAVukE36A7doQf0gJ7QE3pBb+gNr8Ar8Cq8Cv2hjhwAA2EgDIJBMASGwlB4HYbDG/AGvAmpMBJGwVvwFrwNY+AMjIVxMB7GQw05ESbBZCA5FdIgDabBNJgO02EGzISZMBvSYQ7MhbkwD+bDfPgIFsLH8DEshsWwFDIgAzJhGWRBFiyHs5ANK2AlrILVsAZWwzpYD+tgI2yCjbAFtsA22Aafw+ewE3bCbtgNe2EvfAFfwJfwJaRCDuTAQTgIh+AQHIbDkAu5cASOwFE4CsfgGByH43ACTsIpOAmn4TScgbNwDs7BBbgAF+GlhO+a7y2zIVXIK7TUMp/MJ2NkjIyVsTJOxsmCsqCMyIiMl/GykCwkC8vCsqgsKhNkgiwhS0iUKEmGsqQsKaMyKkvL0jJRJsqysqx00skkmSQryAqyoqwoK8k7ZWV5l6wiq8qOrrqsLmvITq6mrCVry9qyjqwr68n6sr5sIBvIhrKhbCQbycaysWwiH5ZN5QAYAo/KK5NpIUdCSzkKWsnWso1sK9+GJ2V7OQY6yI6yk3xajoOx0EW2d8nyOdlVToJu8gU5GV6UPeRU6Clflr1kb9lHviL7yg6un+wvZ8AAOVDOhkFysBwih8p5UFdemVg9+aZMlSPlKPmWXApvyzHyHTlWjpPj5btygpwoJ8nJcoqcKtPke3KafF9Olx/IGXKmnCVny3Q5R86VH8p5cr5cID+SC+XHcpFcLJfIpTJDfiIz5TKZJT+Vy+VnMluukCvlKrlarpFr5Tq5Xm6QG+UmuVlukVvlNrldfi53yJ1yl9wt98i9cp/8Qu6XX8oD8iuZI7+WB+Vf5CH5jTwsv5W58jt5RH4vj8of5DH5ozwuf5In5El5Sv4sT8tf5Bl5Vp6T5+UF+au8KC/Jy9JLoUBJpZRWgcqn8qsYVUDFqutUnLpeFVQ3qIi6UcWrm1QhdbMqrIqooqqYSlDFVQllFCqrSIWqpCqlouoWVVrdqhJVGVVWlVNOlVdJ6jZVQd2uKqo7VCV1p6qs7lJVVFVVTVVXd6sa6h5VU9VStdW9qo6qq+qp+uo+1UDdrxqqB1Qj9aBqrB5STdTDqql6RDVTj6rm6jHVQj2uWqonVCvVWrVRbVU79aRqr55SHVRH1Uk9rTqrZ1QX9axKVs+prup51U29oLqrF1UP9ZLqqV5WvVRv1UddUpeVV/1Uf5WiBqiB6jU1SA1WQ9RQNUy9roarN9QI9aZKVSPVKPWWGq3eVmPUO2qsGqfGq3fVBDVRTVKT1RQ1VaWp99Q09b6arj5QM9RMNUvNVulqjhryt0oL/hv57/+T/BG/Pfs2tV19rnaonWqX2q32qL1qn9qn9qv96oA6oHJUjjqoDqpD6pA6rA6rXJWrjqgj6qg6qo6pY+q4Oq5OqJPqvPpZnVa/qDPqrDqrzqsL6oK6+LefgdCgpVZa60Dn0/l1jC6gY/V1Ok5frwvqG3RE36jj9U26kL5ZF9ZFdFFdTCfo4rqENhq11aRDXVKX0lF9iy6tb9WJuowuq8tpp8vrJH3bv5z/R/210+10e91ed9AddCfdSXfWnXUX3UUn62TdVXfV3XQ33V131z10D91T99S9dC/dR/fRfXVf3U/30yk6RQ/Ur+lBerAeoofqYfp1PVwP1yP0CJ2qU/UoPUqP1qP1GD1Gj9Vj9Xg9Xk/QE/QkPUlP0VN0mk7T0/Q0PV1P1zP0DD1Lz9LpOl3P1XP1PD1PL9AL9EK9UC/Si/QSvURn6AydqTN1ls7Sy/Vyna1X6BV6lV6l1+g1ep1epzfoDXqT3qS36C06W2/X2/UOvUPv0rv0Hr1H79P79H69Xx/QB3SOztEH9UF9SB/Sh/Vhnatz9RF9RB/VR/UxfUwf18f1CX1Cn9Kn9Gl9Wp/RZ/Q5fU5f0Bf0RX1RX9aXr1z2BTKQgQ50kC/IF8QEMUFsEBvEBXFBwaBgEAkiQXwQHxQKbg4KB0WCokGxICEoHpQITICBDSgIg5JBqSAa3BKUDm4NEoMyQdmgXOCC8kFScFtQIbg9qBjcEVQK7gwqB3cFVYKqQbWgenB3UCO4J6gZ1ApqB/cGdYK6Qb2gfnBf0CC4P2gYPBA0Ch4MGgcPBU2Ch4OmwSNBs+DRoHnwWNAieDxoGTwRtApaB22CtkG7P7W+92eKPOX6mf4mxQwwA81rZpAZbIaYoWaYed0MN2+YEeZNk2pGmlHmLTPavG3GmHfMWDPOjDfvmglmoplkJpspZqpJM++ZaeZ9M918YGaYmWaWmW3SzRwz13xo5pn5ZoH5yCw0H5tFZrFZYpaaDPOJyTTLTJb51Cw3n5lss8KsNKvMarPGrDXrzHqzwWw0m8xms8VsNdvMdvO52WF2ml1mt9lj9pp95guz33xpDpivTI752hw0fzGHzDfmsPnW5JrvzBHzvTlqfjDHzI/muPnJnDAnzSnzszltfjFnzFlzzpw3F8yv5qK5ZC4bf+Xi/srLO2rUmA/zYQzGYCzGYhzGYUEsiBGMYDzGYyEshIWxMBbFopiACVgCS+AVhIQlsSRGMYqlsTQmYiKWxbLo0GESJmEFrIAVsSJWwkpYGStjFayC1bAa3o134z14D9bCWngv3ot1sS7Wx/rYABtgQ2yIjbARNsbG2ASbYFNsis2wGTbH5tgCW2BLbImtsBW2wTbYDtthe2yPHbADdsJO2Bk7YxfsgsmYjF2xK3bDbtgdu2MP7IE9sSf2wl7YB/tgX+yL/bAfpmAKDsSBOAgH4RAcgsNwGA7H4TgCR2AqpuIoHIWjcTSOwTE4FsfheHwXJ+BEnISTcQpOxTRMw2k4DafjdJyBM3AWzsJ0TMe5OBfn4TxcgAtwIS7ERbgIl+ASzMAMzMRMzMIsXI7LMRuzcSWuxNW4GtfiWlyP63EjbsTNuBm34lbcjttxB+7AXbgL9+Ae3If7cD/uxwN4AHMwBw/iQTyEh/AwHsZczMUjeASP4lE8hsfwOB7HE3gCT+EpPI2n8QyewXN4Di/gr3gRL+Fl9BhjpYi119k4e70taG+wMbaA/fu4qC1mE2xxW8IaW9gW+YcYrbWJtowta8tZZ8vbJHvb7+IqtqqtZqvbu20Ne4+t+bu4gb3fNrQP2Eb2QVvf3vcPcWP7kG1iH7dN7RO2mW1tm9u2toV93La0T9hWtrVtY9vazvYZ28U+a5Ptc7arff53caZdZtfbDXaj3WT32y/tOXveHrU/2Av2V9vP9rfD7Ot2uH3DjrBv2lQ78nfxePuunWAn2kl2sp1ip/4unmVn23Q7x861H9p5dv7v4gz7iV1os+wiu9gusUt/i6/0lGU/tcvtZzbbrrAr7Sq72q6xa+26f+91ld1it9ptdp/9wu6wO+0uu9vusXt/i6+cxwH7lc2xX9sj9nt7yH5jD9tjNtd+91t85fyO2R/tcfuTPWFP2lP2Z3va/mLP2LO/nf+Vc//ZXrKXrbeCgCQp0hRQPspPMVSAYuk6iqPrqSDdQBG6keLpJipEN1NhKkJFqRglUHEqQYaQLBGFVJJKUZRuodJ0KyVSGSpL5chReUqi26gC3U4V6Q6qRHdSZbqLqlBVqkbV6W6qQfdQTapFteleqkN1qR7Vp/uoAd1PDekBakQPUmN6iJrQw9SUHqFm9Cg1p8eoBT1OLekJakWtqQ21pXb0JLWnp6gDdaRO9DR1pmeoCz1LyfQcdaXnqRu9QN3pRepBL1FPepl6UW/qQ69QX3qV+lF/SqEBNJBeo0E0mIbQUBpGr9NweoNG0JuUSiNpFL1Fo+ltGkPv0FgaR+PpXZpAE2kSTaYpNJXS6D2aRu/TdPqAZtBMmkWzKZ3m0Fz6kObRfFpAH9FC+pgW0WJaQkspgz6hTFpGWfQpLafPKJtW0EpaRatpDa2ldbSeNtBG2kSbaQttpW20nT6nHbSTdtFu2kN7aR99QfvpSzpAX1EOfU0H6S90iL6hw/Qt5dJ3dIS+p6P0Ax2jH+k4/UQn6CSdop/pNP1CZ+gsnaPzdIF+pYt0iS6TJxFCKEMV6jAI84X5w5iwQBgbXhfGhdeHBcMbwkh4Yxgf3hQWCm8OC4dFwqJhsTAhLB6WCE2IoQ0pDMOSYakwGt4Slg5vDRPDMmHZsFzowvJhUnhbWCG8PawY3hFWCu8MK4d3hVXCquHjD1YP7w5rhPeENcNaYe3w3rBOWDesF9YP7wsbhPeHDcMHwkbhg2HF8KGwSfhw2DR8JGwWPho2Dx8LW4SPhy3DJ8JWYeuwTdg2bBc+GbYPnwo7hB3DTuHTYefwmbBL+GyYHD4Xdg2f/8PjKeGAcGD4Wvha6P0Dakl0aTQj+kk0M7osmhX9NLo8+lk0O7oiujK6Kro6uia6Nrouuj66Iboxuim6ObolujW6Lep9/fzCgZNOOe0Cl8/ldzGugIt117k4d70r6G5wEXeji3c3uULuZlfYFXFFXTGX4Iq7Es44dNaRC11JV8pF3S2utLvVJboyrqwr55wr75JcW9fOtXPt3VOug+voOrmn3dPuGfeMe9Y9655zXd3zrpt7wXV3L7oe7iX3knvZ9XK9XR/3iuvrXnX9XH+X4lLcQDfQDXKD3BA3xA1zw9xwN9yNcCNcqkt1o9woN9qNdmPcGDfWjXXj3Xg3wU1wk9wkN8VNcWkuzU1z09x0N93NcDPcLDfLpbt0N9fNdfPcPLfALXALExe6RW6RW+KWuAyX4TJdpstyWW65W+6yXbZb6Va61W61W+vWuvVuvdvoNrrNbrPb6ra67W672+F2uF1ul9vj9rh9bp/b7/a7A+6Ay3E57qA76A65Q+6w+9bluu/cEfe9O+p+cMfcj+64+8mdcCfdKfezO+1+cWfcWXfOnXcX3K/uorvkLjvv0iLvRaZF3o9Mj3wQmRGZGZkVmR1Jj8yJzI18GJkXmR9ZEPkosjDycWRRZHFkSWRpJCPySSQzsiySFfk0sjzyWSQ7siKyMrIqsjqyJuJ98R2hL+lL+ai/xZf2t/pEX8aX9eW88+V9kr/NV/C3+4r+Dl/J3+kr+7t8FV/VV/NP+Fa+tW/j2/p2/knf3j/lO/iOvpN/2nf2z/gu/lmf7J/zXf3zvpt/wXf3L/oe/iXf07/se/nevo9/xff1r/p+vr9P8QP8QP+aH+QH+yF+qB/mX/fD/Rt+hH/Tp/qRfpR/y4/2b/sx/h0/1o/z4/27foKf6Cf5yX6Kn+rT/Ht+mn/fT/cf+Bl+pp/lZ/t0P8fP9R/6eX6+X+A/8gv9x36RX+yX+KU+w3/iM/0yn+U/9cv9Zz7br/Ar/Sq/2q/xa/06v95v8Bv9Jr/Zb/Fb/Ta/3X/ud/idfpff7ff4vX6f/8Lv91/6A/4rn+O/9gf9X/wh/40/7L/1uf47f8R/74/6H/wx/6M/7n/yJ/xJf8r/7E/7X/wZf9af8+f9Bf+rv+gv+cv8P2uMMcYYY/8t6g+OD/gn35N/W1cMFEJcv7NY7n+subnwX/eDZULniBDiuf49H/23VadOSkrK3x6brURQarEQInI1P5+4Gq8QncQzIll0FBX+aX+DZe8L9Af1o3cKEft3OTHiany1/u3/Sf0nnx6fWTk8F/9f1F8sRGKpqzkFxNX4av2K/0n9Iu3/oP8C36QJ0eHvcuLE1fhq/STxlHheJP/DIxljjDHGGGOMsb8aLKt1/6P75yv35wn6ak5+cTX+o/tzxhhjjDHGGGOMXXsv9u7z7JPJyR2784Y3vOHNv2+u9V8mxhhjjDHG2J/t6kX/te6EMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhjLu/5/fJzYtT5HxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhj7Fr7PwEAAP//SOc8Mw==")
ioctl$sock_inet_tcp_SIOCOUTQNSD(0xffffffffffffffff, 0x894b, &(0x7f0000000000))

1m53.073061279s ago: executing program 9 (id=9548):
r0 = socket$netlink(0x10, 0x3, 0xf) (async)
r1 = socket$netlink(0x10, 0x3, 0xf)
bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (async)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10) (async)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000000), 0x4)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0xa, 0x8, 0x7fe2, 0xfffffffe, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xfffffffd, 0x0, 0x0, @void, @value, @void, @value}, 0x50) (async)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r1, 0x10e, 0x4, &(0x7f00000003c0)=0x6, 0xdc) (async)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r5, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b00000800395032303030"], 0x15) (async)
r6 = dup(r5)
write$FUSE_BMAP(r6, &(0x7f0000000100)={0x18}, 0x18) (async)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000400)='kmem_cache_free\x00', r8}, 0x18)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000002280)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB=',wfdno=', @ANYRESHEX=r6]) (async)
r9 = socket$netlink(0x10, 0x3, 0x0)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={r9, 0x58, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r10=>0x0}}, 0x10)
sendmsg$nl_route(r9, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)=@newlink={0x58, 0x10, 0xffffff1f, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x38, 0x12, 0x0, 0x1, @vti={{0x8}, {0x2c, 0x2, 0x0, 0x1, [@IFLA_VTI_LOCAL={0x8, 0x4, @multicast2}, @vti_common_policy=[@IFLA_VTI_FWMARK={0x8, 0x6, 0x1}, @IFLA_VTI_LINK={0x8, 0x1, r10}, @IFLA_VTI_FWMARK={0x8, 0x6, 0x6}], @IFLA_VTI_REMOTE={0x8, 0x5, @remote}]}}}]}, 0x58}, 0x1, 0x0, 0x0, 0x11}, 0x0)
sendmsg$IPCTNL_MSG_TIMEOUT_GET(r0, &(0x7f0000000500)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000400)={0x14, 0x1, 0x8, 0x101}, 0x14}}, 0x0)

1m53.0324505s ago: executing program 9 (id=9549):
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b00000800395032303030"], 0x15)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xe, &(0x7f0000000700)={[{@nolazytime}, {@init_itable_val={'init_itable', 0x3d, 0x7fffffff}}, {@debug}, {@lazytime}, {@nombcache}, {@noload}]}, 0x3, 0x440, &(0x7f0000000cc0)="$eJzs28tvG8UfAPDv2kn66+uXUJVHH0CgIMoradJSeuACAokDSEhwKMeQpFWo26AmSLSKICBUjqgSJy6IIxJ/ASe4IOCExBXuqFKFcmnhZLT2bmI7thunTlzqz0dad2Z33Jmvd8ee2ckG0LdG05ckYk9E/B4Rw9VsfYHR6j83V5am/15Zmk6iXH7zr6RS7sbK0nReNH/f7jwzEFH4NIlDTepduHT53FSpNHsxy48vnn9vfOHS5Wfnzk+dnT07e2Hy1KkTxyeePzn5XFfiTOO6cfDD+cMHXn376uvTp6++8/O3SR5/QxxdMtru4OPlcper6629NelkoIcNoSPFajeNwUr/H45irJ284Xjlk542DthS5XK5fF/rw8tl4C6WRK9bAPRG/kOfzn/zbZuGHneE6y9WJ0Bp3DezrXpkIApZmcGG+W03jUbE6eV/vkq32Jr7EAAAdb5Pxz/PNBv/FaL2vtD/szWUkYi4JyL2RcTJiNgfEfdGVMreHxEPdFh/4yLJ+vFP4dqmAtugdPz3Qra2VT/+y0d/MVLMcnsr8Q8mZ+ZKs8eyz+RoDO5I8xNt6vjh5d8+b3WsdvyXbmn9+Vgwa8e1gR3175mZWpy6nZhrXf844uBAs/iT1ZWAJCIORMTBTdYx99Q3h1sdu3X8bXRhnan8dcQT1fO/HA3x55L265Pj/4vS7LHx/KpY75dfr7zRqv7bir8L0vO/q+n1vxr/SFK7XrvQyf/+5ZPp65U/Pms5p9ns9T+UvFW374OpxcWLExFDyWvVRtfun2woN7lWPo3/6JHm/X9frH0ShyIivYgfjIiHIuLhrO2PRMSjEXGkzafw00uPvbv5+LdWGv9MR+d/LTEUjXuaJ4rnfvyurtKRTuJPz/+JSupotmcj338baVenVzMAAAD8VxUiYk8khbHVdKEwNlb9G/79satQml9YfPrM/PsXZqrPCIzEYCG/0zVccz90IpvW5/nJhvzx7L7xF8WdlfzY9HxpptfBQ5/b3aL/p/4s9rp1wJbzvBb0L/0f+pf+D/1L/4f+1aT/7+xFO4Dt1+z3/6MetAPYfg3937If9BHzf+hfm+n/vjPg7tC2Lw9tXzuAbbWwM279kLyExLpEFO6IZkhsUaLX30wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADd8W8AAAD//58P56I=")
r2 = socket$inet6(0xa, 0x80002, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpu.stat\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r3, 0x0)
ftruncate(r3, 0x3)
getsockopt$inet6_mreq(r2, 0x88, 0x14, 0x0, &(0x7f0000000000))
r4 = dup(r1)
write$FUSE_BMAP(r4, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_NOTIFY_RETRIEVE(r4, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000002280)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r4])
r5 = open(&(0x7f0000000100)='.\x00', 0x204240, 0x20)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xb, &(0x7f0000000c80)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
ioctl$sock_inet_SIOCGIFPFLAGS(r4, 0x8935, &(0x7f0000000140)={'tunl0\x00'})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f00000003c0)='objagg_create\x00', r6, 0x0, 0x2000000000000}, 0x18)
connect$inet6(0xffffffffffffffff, &(0x7f0000000280)={0xa, 0x4e20, 0x7fff, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x80}, 0x1c)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x0, &(0x7f0000000040)})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r7=>0xffffffffffffffff})
connect$unix(r7, &(0x7f000057eff8)=@abs, 0x6e)
ioctl$TIOCMGET(r4, 0x5415, &(0x7f00000001c0))
open_tree(r4, &(0x7f0000000080)='./file0\x00', 0x1000)
socket$nl_netfilter(0x10, 0x3, 0xc)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r8}, 0x0, &(0x7f00000002c0)}, 0x20)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYRESDEC=r5], &(0x7f0000000400)='GPL\x00', 0xffffc, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r9}, 0x10)
syz_emit_ethernet(0xfdef, &(0x7f0000000380)=ANY=[@ANYBLOB="aaaaaaaaaaaa00000000000008004500fde1000000000033907800000000ffffff0609ab49b5d44d9478"], 0x0)
prctl$PR_TASK_PERF_EVENTS_DISABLE(0x1f)

1m52.478263279s ago: executing program 9 (id=9554):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xe, 0x8b}, 0x0)
sendmsg$NFQNL_MSG_CONFIG(0xffffffffffffffff, &(0x7f0000000ac0)={0x0, 0x0, 0x0}, 0x90)
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$inet6(0xa, 0x2, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_GET(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x14}}, 0x0)
getsockname$packet(r4, &(0x7f0000000180)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000580)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="400000001000370400"/20, @ANYRES32=r5, @ANYBLOB="8b040400000000002000128008000100736974001400028008000100", @ANYRES32=r5, @ANYBLOB="08000300e060"], 0x40}}, 0x0)
sendmmsg$inet(r2, &(0x7f0000002940)=[{{&(0x7f0000000040)={0x2, 0x4e1c, @remote}, 0x10, 0x0, 0x0, &(0x7f00000004c0)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r5, @empty, @empty}}}], 0x20}}], 0x1, 0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="000002f0d31209000000bc2e79e995"], 0x0)
write$binfmt_script(r6, &(0x7f0000000100), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
preadv(r6, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
sendmsg(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000140)="5500000018007f5f00fe01b2a4a2809302060000ff41fd01020400000a0012", 0x1f}], 0x1, 0x0, 0x0, 0x7a000000}, 0x4000884)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000180)="66b9800000c00f326635000800000f300f0f1c9a65660ff3b20618baa000ec672e660f38803d004000000f285473f61366b9800000c00f326635004000000f300f20e06635800000000f22e0f30fa6c8", 0x50}], 0x1, 0x0, 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20004000}, 0x14)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x10)
ioctl$KVM_RUN(r7, 0xae80, 0x0)

1m51.685448143s ago: executing program 9 (id=9560):
r0 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$inet6_udp_int(r0, 0x11, 0x67, &(0x7f0000000040)=0x91, 0x4)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x4e23, 0x400, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x3b}}}, 0x1c)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0xfffffffd, @local, 0x2}, 0x1c)

1m51.684609763s ago: executing program 44 (id=9560):
r0 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$inet6_udp_int(r0, 0x11, 0x67, &(0x7f0000000040)=0x91, 0x4)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x4e23, 0x400, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x3b}}}, 0x1c)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0xfffffffd, @local, 0x2}, 0x1c)

2.788861308s ago: executing program 2 (id=10448):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x3, 0x7, 0x9, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x601c2, 0x48)
ftruncate(r1, 0x8800000)

2.66532716s ago: executing program 2 (id=10449):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x8400, &(0x7f0000000300), 0x1, 0x4a6, &(0x7f0000000a40)="$eJzs3c9rXNUeAPDvzDRpkua9/niPR9sHr4U+6HtKM/mBNFEXulIXBbHgRqHGZBprJpmQmdQmdJHqrgsXoiiIC/f+BW7syiKIa92LC6lojaCCMHLvzKT5NXXQNAO5nw/czrn33M73nAzfw51z750bQGadTv7JRQxGxBcRcbixunmH042XtbvXp5IlF/X6xe9z6X7JemvX1v87FBGrEdEXEc89FfFybnvc6vLK7GS5XFpsrhdrcwvF6vLKuStzkzOlmdL8yPj5iYnx4bHRiV3r6803X7154eNnej/6+Y07t9/69JOkWYPNuo392E2NrvfE0Q3bDkTE4w8iWBcUmv3p73ZD+FOSz+8fEXEmzf/DUUg/TSAL6vV6/bf6wXbVq3Vg38qnx8C5/FBENMr5/NBQ4xj+nzGQL1eqtYcvV5bmpxvHykeiJ3/5Srk03PyucCR6csn6SFq+tz66ZX0sIj0GfrvQn64PTVXK03s71AFbHNqS/z8VGvkPZISv/JBd8h+yS/5Ddsl/yC75D9kl/yG75D9kl/yH7JL/kF3yH7JL/kMmPXvhQrLUW/e/T19dXpqtXD03XarODs0tTQ1NVRYXhmYqlZn0np25P3q/cqWyMPJILF0r1krVWrG6vHJprrI0X7uU3td/qdSzJ70COnH01K2vchGx+mh/uiR6m3VyFfa3ej0X3b4HGeiOQrcHIKBrTP1BdvmOD+zwE72b9LWrWNj9tgB7I9/tBgBdc/aE83+QVeb/IbvM/0N2OcYHzP9D9pj/h+wabPP8r79teHbXcET8PSK+LPQcbD3rC9gP8t/mmsf/Zw//d3BrbW/ul/QUQW9EvPb+xXevTdZqiyPJ9h/Wt9fea24f7Ub7gU618rSVxwBAdq3dvT7VWvYy7ndPNi5C2B7/QHNusi89Rzmwltt0rUJul65dWL0REcd3ip9rPu+8ceZjYK2wLf6x5muu8RZpew+kz03fm/gnNsT/z4b4J//yXwWy4VYy/gzvlH/5NKdjPf82jz+Du3TtRPvxL78+/hXajH+nOozxygevf9M2/o2IkzvGb8XrS2NtjZ+07WyH8e+8+Py/2tXVP2y8z07xW5JSsTa3UKwur5xLf0dupjQ/Mn5+YmJ8eGx0opjOURdbM9XbPXb889v36/9Am/jt+v9Es03/77D/v/77sxdO3yf+/87s/PkfaxM/0R8RD3UY/8fRr19qV5fEn27T//x94ifbxjqMX33n6YMd7goA7IHq8srsZLlcWlRQUFBYL3R7ZAIetHtJ3+2WAAAAAAAAAAAAAJ3ai8uJu91HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID94PcAAAD//5j81ps=")
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = socket$inet6(0xa, 0x80002, 0x0)
connect$inet6(r2, &(0x7f0000000080)={0xa, 0x4e23, 0x400, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x3b}}}, 0x1c)
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000280)={&(0x7f0000000340)={0x70, 0x0, 0x100, 0x70bd2c, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_ADDR={0x20, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @rand_addr=' \x01\x00'}]}, @MPTCP_PM_ATTR_LOC_ID={0x5, 0x5, 0xfe}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x5}, @MPTCP_PM_ATTR_TOKEN={0x8, 0x4, 0x401}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast1}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x31}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}]}, @MPTCP_PM_ATTR_LOC_ID={0x5, 0x5, 0x3}]}, 0x70}}, 0x800)
sendmmsg$inet6(r2, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4001c00)
syz_open_procfs(0xffffffffffffffff, 0x0)

2.476731922s ago: executing program 8 (id=10453):
openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000340)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000100)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r2}, 0x10)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)={0xac, 0x0, 0x1, 0x401, 0x0, 0x0, {0xa}, [@CTA_TUPLE_ORIG={0x3c, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}, {0x14, 0x4, @loopback}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x3c, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @local}, {0x14, 0x4, @local}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x18, 0x6, 0x0, 0x1, [@CTA_NAT_V6_MAXIP={0x14, 0x5, @dev={0xfe, 0x80, '\x00', 0x23}}]}]}, 0xac}}, 0x0)

2.454333013s ago: executing program 8 (id=10454):
socket$netlink(0x10, 0x3, 0x0)
gettid()
getpid()
epoll_create1(0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000740)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
connect$netlink(r1, &(0x7f0000000000)=@proc={0x10, 0x0, 0x25dfdbfc}, 0xc)
sendmsg$IPCTNL_MSG_CT_GET_STATS(r1, &(0x7f0000000300)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, 0x5, 0x1, 0x401, 0x0, 0x0, {0x0, 0x0, 0x2}}, 0x14}}, 0x0)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)
r4 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$inet_msfilter(0xffffffffffffffff, 0x0, 0x29, &(0x7f0000000100)={@rand_addr=0x64010102, @private=0xa010102, 0x1, 0x3, [@dev={0xac, 0x14, 0x14, 0x2f}, @initdev={0xac, 0x1e, 0x1, 0x0}, @loopback]}, 0x1c)
r5 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r5, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x8000}, 0x4)
setsockopt$SO_ATTACH_FILTER(r5, 0x1, 0x1a, &(0x7f0000000040)={0x4, &(0x7f0000000200)=[{0x6, 0x0, 0x1, 0x6}, {0xffff, 0x7, 0x2, 0x3}, {0x4e6a, 0xd9, 0x0, 0x6}, {0x6, 0x0, 0x0, 0x7}]}, 0x10)
connect$inet6(r4, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c)
sendmmsg$inet6(r4, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x0)

2.268735065s ago: executing program 3 (id=10458):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=ANY=[], 0x48)
write$UHID_INPUT(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007"], 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000100), 0x1, 0x500, &(0x7f0000000a00)="$eJzs3U9sI1cZAPBvJn/sTdMmhR4AFbqUwoJWayfeNqp6oZwqhCoheuSwDYkTRbHjKHZKE/aQPXJHohInOHHmgMQBqSfuSBzgxqUckAqsQA0SByOP7V3njzfWbmzvxr+fNJo38+L53tvRvGd91s4LYGJdj4ijiJiNiPcjYqFzPuls8XZ7a/3dZ/fvrh3fv7uWRLP53j+TrL51Lno+0/Jc55r5iPjBOxE/Sk4F/VNE/eBwe7VSKe91ThUb1d1i/eDw1lZ1dbO8Wd4plVaWV5bevP1G6dL6+kr1N59ei4jf/+7Ln/zx6Fs/aTVrvlPX24/L1O76zIM4LdMR8b1hBBuDqU5/Zh/nw4/1IS5TGhGfi4hXs+d/Iaayu3nSydv07RG2DgAYhmZzIZoLvccAwFWXZjmwJC10cgHzkaaFQjuH91LMpZVavXFzo7a/s97OlS3GTLqxVSkvdXKFizGTbGxNl5ezcve4Ui6dOr4dES9GxM9y17Ljwlqtsj7OLz4AMMGeOzX//yfXnv8BgCsu/7CYG2c7AIDRyY+7AQDAyJn/AWDymP8BYPKY/wFg8pj/AWDymP8BYKJ8/913W1vzuPP+6/UPDva3ax/cWi/XtwvV/bXCWm1vt7BZq21m7+ypXnS9Sq22u/x67H9YbJTrjWL94PBOtba/07iTvdf7TnlmJL0CAB7lxVc+/ksSEUdvXcu26Hnf/4Vz9cvDbh0wTOm4GwCMzdS4GwCMzdnVvoBJIR8P9CzRe6/ndP5M4bSPBrp8at1QePrc+OIT5P+BZ5r8P0yux8v/+y4PV4H8P0yuZjOx5j8ATBg5fiC5oL739/+lZs/BYL//AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJU0n21JWuisBT4faVooRDwfEYsxk2xsVcpLEfFCRPw5N5NrHS9HhHWDAOBZlv496az/dWPhtfnTtbO5/+ayfUT8+Bfv/fzD1UZjbzliNvnXg/ONjzrnS+NoPwBwke483Z3Huz67f3etu42yPZ9+p724aCvucWdr10zHdLbPZ7mGuX8nneO21veVqUuIf3QvIr5wXv+TLDey2Fn59HT8VuznRxo/PRE/zera+9a/xecvoS0waT5ujT9vn/f8pXE925///OezEerJdce/4zPjX/pg/JvqM/5dHzTG63/47pmTzYV23b2IL01HHHcv3jP+dOMnfeK/NmD8v778lVf71TV/GXEjzut/ciJWsVHdLdYPDm9tVVc3y5vlnVJpZXll6c3bb5SKWY662M1Un/WPt26+0C9+q/9zfeLnL+j/1wfs/6/+9/4Pv/qI+N/82vn3/6VHxG/Nid8YMP7q3G/z/epa8df79P+i+39zwPif/O1wfcA/BQBGoH5wuL1aqZT3hl1Ihx8iKyQRRyPoTruQ+/VP3xlVrCEW4ulohsLTVBj3yAQM28OHftwtAQAAAAAAAAAAAAAA+hnFfycadx8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4uv4fAAD//5iA1Hs=")
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.numa_stat\x00', 0x275a, 0x0)
r2 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x281c2, 0x0)
fcntl$setlease(r3, 0x400, 0x1)
truncate(&(0x7f0000000000)='./file1\x00', 0x1104)
ioctl$EXT4_IOC_MOVE_EXT(r1, 0x8004587d, &(0x7f00000003c0)={0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x4})
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000840)=@updpolicy={0x17c, 0x19, 0x1, 0x0, 0x0, {{@in, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x2}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x2}}, [@tmpl={0xc4, 0x5, [{{@in6=@rand_addr=' \x01\x00', 0x2, 0x2b}, 0xa, @in6=@private1, 0x0, 0x4}, {{@in=@broadcast, 0x0, 0x32}, 0xa, @in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x0, 0x0, 0x0, 0x0, 0x3}, {{@in6=@empty, 0x0, 0x32}, 0xa, @in6=@mcast1, 0x0, 0x0, 0x2}]}]}, 0x17c}}, 0x0)

1.553006506s ago: executing program 1 (id=10462):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r0 = socket$inet(0x2, 0x3, 0x8d)
setsockopt$inet_msfilter(r0, 0x0, 0x8, &(0x7f0000000180)=ANY=[@ANYBLOB="8e"], 0x1)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f00000000c0)={<r1=>0x0, @local, @local}, &(0x7f0000000140)=0xc)
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f0000000000)={@private1, 0x1, r1})
r2 = socket(0xa, 0x1, 0x0)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x21, &(0x7f0000000000)=0x7, 0x4)
ioctl(r2, 0x8916, &(0x7f0000000000))
ioctl(r2, 0x8936, &(0x7f0000000000))

1.515228077s ago: executing program 2 (id=10463):
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x3000000, &(0x7f00000006c0), 0x1, 0x513, &(0x7f0000000c40)="$eJzs3W1rZFcdAPD/vcmk2d3UTFVkLdgWW9ktujNJY9so0lYQfVVQ6/s1JpMQMsmEzKRuQtEsfgBBRAU/gG8EP4Ag+xFEWND3oqKI7upL3St35kbzMJMMySSzTn4/OJlz7sP5n3PJ3LkPh3sDuLJeioh3ImIsIl6NiOlielqk2OukfLnHjz5YzFMSWfbe35JIimn7deXl8Yi4Uaw2GRFf/0rEt5LjcZs7u2sL9XptqyhXW+ub1ebO7p3V9YWV2kptY25u9o35N+dfn5/JCufqZzki3vrSn370/Z99+a1ffebbv7/7l9vfyZv1hY912h0Ri+cK0EOn7lJ7W+zLt9HWRQQbkrw/pbFhtwIAgH7kx/gfjohPto//p2OsfTQHAAAAjJLs7an4VxKRAQAAACMrjYipSNJKMRZgKtK0UumM4f1oXE/rjWbr08uN7Y2lfF5EOUrp8mq9NlOMFS5HKcnLs8UY2/3ya0fKcxHxXET8cPpau1xZbNSXhn3xAwAAAK6IGy8ePv//53TazgMAAAAjptyzAAAAAIwKp/wAAAAw+pz/AwAAwEj76rvv5inbf4/30vs722uN9+8s1ZprlfXtxcpiY2uzstJorLSf2bd+Wn31RmPzs7Gxfa/aqjVb1ebO7t31xvZG6+7qoVdgAwAAAJfouRcf/C6JiL3PX2unKJ4DCHDIH4fdAGCQxobdAGBoxofdAGBoSqcuYQ8Boy45Zf7xwTuda4Xx64tpDwAAMHi3Pn78/v9EMe/0awPA/zNjfQDg6nF3D66u0llHAN4cdEuAYflQ5+OZXvN7Pryjj/v/nWsMWXamhgEAAAMz1U5JWimO06ciTSuViGfbrwUoJcur9dpMcX7w2+nSM3l5tr1mcuqYYQAAAAAAAAAAAAAAAAAAAAAAAACgI8uSyAAAAICRFpH+OWk/zT/i1vQrU4evDhx569dP3/vxvYVWa2s2YiL5+3Q+aSIiWj8ppr+WeSUAAAAAPAU65+nF5+ywWwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAqHn86IPF/XSZcf/6xYgod4s/HpPtz8koRcT1fyQxfmC9JCLGBhB/735E3OwWP4knWZaVi1Z0i3/tguOX25ume/w0Im4MID5cZQ/y/c873b5/abzU/uz+/Rsv0nn13v+l/93/jfXY/zx7pNzL8w9/Ue0Z/37E8+Pd9z/78ZNO/EMh8sLLffbxm9/Y3e0640CV3eIfjFVtrW9Wmzu7d1bXF1ZqK7WNubnZN+bfnH99fqa6vFqvFX+7hvnBJ3755KT+X+8Rv3y4/8e2/yt99T6Lfz+89+gjnUKpW/zbL3f//b3ZI35a/PZ9qsjn82/t5/c6+YNe+PlvXjip/0s9+j95Sv9v99X/+NyrX/veH7rOObY1AIDL0NzZXVuo12tbJ2Qm+1jmkjNvPx3NGGAmno5mDCuTfbfz/3i+es65+rFMdp7Vx2MAzZg49j0di7NWmETs5XX1+Q8JAACMmP8d9J90BwkAAAAAAAAAAAAAAAAAAAC4SGd8LNlkRPS98NGYe8PpKgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAif4TAAD//4RX0Xo=")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
fallocate(r1, 0x0, 0xffff, 0x8009)
write$FUSE_INIT(r0, &(0x7f0000000140)={0x50, 0x0, 0x0, {0x7, 0x29, 0x7, 0x100000, 0xf, 0x0, 0x4, 0x7, 0x0, 0x0, 0x100}}, 0x50)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x107042, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x1a5c42, 0xd)
sendfile(r3, r4, 0x0, 0x80000000)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x1b, 0x1ffffdf3, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r6 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r6}, 0x10)
ioctl$EXT4_IOC_MOVE_EXT(r0, 0xc028660f, &(0x7f00000000c0)={0x0, r2, 0x0, 0x0, 0xfba2, 0x8})

1.514868497s ago: executing program 1 (id=10464):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000820004"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="1b00"/13], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000840)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000fcae68da850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$nl_audit(0x10, 0x3, 0x9)
sendmsg$AUDIT_USER_AVC(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)=ANY=[@ANYBLOB="500000005304"], 0x50}, 0x1, 0x0, 0x0, 0x20000040}, 0x40000)

1.502698677s ago: executing program 8 (id=10465):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="1b000000000000"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000002e80)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r1}, 0x18)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kmem_cache_free\x00', r2}, 0x18)
quotactl$Q_QUOTAON(0xffffffff80000202, &(0x7f0000000040)=@filename='\x00', 0x0, 0x0)

1.499291627s ago: executing program 1 (id=10466):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x8, &(0x7f00000004c0)=ANY=[@ANYBLOB="1809000000000000000000000001000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b703000000000000850000000c000000b70000000000000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000007c0)={r1, &(0x7f0000000780)}, 0x20)
setsockopt$netlink_NETLINK_NO_ENOBUFS(r0, 0x10e, 0xc, &(0x7f0000000500)=0x80, 0x4)
r2 = socket$inet6(0xa, 0x80002, 0x88)
bind$inet6(r2, &(0x7f0000000000)={0xa, 0x10000000004e20, 0x0, @mcast2, 0x6}, 0x1c)
setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000027b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
syz_emit_ethernet(0x83, &(0x7f0000000240)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaf9ff030086dd601b8b97004d88c19edace00000000000000002100000002ff02000000000000000000000000000104004e20004d13"], 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x3, 0x7, 0x9, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000004e8100000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
ftruncate(0xffffffffffffffff, 0x8800000)

1.448102218s ago: executing program 8 (id=10467):
syz_usb_connect$hid(0x0, 0x36, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x17, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000030000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00'}, 0x10)
clock_nanosleep(0x9, 0x0, &(0x7f0000000080)={0x0, 0x3938700}, 0x0)

1.447440718s ago: executing program 1 (id=10468):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xe, 0x8b}, 0x0)
sendmsg$NFQNL_MSG_CONFIG(0xffffffffffffffff, &(0x7f0000000ac0)={0x0, 0x0, 0x0}, 0x90)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$inet6(0xa, 0x2, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_GET(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x14}}, 0x0)
getsockname$packet(r4, &(0x7f0000000180)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000580)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="400000001000370400"/20, @ANYRES32=r5, @ANYBLOB="8b04040000000000200012800800", @ANYRES32=r5, @ANYBLOB="08000300e060"], 0x40}}, 0x0)
sendmmsg$inet(r2, &(0x7f0000002940)=[{{&(0x7f0000000040)={0x2, 0x4e1c, @remote}, 0x10, 0x0, 0x0, &(0x7f00000004c0)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r5, @empty, @empty}}}], 0x20}}], 0x1, 0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="000002f0d31209000000bc2e79e995"], 0x0)
write$binfmt_script(r6, &(0x7f0000000100), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
preadv(r6, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
sendmsg(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000140)="5500000018007f5f00fe01b2a4a2809302060000ff41fd01020400000a0012", 0x1f}], 0x1, 0x0, 0x0, 0x7a000000}, 0x4000884)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000180)="66b9800000c00f326635000800000f300f0f1c9a65660ff3b20618baa000ec672e660f38803d004000000f285473f61366b9800000c00f326635004000000f300f20e06635800000000f22e0f30fa6c8", 0x50}], 0x1, 0x0, 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20004000}, 0x14)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x10)
ioctl$KVM_RUN(r7, 0xae80, 0x0)

1.409175558s ago: executing program 3 (id=10469):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000030000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x10001, 0x8, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0xffffffffffffffc4, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r1}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0}, 0x18)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="4c00000010004b0400f4ed00000000007a000900", @ANYRES32=0x0, @ANYBLOB="00000000000000002c0012800b00010062726964676500001c00028008000400000000000600060000000000060009"], 0x4c}}, 0x0)

1.347886239s ago: executing program 2 (id=10470):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x8400, &(0x7f0000000300), 0x1, 0x4a6, &(0x7f0000000a40)="$eJzs3c9rXNUeAPDvzDRpkua9/niPR9sHr4U+6HtKM/mBNFEXulIXBbHgRqHGZBprJpmQmdQmdJHqrgsXoiiIC/f+BW7syiKIa92LC6lojaCCMHLvzKT5NXXQNAO5nw/czrn33M73nAzfw51z750bQGadTv7JRQxGxBcRcbixunmH042XtbvXp5IlF/X6xe9z6X7JemvX1v87FBGrEdEXEc89FfFybnvc6vLK7GS5XFpsrhdrcwvF6vLKuStzkzOlmdL8yPj5iYnx4bHRiV3r6803X7154eNnej/6+Y07t9/69JOkWYPNuo392E2NrvfE0Q3bDkTE4w8iWBcUmv3p73ZD+FOSz+8fEXEmzf/DUUg/TSAL6vV6/bf6wXbVq3Vg38qnx8C5/FBENMr5/NBQ4xj+nzGQL1eqtYcvV5bmpxvHykeiJ3/5Srk03PyucCR6csn6SFq+tz66ZX0sIj0GfrvQn64PTVXK03s71AFbHNqS/z8VGvkPZISv/JBd8h+yS/5Ddsl/yC75D9kl/yG75D9kl/yH7JL/kF3yH7JL/kMmPXvhQrLUW/e/T19dXpqtXD03XarODs0tTQ1NVRYXhmYqlZn0np25P3q/cqWyMPJILF0r1krVWrG6vHJprrI0X7uU3td/qdSzJ70COnH01K2vchGx+mh/uiR6m3VyFfa3ej0X3b4HGeiOQrcHIKBrTP1BdvmOD+zwE72b9LWrWNj9tgB7I9/tBgBdc/aE83+QVeb/IbvM/0N2OcYHzP9D9pj/h+wabPP8r79teHbXcET8PSK+LPQcbD3rC9gP8t/mmsf/Zw//d3BrbW/ul/QUQW9EvPb+xXevTdZqiyPJ9h/Wt9fea24f7Ub7gU618rSVxwBAdq3dvT7VWvYy7ndPNi5C2B7/QHNusi89Rzmwltt0rUJul65dWL0REcd3ip9rPu+8ceZjYK2wLf6x5muu8RZpew+kz03fm/gnNsT/z4b4J//yXwWy4VYy/gzvlH/5NKdjPf82jz+Du3TtRPvxL78+/hXajH+nOozxygevf9M2/o2IkzvGb8XrS2NtjZ+07WyH8e+8+Py/2tXVP2y8z07xW5JSsTa3UKwur5xLf0dupjQ/Mn5+YmJ8eGx0opjOURdbM9XbPXb889v36/9Am/jt+v9Es03/77D/v/77sxdO3yf+/87s/PkfaxM/0R8RD3UY/8fRr19qV5fEn27T//x94ifbxjqMX33n6YMd7goA7IHq8srsZLlcWlRQUFBYL3R7ZAIetHtJ3+2WAAAAAAAAAAAAAJ3ai8uJu91HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID94PcAAAD//5j81ps=")
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xffd, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r2}, 0x10)
r3 = socket$inet6(0xa, 0x80002, 0x0)
connect$inet6(r3, &(0x7f0000000080)={0xa, 0x4e23, 0x400, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x3b}}}, 0x1c)
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000280)={&(0x7f0000000340)={0x70, 0x0, 0x100, 0x70bd2c, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_ADDR={0x20, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @rand_addr=' \x01\x00'}]}, @MPTCP_PM_ATTR_LOC_ID={0x5, 0x5, 0xfe}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x5}, @MPTCP_PM_ATTR_TOKEN={0x8, 0x4, 0x401}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast1}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x31}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}]}, @MPTCP_PM_ATTR_LOC_ID={0x5, 0x5, 0x3}]}, 0x70}}, 0x800)
sendmmsg$inet6(r3, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4001c00)

1.212430452s ago: executing program 3 (id=10472):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0xffffffffffffffc4, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000000880)=""/166}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r1}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0}, 0x18)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="4c00000010004b0400f4ed00000000007a000900", @ANYRES32=0x0, @ANYBLOB="00000000000000002c0012800b00010062726964676500001c00028008000400000000000600060000000000060009"], 0x4c}}, 0x0)

1.146949233s ago: executing program 0 (id=10473):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x8400, &(0x7f0000000300), 0x1, 0x4a6, &(0x7f0000000a40)="$eJzs3c9rXNUeAPDvzDRpkua9/niPR9sHr4U+6HtKM/mBNFEXulIXBbHgRqHGZBprJpmQmdQmdJHqrgsXoiiIC/f+BW7syiKIa92LC6lojaCCMHLvzKT5NXXQNAO5nw/czrn33M73nAzfw51z750bQGadTv7JRQxGxBcRcbixunmH042XtbvXp5IlF/X6xe9z6X7JemvX1v87FBGrEdEXEc89FfFybnvc6vLK7GS5XFpsrhdrcwvF6vLKuStzkzOlmdL8yPj5iYnx4bHRiV3r6803X7154eNnej/6+Y07t9/69JOkWYPNuo392E2NrvfE0Q3bDkTE4w8iWBcUmv3p73ZD+FOSz+8fEXEmzf/DUUg/TSAL6vV6/bf6wXbVq3Vg38qnx8C5/FBENMr5/NBQ4xj+nzGQL1eqtYcvV5bmpxvHykeiJ3/5Srk03PyucCR6csn6SFq+tz66ZX0sIj0GfrvQn64PTVXK03s71AFbHNqS/z8VGvkPZISv/JBd8h+yS/5Ddsl/yC75D9kl/yG75D9kl/yH7JL/kF3yH7JL/kMmPXvhQrLUW/e/T19dXpqtXD03XarODs0tTQ1NVRYXhmYqlZn0np25P3q/cqWyMPJILF0r1krVWrG6vHJprrI0X7uU3td/qdSzJ70COnH01K2vchGx+mh/uiR6m3VyFfa3ej0X3b4HGeiOQrcHIKBrTP1BdvmOD+zwE72b9LWrWNj9tgB7I9/tBgBdc/aE83+QVeb/IbvM/0N2OcYHzP9D9pj/h+wabPP8r79teHbXcET8PSK+LPQcbD3rC9gP8t/mmsf/Zw//d3BrbW/ul/QUQW9EvPb+xXevTdZqiyPJ9h/Wt9fea24f7Ub7gU618rSVxwBAdq3dvT7VWvYy7ndPNi5C2B7/QHNusi89Rzmwltt0rUJul65dWL0REcd3ip9rPu+8ceZjYK2wLf6x5muu8RZpew+kz03fm/gnNsT/z4b4J//yXwWy4VYy/gzvlH/5NKdjPf82jz+Du3TtRPvxL78+/hXajH+nOozxygevf9M2/o2IkzvGb8XrS2NtjZ+07WyH8e+8+Py/2tXVP2y8z07xW5JSsTa3UKwur5xLf0dupjQ/Mn5+YmJ8eGx0opjOURdbM9XbPXb889v36/9Am/jt+v9Es03/77D/v/77sxdO3yf+/87s/PkfaxM/0R8RD3UY/8fRr19qV5fEn27T//x94ifbxjqMX33n6YMd7goA7IHq8srsZLlcWlRQUFBYL3R7ZAIetHtJ3+2WAAAAAAAAAAAAAJ3ai8uJu91HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID94PcAAAD//5j81ps=")
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = socket$inet6(0xa, 0x80002, 0x0)
connect$inet6(r2, &(0x7f0000000080)={0xa, 0x4e23, 0x400, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x3b}}}, 0x1c)
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000280)={&(0x7f0000000340)={0x70, 0x0, 0x100, 0x70bd2c, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_ADDR={0x20, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @rand_addr=' \x01\x00'}]}, @MPTCP_PM_ATTR_LOC_ID={0x5, 0x5, 0xfe}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x5}, @MPTCP_PM_ATTR_TOKEN={0x8, 0x4, 0x401}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast1}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x31}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}]}, @MPTCP_PM_ATTR_LOC_ID={0x5, 0x5, 0x3}]}, 0x70}}, 0x800)
sendmmsg$inet6(r2, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4001c00)
syz_open_procfs(0xffffffffffffffff, 0x0)

1.042979244s ago: executing program 1 (id=10474):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, 0x0, &(0x7f0000000080)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
r1 = syz_open_dev$loop(&(0x7f0000000380), 0x6, 0x2)
ioctl$BLKZEROOUT(r1, 0x127f, &(0x7f00000003c0)={0x2, 0x1})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xb6cc5000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
io_submit(0x0, 0x0, 0x0)
connect$unix(r3, &(0x7f0000000000)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r5, 0x6, 0xd, &(0x7f00000001c0)='scalable\x00', 0x9)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
ustat(0x5, &(0x7f0000000240))
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r6 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="0300000004000000040000000a"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x8, &(0x7f0000000940)=ANY=[@ANYBLOB="1809000000000000000000000001000018120000", @ANYRES32=r6, @ANYBLOB="0000000000000000b703000000000000850000000c000000b7000000000000009500000000000000"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000005c0)={{r6}, &(0x7f0000000540), &(0x7f0000000580)=r7}, 0x20)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000007c0)={r6, &(0x7f0000000780)}, 0x20)

961.482836ms ago: executing program 3 (id=10475):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x3, 0x7, 0x9, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000004e8100000000000000000018110000", @ANYRES32=r0], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x601c2, 0x48)
ftruncate(r2, 0x8800000)

951.862575ms ago: executing program 2 (id=10476):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000820004"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="1b00"/13], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000840)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000fcae68da850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$nl_audit(0x10, 0x3, 0x9)
sendmsg$AUDIT_USER_AVC(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)=ANY=[@ANYBLOB="500000005304"], 0x50}, 0x1, 0x0, 0x0, 0x20000040}, 0x40000)

936.676566ms ago: executing program 3 (id=10477):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x8400, &(0x7f0000000300), 0x1, 0x4a6, &(0x7f0000000a40)="$eJzs3c9rXNUeAPDvzDRpkua9/niPR9sHr4U+6HtKM/mBNFEXulIXBbHgRqHGZBprJpmQmdQmdJHqrgsXoiiIC/f+BW7syiKIa92LC6lojaCCMHLvzKT5NXXQNAO5nw/czrn33M73nAzfw51z750bQGadTv7JRQxGxBcRcbixunmH042XtbvXp5IlF/X6xe9z6X7JemvX1v87FBGrEdEXEc89FfFybnvc6vLK7GS5XFpsrhdrcwvF6vLKuStzkzOlmdL8yPj5iYnx4bHRiV3r6803X7154eNnej/6+Y07t9/69JOkWYPNuo392E2NrvfE0Q3bDkTE4w8iWBcUmv3p73ZD+FOSz+8fEXEmzf/DUUg/TSAL6vV6/bf6wXbVq3Vg38qnx8C5/FBENMr5/NBQ4xj+nzGQL1eqtYcvV5bmpxvHykeiJ3/5Srk03PyucCR6csn6SFq+tz66ZX0sIj0GfrvQn64PTVXK03s71AFbHNqS/z8VGvkPZISv/JBd8h+yS/5Ddsl/yC75D9kl/yG75D9kl/yH7JL/kF3yH7JL/kMmPXvhQrLUW/e/T19dXpqtXD03XarODs0tTQ1NVRYXhmYqlZn0np25P3q/cqWyMPJILF0r1krVWrG6vHJprrI0X7uU3td/qdSzJ70COnH01K2vchGx+mh/uiR6m3VyFfa3ej0X3b4HGeiOQrcHIKBrTP1BdvmOD+zwE72b9LWrWNj9tgB7I9/tBgBdc/aE83+QVeb/IbvM/0N2OcYHzP9D9pj/h+wabPP8r79teHbXcET8PSK+LPQcbD3rC9gP8t/mmsf/Zw//d3BrbW/ul/QUQW9EvPb+xXevTdZqiyPJ9h/Wt9fea24f7Ub7gU618rSVxwBAdq3dvT7VWvYy7ndPNi5C2B7/QHNusi89Rzmwltt0rUJul65dWL0REcd3ip9rPu+8ceZjYK2wLf6x5muu8RZpew+kz03fm/gnNsT/z4b4J//yXwWy4VYy/gzvlH/5NKdjPf82jz+Du3TtRPvxL78+/hXajH+nOozxygevf9M2/o2IkzvGb8XrS2NtjZ+07WyH8e+8+Py/2tXVP2y8z07xW5JSsTa3UKwur5xLf0dupjQ/Mn5+YmJ8eGx0opjOURdbM9XbPXb889v36/9Am/jt+v9Es03/77D/v/77sxdO3yf+/87s/PkfaxM/0R8RD3UY/8fRr19qV5fEn27T//x94ifbxjqMX33n6YMd7goA7IHq8srsZLlcWlRQUFBYL3R7ZAIetHtJ3+2WAAAAAAAAAAAAAJ3ai8uJu91HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID94PcAAAD//5j81ps=")
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xffd, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r3}, 0x10)
r4 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$inet6_udp_int(r4, 0x11, 0x67, &(0x7f0000000040)=0x91, 0x4)
connect$inet6(r4, &(0x7f0000000080)={0xa, 0x4e23, 0x400, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x3b}}}, 0x1c)
r5 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000240), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000280)={&(0x7f0000000340)={0x70, r5, 0x100, 0x70bd2c, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_ADDR={0x20, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @rand_addr=' \x01\x00'}]}, @MPTCP_PM_ATTR_LOC_ID={0x5, 0x5, 0xfe}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x5}, @MPTCP_PM_ATTR_TOKEN={0x8, 0x4, 0x401}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast1}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x31}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}]}, @MPTCP_PM_ATTR_LOC_ID={0x5, 0x5, 0x3}]}, 0x70}}, 0x800)
connect$inet6(r4, &(0x7f0000000000)={0xa, 0x0, 0xfffffffd, @local, 0x2}, 0x1c)
sendmmsg$inet6(r4, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4001c00)
syz_open_procfs(0xffffffffffffffff, 0x0)

836.789577ms ago: executing program 8 (id=10478):
bpf$MAP_CREATE(0x0, &(0x7f0000000400)=ANY=[], 0x48)
write$UHID_INPUT(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000100), 0x1, 0x500, &(0x7f0000000a00)="$eJzs3U9sI1cZAPBvJn/sTdMmhR4AFbqUwoJWayfeNqp6oZwqhCoheuSwDYkTRbHjKHZKE/aQPXJHohInOHHmgMQBqSfuSBzgxqUckAqsQA0SByOP7V3njzfWbmzvxr+fNJo38+L53tvRvGd91s4LYGJdj4ijiJiNiPcjYqFzPuls8XZ7a/3dZ/fvrh3fv7uWRLP53j+TrL51Lno+0/Jc55r5iPjBOxE/Sk4F/VNE/eBwe7VSKe91ThUb1d1i/eDw1lZ1dbO8Wd4plVaWV5bevP1G6dL6+kr1N59ei4jf/+7Ln/zx6Fs/aTVrvlPX24/L1O76zIM4LdMR8b1hBBuDqU5/Zh/nw4/1IS5TGhGfi4hXs+d/Iaayu3nSydv07RG2DgAYhmZzIZoLvccAwFWXZjmwJC10cgHzkaaFQjuH91LMpZVavXFzo7a/s97OlS3GTLqxVSkvdXKFizGTbGxNl5ezcve4Ui6dOr4dES9GxM9y17Ljwlqtsj7OLz4AMMGeOzX//yfXnv8BgCsu/7CYG2c7AIDRyY+7AQDAyJn/AWDymP8BYPKY/wFg8pj/AWDymP8BYKJ8/913W1vzuPP+6/UPDva3ax/cWi/XtwvV/bXCWm1vt7BZq21m7+ypXnS9Sq22u/x67H9YbJTrjWL94PBOtba/07iTvdf7TnlmJL0CAB7lxVc+/ksSEUdvXcu26Hnf/4Vz9cvDbh0wTOm4GwCMzdS4GwCMzdnVvoBJIR8P9CzRe6/ndP5M4bSPBrp8at1QePrc+OIT5P+BZ5r8P0yux8v/+y4PV4H8P0yuZjOx5j8ATBg5fiC5oL739/+lZs/BYL//AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJU0n21JWuisBT4faVooRDwfEYsxk2xsVcpLEfFCRPw5N5NrHS9HhHWDAOBZlv496az/dWPhtfnTtbO5/+ayfUT8+Bfv/fzD1UZjbzliNvnXg/ONjzrnS+NoPwBwke483Z3Huz67f3etu42yPZ9+p724aCvucWdr10zHdLbPZ7mGuX8nneO21veVqUuIf3QvIr5wXv+TLDey2Fn59HT8VuznRxo/PRE/zera+9a/xecvoS0waT5ujT9vn/f8pXE925///OezEerJdce/4zPjX/pg/JvqM/5dHzTG63/47pmTzYV23b2IL01HHHcv3jP+dOMnfeK/NmD8v778lVf71TV/GXEjzut/ciJWsVHdLdYPDm9tVVc3y5vlnVJpZXll6c3bb5SKWY662M1Un/WPt26+0C9+q/9zfeLnL+j/1wfs/6/+9/4Pv/qI+N/82vn3/6VHxG/Nid8YMP7q3G/z/epa8df79P+i+39zwPif/O1wfcA/BQBGoH5wuL1aqZT3hl1Ihx8iKyQRRyPoTruQ+/VP3xlVrCEW4ulohsLTVBj3yAQM28OHftwtAQAAAAAAAAAAAAAA+hnFfycadx8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4uv4fAAD//5iA1Hs=")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.numa_stat\x00', 0x275a, 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
r1 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x281c2, 0x0)
fcntl$setlease(r1, 0x400, 0x1)
truncate(&(0x7f0000000000)='./file1\x00', 0x1104)

741.870688ms ago: executing program 2 (id=10479):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=ANY=[], 0x48)
write$UHID_INPUT(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007"], 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000100), 0x1, 0x500, &(0x7f0000000a00)="$eJzs3U9sI1cZAPBvJn/sTdMmhR4AFbqUwoJWayfeNqp6oZwqhCoheuSwDYkTRbHjKHZKE/aQPXJHohInOHHmgMQBqSfuSBzgxqUckAqsQA0SByOP7V3njzfWbmzvxr+fNJo38+L53tvRvGd91s4LYGJdj4ijiJiNiPcjYqFzPuls8XZ7a/3dZ/fvrh3fv7uWRLP53j+TrL51Lno+0/Jc55r5iPjBOxE/Sk4F/VNE/eBwe7VSKe91ThUb1d1i/eDw1lZ1dbO8Wd4plVaWV5bevP1G6dL6+kr1N59ei4jf/+7Ln/zx6Fs/aTVrvlPX24/L1O76zIM4LdMR8b1hBBuDqU5/Zh/nw4/1IS5TGhGfi4hXs+d/Iaayu3nSydv07RG2DgAYhmZzIZoLvccAwFWXZjmwJC10cgHzkaaFQjuH91LMpZVavXFzo7a/s97OlS3GTLqxVSkvdXKFizGTbGxNl5ezcve4Ui6dOr4dES9GxM9y17Ljwlqtsj7OLz4AMMGeOzX//yfXnv8BgCsu/7CYG2c7AIDRyY+7AQDAyJn/AWDymP8BYPKY/wFg8pj/AWDymP8BYKJ8/913W1vzuPP+6/UPDva3ax/cWi/XtwvV/bXCWm1vt7BZq21m7+ypXnS9Sq22u/x67H9YbJTrjWL94PBOtba/07iTvdf7TnlmJL0CAB7lxVc+/ksSEUdvXcu26Hnf/4Vz9cvDbh0wTOm4GwCMzdS4GwCMzdnVvoBJIR8P9CzRe6/ndP5M4bSPBrp8at1QePrc+OIT5P+BZ5r8P0yux8v/+y4PV4H8P0yuZjOx5j8ATBg5fiC5oL739/+lZs/BYL//AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJU0n21JWuisBT4faVooRDwfEYsxk2xsVcpLEfFCRPw5N5NrHS9HhHWDAOBZlv496az/dWPhtfnTtbO5/+ayfUT8+Bfv/fzD1UZjbzliNvnXg/ONjzrnS+NoPwBwke483Z3Huz67f3etu42yPZ9+p724aCvucWdr10zHdLbPZ7mGuX8nneO21veVqUuIf3QvIr5wXv+TLDey2Fn59HT8VuznRxo/PRE/zera+9a/xecvoS0waT5ujT9vn/f8pXE925///OezEerJdce/4zPjX/pg/JvqM/5dHzTG63/47pmTzYV23b2IL01HHHcv3jP+dOMnfeK/NmD8v778lVf71TV/GXEjzut/ciJWsVHdLdYPDm9tVVc3y5vlnVJpZXll6c3bb5SKWY662M1Un/WPt26+0C9+q/9zfeLnL+j/1wfs/6/+9/4Pv/qI+N/82vn3/6VHxG/Nid8YMP7q3G/z/epa8df79P+i+39zwPif/O1wfcA/BQBGoH5wuL1aqZT3hl1Ihx8iKyQRRyPoTruQ+/VP3xlVrCEW4ulohsLTVBj3yAQM28OHftwtAQAAAAAAAAAAAAAA+hnFfycadx8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4uv4fAAD//5iA1Hs=")
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.numa_stat\x00', 0x275a, 0x0)
r2 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x281c2, 0x0)
fcntl$setlease(r3, 0x400, 0x1)
truncate(&(0x7f0000000000)='./file1\x00', 0x1104)
ioctl$EXT4_IOC_MOVE_EXT(r1, 0x8004587d, &(0x7f00000003c0)={0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x4})
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000840)=@updpolicy={0x17c, 0x19, 0x1, 0x0, 0x0, {{@in, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x2}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x2}}, [@tmpl={0xc4, 0x5, [{{@in6=@rand_addr=' \x01\x00', 0x2, 0x2b}, 0xa, @in6=@private1, 0x0, 0x4}, {{@in=@broadcast, 0x0, 0x32}, 0xa, @in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x0, 0x0, 0x0, 0x0, 0x3}, {{@in6=@empty, 0x0, 0x32}, 0xa, @in6=@mcast1, 0x0, 0x0, 0x2}]}]}, 0x17c}}, 0x0)

267.603826ms ago: executing program 0 (id=10480):
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x3000000, &(0x7f00000006c0), 0x1, 0x513, &(0x7f0000000c40)="$eJzs3W1rZFcdAPD/vcmk2d3UTFVkLdgWW9ktujNJY9so0lYQfVVQ6/s1JpMQMsmEzKRuQtEsfgBBRAU/gG8EP4Ag+xFEWND3oqKI7upL3St35kbzMJMMySSzTn4/OJlz7sP5n3PJ3LkPh3sDuLJeioh3ImIsIl6NiOlielqk2OukfLnHjz5YzFMSWfbe35JIimn7deXl8Yi4Uaw2GRFf/0rEt5LjcZs7u2sL9XptqyhXW+ub1ebO7p3V9YWV2kptY25u9o35N+dfn5/JCufqZzki3vrSn370/Z99+a1ffebbv7/7l9vfyZv1hY912h0Ri+cK0EOn7lJ7W+zLt9HWRQQbkrw/pbFhtwIAgH7kx/gfjohPto//p2OsfTQHAAAAjJLs7an4VxKRAQAAACMrjYipSNJKMRZgKtK0UumM4f1oXE/rjWbr08uN7Y2lfF5EOUrp8mq9NlOMFS5HKcnLs8UY2/3ya0fKcxHxXET8cPpau1xZbNSXhn3xAwAAAK6IGy8ePv//53TazgMAAAAjptyzAAAAAIwKp/wAAAAw+pz/AwAAwEj76rvv5inbf4/30vs722uN9+8s1ZprlfXtxcpiY2uzstJorLSf2bd+Wn31RmPzs7Gxfa/aqjVb1ebO7t31xvZG6+7qoVdgAwAAAJfouRcf/C6JiL3PX2unKJ4DCHDIH4fdAGCQxobdAGBoxofdAGBoSqcuYQ8Boy45Zf7xwTuda4Xx64tpDwAAMHi3Pn78/v9EMe/0awPA/zNjfQDg6nF3D66u0llHAN4cdEuAYflQ5+OZXvN7Pryjj/v/nWsMWXamhgEAAAMz1U5JWimO06ciTSuViGfbrwUoJcur9dpMcX7w2+nSM3l5tr1mcuqYYQAAAAAAAAAAAAAAAAAAAAAAAACgI8uSyAAAAICRFpH+OWk/zT/i1vQrU4evDhx569dP3/vxvYVWa2s2YiL5+3Q+aSIiWj8ppr+WeSUAAAAAPAU65+nF5+ywWwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAqHn86IPF/XSZcf/6xYgod4s/HpPtz8koRcT1fyQxfmC9JCLGBhB/735E3OwWP4knWZaVi1Z0i3/tguOX25ume/w0Im4MID5cZQ/y/c873b5/abzU/uz+/Rsv0nn13v+l/93/jfXY/zx7pNzL8w9/Ue0Z/37E8+Pd9z/78ZNO/EMh8sLLffbxm9/Y3e0640CV3eIfjFVtrW9Wmzu7d1bXF1ZqK7WNubnZN+bfnH99fqa6vFqvFX+7hvnBJ3755KT+X+8Rv3y4/8e2/yt99T6Lfz+89+gjnUKpW/zbL3f//b3ZI35a/PZ9qsjn82/t5/c6+YNe+PlvXjip/0s9+j95Sv9v99X/+NyrX/veH7rOObY1AIDL0NzZXVuo12tbJ2Qm+1jmkjNvPx3NGGAmno5mDCuTfbfz/3i+es65+rFMdp7Vx2MAzZg49j0di7NWmETs5XX1+Q8JAACMmP8d9J90BwkAAAAAAAAAAAAAAAAAAAC4SGd8LNlkRPS98NGYe8PpKgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAif4TAAD//4RX0Xo=")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
fallocate(r1, 0x0, 0xffff, 0x8009)
write$FUSE_INIT(r0, &(0x7f0000000140)={0x50, 0x0, 0x0, {0x7, 0x29, 0x7, 0x100000, 0xf, 0x0, 0x4, 0x7, 0x0, 0x0, 0x100}}, 0x50)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x107042, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x1a5c42, 0xd)
sendfile(r3, r4, 0x0, 0x80000000)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x1b, 0x1ffffdf3, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r6 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r6}, 0x10)
ioctl$EXT4_IOC_MOVE_EXT(r0, 0xc028660f, &(0x7f00000000c0)={0x0, r2, 0x0, 0x0, 0xfba2, 0x8})

213.805246ms ago: executing program 0 (id=10481):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000100)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r2}, 0x10)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)={0xac, 0x0, 0x1, 0x401, 0x0, 0x0, {0xa}, [@CTA_TUPLE_ORIG={0x3c, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}, {0x14, 0x4, @loopback}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x3c, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @local}, {0x14, 0x4, @local}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x18, 0x6, 0x0, 0x1, [@CTA_NAT_V6_MAXIP={0x14, 0x5, @dev={0xfe, 0x80, '\x00', 0x23}}]}]}, 0xac}}, 0x0)

172.834037ms ago: executing program 0 (id=10491):
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x3000000, &(0x7f00000006c0), 0x1, 0x513, &(0x7f0000000c40)="$eJzs3W1rZFcdAPD/vcmk2d3UTFVkLdgWW9ktujNJY9so0lYQfVVQ6/s1JpMQMsmEzKRuQtEsfgBBRAU/gG8EP4Ag+xFEWND3oqKI7upL3St35kbzMJMMySSzTn4/OJlz7sP5n3PJ3LkPh3sDuLJeioh3ImIsIl6NiOlielqk2OukfLnHjz5YzFMSWfbe35JIimn7deXl8Yi4Uaw2GRFf/0rEt5LjcZs7u2sL9XptqyhXW+ub1ebO7p3V9YWV2kptY25u9o35N+dfn5/JCufqZzki3vrSn370/Z99+a1ffebbv7/7l9vfyZv1hY912h0Ri+cK0EOn7lJ7W+zLt9HWRQQbkrw/pbFhtwIAgH7kx/gfjohPto//p2OsfTQHAAAAjJLs7an4VxKRAQAAACMrjYipSNJKMRZgKtK0UumM4f1oXE/rjWbr08uN7Y2lfF5EOUrp8mq9NlOMFS5HKcnLs8UY2/3ya0fKcxHxXET8cPpau1xZbNSXhn3xAwAAAK6IGy8ePv//53TazgMAAAAjptyzAAAAAIwKp/wAAAAw+pz/AwAAwEj76rvv5inbf4/30vs722uN9+8s1ZprlfXtxcpiY2uzstJorLSf2bd+Wn31RmPzs7Gxfa/aqjVb1ebO7t31xvZG6+7qoVdgAwAAAJfouRcf/C6JiL3PX2unKJ4DCHDIH4fdAGCQxobdAGBoxofdAGBoSqcuYQ8Boy45Zf7xwTuda4Xx64tpDwAAMHi3Pn78/v9EMe/0awPA/zNjfQDg6nF3D66u0llHAN4cdEuAYflQ5+OZXvN7Pryjj/v/nWsMWXamhgEAAAMz1U5JWimO06ciTSuViGfbrwUoJcur9dpMcX7w2+nSM3l5tr1mcuqYYQAAAAAAAAAAAAAAAAAAAAAAAACgI8uSyAAAAICRFpH+OWk/zT/i1vQrU4evDhx569dP3/vxvYVWa2s2YiL5+3Q+aSIiWj8ppr+WeSUAAAAAPAU65+nF5+ywWwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAqHn86IPF/XSZcf/6xYgod4s/HpPtz8koRcT1fyQxfmC9JCLGBhB/735E3OwWP4knWZaVi1Z0i3/tguOX25ume/w0Im4MID5cZQ/y/c873b5/abzU/uz+/Rsv0nn13v+l/93/jfXY/zx7pNzL8w9/Ue0Z/37E8+Pd9z/78ZNO/EMh8sLLffbxm9/Y3e0640CV3eIfjFVtrW9Wmzu7d1bXF1ZqK7WNubnZN+bfnH99fqa6vFqvFX+7hvnBJ3755KT+X+8Rv3y4/8e2/yt99T6Lfz+89+gjnUKpW/zbL3f//b3ZI35a/PZ9qsjn82/t5/c6+YNe+PlvXjip/0s9+j95Sv9v99X/+NyrX/veH7rOObY1AIDL0NzZXVuo12tbJ2Qm+1jmkjNvPx3NGGAmno5mDCuTfbfz/3i+es65+rFMdp7Vx2MAzZg49j0di7NWmETs5XX1+Q8JAACMmP8d9J90BwkAAAAAAAAAAAAAAAAAAAC4SGd8LNlkRPS98NGYe8PpKgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAif4TAAD//4RX0Xo=")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
fallocate(r1, 0x0, 0xffff, 0x8009)
write$FUSE_INIT(r0, &(0x7f0000000140)={0x50, 0x0, 0x0, {0x7, 0x29, 0x7, 0x100000, 0xf, 0x0, 0x4, 0x7, 0x0, 0x0, 0x100}}, 0x50)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x107042, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x1a5c42, 0xd)
sendfile(r3, r4, 0x0, 0x80000000)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x1b, 0x1ffffdf3, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r6 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r6}, 0x10)
ioctl$EXT4_IOC_MOVE_EXT(r0, 0xc028660f, &(0x7f00000000c0)={0x0, r2, 0x0, 0x0, 0xfba2, 0x8})

171.709388ms ago: executing program 0 (id=10492):
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x3000000, &(0x7f00000006c0), 0x1, 0x513, &(0x7f0000000c40)="$eJzs3W1rZFcdAPD/vcmk2d3UTFVkLdgWW9ktujNJY9so0lYQfVVQ6/s1JpMQMsmEzKRuQtEsfgBBRAU/gG8EP4Ag+xFEWND3oqKI7upL3St35kbzMJMMySSzTn4/OJlz7sP5n3PJ3LkPh3sDuLJeioh3ImIsIl6NiOlielqk2OukfLnHjz5YzFMSWfbe35JIimn7deXl8Yi4Uaw2GRFf/0rEt5LjcZs7u2sL9XptqyhXW+ub1ebO7p3V9YWV2kptY25u9o35N+dfn5/JCufqZzki3vrSn370/Z99+a1ffebbv7/7l9vfyZv1hY912h0Ri+cK0EOn7lJ7W+zLt9HWRQQbkrw/pbFhtwIAgH7kx/gfjohPto//p2OsfTQHAAAAjJLs7an4VxKRAQAAACMrjYipSNJKMRZgKtK0UumM4f1oXE/rjWbr08uN7Y2lfF5EOUrp8mq9NlOMFS5HKcnLs8UY2/3ya0fKcxHxXET8cPpau1xZbNSXhn3xAwAAAK6IGy8ePv//53TazgMAAAAjptyzAAAAAIwKp/wAAAAw+pz/AwAAwEj76rvv5inbf4/30vs722uN9+8s1ZprlfXtxcpiY2uzstJorLSf2bd+Wn31RmPzs7Gxfa/aqjVb1ebO7t31xvZG6+7qoVdgAwAAAJfouRcf/C6JiL3PX2unKJ4DCHDIH4fdAGCQxobdAGBoxofdAGBoSqcuYQ8Boy45Zf7xwTuda4Xx64tpDwAAMHi3Pn78/v9EMe/0awPA/zNjfQDg6nF3D66u0llHAN4cdEuAYflQ5+OZXvN7Pryjj/v/nWsMWXamhgEAAAMz1U5JWimO06ciTSuViGfbrwUoJcur9dpMcX7w2+nSM3l5tr1mcuqYYQAAAAAAAAAAAAAAAAAAAAAAAACgI8uSyAAAAICRFpH+OWk/zT/i1vQrU4evDhx569dP3/vxvYVWa2s2YiL5+3Q+aSIiWj8ppr+WeSUAAAAAPAU65+nF5+ywWwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAqHn86IPF/XSZcf/6xYgod4s/HpPtz8koRcT1fyQxfmC9JCLGBhB/735E3OwWP4knWZaVi1Z0i3/tguOX25ume/w0Im4MID5cZQ/y/c873b5/abzU/uz+/Rsv0nn13v+l/93/jfXY/zx7pNzL8w9/Ue0Z/37E8+Pd9z/78ZNO/EMh8sLLffbxm9/Y3e0640CV3eIfjFVtrW9Wmzu7d1bXF1ZqK7WNubnZN+bfnH99fqa6vFqvFX+7hvnBJ3755KT+X+8Rv3y4/8e2/yt99T6Lfz+89+gjnUKpW/zbL3f//b3ZI35a/PZ9qsjn82/t5/c6+YNe+PlvXjip/0s9+j95Sv9v99X/+NyrX/veH7rOObY1AIDL0NzZXVuo12tbJ2Qm+1jmkjNvPx3NGGAmno5mDCuTfbfz/3i+es65+rFMdp7Vx2MAzZg49j0di7NWmETs5XX1+Q8JAACMmP8d9J90BwkAAAAAAAAAAAAAAAAAAAC4SGd8LNlkRPS98NGYe8PpKgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAif4TAAD//4RX0Xo=")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
fallocate(r1, 0x0, 0xffff, 0x8009)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x107042, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x1a5c42, 0xd)
sendfile(r3, r4, 0x0, 0x80000000)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x1b, 0x1ffffdf3, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r6}, 0x10)
ioctl$EXT4_IOC_MOVE_EXT(r0, 0xc028660f, &(0x7f00000000c0)={0x0, r2, 0x0, 0x0, 0xfba2, 0x8})

78.329669ms ago: executing program 1 (id=10482):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x8400, &(0x7f0000000300), 0x1, 0x4a6, &(0x7f0000000a40)="$eJzs3c9rXNUeAPDvzDRpkua9/niPR9sHr4U+6HtKM/mBNFEXulIXBbHgRqHGZBprJpmQmdQmdJHqrgsXoiiIC/f+BW7syiKIa92LC6lojaCCMHLvzKT5NXXQNAO5nw/czrn33M73nAzfw51z750bQGadTv7JRQxGxBcRcbixunmH042XtbvXp5IlF/X6xe9z6X7JemvX1v87FBGrEdEXEc89FfFybnvc6vLK7GS5XFpsrhdrcwvF6vLKuStzkzOlmdL8yPj5iYnx4bHRiV3r6803X7154eNnej/6+Y07t9/69JOkWYPNuo392E2NrvfE0Q3bDkTE4w8iWBcUmv3p73ZD+FOSz+8fEXEmzf/DUUg/TSAL6vV6/bf6wXbVq3Vg38qnx8C5/FBENMr5/NBQ4xj+nzGQL1eqtYcvV5bmpxvHykeiJ3/5Srk03PyucCR6csn6SFq+tz66ZX0sIj0GfrvQn64PTVXK03s71AFbHNqS/z8VGvkPZISv/JBd8h+yS/5Ddsl/yC75D9kl/yG75D9kl/yH7JL/kF3yH7JL/kMmPXvhQrLUW/e/T19dXpqtXD03XarODs0tTQ1NVRYXhmYqlZn0np25P3q/cqWyMPJILF0r1krVWrG6vHJprrI0X7uU3td/qdSzJ70COnH01K2vchGx+mh/uiR6m3VyFfa3ej0X3b4HGeiOQrcHIKBrTP1BdvmOD+zwE72b9LWrWNj9tgB7I9/tBgBdc/aE83+QVeb/IbvM/0N2OcYHzP9D9pj/h+wabPP8r79teHbXcET8PSK+LPQcbD3rC9gP8t/mmsf/Zw//d3BrbW/ul/QUQW9EvPb+xXevTdZqiyPJ9h/Wt9fea24f7Ub7gU618rSVxwBAdq3dvT7VWvYy7ndPNi5C2B7/QHNusi89Rzmwltt0rUJul65dWL0REcd3ip9rPu+8ceZjYK2wLf6x5muu8RZpew+kz03fm/gnNsT/z4b4J//yXwWy4VYy/gzvlH/5NKdjPf82jz+Du3TtRPvxL78+/hXajH+nOozxygevf9M2/o2IkzvGb8XrS2NtjZ+07WyH8e+8+Py/2tXVP2y8z07xW5JSsTa3UKwur5xLf0dupjQ/Mn5+YmJ8eGx0opjOURdbM9XbPXb889v36/9Am/jt+v9Es03/77D/v/77sxdO3yf+/87s/PkfaxM/0R8RD3UY/8fRr19qV5fEn27T//x94ifbxjqMX33n6YMd7goA7IHq8srsZLlcWlRQUFBYL3R7ZAIetHtJ3+2WAAAAAAAAAAAAAJ3ai8uJu91HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID94PcAAAD//5j81ps=")
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xffd, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r4 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$inet6_udp_int(r4, 0x11, 0x67, &(0x7f0000000040)=0x91, 0x4)
connect$inet6(r4, &(0x7f0000000080)={0xa, 0x4e23, 0x400, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x3b}}}, 0x1c)
r5 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000240), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000280)={&(0x7f0000000340)={0x70, r5, 0x100, 0x70bd2c, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_ADDR={0x20, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @rand_addr=' \x01\x00'}]}, @MPTCP_PM_ATTR_LOC_ID={0x5, 0x5, 0xfe}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x5}, @MPTCP_PM_ATTR_TOKEN={0x8, 0x4, 0x401}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast1}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x31}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}]}, @MPTCP_PM_ATTR_LOC_ID={0x5, 0x5, 0x3}]}, 0x70}}, 0x800)
connect$inet6(r4, &(0x7f0000000000)={0xa, 0x0, 0xfffffffd, @local, 0x2}, 0x1c)
sendmmsg$inet6(r4, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4001c00)
syz_open_procfs(0xffffffffffffffff, 0x0)

78.148169ms ago: executing program 0 (id=10483):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000030000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x10001, 0x8, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0xffffffffffffffc4, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r1}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0}, 0x18)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="4c00000010004b0400f4ed00000000007a000900", @ANYRES32=0x0, @ANYBLOB="00000000000000002c0012800b00010062726964676500001c00028008000400000000000600060000000000060009"], 0x4c}}, 0x0)

44.86879ms ago: executing program 3 (id=10484):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0500000004000000020000000c00000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="d032678407e851e6855fa80902a600000000000000000000000000000000000000000000000000000000f0ed2dd9ebd1722ddf16afc8dceb23acb20f106ec44e75993a1a97c66555a3c19a1a7e057580e37fbf7d186b12c157c423e0"], 0x73)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r0}, &(0x7f0000000200), &(0x7f0000000240)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001300)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000300)='./binderfs/binder0\x00', 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000740)=ANY=[@ANYBLOB="9feb01001800000000000000280000002800000003000000000000000200000d0000000000000000020000000100000002000000000000000000000500000000002e"], &(0x7f0000000100)=""/236, 0x43, 0xec, 0x1, 0x0, 0x0, @void, @value}, 0x20)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
openat$tun(0xffffffffffffff9c, &(0x7f0000000500), 0x400002, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r4}, 0x10)
r5 = syz_io_uring_setup(0x4333, &(0x7f0000000000), &(0x7f0000ff5000), &(0x7f0000ff4000))
io_uring_register$IORING_REGISTER_BUFFERS(r5, 0x0, &(0x7f0000002300)=[{0x0}], 0x1)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000480)=@base={0x2, 0x4, 0x8, 0xc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000028000000b704000000000000850000000300000095"], &(0x7f0000000040)='GPL\x00', 0xfffffffc, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket(0x1, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x10001, 0x8, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB="0c04000010000104000000000000000000480000", @ANYRES32=r7, @ANYBLOB="101000000000000008000d0005000000e4031680a40001800c0007"], 0x40c}}, 0x0)
io_uring_register$IORING_UNREGISTER_BUFFERS(r5, 0x1, 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000900)={0x18, 0x0, &(0x7f0000000780)=[@clear_death, @acquire={0x40046305, 0x2}], 0x0, 0x0, 0x0})
r8 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/cpuinfo\x00', 0x0, 0x0)
pread64(r8, &(0x7f0000000300)=""/94, 0x5e, 0x81ffffffffffffc)
syz_emit_ethernet(0x66, &(0x7f0000000340)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c200000086dd60d9000200302f00fe8000000000000000000000000000aaff0200000000000000000000000000010000883e00300ebddf62"], 0x0)
ioctl$USBDEVFS_GET_CAPABILITIES(r8, 0x8004551a, &(0x7f0000000400))

0s ago: executing program 8 (id=10485):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xe, 0x8b}, 0x0)
sendmsg$NFQNL_MSG_CONFIG(0xffffffffffffffff, &(0x7f0000000ac0)={0x0, 0x0, 0x0}, 0x90)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$inet6(0xa, 0x2, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_GET(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x14}}, 0x0)
getsockname$packet(r4, &(0x7f0000000180)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000580)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="400000001000370400"/20, @ANYRES32=r5, @ANYBLOB="8b0404000000000020001280080001007369740014", @ANYRES32=r5, @ANYBLOB="08000300e060"], 0x40}}, 0x0)
sendmmsg$inet(r2, &(0x7f0000002940)=[{{&(0x7f0000000040)={0x2, 0x4e1c, @remote}, 0x10, 0x0, 0x0, &(0x7f00000004c0)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r5, @empty, @empty}}}], 0x20}}], 0x1, 0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="000002f0d31209000000bc2e79e995"], 0x0)
write$binfmt_script(r6, &(0x7f0000000100), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
preadv(r6, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
sendmsg(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000140)="5500000018007f5f00fe01b2a4a2809302060000ff41fd01020400000a0012", 0x1f}], 0x1, 0x0, 0x0, 0x7a000000}, 0x4000884)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000180)="66b9800000c00f326635000800000f300f0f1c9a65660ff3b20618baa000ec672e660f38803d004000000f285473f61366b9800000c00f326635004000000f300f20e06635800000000f22e0f30fa6c8", 0x50}], 0x1, 0x0, 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20004000}, 0x14)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x10)
ioctl$KVM_RUN(r7, 0xae80, 0x0)

kernel console output (not intermixed with test programs):

type=1326 audit(1860.119:9298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2123 comm="syz.0.9838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87c7052169 code=0x7ffc0000
[ 1860.116184][ T2112] EXT4-fs (loop1): 1 orphan inode deleted
[ 1860.145917][ T2112] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1860.178275][ T2121] EXT4-fs (loop2): 1 orphan inode deleted
[ 1860.179703][   T30] audit: type=1326 audit(1860.149:9299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2123 comm="syz.0.9838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f87c7052169 code=0x7ffc0000
[ 1860.207206][   T30] audit: type=1326 audit(1860.149:9300): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2123 comm="syz.0.9838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87c7052169 code=0x7ffc0000
[ 1860.229007][ T2121] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1860.230472][   T30] audit: type=1326 audit(1860.149:9301): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2123 comm="syz.0.9838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87c7052169 code=0x7ffc0000
[ 1860.263816][   T30] audit: type=1326 audit(1860.149:9302): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2123 comm="syz.0.9838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f87c7052169 code=0x7ffc0000
[ 1860.286709][   T30] audit: type=1326 audit(1860.149:9303): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2123 comm="syz.0.9838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87c7052169 code=0x7ffc0000
[ 1860.330541][   T30] audit: type=1326 audit(1860.149:9304): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2123 comm="syz.0.9838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87c7052169 code=0x7ffc0000
[ 1860.378112][   T30] audit: type=1326 audit(1860.149:9305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2123 comm="syz.0.9838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f87c7052169 code=0x7ffc0000
[ 1860.401627][   T30] audit: type=1326 audit(1860.149:9306): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2123 comm="syz.0.9838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87c7052169 code=0x7ffc0000
[ 1860.811617][ T2144] 9pnet: Insufficient options for proto=fd
[ 1860.839619][ T2148] loop1: detected capacity change from 0 to 512
[ 1860.916966][ T2148] EXT4-fs error (device loop1): ext4_xattr_inode_iget:404: comm syz.1.9843: inode #1: comm syz.1.9843: iget: illegal inode #
[ 1860.944558][ T2152] loop3: detected capacity change from 0 to 512
[ 1860.955202][ T2148] EXT4-fs error (device loop1): ext4_xattr_inode_iget:409: comm syz.1.9843: error while reading EA inode 1 err=-117
[ 1860.976454][ T2148] EXT4-fs error (device loop1): ext4_xattr_inode_iget:404: comm syz.1.9843: inode #1: comm syz.1.9843: iget: illegal inode #
[ 1860.995556][ T2148] EXT4-fs error (device loop1): ext4_xattr_inode_iget:409: comm syz.1.9843: error while reading EA inode 1 err=-117
[ 1861.012408][ T2156] loop8: detected capacity change from 0 to 512
[ 1861.020406][ T2148] EXT4-fs (loop1): 1 orphan inode deleted
[ 1861.022070][ T2152] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1861.026014][ T2148] EXT4-fs (loop1): mounted filesystem without journal. Opts: sysvgroups,journal_dev=0x0000000000008000,debug_want_extra_isize=0x000000000000005c,resgid=0x0000000000000000,nojournal_checksum,grpquota,usrjquota=,,errors=continue. Quota mode: writeback.
[ 1861.149416][ T2156] EXT4-fs (loop8): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1861.633873][   T30] kauditd_printk_skb: 30 callbacks suppressed
[ 1861.633901][   T30] audit: type=1326 audit(1861.669:9337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2166 comm="syz.2.9849" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13e207e169 code=0x7ffc0000
[ 1861.922465][   T30] audit: type=1326 audit(1861.729:9338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2166 comm="syz.2.9849" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f13e207e169 code=0x7ffc0000
[ 1861.956941][ T2173] loop1: detected capacity change from 0 to 1024
[ 1861.964043][   T30] audit: type=1326 audit(1861.729:9339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2166 comm="syz.2.9849" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13e207e169 code=0x7ffc0000
[ 1862.000043][   T30] audit: type=1326 audit(1861.739:9340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2166 comm="syz.2.9849" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f13e207e169 code=0x7ffc0000
[ 1862.009390][ T2179] loop3: detected capacity change from 0 to 512
[ 1862.030078][   T30] audit: type=1326 audit(1861.749:9341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2166 comm="syz.2.9849" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13e207e169 code=0x7ffc0000
[ 1862.053361][   T30] audit: type=1326 audit(1861.759:9342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2166 comm="syz.2.9849" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f13e207e169 code=0x7ffc0000
[ 1862.068628][ T2183] loop8: detected capacity change from 0 to 512
[ 1862.078217][   T30] audit: type=1326 audit(1861.769:9343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2166 comm="syz.2.9849" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13e207e169 code=0x7ffc0000
[ 1862.106381][   T30] audit: type=1326 audit(1861.779:9344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2166 comm="syz.2.9849" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f13e207e169 code=0x7ffc0000
[ 1862.129435][   T30] audit: type=1326 audit(1861.779:9345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2166 comm="syz.2.9849" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13e207e169 code=0x7ffc0000
[ 1862.153070][   T30] audit: type=1326 audit(1861.789:9346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2166 comm="syz.2.9849" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f13e207e169 code=0x7ffc0000
[ 1862.187471][ T2173] EXT4-fs (loop1): mounted filesystem without journal. Opts: init_itable=0x000000002a6eff78,jqfmt=vfsold,,errors=continue. Quota mode: none.
[ 1862.245106][ T2179] EXT4-fs (loop3): 1 orphan inode deleted
[ 1862.255062][ T2183] EXT4-fs (loop8): 1 orphan inode deleted
[ 1862.255227][ T2179] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1862.261811][ T2183] EXT4-fs (loop8): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1862.405890][ T2194] loop2: detected capacity change from 0 to 256
[ 1863.662499][ T2209] loop8: detected capacity change from 0 to 512
[ 1863.752348][ T2209] EXT4-fs (loop8): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1863.868453][ T2226] loop1: detected capacity change from 0 to 512
[ 1864.268559][ T2233] loop2: detected capacity change from 0 to 512
[ 1864.275760][ T2226] EXT4-fs (loop1): 1 orphan inode deleted
[ 1864.282157][ T2226] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1864.319454][ T2235] netlink: 4096 bytes leftover after parsing attributes in process `syz.0.9867'.
[ 1864.341665][ T2233] EXT4-fs (loop2): 1 orphan inode deleted
[ 1864.347335][ T2233] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1864.370892][ T2242] loop1: detected capacity change from 0 to 512
[ 1864.394678][ T2242] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1864.430103][ T2246] loop2: detected capacity change from 0 to 512
[ 1864.459376][ T2247] EXT4-fs (loop1): shut down requested (0)
[ 1864.500059][ T2246] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1864.618943][ T2201] usb 1-1: new high-speed USB device number 23 using dummy_hcd
[ 1865.428390][ T2262] loop1: detected capacity change from 0 to 128
[ 1865.448951][ T2201] usb 1-1: Using ep0 maxpacket: 8
[ 1865.563620][ T2268] loop8: detected capacity change from 0 to 256
[ 1865.610370][ T2268] exfat: Bad value for 'uid'
[ 1865.637577][ T2262] EXT4-fs (loop1): Test dummy encryption mode enabled
[ 1865.814916][ T2262] EXT4-fs (loop1): mounted filesystem without journal. Opts: test_dummy_encryption,,errors=continue. Quota mode: none.
[ 1865.816978][ T2273] loop2: detected capacity change from 0 to 512
[ 1865.916392][ T2280] netlink: 4096 bytes leftover after parsing attributes in process `syz.3.9880'.
[ 1865.943783][ T2273] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1865.947503][ T2284] loop3: detected capacity change from 0 to 512
[ 1865.961798][ T2201] usb 1-1: unable to get BOS descriptor or descriptor too short
[ 1867.050734][ T2290] netlink: 148 bytes leftover after parsing attributes in process `syz.8.9882'.
[ 1867.062454][ T2284] EXT4-fs (loop3): 1 orphan inode deleted
[ 1867.068030][ T2284] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1867.079247][ T2290] A link change request failed with some changes committed already. Interface ip6tnl0 may have been left with an inconsistent configuration, please check.
[ 1867.109017][ T2201] usb 1-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[ 1867.117766][ T2201] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1867.138629][ T2296] loop1: detected capacity change from 0 to 512
[ 1867.147425][   T30] kauditd_printk_skb: 97 callbacks suppressed
[ 1867.147441][   T30] audit: type=1107 audit(1867.179:9444): pid=2294 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg='…'
[ 1867.153798][ T2201] usb 1-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[ 1867.178359][ T2201] usb 1-1: config 1 has no interface number 1
[ 1867.183828][ T2299] loop2: detected capacity change from 0 to 512
[ 1867.184608][ T2201] usb 1-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[ 1867.204648][ T2201] usb 1-1: config 1 interface 2 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1867.217577][ T2201] usb 1-1: config 1 interface 2 has no altsetting 0
[ 1867.231504][ T2296] EXT4-fs (loop1): 1 orphan inode deleted
[ 1867.237077][ T2296] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1867.246426][ T2303] loop8: detected capacity change from 0 to 512
[ 1867.277671][ T2299] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1867.311801][ T2303] EXT4-fs (loop8): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1867.351722][ T2314] EXT4-fs (loop2): shut down requested (0)
[ 1867.364912][ T2316] loop1: detected capacity change from 0 to 512
[ 1867.379094][ T2201] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1867.399069][ T2201] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1867.406990][ T2201] usb 1-1: Product: syz
[ 1867.411106][ T2201] usb 1-1: Manufacturer: syz
[ 1867.462774][ T2201] usb 1-1: can't set config #1, error -71
[ 1867.469557][   T30] audit: type=1326 audit(1867.509:9445): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2317 comm="syz.0.9890" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87c7052169 code=0x7ffc0000
[ 1867.477027][ T2201] usb 1-1: USB disconnect, device number 23
[ 1867.511413][ T2316] EXT4-fs (loop1): 1 orphan inode deleted
[ 1867.517054][ T2316] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1867.730845][   T30] audit: type=1326 audit(1867.509:9446): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2317 comm="syz.0.9890" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87c7052169 code=0x7ffc0000
[ 1867.774037][   T30] audit: type=1326 audit(1867.529:9447): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2317 comm="syz.0.9890" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f87c7052169 code=0x7ffc0000
[ 1867.804240][   T30] audit: type=1326 audit(1867.529:9448): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2317 comm="syz.0.9890" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87c7052169 code=0x7ffc0000
[ 1867.828093][   T30] audit: type=1326 audit(1867.529:9449): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2317 comm="syz.0.9890" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87c7052169 code=0x7ffc0000
[ 1867.858429][   T30] audit: type=1326 audit(1867.529:9450): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2317 comm="syz.0.9890" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f87c7052169 code=0x7ffc0000
[ 1867.889211][   T30] audit: type=1326 audit(1867.539:9451): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2317 comm="syz.0.9890" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87c7052169 code=0x7ffc0000
[ 1867.912342][   T30] audit: type=1326 audit(1867.539:9452): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2317 comm="syz.0.9890" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87c7052169 code=0x7ffc0000
[ 1867.935436][   T30] audit: type=1326 audit(1867.539:9453): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2317 comm="syz.0.9890" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f87c7052169 code=0x7ffc0000
[ 1867.958820][ T2328] netlink: 4096 bytes leftover after parsing attributes in process `syz.0.9891'.
[ 1867.974650][ T2329] loop1: detected capacity change from 0 to 128
[ 1868.030059][ T2329] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[ 1868.034314][ T2335] loop3: detected capacity change from 0 to 512
[ 1868.073338][ T2339] netlink: 148 bytes leftover after parsing attributes in process `syz.0.9897'.
[ 1868.083469][ T2339] A link change request failed with some changes committed already. Interface ip6tnl0 may have been left with an inconsistent configuration, please check.
[ 1868.126688][ T2335] EXT4-fs error (device loop3): ext4_xattr_inode_iget:404: comm syz.3.9893: inode #1: comm syz.3.9893: iget: illegal inode #
[ 1868.142506][ T2335] EXT4-fs error (device loop3): ext4_xattr_inode_iget:409: comm syz.3.9893: error while reading EA inode 1 err=-117
[ 1868.156607][ T2335] EXT4-fs error (device loop3): ext4_xattr_inode_iget:404: comm syz.3.9893: inode #1: comm syz.3.9893: iget: illegal inode #
[ 1868.169765][ T2335] EXT4-fs error (device loop3): ext4_xattr_inode_iget:409: comm syz.3.9893: error while reading EA inode 1 err=-117
[ 1868.182868][ T2335] EXT4-fs (loop3): 1 orphan inode deleted
[ 1868.188714][ T2335] EXT4-fs (loop3): mounted filesystem without journal. Opts: sysvgroups,journal_dev=0x0000000000008000,debug_want_extra_isize=0x000000000000005c,resgid=0x0000000000000000,nojournal_checksum,grpquota,usrjquota=,,errors=continue. Quota mode: writeback.
[ 1869.279589][ T2366] FAULT_INJECTION: forcing a failure.
[ 1869.279589][ T2366] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1869.362236][ T2366] CPU: 0 PID: 2366 Comm: syz.8.9902 Not tainted 5.15.178-syzkaller-00034-g5e1b899f19c3 #0
[ 1869.372166][ T2366] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 1869.382062][ T2366] Call Trace:
[ 1869.385228][ T2366]  <TASK>
[ 1869.388075][ T2366]  dump_stack_lvl+0x151/0x1c0
[ 1869.392588][ T2366]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 1869.398041][ T2366]  ? __gfn_to_pfn_memslot+0x5dc/0x1020
[ 1869.403341][ T2366]  dump_stack+0x15/0x20
[ 1869.407347][ T2366]  should_fail+0x3c6/0x510
[ 1869.411585][ T2366]  should_fail_usercopy+0x1a/0x20
[ 1869.416444][ T2366]  kvm_write_guest_offset_cached+0x1ec/0x490
[ 1869.422259][ T2366]  kvm_write_guest_cached+0x2f/0x40
[ 1869.427288][ T2366]  kvm_lapic_sync_to_vapic+0x676/0xbf0
[ 1869.432586][ T2366]  ? kvm_apic_has_interrupt+0x4be/0xa70
[ 1869.438062][ T2366]  ? kvm_lapic_sync_from_vapic+0x5e0/0x5e0
[ 1869.443706][ T2366]  ? vmx_update_cr8_intercept+0xa1/0x240
[ 1869.449175][ T2366]  vcpu_enter_guest+0x7960/0x8ed0
[ 1869.454036][ T2366]  ? avc_has_perm+0x16f/0x260
[ 1869.458550][ T2366]  ? local_bh_enable+0x30/0x30
[ 1869.463150][ T2366]  ? 0xffffffffa002e000
[ 1869.467136][ T2366]  ? is_bpf_text_address+0x172/0x190
[ 1869.472345][ T2366]  ? stack_trace_save+0x1c0/0x1c0
[ 1869.477203][ T2366]  ? __kernel_text_address+0x9b/0x110
[ 1869.482418][ T2366]  ? unwind_get_return_address+0x4d/0x90
[ 1869.487965][ T2366]  ? arch_stack_walk+0xf3/0x140
[ 1869.492707][ T2366]  ? stack_trace_save+0x113/0x1c0
[ 1869.497516][ T2366]  ? stack_trace_snprint+0xf0/0xf0
[ 1869.502460][ T2366]  ? __stack_depot_save+0x34/0x470
[ 1869.507414][ T2366]  ? kmem_cache_free+0x115/0x330
[ 1869.512181][ T2366]  ? vmx_vcpu_load_vmcs+0x4ad/0x7a0
[ 1869.517237][ T2366]  ? ____kasan_slab_free+0x126/0x160
[ 1869.522336][ T2366]  ? kmem_cache_free+0x115/0x330
[ 1869.527122][ T2366]  ? __kasan_check_read+0x11/0x20
[ 1869.531967][ T2366]  ? vmx_vcpu_pi_load+0xa5/0x360
[ 1869.536744][ T2366]  ? __kasan_check_write+0x14/0x20
[ 1869.541734][ T2366]  ? kvm_arch_vcpu_load+0x577/0x760
[ 1869.546727][ T2366]  ? local_bh_enable+0x1f/0x30
[ 1869.551325][ T2366]  ? kvm_load_guest_fpu+0x13d/0x280
[ 1869.556358][ T2366]  kvm_arch_vcpu_ioctl_run+0xc4d/0x2270
[ 1869.561742][ T2366]  ? selinux_file_permission+0x2c4/0x570
[ 1869.567209][ T2366]  ? ioctl_has_perm+0x1f8/0x560
[ 1869.571926][ T2366]  ? __kvm_request_immediate_exit+0x70/0x70
[ 1869.577626][ T2366]  kvm_vcpu_ioctl+0x7eb/0xcf0
[ 1869.582152][ T2366]  ? kvm_clear_stat_per_vcpu+0x1e0/0x1e0
[ 1869.587805][ T2366]  ? selinux_file_ioctl+0x3cc/0x540
[ 1869.592832][ T2366]  ? __mutex_lock_slowpath+0x10/0x10
[ 1869.597954][ T2366]  ? selinux_file_alloc_security+0x120/0x120
[ 1869.603772][ T2366]  ? __fget_files+0x31e/0x380
[ 1869.608288][ T2366]  ? security_file_ioctl+0x84/0xb0
[ 1869.613229][ T2366]  ? kvm_clear_stat_per_vcpu+0x1e0/0x1e0
[ 1869.618696][ T2366]  __se_sys_ioctl+0x114/0x190
[ 1869.623210][ T2366]  __x64_sys_ioctl+0x7b/0x90
[ 1869.627636][ T2366]  x64_sys_call+0x98/0x9a0
[ 1869.631890][ T2366]  do_syscall_64+0x3b/0xb0
[ 1869.636140][ T2366]  ? clear_bhb_loop+0x35/0x90
[ 1869.640655][ T2366]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 1869.646384][ T2366] RIP: 0033:0x7fd8e88c1169
[ 1869.650640][ T2366] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1869.670083][ T2366] RSP: 002b:00007fd8e6f0a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1869.678326][ T2366] RAX: ffffffffffffffda RBX: 00007fd8e8ada080 RCX: 00007fd8e88c1169
[ 1869.686142][ T2366] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[ 1869.693948][ T2366] RBP: 00007fd8e6f0a090 R08: 0000000000000000 R09: 0000000000000000
[ 1869.701773][ T2366] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1869.709577][ T2366] R13: 0000000000000000 R14: 00007fd8e8ada080 R15: 00007ffef95f3c18
[ 1869.717388][ T2366]  </TASK>
[ 1869.740601][ T2378] loop2: detected capacity change from 0 to 128
[ 1869.773192][ T2384] loop1: detected capacity change from 0 to 512
[ 1869.798599][ T2378] FAT-fs (loop2): bogus number of reserved sectors
[ 1869.808365][ T2378] FAT-fs (loop2): This doesn't look like a DOS 1.x volume; DOS 2.x BPB is non-zero
[ 1869.825407][ T2378] FAT-fs (loop2): Can't find a valid FAT filesystem
[ 1869.866179][ T2384] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1869.906768][ T2398] loop8: detected capacity change from 0 to 512
[ 1869.990489][ T2398] EXT4-fs (loop8): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1872.247244][ T2418] loop8: detected capacity change from 0 to 40427
[ 1872.294096][ T2418] F2FS-fs (loop8): Insane cp_payload (553648128 >= 504)
[ 1872.307590][ T2424] loop2: detected capacity change from 0 to 16
[ 1872.314979][ T2418] F2FS-fs (loop8): Can't find valid F2FS filesystem in 1th superblock
[ 1872.361692][ T2424] erofs: (device loop2): mounted with root inode @ nid 36.
[ 1872.426637][ T2418] F2FS-fs (loop8): invalid crc value
[ 1872.528408][ T2418] F2FS-fs (loop8): Found nat_bits in checkpoint
[ 1872.555129][   T30] kauditd_printk_skb: 170 callbacks suppressed
[ 1872.555147][   T30] audit: type=1107 audit(1872.589:9624): pid=2429 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg='…'
[ 1872.596018][   T30] audit: type=1326 audit(1872.619:9625): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2432 comm="syz.0.9922" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87c7052169 code=0x7ffc0000
[ 1872.625874][   T30] audit: type=1326 audit(1872.619:9626): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2432 comm="syz.0.9922" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87c7052169 code=0x7ffc0000
[ 1872.655451][   T30] audit: type=1326 audit(1872.619:9627): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2432 comm="syz.0.9922" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f87c7052169 code=0x7ffc0000
[ 1872.681242][   T30] audit: type=1326 audit(1872.619:9628): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2432 comm="syz.0.9922" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87c7052169 code=0x7ffc0000
[ 1872.706952][   T30] audit: type=1326 audit(1872.619:9629): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2432 comm="syz.0.9922" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87c7052169 code=0x7ffc0000
[ 1872.730974][ T2418] F2FS-fs (loop8): Start checkpoint disabled!
[ 1872.746735][   T30] audit: type=1326 audit(1872.619:9630): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2432 comm="syz.0.9922" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f87c7052169 code=0x7ffc0000
[ 1872.787634][   T30] audit: type=1326 audit(1872.629:9631): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2432 comm="syz.0.9922" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87c7052169 code=0x7ffc0000
[ 1872.819167][ T2442] loop1: detected capacity change from 0 to 512
[ 1872.843204][ T2445] FAULT_INJECTION: forcing a failure.
[ 1872.843204][ T2445] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1872.856130][ T2445] CPU: 1 PID: 2445 Comm: syz.3.9924 Not tainted 5.15.178-syzkaller-00034-g5e1b899f19c3 #0
[ 1872.865805][ T2445] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 1872.875700][ T2445] Call Trace:
[ 1872.878823][ T2445]  <TASK>
[ 1872.881608][ T2445]  dump_stack_lvl+0x151/0x1c0
[ 1872.886114][ T2445]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 1872.891596][ T2445]  ? __check_object_size+0x73/0x3d0
[ 1872.896617][ T2445]  dump_stack+0x15/0x20
[ 1872.900618][ T2445]  should_fail+0x3c6/0x510
[ 1872.904865][ T2445]  should_fail_usercopy+0x1a/0x20
[ 1872.909738][ T2445]  _copy_to_user+0x20/0x90
[ 1872.914239][ T2445]  simple_read_from_buffer+0xc7/0x150
[ 1872.919457][ T2445]  proc_fail_nth_read+0x1a3/0x210
[ 1872.924398][ T2445]  ? proc_fault_inject_write+0x390/0x390
[ 1872.929863][ T2445]  ? fsnotify_perm+0x269/0x5b0
[ 1872.934552][ T2445]  ? security_file_permission+0x86/0xb0
[ 1872.939934][ T2445]  ? proc_fault_inject_write+0x390/0x390
[ 1872.942812][   T30] audit: type=1326 audit(1872.629:9632): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2432 comm="syz.0.9922" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87c7052169 code=0x7ffc0000
[ 1872.945483][ T2445]  vfs_read+0x27d/0xd40
[ 1872.968608][   T30] audit: type=1326 audit(1872.629:9633): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2432 comm="syz.0.9922" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f87c7052169 code=0x7ffc0000
[ 1872.972222][ T2445]  ? kernel_read+0x1f0/0x1f0
[ 1872.972251][ T2445]  ? irqentry_exit_cond_resched+0x2a/0x30
[ 1872.997122][ T2418] F2FS-fs (loop8): Try to recover 1th superblock, ret: 0
[ 1872.999410][ T2445]  ? irqentry_exit+0x30/0x40
[ 1872.999440][ T2445]  ? sysvec_reschedule_ipi+0x8c/0x160
[ 1872.999463][ T2445]  ? asm_sysvec_reschedule_ipi+0x1b/0x20
[ 1873.004973][ T2418] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e6
[ 1873.011811][ T2445]  ? ksys_read+0xfd/0x2c0
[ 1873.011841][ T2445]  ksys_read+0x199/0x2c0
[ 1873.011861][ T2445]  ? vfs_write+0x1110/0x1110
[ 1873.011883][ T2445]  __x64_sys_read+0x7b/0x90
[ 1873.011902][ T2445]  x64_sys_call+0x28/0x9a0
[ 1873.011922][ T2445]  do_syscall_64+0x3b/0xb0
[ 1873.011941][ T2445]  ? clear_bhb_loop+0x35/0x90
[ 1873.011961][ T2445]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 1873.011982][ T2445] RIP: 0033:0x7f3b7cd05b7c
[ 1873.012002][ T2445] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[ 1873.012019][ T2445] RSP: 002b:00007f3b7b32f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1873.102559][ T2445] RAX: ffffffffffffffda RBX: 00007f3b7cf20160 RCX: 00007f3b7cd05b7c
[ 1873.110379][ T2445] RDX: 000000000000000f RSI: 00007f3b7b32f0a0 RDI: 0000000000000009
[ 1873.118187][ T2445] RBP: 00007f3b7b32f090 R08: 0000000000000000 R09: 0000000000000000
[ 1873.126406][ T2445] R10: 0000000000004000 R11: 0000000000000246 R12: 0000000000000001
[ 1873.134213][ T2445] R13: 0000000000000000 R14: 00007f3b7cf20160 R15: 00007ffc9a376a38
[ 1873.142027][ T2445]  </TASK>
[ 1873.236201][ T2448] loop3: detected capacity change from 0 to 128
[ 1873.257362][ T2442] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1873.274706][ T1170] attempt to access beyond end of device
[ 1873.274706][ T1170] loop8: rw=2049, want=41024, limit=40427
[ 1873.296654][ T2453] loop2: detected capacity change from 0 to 512
[ 1873.444326][ T2448] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[ 1873.455156][ T2456] EXT4-fs (loop1): shut down requested (0)
[ 1873.486030][ T2453] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1875.154669][ T2496] loop3: detected capacity change from 0 to 16
[ 1875.291469][ T2499] loop1: detected capacity change from 0 to 512
[ 1875.322373][ T2496] erofs: (device loop3): mounted with root inode @ nid 36.
[ 1875.481562][ T2499] EXT4-fs (loop1): 1 orphan inode deleted
[ 1875.487400][ T2499] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1875.568825][ T2512] loop1: detected capacity change from 0 to 512
[ 1875.574992][    T6] usb 9-1: new high-speed USB device number 4 using dummy_hcd
[ 1875.614418][ T2512] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1876.568943][    T6] usb 9-1: Using ep0 maxpacket: 32
[ 1876.625201][ T2522] loop2: detected capacity change from 0 to 40427
[ 1876.645200][    C0] IPv4: Oversized IP packet from 127.0.0.1
[ 1876.651367][    C0] IPv4: Oversized IP packet from 127.0.0.1
[ 1876.677782][ T2522] F2FS-fs (loop2): fault_type options not supported
[ 1876.686069][ T2522] F2FS-fs (loop2): fault_injection options not supported
[ 1876.693600][    T6] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1876.704904][    T6] usb 9-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1876.718251][ T2522] F2FS-fs (loop2): invalid crc value
[ 1876.718527][ T2537] syz.0.9955[2537] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1876.724025][    T6] usb 9-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[ 1876.725484][ T2537] syz.0.9955[2537] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1876.735687][    T6] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1876.764080][ T2522] F2FS-fs (loop2): Found nat_bits in checkpoint
[ 1876.764667][ T2537] blk_update_request: I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1876.781599][ T2537] FAT-fs (loop1): unable to read boot sector
[ 1876.788014][    T6] usb 9-1: config 0 descriptor??
[ 1876.817502][ T2522] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[ 1876.829703][    T6] usbhid 9-1:0.0: couldn't find an input interrupt endpoint
[ 1877.054532][ T2558] loop2: detected capacity change from 0 to 512
[ 1877.130785][ T2558] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1877.588139][ T2569] loop3: detected capacity change from 0 to 512
[ 1877.642019][ T2569] EXT4-fs error (device loop3): ext4_xattr_inode_iget:404: comm syz.3.9964: inode #1: comm syz.3.9964: iget: illegal inode #
[ 1877.655219][ T2569] EXT4-fs error (device loop3): ext4_xattr_inode_iget:409: comm syz.3.9964: error while reading EA inode 1 err=-117
[ 1877.668103][ T2569] EXT4-fs error (device loop3): ext4_xattr_inode_iget:404: comm syz.3.9964: inode #1: comm syz.3.9964: iget: illegal inode #
[ 1877.681388][ T2569] EXT4-fs error (device loop3): ext4_xattr_inode_iget:409: comm syz.3.9964: error while reading EA inode 1 err=-117
[ 1877.695579][ T2569] EXT4-fs (loop3): 1 orphan inode deleted
[ 1877.702416][ T2569] EXT4-fs (loop3): mounted filesystem without journal. Opts: sysvgroups,journal_dev=0x0000000000008000,debug_want_extra_isize=0x000000000000005c,resgid=0x0000000000000000,nojournal_checksum,grpquota,usrjquota=,,errors=continue. Quota mode: writeback.
[ 1877.748762][ T2572] loop1: detected capacity change from 0 to 16
[ 1877.791981][ T2572] erofs: (device loop1): mounted with root inode @ nid 36.
[ 1878.108282][ T2574] FAULT_INJECTION: forcing a failure.
[ 1878.108282][ T2574] name failslab, interval 1, probability 0, space 0, times 0
[ 1878.121334][ T2574] CPU: 1 PID: 2574 Comm: syz.2.9965 Not tainted 5.15.178-syzkaller-00034-g5e1b899f19c3 #0
[ 1878.131177][ T2574] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 1878.141072][ T2574] Call Trace:
[ 1878.144193][ T2574]  <TASK>
[ 1878.146969][ T2574]  dump_stack_lvl+0x151/0x1c0
[ 1878.151496][ T2574]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 1878.156963][ T2574]  dump_stack+0x15/0x20
[ 1878.160953][ T2574]  should_fail+0x3c6/0x510
[ 1878.165198][ T2574]  __should_failslab+0xa4/0xe0
[ 1878.169799][ T2574]  should_failslab+0x9/0x20
[ 1878.174140][ T2574]  slab_pre_alloc_hook+0x37/0xd0
[ 1878.178918][ T2574]  __kmalloc+0x6d/0x2c0
[ 1878.182906][ T2574]  ? kvmalloc_node+0x1f0/0x4d0
[ 1878.187502][ T2574]  kvmalloc_node+0x1f0/0x4d0
[ 1878.191930][ T2574]  ? vm_mmap+0xb0/0xb0
[ 1878.195841][ T2574]  ? __kasan_kmalloc+0x9/0x10
[ 1878.200356][ T2574]  ? kmem_cache_alloc_trace+0x11a/0x270
[ 1878.205875][ T2574]  ? alloc_fdtable+0xaf/0x2a0
[ 1878.210525][ T2574]  alloc_fdtable+0x163/0x2a0
[ 1878.215054][ T2574]  dup_fd+0x882/0xb30
[ 1878.218856][ T2574]  ? lockref_get+0xb4/0x110
[ 1878.223194][ T2574]  ksys_unshare+0x472/0x980
[ 1878.227530][ T2574]  ? fput+0x1a/0x20
[ 1878.231175][ T2574]  ? sighand_ctor+0x60/0x60
[ 1878.235605][ T2574]  ? debug_smp_processor_id+0x17/0x20
[ 1878.240809][ T2574]  ? fpregs_assert_state_consistent+0xb6/0xe0
[ 1878.246710][ T2574]  __x64_sys_unshare+0x38/0x40
[ 1878.251306][ T2574]  x64_sys_call+0x728/0x9a0
[ 1878.255679][ T2574]  do_syscall_64+0x3b/0xb0
[ 1878.259902][ T2574]  ? clear_bhb_loop+0x35/0x90
[ 1878.264424][ T2574]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 1878.270319][ T2574] RIP: 0033:0x7f13e207e169
[ 1878.274584][ T2574] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1878.294015][ T2574] RSP: 002b:00007f13e06e8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[ 1878.302274][ T2574] RAX: ffffffffffffffda RBX: 00007f13e2296fa0 RCX: 00007f13e207e169
[ 1878.310155][ T2574] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000024020400
[ 1878.317966][ T2574] RBP: 00007f13e06e8090 R08: 0000000000000000 R09: 0000000000000000
[ 1878.325866][ T2574] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1878.333675][ T2574] R13: 0000000000000000 R14: 00007f13e2296fa0 R15: 00007ffcbd8ec5c8
[ 1878.341741][ T2574]  </TASK>
[ 1878.359564][ T2576] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=2576 comm=syz.0.9966
[ 1878.375102][ T2581] FAULT_INJECTION: forcing a failure.
[ 1878.375102][ T2581] name failslab, interval 1, probability 0, space 0, times 0
[ 1878.415468][ T2581] CPU: 0 PID: 2581 Comm: syz.3.9967 Not tainted 5.15.178-syzkaller-00034-g5e1b899f19c3 #0
[ 1878.425221][ T2581] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 1878.435201][ T2581] Call Trace:
[ 1878.438339][ T2581]  <TASK>
[ 1878.441101][ T2581]  dump_stack_lvl+0x151/0x1c0
[ 1878.445643][ T2581]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 1878.451080][ T2581]  dump_stack+0x15/0x20
[ 1878.455164][ T2581]  should_fail+0x3c6/0x510
[ 1878.459410][ T2581]  __should_failslab+0xa4/0xe0
[ 1878.464011][ T2581]  ? security_file_alloc+0x29/0x120
[ 1878.469048][ T2581]  should_failslab+0x9/0x20
[ 1878.473521][ T2581]  slab_pre_alloc_hook+0x37/0xd0
[ 1878.478254][ T2581]  ? security_file_alloc+0x29/0x120
[ 1878.483280][ T2581]  kmem_cache_alloc+0x44/0x250
[ 1878.487882][ T2581]  security_file_alloc+0x29/0x120
[ 1878.492738][ T2581]  __alloc_file+0xb2/0x2a0
[ 1878.496995][ T2581]  alloc_empty_file+0x95/0x180
[ 1878.501593][ T2581]  path_openat+0xfe/0x2f40
[ 1878.505844][ T2581]  ? stack_trace_snprint+0xf0/0xf0
[ 1878.510792][ T2581]  ? kmem_cache_free+0x115/0x330
[ 1878.515569][ T2581]  ? __kasan_slab_alloc+0xc3/0xe0
[ 1878.520430][ T2581]  ? __kasan_slab_alloc+0xb1/0xe0
[ 1878.525284][ T2581]  ? slab_post_alloc_hook+0x53/0x2c0
[ 1878.530415][ T2581]  ? kmem_cache_alloc+0xf5/0x250
[ 1878.535181][ T2581]  ? getname_flags+0xba/0x520
[ 1878.539693][ T2581]  ? getname+0x19/0x20
[ 1878.543598][ T2581]  ? do_sys_openat2+0xd7/0x820
[ 1878.548199][ T2581]  ? __x64_sys_openat+0x243/0x290
[ 1878.553062][ T2581]  ? x64_sys_call+0x6bf/0x9a0
[ 1878.557574][ T2581]  ? do_syscall_64+0x3b/0xb0
[ 1878.562001][ T2581]  ? entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 1878.567915][ T2581]  ? do_filp_open+0x460/0x460
[ 1878.572419][ T2581]  do_filp_open+0x21c/0x460
[ 1878.576759][ T2581]  ? vfs_tmpfile+0x2c0/0x2c0
[ 1878.581187][ T2581]  do_sys_openat2+0x13f/0x820
[ 1878.585707][ T2581]  ? wait_for_completion_killable_timeout+0x10/0x10
[ 1878.592138][ T2581]  ? __mutex_lock_slowpath+0x10/0x10
[ 1878.597240][ T2581]  ? do_sys_open+0x220/0x220
[ 1878.601678][ T2581]  ? bpf_trace_run2+0xf1/0x210
[ 1878.606267][ T2581]  __x64_sys_openat+0x243/0x290
[ 1878.610955][ T2581]  ? __ia32_sys_open+0x270/0x270
[ 1878.615727][ T2581]  ? __bpf_trace_sys_enter+0x62/0x70
[ 1878.620851][ T2581]  x64_sys_call+0x6bf/0x9a0
[ 1878.625189][ T2581]  do_syscall_64+0x3b/0xb0
[ 1878.629439][ T2581]  ? clear_bhb_loop+0x35/0x90
[ 1878.633956][ T2581]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 1878.639682][ T2581] RIP: 0033:0x7f3b7cd07169
[ 1878.643943][ T2581] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1878.663380][ T2581] RSP: 002b:00007f3b7b371038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1878.671623][ T2581] RAX: ffffffffffffffda RBX: 00007f3b7cf1ffa0 RCX: 00007f3b7cd07169
[ 1878.679435][ T2581] RDX: 0000000000218240 RSI: 0000200000000400 RDI: ffffffffffffff9c
[ 1878.687248][ T2581] RBP: 00007f3b7b371090 R08: 0000000000000000 R09: 0000000000000000
[ 1878.695059][ T2581] R10: 0000000000000198 R11: 0000000000000246 R12: 0000000000000001
[ 1878.702882][ T2581] R13: 0000000000000000 R14: 00007f3b7cf1ffa0 R15: 00007ffc9a376a38
[ 1878.710688][ T2581]  </TASK>
[ 1878.727510][ T2078] usb 9-1: USB disconnect, device number 4
[ 1878.761890][   T30] kauditd_printk_skb: 119 callbacks suppressed
[ 1878.761907][   T30] audit: type=1326 audit(1878.794:9753): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2587 comm="syz.8.9971" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd8e88c1169 code=0x7ffc0000
[ 1878.801487][   T30] audit: type=1107 audit(1878.824:9754): pid=2585 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg='…'
[ 1878.815201][   T30] audit: type=1326 audit(1878.824:9755): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2587 comm="syz.8.9971" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd8e88c1169 code=0x7ffc0000
[ 1878.863929][   T30] audit: type=1326 audit(1878.824:9756): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2587 comm="syz.8.9971" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd8e88c1169 code=0x7ffc0000
[ 1878.899907][   T30] audit: type=1326 audit(1878.824:9757): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2587 comm="syz.8.9971" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd8e88c1169 code=0x7ffc0000
[ 1878.900630][ T2600] loop8: detected capacity change from 0 to 512
[ 1878.923994][   T30] audit: type=1326 audit(1878.874:9758): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2587 comm="syz.8.9971" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd8e88c1169 code=0x7ffc0000
[ 1878.952875][   T30] audit: type=1326 audit(1878.874:9759): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2587 comm="syz.8.9971" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd8e88c1169 code=0x7ffc0000
[ 1878.976535][   T30] audit: type=1326 audit(1878.884:9760): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2587 comm="syz.8.9971" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7fd8e88c1169 code=0x7ffc0000
[ 1879.002100][   T30] audit: type=1326 audit(1878.884:9761): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2587 comm="syz.8.9971" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd8e88c1169 code=0x7ffc0000
[ 1879.026213][   T30] audit: type=1326 audit(1878.884:9762): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2587 comm="syz.8.9971" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd8e88c1169 code=0x7ffc0000
[ 1879.047307][ T2610] loop2: detected capacity change from 0 to 512
[ 1879.073455][ T2600] EXT4-fs (loop8): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1879.178474][ T2610] EXT4-fs (loop2): 1 orphan inode deleted
[ 1879.184451][ T2610] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1879.551945][ T2624] loop3: detected capacity change from 0 to 512
[ 1879.591376][ T2624] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1880.458665][ T2643] usb usb8: usbfs: process 2643 (syz.2.9987) did not claim interface 0 before use
[ 1880.476527][ T2643] loop2: detected capacity change from 0 to 256
[ 1880.490863][ T2646] usb usb8: usbfs: process 2646 (syz.8.9988) did not claim interface 0 before use
[ 1880.520193][ T2643] exFAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 1880.528785][ T2646] loop8: detected capacity change from 0 to 256
[ 1880.540256][ T2646] exFAT-fs (loop8): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 1880.550883][ T2643] exFAT-fs (loop2): Medium has reported failures. Some data may be lost.
[ 1880.562701][ T2652] loop3: detected capacity change from 0 to 512
[ 1880.569069][ T2646] exFAT-fs (loop8): Medium has reported failures. Some data may be lost.
[ 1880.586311][ T2643] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xe5674ec2, utbl_chksum : 0xe619d30d)
[ 1880.600431][ T2646] exFAT-fs (loop8): failed to load upcase table (idx : 0x00010000, chksum : 0xe5674ec2, utbl_chksum : 0xe619d30d)
[ 1880.614943][ T2646] netlink: 4 bytes leftover after parsing attributes in process `syz.8.9988'.
[ 1880.637270][ T2643] netlink: 4 bytes leftover after parsing attributes in process `syz.2.9987'.
[ 1880.640093][ T2652] EXT4-fs (loop3): 1 orphan inode deleted
[ 1880.647640][ T2643] netlink: 12 bytes leftover after parsing attributes in process `syz.2.9987'.
[ 1880.661781][ T2652] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1880.675922][ T2646] netlink: 12 bytes leftover after parsing attributes in process `syz.8.9988'.
[ 1880.698262][ T2646] FAULT_INJECTION: forcing a failure.
[ 1880.698262][ T2646] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1880.713024][ T2646] CPU: 1 PID: 2646 Comm: syz.8.9988 Not tainted 5.15.178-syzkaller-00034-g5e1b899f19c3 #0
[ 1880.722756][ T2646] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 1880.732741][ T2646] Call Trace:
[ 1880.735911][ T2646]  <TASK>
[ 1880.738645][ T2646]  dump_stack_lvl+0x151/0x1c0
[ 1880.743163][ T2646]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 1880.748623][ T2646]  ? __stack_depot_save+0x34/0x470
[ 1880.753573][ T2646]  ? kmem_cache_free+0x115/0x330
[ 1880.758343][ T2646]  dump_stack+0x15/0x20
[ 1880.762334][ T2646]  should_fail+0x3c6/0x510
[ 1880.766658][ T2646]  should_fail_usercopy+0x1a/0x20
[ 1880.771450][ T2646]  _copy_from_user+0x20/0xd0
[ 1880.775965][ T2646]  __copy_msghdr_from_user+0xaf/0x7c0
[ 1880.781174][ T2646]  ? __ia32_sys_shutdown+0x70/0x70
[ 1880.786121][ T2646]  ___sys_sendmsg+0x166/0x2e0
[ 1880.790638][ T2646]  ? __sys_sendmsg+0x260/0x260
[ 1880.795232][ T2646]  ? putname+0xfa/0x150
[ 1880.799224][ T2646]  ? __fdget+0x1bc/0x240
[ 1880.803303][ T2646]  __se_sys_sendmsg+0x19a/0x260
[ 1880.808155][ T2646]  ? __x64_sys_sendmsg+0x90/0x90
[ 1880.812879][ T2646]  ? ksys_write+0x260/0x2c0
[ 1880.817214][ T2646]  ? debug_smp_processor_id+0x17/0x20
[ 1880.822418][ T2646]  ? fpregs_assert_state_consistent+0xb6/0xe0
[ 1880.828321][ T2646]  __x64_sys_sendmsg+0x7b/0x90
[ 1880.832920][ T2646]  x64_sys_call+0x16a/0x9a0
[ 1880.837264][ T2646]  do_syscall_64+0x3b/0xb0
[ 1880.841514][ T2646]  ? clear_bhb_loop+0x35/0x90
[ 1880.846027][ T2646]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 1880.851759][ T2646] RIP: 0033:0x7fd8e88c1169
[ 1880.856007][ T2646] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1880.875454][ T2646] RSP: 002b:00007fd8e6f2b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1880.883699][ T2646] RAX: ffffffffffffffda RBX: 00007fd8e8ad9fa0 RCX: 00007fd8e88c1169
[ 1880.891514][ T2646] RDX: 0000000000000040 RSI: 0000200000000280 RDI: 000000000000000d
[ 1880.899337][ T2646] RBP: 00007fd8e6f2b090 R08: 0000000000000000 R09: 0000000000000000
[ 1880.907360][ T2646] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1880.915164][ T2646] R13: 0000000000000000 R14: 00007fd8e8ad9fa0 R15: 00007ffef95f3c18
[ 1880.922992][ T2646]  </TASK>
[ 1880.927216][ T2643] netlink: 8 bytes leftover after parsing attributes in process `syz.2.9987'.
[ 1880.937073][ T2643] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1880.944233][ T2643] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1881.044796][ T2672] loop2: detected capacity change from 0 to 512
[ 1881.046438][ T2676] loop3: detected capacity change from 0 to 512
[ 1881.055935][ T2677] loop8: detected capacity change from 0 to 512
[ 1881.094216][ T2677] EXT4-fs (loop8): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1881.119562][ T2672] EXT4-fs (loop2): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,quota,,errors=continue. Quota mode: writeback.
[ 1881.135569][ T2676] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1881.238191][ T2686] EXT4-fs (loop8): shut down requested (0)
[ 1881.268685][ T2672] EXT4-fs (loop2): re-mounted. Opts: (null). Quota mode: writeback.
[ 1881.283443][ T2672] overlayfs: './file2' not a directory
[ 1881.741816][ T2694] loop1: detected capacity change from 0 to 512
[ 1881.801948][ T2694] EXT4-fs (loop1): 1 orphan inode deleted
[ 1881.807599][ T2694] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1882.878927][T15480] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[ 1883.050826][ T2737] loop1: detected capacity change from 0 to 512
[ 1883.118916][T15480] usb 4-1: Using ep0 maxpacket: 32
[ 1883.201780][ T2737] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1883.249207][T15480] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1883.274480][T15480] usb 4-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1883.312553][T15480] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[ 1883.327041][T15480] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1883.339701][T15480] usb 4-1: config 0 descriptor??
[ 1883.687224][T15480] usbhid 4-1:0.0: couldn't find an input interrupt endpoint
[ 1883.739804][ T2744] loop8: detected capacity change from 0 to 40427
[ 1883.740772][ T2756] loop2: detected capacity change from 0 to 512
[ 1883.757103][ T2744] F2FS-fs (loop8): fault_type options not supported
[ 1883.768395][ T2744] F2FS-fs (loop8): fault_injection options not supported
[ 1883.776596][ T2744] F2FS-fs (loop8): invalid crc value
[ 1883.783121][ T2744] F2FS-fs (loop8): Found nat_bits in checkpoint
[ 1883.817659][ T2744] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e5
[ 1883.963454][   T30] kauditd_printk_skb: 147 callbacks suppressed
[ 1883.963473][   T30] audit: type=1326 audit(1883.994:9910): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2769 comm="syz.8.10027" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd8e88c1169 code=0x7ffc0000
[ 1884.025207][ T2775] loop1: detected capacity change from 0 to 512
[ 1884.031721][   T30] audit: type=1326 audit(1883.994:9911): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2769 comm="syz.8.10027" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd8e88c1169 code=0x7ffc0000
[ 1884.055648][   T30] audit: type=1326 audit(1883.994:9912): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2769 comm="syz.8.10027" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd8e88c1169 code=0x7ffc0000
[ 1884.082236][   T30] audit: type=1326 audit(1883.994:9913): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2769 comm="syz.8.10027" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd8e88c1169 code=0x7ffc0000
[ 1884.107624][   T30] audit: type=1326 audit(1883.994:9914): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2769 comm="syz.8.10027" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd8e88c1169 code=0x7ffc0000
[ 1884.138402][   T30] audit: type=1326 audit(1883.994:9915): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2769 comm="syz.8.10027" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd8e88c1169 code=0x7ffc0000
[ 1884.188374][   T30] audit: type=1326 audit(1883.994:9916): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2769 comm="syz.8.10027" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd8e88c1169 code=0x7ffc0000
[ 1884.213110][   T30] audit: type=1326 audit(1883.994:9917): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2769 comm="syz.8.10027" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd8e88c1169 code=0x7ffc0000
[ 1884.241303][ T2775] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1884.268971][   T30] audit: type=1326 audit(1883.994:9918): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2769 comm="syz.8.10027" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd8e88c1169 code=0x7ffc0000
[ 1884.292314][   T30] audit: type=1326 audit(1883.994:9919): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2769 comm="syz.8.10027" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd8e88c1169 code=0x7ffc0000
[ 1884.954646][ T2819] loop2: detected capacity change from 0 to 512
[ 1885.038794][ T2819] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1885.127240][ T2831] EXT4-fs (loop2): shut down requested (0)
[ 1885.254936][ T2833] loop8: detected capacity change from 0 to 512
[ 1885.335150][ T2833] EXT4-fs (loop8): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1885.413095][T15480] usb 4-1: USB disconnect, device number 10
[ 1885.430184][ T2839] EXT4-fs (loop8): shut down requested (0)
[ 1885.451033][ T2837] x_tables: duplicate underflow at hook 1
[ 1885.585133][ T2851] loop1: detected capacity change from 0 to 512
[ 1885.662629][ T2851] EXT4-fs (loop1): 1 orphan inode deleted
[ 1885.668407][ T2851] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1885.762639][ T2861] loop1: detected capacity change from 0 to 512
[ 1885.851725][ T2861] EXT4-fs (loop1): 1 orphan inode deleted
[ 1885.859104][ T2861] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1885.990855][ T2864] loop2: detected capacity change from 0 to 40427
[ 1886.010949][ T2864] F2FS-fs (loop2): fault_type options not supported
[ 1886.021004][ T2864] F2FS-fs (loop2): fault_injection options not supported
[ 1886.029835][ T2864] F2FS-fs (loop2): invalid crc value
[ 1886.042618][ T2864] F2FS-fs (loop2): Found nat_bits in checkpoint
[ 1886.108976][ T2864] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[ 1886.487694][ T2890] loop2: detected capacity change from 0 to 16
[ 1886.571731][ T2890] erofs: (device loop2): mounted with root inode @ nid 36.
[ 1886.803243][ T2897] loop3: detected capacity change from 0 to 512
[ 1886.825719][ T2899] netlink: 148 bytes leftover after parsing attributes in process `syz.0.10073'.
[ 1886.835839][ T2899] A link change request failed with some changes committed already. Interface ip6tnl0 may have been left with an inconsistent configuration, please check.
[ 1886.855834][ T2901] loop8: detected capacity change from 0 to 512
[ 1886.870950][ T2897] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1886.905727][ T2905] netlink: 148 bytes leftover after parsing attributes in process `syz.0.10075'.
[ 1886.915369][ T2905] A link change request failed with some changes committed already. Interface ip6tnl0 may have been left with an inconsistent configuration, please check.
[ 1886.933014][ T2901] EXT4-fs (loop8): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1886.983635][ T2908] EXT4-fs (loop3): shut down requested (0)
[ 1887.466625][ T2922] loop2: detected capacity change from 0 to 512
[ 1887.531593][ T2917] loop1: detected capacity change from 0 to 40427
[ 1887.541240][ T2922] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1887.611361][ T2917] F2FS-fs (loop1): fault_type options not supported
[ 1887.619291][ T2917] F2FS-fs (loop1): fault_injection options not supported
[ 1887.627585][ T2917] F2FS-fs (loop1): invalid crc value
[ 1887.639783][ T2917] F2FS-fs (loop1): Found nat_bits in checkpoint
[ 1887.680182][ T2917] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[ 1887.752384][ T2936] loop3: detected capacity change from 0 to 512
[ 1887.792047][ T2936] EXT4-fs (loop3): 1 orphan inode deleted
[ 1887.797629][ T2936] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1887.911233][ T2949] loop3: detected capacity change from 0 to 512
[ 1887.961954][ T2949] EXT4-fs (loop3): 1 orphan inode deleted
[ 1887.967569][ T2949] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1888.216023][ T2958] loop3: detected capacity change from 0 to 16
[ 1888.262757][ T2958] erofs: (device loop3): mounted with root inode @ nid 36.
[ 1888.546849][ T2960] loop2: detected capacity change from 0 to 512
[ 1888.612776][ T2960] EXT4-fs (loop2): 1 orphan inode deleted
[ 1888.618402][ T2960] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1889.104149][ T2981] netlink: 148 bytes leftover after parsing attributes in process `syz.1.10100'.
[ 1889.116667][ T2981] A link change request failed with some changes committed already. Interface ip6tnl0 may have been left with an inconsistent configuration, please check.
[ 1889.153731][ T2987] loop2: detected capacity change from 0 to 2048
[ 1889.212454][ T2987] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[ 1889.238191][ T2997] netlink: 148 bytes leftover after parsing attributes in process `syz.3.10106'.
[ 1889.247978][ T2997] A link change request failed with some changes committed already. Interface ip6tnl0 may have been left with an inconsistent configuration, please check.
[ 1889.493284][ T3006] loop3: detected capacity change from 0 to 512
[ 1889.508268][   T30] kauditd_printk_skb: 270 callbacks suppressed
[ 1889.508286][   T30] audit: type=1326 audit(1889.534:10190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3007 comm="syz.0.10110" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87c7052169 code=0x7ffc0000
[ 1889.538781][   T30] audit: type=1326 audit(1889.534:10191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3007 comm="syz.0.10110" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f87c7052169 code=0x7ffc0000
[ 1889.565648][   T30] audit: type=1326 audit(1889.534:10192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3007 comm="syz.0.10110" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87c7052169 code=0x7ffc0000
[ 1889.590081][   T30] audit: type=1326 audit(1889.534:10193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3007 comm="syz.0.10110" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f87c7052169 code=0x7ffc0000
[ 1889.614097][   T30] audit: type=1326 audit(1889.564:10194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3007 comm="syz.0.10110" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87c7052169 code=0x7ffc0000
[ 1889.636883][ T3006] EXT4-fs (loop3): 1 orphan inode deleted
[ 1889.637822][   T30] audit: type=1326 audit(1889.564:10195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3007 comm="syz.0.10110" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f87c7052169 code=0x7ffc0000
[ 1889.665881][ T3006] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1889.713938][   T30] audit: type=1326 audit(1889.564:10196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3007 comm="syz.0.10110" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87c7052169 code=0x7ffc0000
[ 1889.737241][   T30] audit: type=1326 audit(1889.564:10197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3007 comm="syz.0.10110" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f87c7052169 code=0x7ffc0000
[ 1889.760741][   T30] audit: type=1326 audit(1889.564:10198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3007 comm="syz.0.10110" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87c7052169 code=0x7ffc0000
[ 1889.784619][   T30] audit: type=1326 audit(1889.564:10199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3007 comm="syz.0.10110" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f87c7052169 code=0x7ffc0000
[ 1890.005357][ T3027] netlink: 148 bytes leftover after parsing attributes in process `syz.8.10118'.
[ 1890.014384][ T3027] A link change request failed with some changes committed already. Interface ip6tnl0 may have been left with an inconsistent configuration, please check.
[ 1890.063698][ T3031] loop3: detected capacity change from 0 to 512
[ 1890.097152][ T3038] loop1: detected capacity change from 0 to 512
[ 1890.110907][ T3031] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1890.143887][ T3044] loop8: detected capacity change from 0 to 512
[ 1890.160011][ T3046] loop2: detected capacity change from 0 to 512
[ 1890.195296][ T3038] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1891.776286][ T3046] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1891.777499][ T3044] EXT4-fs (loop8): 1 orphan inode deleted
[ 1891.793212][ T3044] EXT4-fs (loop8): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1892.000273][ T3064] loop3: detected capacity change from 0 to 512
[ 1892.296703][ T3066] syz.8.10126[3066] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1892.296777][ T3066] syz.8.10126[3066] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1892.341933][ T3064] EXT4-fs (loop3): 1 orphan inode deleted
[ 1892.358952][ T3064] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1892.518532][ T3081] netlink: 148 bytes leftover after parsing attributes in process `syz.8.10133'.
[ 1892.527822][ T3081] A link change request failed with some changes committed already. Interface ip6tnl0 may have been left with an inconsistent configuration, please check.
[ 1892.559075][T25750] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[ 1892.565766][ T3086] loop2: detected capacity change from 0 to 512
[ 1892.602862][ T3091] netlink: 8 bytes leftover after parsing attributes in process `syz.8.10136'.
[ 1892.701416][ T3086] EXT4-fs (loop2): 1 orphan inode deleted
[ 1892.709271][ T3086] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1892.732125][ T3096] FAULT_INJECTION: forcing a failure.
[ 1892.732125][ T3096] name failslab, interval 1, probability 0, space 0, times 0
[ 1892.753253][ T3096] CPU: 0 PID: 3096 Comm: syz.0.10137 Not tainted 5.15.178-syzkaller-00034-g5e1b899f19c3 #0
[ 1892.763074][ T3096] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 1892.773185][ T3096] Call Trace:
[ 1892.776309][ T3096]  <TASK>
[ 1892.779083][ T3096]  dump_stack_lvl+0x151/0x1c0
[ 1892.783694][ T3096]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 1892.789161][ T3096]  dump_stack+0x15/0x20
[ 1892.793150][ T3096]  should_fail+0x3c6/0x510
[ 1892.797408][ T3096]  __should_failslab+0xa4/0xe0
[ 1892.802005][ T3096]  should_failslab+0x9/0x20
[ 1892.806337][ T3096]  slab_pre_alloc_hook+0x37/0xd0
[ 1892.811220][ T3096]  __kmalloc+0x6d/0x2c0
[ 1892.815212][ T3096]  ? kvmalloc_node+0x1f0/0x4d0
[ 1892.819828][ T3096]  kvmalloc_node+0x1f0/0x4d0
[ 1892.824237][ T3096]  ? vm_mmap+0xb0/0xb0
[ 1892.828146][ T3096]  ? __kasan_kmalloc+0x9/0x10
[ 1892.832654][ T3096]  ? kmem_cache_alloc_trace+0x11a/0x270
[ 1892.838042][ T3096]  ? alloc_fdtable+0xaf/0x2a0
[ 1892.842571][ T3096]  alloc_fdtable+0x163/0x2a0
[ 1892.846982][ T3096]  dup_fd+0x882/0xb30
[ 1892.850798][ T3096]  ? lockref_get+0xb4/0x110
[ 1892.855139][ T3096]  ksys_unshare+0x472/0x980
[ 1892.859477][ T3096]  ? fput+0x1a/0x20
[ 1892.863120][ T3096]  ? sighand_ctor+0x60/0x60
[ 1892.867463][ T3096]  ? debug_smp_processor_id+0x17/0x20
[ 1892.872667][ T3096]  ? fpregs_assert_state_consistent+0xb6/0xe0
[ 1892.878568][ T3096]  __x64_sys_unshare+0x38/0x40
[ 1892.883169][ T3096]  x64_sys_call+0x728/0x9a0
[ 1892.887512][ T3096]  do_syscall_64+0x3b/0xb0
[ 1892.891759][ T3096]  ? clear_bhb_loop+0x35/0x90
[ 1892.896275][ T3096]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 1892.902006][ T3096] RIP: 0033:0x7f87c7052169
[ 1892.906260][ T3096] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1892.925871][ T3096] RSP: 002b:00007f87c569b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[ 1892.934120][ T3096] RAX: ffffffffffffffda RBX: 00007f87c726b080 RCX: 00007f87c7052169
[ 1892.941930][ T3096] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000064000600
[ 1892.949741][ T3096] RBP: 00007f87c569b090 R08: 0000000000000000 R09: 0000000000000000
[ 1892.957560][ T3096] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1892.965471][ T3096] R13: 0000000000000000 R14: 00007f87c726b080 R15: 00007ffca0b1dec8
[ 1892.973285][ T3096]  </TASK>
[ 1893.020582][ T3101] loop2: detected capacity change from 0 to 512
[ 1893.041158][ T3101] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1893.119014][T25750] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1893.133914][T25750] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1893.462755][T25750] usb 2-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1893.471672][T25750] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1893.479707][T25750] usb 2-1: SerialNumber: syz
[ 1893.762389][ T3113] loop3: detected capacity change from 0 to 512
[ 1893.771308][ T3112] loop8: detected capacity change from 0 to 512
[ 1893.779717][T25750] usb 2-1: 0:2 : does not exist
[ 1893.786844][T25750] usb 2-1: USB disconnect, device number 12
[ 1893.804232][ T3113] EXT4-fs (loop3): 1 orphan inode deleted
[ 1893.809995][ T3113] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1893.865450][ T3112] EXT4-fs (loop8): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1893.905589][ T3125] netlink: 148 bytes leftover after parsing attributes in process `syz.0.10146'.
[ 1893.914697][ T3125] A link change request failed with some changes committed already. Interface ip6tnl0 may have been left with an inconsistent configuration, please check.
[ 1893.945945][ T3127] loop3: detected capacity change from 0 to 2048
[ 1893.956408][ T3130] EXT4-fs (loop8): shut down requested (0)
[ 1893.979689][ T3127]  loop3: p1 p2 < > p3 < p5 p6 > p4
[ 1893.981202][ T3132] FAULT_INJECTION: forcing a failure.
[ 1893.981202][ T3132] name failslab, interval 1, probability 0, space 0, times 0
[ 1893.987358][ T3127] loop3: partition table partially beyond EOD, 
[ 1893.999399][  T390] udevd[390]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[ 1894.003908][ T3134] loop2: detected capacity change from 0 to 512
[ 1894.005710][ T3127] truncated
[ 1894.021705][ T3132] CPU: 0 PID: 3132 Comm: syz.0.10148 Not tainted 5.15.178-syzkaller-00034-g5e1b899f19c3 #0
[ 1894.040001][ T3132] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 1894.049906][ T3132] Call Trace:
[ 1894.053033][ T3132]  <TASK>
[ 1894.055801][ T3132]  dump_stack_lvl+0x151/0x1c0
[ 1894.060328][ T3132]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 1894.065790][ T3132]  dump_stack+0x15/0x20
[ 1894.069780][ T3132]  should_fail+0x3c6/0x510
[ 1894.074114][ T3132]  __should_failslab+0xa4/0xe0
[ 1894.078715][ T3132]  ? __build_skb+0x2a/0x300
[ 1894.083051][ T3132]  should_failslab+0x9/0x20
[ 1894.087406][ T3132]  slab_pre_alloc_hook+0x37/0xd0
[ 1894.092165][ T3132]  ? __build_skb+0x2a/0x300
[ 1894.096503][ T3132]  kmem_cache_alloc+0x44/0x250
[ 1894.101105][ T3132]  __build_skb+0x2a/0x300
[ 1894.105277][ T3132]  build_skb+0x25/0x1f0
[ 1894.109261][ T3132]  tun_get_user+0x1c7e/0x3aa0
[ 1894.113779][ T3132]  ? __x64_sys_openat+0x1b0/0x290
[ 1894.118635][ T3132]  ? tun_do_read+0x2010/0x2010
[ 1894.123407][ T3132]  ? kstrtouint_from_user+0x20a/0x2a0
[ 1894.128615][ T3132]  ? kstrtol_from_user+0x310/0x310
[ 1894.133566][ T3132]  ? avc_policy_seqno+0x1b/0x70
[ 1894.138250][ T3132]  ? selinux_file_permission+0x2c4/0x570
[ 1894.143721][ T3132]  tun_chr_write_iter+0x1e1/0x2e0
[ 1894.148580][ T3132]  vfs_write+0xd5d/0x1110
[ 1894.152747][ T3132]  ? file_end_write+0x1c0/0x1c0
[ 1894.157432][ T3132]  ? __fdget_pos+0x209/0x3a0
[ 1894.161856][ T3132]  ? ksys_write+0x77/0x2c0
[ 1894.166112][ T3132]  ksys_write+0x199/0x2c0
[ 1894.170363][ T3132]  ? exc_page_fault+0x47a/0x7f0
[ 1894.175059][ T3132]  ? __ia32_sys_read+0x90/0x90
[ 1894.179654][ T3132]  ? debug_smp_processor_id+0x17/0x20
[ 1894.184856][ T3132]  ? fpregs_assert_state_consistent+0xb6/0xe0
[ 1894.190758][ T3132]  __x64_sys_write+0x7b/0x90
[ 1894.195190][ T3132]  x64_sys_call+0x2f/0x9a0
[ 1894.199437][ T3132]  do_syscall_64+0x3b/0xb0
[ 1894.203704][ T3132]  ? clear_bhb_loop+0x35/0x90
[ 1894.208207][ T3132]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 1894.213932][ T3132] RIP: 0033:0x7f87c7050c1f
[ 1894.218188][ T3132] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[ 1894.237633][ T3132] RSP: 002b:00007f87c56bc000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[ 1894.245876][ T3132] RAX: ffffffffffffffda RBX: 00007f87c726afa0 RCX: 00007f87c7050c1f
[ 1894.253686][ T3132] RDX: 000000000000002a RSI: 0000200000000040 RDI: 00000000000000c8
[ 1894.261498][ T3132] RBP: 00007f87c56bc090 R08: 0000000000000000 R09: 0000000000000000
[ 1894.269311][ T3132] R10: 000000000000002a R11: 0000000000000293 R12: 0000000000000001
[ 1894.277119][ T3132] R13: 0000000000000001 R14: 00007f87c726afa0 R15: 00007ffca0b1dec8
[ 1894.284938][ T3132]  </TASK>
[ 1894.288622][ T3127] loop3: p1 size 52992 extends beyond EOD, truncated
[ 1894.296603][ T3127] loop3: p2 start 4278190080 is beyond EOD, truncated
[ 1894.304276][ T3127] loop3: p4 size 8192 extends beyond EOD, truncated
[ 1894.311660][ T3127] loop3: p5 size 52992 extends beyond EOD, truncated
[ 1894.314723][ T3136] netlink: 8 bytes leftover after parsing attributes in process `syz.0.10150'.
[ 1894.318797][ T3127] loop3: p6 size 8192 extends beyond EOD, truncated
[ 1894.352002][ T3134] EXT4-fs (loop2): 1 orphan inode deleted
[ 1894.357729][ T3134] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1894.476320][  T390] udevd[390]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory
[ 1894.477050][  T314] udevd[314]: inotify_add_watch(7, /dev/loop3p5, 10) failed: No such file or directory
[ 1894.487093][  T391] udevd[391]: inotify_add_watch(7, /dev/loop3p3, 10) failed: No such file or directory
[ 1894.496754][  T335] udevd[335]: inotify_add_watch(7, /dev/loop3p6, 10) failed: No such file or directory
[ 1894.521782][ T3686] udevd[3686]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory
[ 1894.549171][ T3686] udevd[3686]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory
[ 1894.560272][  T335] udevd[335]: inotify_add_watch(7, /dev/loop3p6, 10) failed: No such file or directory
[ 1894.560324][  T390] udevd[390]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory
[ 1894.575844][  T314] udevd[314]: inotify_add_watch(7, /dev/loop3p5, 10) failed: No such file or directory
[ 1894.684950][ T3154] loop8: detected capacity change from 0 to 512
[ 1894.742157][ T3154] EXT4-fs (loop8): 1 orphan inode deleted
[ 1894.756656][ T3154] EXT4-fs (loop8): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1894.878900][ T3158] loop2: detected capacity change from 0 to 1024
[ 1894.922422][ T3160] loop8: detected capacity change from 0 to 512
[ 1894.960259][ T3158] EXT4-fs (loop2): INFO: recovery required on readonly filesystem
[ 1894.978458][ T3160] EXT4-fs (loop8): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1895.020375][ T3158] EXT4-fs (loop2): write access will be enabled during recovery
[ 1895.052951][ T3158] EXT4-fs (loop2): barriers disabled
[ 1895.076783][ T3158] JBD2: no valid journal superblock found
[ 1895.099935][ T3158] EXT4-fs (loop2): error loading journal
[ 1895.122543][   T30] kauditd_printk_skb: 26 callbacks suppressed
[ 1895.122560][   T30] audit: type=1326 audit(1895.154:10226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3145 comm="syz.1.10153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc628047169 code=0x7ffc0000
[ 1895.476685][ T3146] netlink: 108 bytes leftover after parsing attributes in process `syz.1.10153'.
[ 1895.491706][ T3173] netlink: 148 bytes leftover after parsing attributes in process `syz.3.10159'.
[ 1895.519105][ T3173] A link change request failed with some changes committed already. Interface ip6tnl0 may have been left with an inconsistent configuration, please check.
[ 1895.681418][   T30] audit: type=1326 audit(1895.494:10227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3145 comm="syz.1.10153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc628047169 code=0x7ffc0000
[ 1895.862877][   T30] audit: type=1326 audit(1895.494:10228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3145 comm="syz.1.10153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=125 compat=0 ip=0x7fc628047169 code=0x7ffc0000
[ 1895.888186][   T30] audit: type=1326 audit(1895.494:10229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3145 comm="syz.1.10153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc628047169 code=0x7ffc0000
[ 1895.935928][   T30] audit: type=1326 audit(1895.494:10230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3145 comm="syz.1.10153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc628047169 code=0x7ffc0000
[ 1895.960159][   T30] audit: type=1326 audit(1895.494:10231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3145 comm="syz.1.10153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fc628047169 code=0x7ffc0000
[ 1896.012553][ T3182] loop8: detected capacity change from 0 to 512
[ 1896.034517][   T30] audit: type=1326 audit(1895.494:10232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3145 comm="syz.1.10153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc628047169 code=0x7ffc0000
[ 1896.068251][   T30] audit: type=1326 audit(1895.494:10233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3145 comm="syz.1.10153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc628047169 code=0x7ffc0000
[ 1896.107931][   T30] audit: type=1326 audit(1895.494:10234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3145 comm="syz.1.10153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7fc628047169 code=0x7ffc0000
[ 1896.119599][ T3182] EXT4-fs (loop8): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1896.131108][   T30] audit: type=1326 audit(1895.494:10235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3145 comm="syz.1.10153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc628047169 code=0x7ffc0000
[ 1896.240230][ T3193] netlink: 8 bytes leftover after parsing attributes in process `syz.3.10166'.
[ 1896.454234][ T3201] loop1: detected capacity change from 0 to 512
[ 1896.500911][ T3201] EXT4-fs (loop1): 1 orphan inode deleted
[ 1896.509182][ T3201] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1896.629709][ T3210] loop1: detected capacity change from 0 to 512
[ 1896.731844][ T3210] EXT4-fs (loop1): 1 orphan inode deleted
[ 1896.740557][ T3210] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1896.755161][ T3217] loop3: detected capacity change from 0 to 512
[ 1896.775099][ T3217] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1896.930357][ T3227] loop8: detected capacity change from 0 to 512
[ 1897.343091][ T3227] EXT4-fs (loop8): 1 orphan inode deleted
[ 1897.376467][ T3227] EXT4-fs (loop8): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1897.813467][ T3245] loop8: detected capacity change from 0 to 512
[ 1897.871036][ T3229] loop1: detected capacity change from 0 to 40427
[ 1897.882637][ T3245] EXT4-fs (loop8): 1 orphan inode deleted
[ 1897.888203][ T3245] EXT4-fs (loop8): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1897.911854][ T3253] overlayfs: failed to resolve './file0': -2
[ 1897.918373][ T3258] FAULT_INJECTION: forcing a failure.
[ 1897.918373][ T3258] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1897.949433][ T3229] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[ 1897.957043][ T3229] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[ 1897.974169][ T3258] CPU: 1 PID: 3258 Comm: syz.3.10184 Not tainted 5.15.178-syzkaller-00034-g5e1b899f19c3 #0
[ 1897.984092][ T3258] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 1897.993989][ T3258] Call Trace:
[ 1897.997112][ T3258]  <TASK>
[ 1897.999890][ T3258]  dump_stack_lvl+0x151/0x1c0
[ 1898.004402][ T3258]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 1898.009874][ T3258]  ? vfs_write+0xd5d/0x1110
[ 1898.014214][ T3258]  ? do_syscall_64+0x3b/0xb0
[ 1898.018822][ T3258]  dump_stack+0x15/0x20
[ 1898.022810][ T3258]  should_fail+0x3c6/0x510
[ 1898.027062][ T3258]  should_fail_usercopy+0x1a/0x20
[ 1898.028700][ T3229] F2FS-fs (loop1): Found nat_bits in checkpoint
[ 1898.031917][ T3258]  _copy_from_iter+0x22f/0xdc0
[ 1898.031950][ T3258]  ? copy_mc_pipe_to_iter+0x760/0x760
[ 1898.031975][ T3258]  ? __check_object_size+0x2ec/0x3d0
[ 1898.032001][ T3258]  file_tty_write+0x54a/0x920
[ 1898.032022][ T3258]  ? n_tty_read+0x1da0/0x1da0
[ 1898.032045][ T3258]  tty_write+0x3f/0x50
[ 1898.032064][ T3258]  vfs_write+0xd5d/0x1110
[ 1898.032086][ T3258]  ? file_end_write+0x1c0/0x1c0
[ 1898.075298][ T3258]  ? __fdget_pos+0x209/0x3a0
[ 1898.079720][ T3258]  ? ksys_write+0x77/0x2c0
[ 1898.083985][ T3258]  ksys_write+0x199/0x2c0
[ 1898.088142][ T3258]  ? __ia32_sys_read+0x90/0x90
[ 1898.092742][ T3258]  ? debug_smp_processor_id+0x17/0x20
[ 1898.098163][ T3258]  ? fpregs_assert_state_consistent+0xb6/0xe0
[ 1898.104090][ T3258]  __x64_sys_write+0x7b/0x90
[ 1898.108495][ T3258]  x64_sys_call+0x2f/0x9a0
[ 1898.112748][ T3258]  do_syscall_64+0x3b/0xb0
[ 1898.117170][ T3258]  ? clear_bhb_loop+0x35/0x90
[ 1898.121686][ T3258]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 1898.127413][ T3258] RIP: 0033:0x7f3b7cd07169
[ 1898.131664][ T3258] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1898.151324][ T3258] RSP: 002b:00007f3b7b371038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1898.159574][ T3258] RAX: ffffffffffffffda RBX: 00007f3b7cf1ffa0 RCX: 00007f3b7cd07169
[ 1898.167406][ T3258] RDX: 0000000000001006 RSI: 0000200000002080 RDI: 0000000000000004
[ 1898.175191][ T3258] RBP: 00007f3b7b371090 R08: 0000000000000000 R09: 0000000000000000
[ 1898.183109][ T3258] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1898.190911][ T3258] R13: 0000000000000000 R14: 00007f3b7cf1ffa0 R15: 00007ffc9a376a38
[ 1898.198730][ T3258]  </TASK>
[ 1898.241227][ T3229] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[ 1898.248160][ T3229] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[ 1898.853070][ T3285] loop1: detected capacity change from 0 to 8192
[ 1900.434590][   T30] kauditd_printk_skb: 101 callbacks suppressed
[ 1900.434844][   T30] audit: type=1400 audit(1899.164:10337): avc:  denied  { watch } for  pid=3284 comm="syz.1.10189" path="/332/file2" dev="loop1" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=dir permissive=1
[ 1900.948771][ T3304] loop1: detected capacity change from 0 to 40427
[ 1901.019840][ T3304] F2FS-fs (loop1): fault_type options not supported
[ 1901.026540][ T3304] F2FS-fs (loop1): fault_injection options not supported
[ 1901.035542][ T3304] F2FS-fs (loop1): invalid crc value
[ 1901.042335][ T3304] F2FS-fs (loop1): Found nat_bits in checkpoint
[ 1901.088440][ T3304] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[ 1901.375681][ T3319] loop1: detected capacity change from 0 to 512
[ 1901.467916][ T3319] EXT4-fs (loop1): 1 orphan inode deleted
[ 1901.474779][ T3319] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1901.519259][ T3314] futex_wake_op: syz.8.10200 tries to shift op by 32; fix this program
[ 1901.699667][   T30] audit: type=1107 audit(1901.734:10338): pid=3330 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg=''
[ 1901.901585][ T3343] loop8: detected capacity change from 0 to 16
[ 1901.951894][ T3343] erofs: (device loop8): mounted with root inode @ nid 36.
[ 1902.094044][   T30] audit: type=1326 audit(1902.124:10339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3337 comm="syz.1.10207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc628047169 code=0x7ffc0000
[ 1902.123368][   T30] audit: type=1326 audit(1902.154:10340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3337 comm="syz.1.10207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc628047169 code=0x7ffc0000
[ 1902.146538][   T30] audit: type=1326 audit(1902.154:10341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3337 comm="syz.1.10207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=84 compat=0 ip=0x7fc628047169 code=0x7ffc0000
[ 1902.169620][   T30] audit: type=1326 audit(1902.154:10342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3337 comm="syz.1.10207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc628047169 code=0x7ffc0000
[ 1902.200734][ T3347] loop2: detected capacity change from 0 to 512
[ 1902.201620][   T30] audit: type=1326 audit(1902.154:10343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3337 comm="syz.1.10207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc628047169 code=0x7ffc0000
[ 1902.230158][   T30] audit: type=1326 audit(1902.154:10344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3337 comm="syz.1.10207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=14 compat=0 ip=0x7fc628047169 code=0x7ffc0000
[ 1902.253315][   T30] audit: type=1326 audit(1902.154:10345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3337 comm="syz.1.10207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc628047169 code=0x7ffc0000
[ 1902.276592][   T30] audit: type=1326 audit(1902.154:10346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3337 comm="syz.1.10207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc628047169 code=0x7ffc0000
[ 1902.317661][ T3347] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1902.679559][ T3353] EXT4-fs (loop2): shut down requested (0)
[ 1902.735276][ T3355] loop3: detected capacity change from 0 to 8192
[ 1902.754171][ T3360] loop8: detected capacity change from 0 to 2048
[ 1902.761951][ T3362] loop1: detected capacity change from 0 to 512
[ 1902.815407][ T3362] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1902.843208][ T3360] EXT4-fs (loop8): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[ 1902.983217][ T3369] attempt to access beyond end of device
[ 1902.983217][ T3369] loop3: rw=0, want=57848, limit=8192
[ 1902.994141][ T3369] Buffer I/O error on dev loop3, logical block 57847, async page read
[ 1903.457852][ T3369] attempt to access beyond end of device
[ 1903.457852][ T3369] loop3: rw=0, want=57848, limit=8192
[ 1903.468739][ T3369] Buffer I/O error on dev loop3, logical block 57847, async page read
[ 1903.483374][ T3369] attempt to access beyond end of device
[ 1903.483374][ T3369] loop3: rw=0, want=57848, limit=8192
[ 1903.494277][ T3369] Buffer I/O error on dev loop3, logical block 57847, async page read
[ 1904.493101][ T1180] EXT4-fs error (device loop8): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[ 1904.639642][ T3385] loop1: detected capacity change from 0 to 512
[ 1904.766214][ T3385] EXT4-fs (loop1): 1 orphan inode deleted
[ 1905.051308][ T3400] loop3: detected capacity change from 0 to 16
[ 1905.100932][ T3385] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1905.119817][ T3400] erofs: (device loop3): mounted with root inode @ nid 36.
[ 1905.613547][   T30] kauditd_printk_skb: 65 callbacks suppressed
[ 1905.613565][   T30] audit: type=1326 audit(1905.644:10412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3407 comm="syz.1.10223" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc628047169 code=0x7ffc0000
[ 1905.677720][ T3414] loop2: detected capacity change from 0 to 512
[ 1905.721065][   T30] audit: type=1400 audit(1905.644:10413): avc:  denied  { map } for  pid=3408 comm="syz.3.10225" path="/dev/net/tun" dev="devtmpfs" ino=148 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tun_tap_device_t tclass=chr_file permissive=1
[ 1905.747858][ T3418] FAULT_INJECTION: forcing a failure.
[ 1905.747858][ T3418] name failslab, interval 1, probability 0, space 0, times 0
[ 1905.765579][ T3420] loop1: detected capacity change from 0 to 512
[ 1905.782251][   T30] audit: type=1400 audit(1905.674:10414): avc:  denied  { mount } for  pid=3388 comm="syz.8.10218" name="/" dev="devpts" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1
[ 1905.806069][ T3414] EXT4-fs (loop2): 1 orphan inode deleted
[ 1905.814365][ T3414] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1905.818914][   T30] audit: type=1326 audit(1905.684:10415): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3407 comm="syz.1.10223" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc628047169 code=0x7ffc0000
[ 1905.845836][ T3418] CPU: 1 PID: 3418 Comm: syz.3.10228 Not tainted 5.15.178-syzkaller-00034-g5e1b899f19c3 #0
[ 1905.848387][   T30] audit: type=1326 audit(1905.684:10416): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3407 comm="syz.1.10223" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc628047169 code=0x7ffc0000
[ 1905.857962][ T3418] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 1905.857976][ T3418] Call Trace:
[ 1905.857983][ T3418]  <TASK>
[ 1905.857992][ T3418]  dump_stack_lvl+0x151/0x1c0
[ 1905.880829][   T30] audit: type=1326 audit(1905.684:10417): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3407 comm="syz.1.10223" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc628047169 code=0x7ffc0000
[ 1905.890973][ T3418]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 1905.894101][   T30] audit: type=1326 audit(1905.684:10418): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3407 comm="syz.1.10223" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc628047169 code=0x7ffc0000
[ 1905.896848][ T3418]  dump_stack+0x15/0x20
[ 1905.901382][   T30] audit: type=1326 audit(1905.684:10419): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3407 comm="syz.1.10223" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc628047169 code=0x7ffc0000
[ 1905.924410][ T3418]  should_fail+0x3c6/0x510
[ 1905.924439][ T3418]  __should_failslab+0xa4/0xe0
[ 1905.924461][ T3418]  ? __alloc_file+0x29/0x2a0
[ 1905.924481][ T3418]  should_failslab+0x9/0x20
[ 1905.924501][ T3418]  slab_pre_alloc_hook+0x37/0xd0
[ 1905.924524][ T3418]  ? __alloc_file+0x29/0x2a0
[ 1905.924544][ T3418]  kmem_cache_alloc+0x44/0x250
[ 1905.924566][ T3418]  __alloc_file+0x29/0x2a0
[ 1905.930224][   T30] audit: type=1326 audit(1905.684:10420): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3407 comm="syz.1.10223" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc628047169 code=0x7ffc0000
[ 1905.953175][ T3418]  alloc_empty_file+0x95/0x180
[ 1905.953204][ T3418]  path_openat+0xfe/0x2f40
[ 1905.957327][   T30] audit: type=1326 audit(1905.684:10421): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3407 comm="syz.1.10223" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc628047169 code=0x7ffc0000
[ 1905.980887][ T3418]  ? stack_trace_snprint+0xf0/0xf0
[ 1905.980930][ T3418]  ? __kasan_slab_alloc+0xc3/0xe0
[ 1906.080972][ T3418]  ? __kasan_slab_alloc+0xb1/0xe0
[ 1906.085838][ T3418]  ? slab_post_alloc_hook+0x53/0x2c0
[ 1906.090953][ T3418]  ? kmem_cache_alloc+0xf5/0x250
[ 1906.095723][ T3418]  ? getname_flags+0xba/0x520
[ 1906.100235][ T3418]  ? getname+0x19/0x20
[ 1906.104143][ T3418]  ? do_sys_openat2+0xd7/0x820
[ 1906.108748][ T3418]  ? __x64_sys_openat+0x243/0x290
[ 1906.113624][ T3418]  ? x64_sys_call+0x6bf/0x9a0
[ 1906.118117][ T3418]  ? do_syscall_64+0x3b/0xb0
[ 1906.122544][ T3418]  ? entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 1906.128459][ T3418]  ? do_filp_open+0x460/0x460
[ 1906.132966][ T3418]  do_filp_open+0x21c/0x460
[ 1906.137301][ T3418]  ? vfs_tmpfile+0x2c0/0x2c0
[ 1906.141851][ T3418]  do_sys_openat2+0x13f/0x820
[ 1906.146353][ T3418]  ? wait_for_completion_killable_timeout+0x10/0x10
[ 1906.152776][ T3418]  ? __mutex_lock_slowpath+0x10/0x10
[ 1906.157900][ T3418]  ? do_sys_open+0x220/0x220
[ 1906.162322][ T3418]  ? __kasan_check_write+0x14/0x20
[ 1906.167277][ T3418]  ? ksys_write+0x260/0x2c0
[ 1906.171611][ T3418]  __x64_sys_openat+0x243/0x290
[ 1906.176296][ T3418]  ? __ia32_sys_open+0x270/0x270
[ 1906.181070][ T3418]  ? debug_smp_processor_id+0x17/0x20
[ 1906.186276][ T3418]  ? fpregs_assert_state_consistent+0xb6/0xe0
[ 1906.192179][ T3418]  ? exit_to_user_mode_prepare+0x39/0xa0
[ 1906.197646][ T3418]  x64_sys_call+0x6bf/0x9a0
[ 1906.202072][ T3418]  do_syscall_64+0x3b/0xb0
[ 1906.206323][ T3418]  ? clear_bhb_loop+0x35/0x90
[ 1906.210840][ T3418]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 1906.216567][ T3418] RIP: 0033:0x7f3b7cd07169
[ 1906.220822][ T3418] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1906.240389][ T3418] RSP: 002b:00007f3b7b371038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1906.248642][ T3418] RAX: ffffffffffffffda RBX: 00007f3b7cf1ffa0 RCX: 00007f3b7cd07169
[ 1906.256440][ T3418] RDX: 0000000000000002 RSI: 00002000000000c0 RDI: 0000000000000006
[ 1906.264259][ T3418] RBP: 00007f3b7b371090 R08: 0000000000000000 R09: 0000000000000000
[ 1906.272069][ T3418] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1906.279876][ T3418] R13: 0000000000000000 R14: 00007f3b7cf1ffa0 R15: 00007ffc9a376a38
[ 1906.287693][ T3418]  </TASK>
[ 1906.358168][ T3420] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1906.471789][ T3441] EXT4-fs (loop1): shut down requested (0)
[ 1907.054594][ T3450] loop2: detected capacity change from 0 to 512
[ 1907.227653][ T3450] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1907.747734][ T3469] netlink: 8 bytes leftover after parsing attributes in process `syz.8.10243'.
[ 1908.664972][ T3480] loop3: detected capacity change from 0 to 512
[ 1908.754722][ T3486] loop1: detected capacity change from 0 to 512
[ 1908.774261][ T3480] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1908.813532][ T3486] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1908.854251][ T3497] EXT4-fs (loop3): shut down requested (0)
[ 1909.092691][ T3512] loop8: detected capacity change from 0 to 512
[ 1909.171151][ T3512] EXT4-fs (loop8): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1909.442495][ T3517] loop2: detected capacity change from 0 to 512
[ 1909.485550][ T3517] EXT4-fs (loop2): 1 orphan inode deleted
[ 1909.491319][ T3517] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1909.756950][ T3526] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 1909.854347][ T3525] loop2: detected capacity change from 0 to 512
[ 1910.034896][ T3528] loop1: detected capacity change from 0 to 512
[ 1910.238163][ T3525] EXT4-fs (loop2): 1 orphan inode deleted
[ 1910.244469][ T3525] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1910.256724][ T3528] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1910.732527][   T30] kauditd_printk_skb: 160 callbacks suppressed
[ 1910.732546][   T30] audit: type=1107 audit(1910.764:10582): pid=3544 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg=''
[ 1910.742971][ T3549] loop2: detected capacity change from 0 to 512
[ 1910.789331][ T3551] loop3: detected capacity change from 0 to 512
[ 1910.845525][ T3551] EXT4-fs error (device loop3): ext4_do_update_inode:5205: inode #16: comm syz.3.10268: corrupted inode contents
[ 1910.847989][ T3549] EXT4-fs (loop2): 1 orphan inode deleted
[ 1910.866898][ T3551] EXT4-fs error (device loop3): ext4_dirty_inode:6041: inode #16: comm syz.3.10268: mark_inode_dirty error
[ 1910.889429][ T3557] loop1: detected capacity change from 0 to 512
[ 1910.895029][ T3549] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1910.906958][ T3551] EXT4-fs error (device loop3): ext4_do_update_inode:5205: inode #16: comm syz.3.10268: corrupted inode contents
[ 1910.931138][ T3551] EXT4-fs error (device loop3): __ext4_ext_dirty:183: inode #16: comm syz.3.10268: mark_inode_dirty error
[ 1910.960130][ T3551] EXT4-fs error (device loop3): ext4_do_update_inode:5205: inode #16: comm syz.3.10268: corrupted inode contents
[ 1910.976549][ T3557] EXT4-fs (loop1): 1 orphan inode deleted
[ 1910.987597][ T3557] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1911.007420][ T3561] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=3561 comm=syz.0.10270
[ 1911.016178][ T3551] EXT4-fs error (device loop3) in ext4_orphan_del:305: Corrupt filesystem
[ 1911.028460][   T30] audit: type=1326 audit(1911.054:10583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3560 comm="syz.0.10270" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87c7052169 code=0x7ffc0000
[ 1911.069442][ T3551] EXT4-fs error (device loop3): ext4_do_update_inode:5205: inode #16: comm syz.3.10268: corrupted inode contents
[ 1911.108417][   T30] audit: type=1326 audit(1911.064:10584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3560 comm="syz.0.10270" exe="/root/syz-executor" sig=0 arch=c000003e syscall=268 compat=0 ip=0x7f87c7052169 code=0x7ffc0000
[ 1911.142915][ T3565] loop2: detected capacity change from 0 to 512
[ 1911.158057][ T3551] EXT4-fs error (device loop3): ext4_truncate:4303: inode #16: comm syz.3.10268: mark_inode_dirty error
[ 1911.169740][ T3551] EXT4-fs error (device loop3) in ext4_process_orphan:347: Corrupt filesystem
[ 1911.187192][ T3551] EXT4-fs (loop3): 1 truncate cleaned up
[ 1911.193578][ T3551] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1911.198148][   T30] audit: type=1326 audit(1911.064:10585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3560 comm="syz.0.10270" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87c7052169 code=0x7ffc0000
[ 1911.212783][ T3551] EXT4-fs error (device loop3): ext4_empty_dir:3177: inode #12: block 13: comm syz.3.10268: bad entry in directory: inode out of bounds - offset=24, inode=33554445, rec_len=16, size=4096 fake=0
[ 1911.257805][   T30] audit: type=1326 audit(1911.064:10586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3560 comm="syz.0.10270" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f87c7052169 code=0x7ffc0000
[ 1911.283851][   T30] audit: type=1326 audit(1911.084:10587): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3560 comm="syz.0.10270" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87c7052169 code=0x7ffc0000
[ 1911.308467][ T3565] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1911.529108][   T30] audit: type=1326 audit(1911.564:10588): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3573 comm="syz.1.10274" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc628047169 code=0x7ffc0000
[ 1911.552365][T21689] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[ 1911.578366][   T30] audit: type=1326 audit(1911.594:10589): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3573 comm="syz.1.10274" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc628047169 code=0x7ffc0000
[ 1911.603235][   T30] audit: type=1326 audit(1911.594:10590): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3573 comm="syz.1.10274" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc628047169 code=0x7ffc0000
[ 1911.627020][   T30] audit: type=1326 audit(1911.594:10591): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3573 comm="syz.1.10274" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc628047169 code=0x7ffc0000
[ 1912.021232][T21689] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1912.065013][T21689] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1912.269290][T21689] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1912.297246][ T3585] loop2: detected capacity change from 0 to 512
[ 1912.309173][T21689] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1912.415590][T21689] usb 4-1: SerialNumber: syz
[ 1912.487390][ T3585] EXT4-fs (loop2): 1 orphan inode deleted
[ 1912.504438][ T3585] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1912.517017][ T3589] loop1: detected capacity change from 0 to 512
[ 1912.584704][ T3589] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1912.698497][ T3600] loop1: detected capacity change from 0 to 512
[ 1912.782416][T21689] usb 4-1: 0:2 : does not exist
[ 1912.787961][T21689] usb 4-1: unit 5: unexpected type 0x0b
[ 1912.797752][T21689] usb 4-1: USB disconnect, device number 11
[ 1912.889009][ T3600] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1912.967140][ T3608] EXT4-fs (loop1): shut down requested (0)
[ 1913.019343][  T390] udevd[390]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[ 1913.297789][ T3618] loop8: detected capacity change from 0 to 512
[ 1913.342593][ T3622] loop3: detected capacity change from 0 to 512
[ 1913.377465][ T3618] EXT4-fs (loop8): 1 orphan inode deleted
[ 1913.393255][ T3622] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1913.398955][ T3618] EXT4-fs (loop8): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1913.533423][ T3633] loop8: detected capacity change from 0 to 512
[ 1913.660951][ T3633] EXT4-fs (loop8): 1 orphan inode deleted
[ 1913.667699][ T3633] EXT4-fs (loop8): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1913.834878][ T3643] loop1: detected capacity change from 0 to 16
[ 1913.881909][ T3643] erofs: (device loop1): mounted with root inode @ nid 36.
[ 1914.684709][ T3656] loop8: detected capacity change from 0 to 512
[ 1914.686222][ T3657] loop2: detected capacity change from 0 to 512
[ 1914.717695][ T3661] loop3: detected capacity change from 0 to 512
[ 1914.753580][ T3661] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1914.760321][ T3656] EXT4-fs (loop8): 1 orphan inode deleted
[ 1914.774172][ T3657] EXT4-fs error (device loop2): ext4_do_update_inode:5205: inode #16: comm syz.2.10299: corrupted inode contents
[ 1914.785757][ T3656] EXT4-fs (loop8): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1914.804125][ T3657] EXT4-fs error (device loop2): ext4_dirty_inode:6041: inode #16: comm syz.2.10299: mark_inode_dirty error
[ 1914.826591][ T3657] EXT4-fs error (device loop2): ext4_do_update_inode:5205: inode #16: comm syz.2.10299: corrupted inode contents
[ 1914.840855][ T3657] EXT4-fs error (device loop2): __ext4_ext_dirty:183: inode #16: comm syz.2.10299: mark_inode_dirty error
[ 1914.852541][ T3657] EXT4-fs error (device loop2): ext4_do_update_inode:5205: inode #16: comm syz.2.10299: corrupted inode contents
[ 1914.864870][ T3671] EXT4-fs (loop3): shut down requested (0)
[ 1914.865232][ T3657] EXT4-fs error (device loop2) in ext4_orphan_del:305: Corrupt filesystem
[ 1914.879292][ T3657] EXT4-fs error (device loop2): ext4_do_update_inode:5205: inode #16: comm syz.2.10299: corrupted inode contents
[ 1914.891445][ T3657] EXT4-fs error (device loop2): ext4_truncate:4303: inode #16: comm syz.2.10299: mark_inode_dirty error
[ 1914.903255][ T3657] EXT4-fs error (device loop2) in ext4_process_orphan:347: Corrupt filesystem
[ 1914.912687][ T3657] EXT4-fs (loop2): 1 truncate cleaned up
[ 1914.926374][ T3657] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1914.956522][ T3657] EXT4-fs error (device loop2): ext4_empty_dir:3177: inode #12: block 13: comm syz.2.10299: bad entry in directory: inode out of bounds - offset=24, inode=33554445, rec_len=16, size=4096 fake=0
[ 1914.964589][ T3677] loop8: detected capacity change from 0 to 512
[ 1914.993535][ T3677] EXT4-fs (loop8): 1 orphan inode deleted
[ 1915.000001][ T3677] EXT4-fs (loop8): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1915.135050][ T3687] loop8: detected capacity change from 0 to 512
[ 1915.231333][ T3687] EXT4-fs (loop8): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1915.310002][  T503] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[ 1915.698947][  T503] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1915.709029][  T503] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1915.791828][  T503] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1915.806288][ T3699] loop3: detected capacity change from 0 to 256
[ 1915.822790][  T503] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1915.852112][  T503] usb 3-1: SerialNumber: syz
[ 1916.891586][  T503] usb 3-1: 0:2 : does not exist
[ 1916.898256][  T503] usb 3-1: unit 5: unexpected type 0x0b
[ 1916.983832][ T3704] loop8: detected capacity change from 0 to 16
[ 1916.991309][ T3704] erofs: (device loop8): mounted with root inode @ nid 36.
[ 1917.108564][  T503] usb 3-1: USB disconnect, device number 11
[ 1917.117244][ T3706] loop1: detected capacity change from 0 to 512
[ 1917.242123][ T3708] netlink: 32 bytes leftover after parsing attributes in process `syz.0.10315'.
[ 1917.350515][ T3706] EXT4-fs (loop1): 1 orphan inode deleted
[ 1917.356226][ T3706] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1917.429412][  T390] udevd[390]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[ 1917.459992][   T30] kauditd_printk_skb: 113 callbacks suppressed
[ 1917.460008][   T30] audit: type=1107 audit(1917.494:10705): pid=3717 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg=''
[ 1917.577085][ T3726] loop1: detected capacity change from 0 to 512
[ 1917.585062][ T3724] loop8: detected capacity change from 0 to 512
[ 1918.079566][ T3733] loop3: detected capacity change from 0 to 16
[ 1918.412676][ T3737] loop2: detected capacity change from 0 to 16
[ 1918.432389][ T3733] erofs: (device loop3): mounted with root inode @ nid 36.
[ 1918.714559][ T3737] erofs: (device loop2): mounted with root inode @ nid 36.
[ 1918.751608][ T3726] EXT4-fs (loop1): 1 orphan inode deleted
[ 1918.760108][ T3726] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1918.772239][ T3724] EXT4-fs (loop8): 1 orphan inode deleted
[ 1918.778257][ T3724] EXT4-fs (loop8): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1918.944709][ T3744] loop1: detected capacity change from 0 to 512
[ 1919.081956][ T3742] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1919.111593][ T3759] loop8: detected capacity change from 0 to 512
[ 1919.117789][ T3742] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1919.126565][ T3742] device bridge_slave_0 entered promiscuous mode
[ 1919.127413][ T3744] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1919.134256][ T3742] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1919.150640][ T3742] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1919.803059][ T3761] loop3: detected capacity change from 0 to 16
[ 1919.892212][ T3742] device bridge_slave_1 entered promiscuous mode
[ 1919.933227][ T3761] erofs: (device loop3): mounted with root inode @ nid 36.
[ 1920.183629][ T3759] EXT4-fs (loop8): 1 orphan inode deleted
[ 1920.190674][ T3759] EXT4-fs (loop8): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1920.354767][   T30] audit: type=1107 audit(1920.384:10706): pid=3768 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg=''
[ 1920.551165][ T3775] netlink: 32 bytes leftover after parsing attributes in process `syz.2.10333'.
[ 1920.650473][ T3784] loop3: detected capacity change from 0 to 512
[ 1920.792882][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 1920.807683][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1920.817454][ T3784] EXT4-fs (loop3): 1 orphan inode deleted
[ 1920.825518][ T3788] loop8: detected capacity change from 0 to 256
[ 1920.826632][ T3784] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1920.895067][ T3793] loop1: detected capacity change from 0 to 16
[ 1921.039668][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 1921.048492][ T3793] erofs: (device loop1): mounted with root inode @ nid 36.
[ 1921.156862][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1921.179297][   T45] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1921.186213][   T45] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1921.222016][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 1921.237995][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1921.256751][   T45] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1921.256822][   T30] audit: type=1400 audit(1921.284:10707): avc:  denied  { getopt } for  pid=3787 comm="syz.8.10337" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[ 1921.263667][   T45] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1921.313931][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 1921.366166][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 1921.377481][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1921.393529][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 1921.403386][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1921.433447][T15707] device bridge_slave_1 left promiscuous mode
[ 1921.440699][T15707] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1921.452126][T15707] device bridge_slave_0 left promiscuous mode
[ 1921.458484][T15707] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1921.472108][ T3798] loop3: detected capacity change from 0 to 16
[ 1921.687614][ T3798] erofs: (device loop3): mounted with root inode @ nid 36.
[ 1921.722817][T15707] device veth1_macvtap left promiscuous mode
[ 1921.728749][T15707] device veth0_vlan left promiscuous mode
[ 1921.848651][ T3810] loop2: detected capacity change from 0 to 512
[ 1921.911138][ T3810] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1921.971128][ T3816] loop1: detected capacity change from 0 to 16
[ 1922.067063][ T3816] erofs: (device loop1): mounted with root inode @ nid 36.
[ 1922.262225][ T3818] EXT4-fs (loop2): shut down requested (0)
[ 1922.471979][ T3824] loop8: detected capacity change from 0 to 512
[ 1922.504531][T15811] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 1922.513060][T15811] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1922.526560][T15811] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 1922.534889][T15811] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1922.545504][ T3742] device veth0_vlan entered promiscuous mode
[ 1922.546141][ T3824] EXT4-fs (loop8): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1922.561623][T15811] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1922.577127][T15811] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1922.588627][ T3828] loop3: detected capacity change from 0 to 512
[ 1922.604969][ T3742] device veth1_macvtap entered promiscuous mode
[ 1922.620060][T15811] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 1922.629252][T15811] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1922.637489][T15811] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 1922.673130][T15811] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 1922.694813][T15811] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1922.695057][ T3828] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1922.704907][T15811] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 1922.840181][T15811] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1922.851969][   T30] audit: type=1326 audit(1922.884:10708): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3833 comm="syz.1.10349" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc628047169 code=0x7ffc0000
[ 1922.937043][ T3838] EXT4-fs (loop3): shut down requested (0)
[ 1923.038922][   T30] audit: type=1326 audit(1922.884:10709): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3833 comm="syz.1.10349" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc628047169 code=0x7ffc0000
[ 1923.204927][   T30] audit: type=1326 audit(1922.884:10710): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3833 comm="syz.1.10349" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc628047169 code=0x7ffc0000
[ 1923.231529][   T30] audit: type=1326 audit(1922.884:10711): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3833 comm="syz.1.10349" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc628047169 code=0x7ffc0000
[ 1923.362681][ T3848] loop2: detected capacity change from 0 to 512
[ 1923.392049][   T30] audit: type=1326 audit(1922.884:10712): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3833 comm="syz.1.10349" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc628047169 code=0x7ffc0000
[ 1923.460805][   T30] audit: type=1326 audit(1922.884:10713): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3833 comm="syz.1.10349" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc628047169 code=0x7ffc0000
[ 1923.486842][   T30] audit: type=1326 audit(1922.884:10714): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3833 comm="syz.1.10349" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc628047169 code=0x7ffc0000
[ 1923.494979][ T3848] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1923.511926][   T30] audit: type=1326 audit(1922.884:10715): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3833 comm="syz.1.10349" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc628047169 code=0x7ffc0000
[ 1923.562167][ T3852] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 1923.601679][   T30] audit: type=1326 audit(1922.884:10716): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3833 comm="syz.1.10349" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc628047169 code=0x7ffc0000
[ 1923.624128][ T3855] loop8: detected capacity change from 0 to 512
[ 1923.627395][   T30] audit: type=1326 audit(1922.884:10717): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3833 comm="syz.1.10349" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc628047169 code=0x7ffc0000
[ 1923.750525][ T3861] loop3: detected capacity change from 0 to 512
[ 1923.760641][ T3855] EXT4-fs (loop8): 1 orphan inode deleted
[ 1923.766308][ T3855] EXT4-fs (loop8): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1923.772876][ T3865] loop2: detected capacity change from 0 to 512
[ 1923.812436][ T3861] EXT4-fs (loop3): 1 orphan inode deleted
[ 1923.815018][ T3865] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1923.818009][ T3861] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1924.257607][ T3885] loop3: detected capacity change from 0 to 512
[ 1924.827258][ T3885] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1924.946238][ T3898] loop2: detected capacity change from 0 to 512
[ 1925.019115][ T3900] EXT4-fs (loop3): shut down requested (0)
[ 1925.061672][ T3898] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1925.126102][ T3908] loop8: detected capacity change from 0 to 512
[ 1925.390096][ T3911] EXT4-fs (loop2): shut down requested (0)
[ 1925.401750][ T3912] loop1: detected capacity change from 0 to 512
[ 1925.427760][ T3908] EXT4-fs (loop8): 1 orphan inode deleted
[ 1925.433664][ T3908] EXT4-fs (loop8): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1925.457537][ T3912] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1925.573012][ T3923] loop3: detected capacity change from 0 to 512
[ 1925.658603][ T3923] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1926.113348][ T3936] loop1: detected capacity change from 0 to 512
[ 1926.132397][ T3936] EXT4-fs (loop1): 1 orphan inode deleted
[ 1926.138027][ T3936] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1926.201611][ T3940] loop1: detected capacity change from 0 to 512
[ 1926.232849][ T3940] EXT4-fs (loop1): 1 orphan inode deleted
[ 1926.238539][ T3940] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1926.268974][T25088] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[ 1926.413871][ T3946] loop8: detected capacity change from 0 to 512
[ 1926.496197][ T3951] loop3: detected capacity change from 0 to 512
[ 1926.509202][T25088] usb 3-1: Using ep0 maxpacket: 32
[ 1926.524756][ T3946] EXT4-fs (loop8): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1926.548821][ T3951] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1926.685268][ T3968] EXT4-fs (loop3): shut down requested (0)
[ 1926.689191][T25088] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1926.704267][T25088] usb 3-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1926.718126][T25088] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[ 1926.730435][T25088] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1926.810740][T25088] usb 3-1: config 0 descriptor??
[ 1926.917491][T25088] usbhid 3-1:0.0: couldn't find an input interrupt endpoint
[ 1927.383113][ T3978] loop1: detected capacity change from 0 to 16
[ 1927.430347][ T3978] erofs: (device loop1): mounted with root inode @ nid 36.
[ 1927.700788][ T3982] loop8: detected capacity change from 0 to 512
[ 1927.827899][ T3982] EXT4-fs (loop8): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1928.348344][   T30] kauditd_printk_skb: 215 callbacks suppressed
[ 1928.348397][   T30] audit: type=1326 audit(1928.374:10933): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3992 comm="syz.8.10393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd8e88c1169 code=0x7ffc0000
[ 1928.390928][ T3995] loop1: detected capacity change from 0 to 512
[ 1928.397765][   T30] audit: type=1326 audit(1928.384:10934): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3992 comm="syz.8.10393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd8e88c1169 code=0x7ffc0000
[ 1928.421391][   T30] audit: type=1326 audit(1928.384:10935): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3992 comm="syz.8.10393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd8e88c1169 code=0x7ffc0000
[ 1928.445323][   T30] audit: type=1326 audit(1928.384:10936): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3992 comm="syz.8.10393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd8e88c1169 code=0x7ffc0000
[ 1928.469501][   T30] audit: type=1326 audit(1928.384:10937): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3992 comm="syz.8.10393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd8e88c1169 code=0x7ffc0000
[ 1928.492941][   T30] audit: type=1326 audit(1928.384:10938): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3992 comm="syz.8.10393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd8e88c1169 code=0x7ffc0000
[ 1928.516419][   T30] audit: type=1326 audit(1928.384:10939): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3992 comm="syz.8.10393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd8e88c1169 code=0x7ffc0000
[ 1928.519635][ T3995] EXT4-fs (loop1): 1 orphan inode deleted
[ 1928.539641][   T30] audit: type=1326 audit(1928.384:10940): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3992 comm="syz.8.10393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd8e88c1169 code=0x7ffc0000
[ 1928.559828][ T3995] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1928.568339][   T30] audit: type=1326 audit(1928.384:10941): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3992 comm="syz.8.10393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd8e88c1169 code=0x7ffc0000
[ 1928.616662][   T30] audit: type=1326 audit(1928.384:10942): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3992 comm="syz.8.10393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd8e88c1169 code=0x7ffc0000
[ 1928.649330][ T3999] loop8: detected capacity change from 0 to 512
[ 1928.720655][ T3999] EXT4-fs (loop8): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1928.745192][ T4012] loop3: detected capacity change from 0 to 512
[ 1928.757697][ T4010] netlink: 32 bytes leftover after parsing attributes in process `syz.0.10400'.
[ 1928.832671][ T4012] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1929.016536][ T2078] usb 3-1: USB disconnect, device number 12
[ 1929.033501][ T4023] loop2: detected capacity change from 0 to 512
[ 1929.051394][ T4025] loop3: detected capacity change from 0 to 512
[ 1929.095831][ T4025] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1929.108023][ T4023] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1929.204228][ T4037] EXT4-fs (loop3): shut down requested (0)
[ 1929.814704][ T4048] loop8: detected capacity change from 0 to 512
[ 1929.912249][ T4048] EXT4-fs (loop8): 1 orphan inode deleted
[ 1929.918058][ T4048] EXT4-fs (loop8): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1929.953378][ T4053] loop3: detected capacity change from 0 to 512
[ 1929.981323][ T4049] loop1: detected capacity change from 0 to 40427
[ 1929.993385][ T4053] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1930.041895][ T4057] netlink: 148 bytes leftover after parsing attributes in process `syz.8.10411'.
[ 1930.051060][ T4057] A link change request failed with some changes committed already. Interface ip6tnl0 may have been left with an inconsistent configuration, please check.
[ 1930.067040][ T4058] EXT4-fs (loop3): shut down requested (0)
[ 1930.074343][ T4049] F2FS-fs (loop1): fault_type options not supported
[ 1930.092124][ T4049] F2FS-fs (loop1): fault_injection options not supported
[ 1930.134025][ T4049] F2FS-fs (loop1): invalid crc value
[ 1930.165951][ T4049] F2FS-fs (loop1): Found nat_bits in checkpoint
[ 1930.175798][ T4064] netlink: 32 bytes leftover after parsing attributes in process `syz.8.10414'.
[ 1930.379841][ T4072] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 1930.523274][ T4049] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[ 1930.770894][ T4078] loop2: detected capacity change from 0 to 512
[ 1930.860857][ T4078] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1930.891859][ T4088] loop8: detected capacity change from 0 to 512
[ 1930.991023][ T4088] EXT4-fs (loop8): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1931.578397][ T4101] loop2: detected capacity change from 0 to 16
[ 1931.604723][ T4101] erofs: (device loop2): mounted with root inode @ nid 36.
[ 1931.808001][ T4109] loop1: detected capacity change from 0 to 512
[ 1931.863626][ T4118] netlink: 20 bytes leftover after parsing attributes in process `syz.3.10429'.
[ 1931.922575][ T4109] EXT4-fs (loop1): 1 orphan inode deleted
[ 1931.933814][ T4109] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1932.547685][ T4142] loop3: detected capacity change from 0 to 512
[ 1932.621107][ T4142] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1932.848428][ T4153] loop2: detected capacity change from 0 to 16
[ 1932.930089][ T4153] erofs: (device loop2): mounted with root inode @ nid 36.
[ 1933.124076][ T4156] netlink: 148 bytes leftover after parsing attributes in process `syz.8.10440'.
[ 1933.139063][ T4156] A link change request failed with some changes committed already. Interface ip6tnl0 may have been left with an inconsistent configuration, please check.
[ 1933.210865][ T4161] loop1: detected capacity change from 0 to 512
[ 1933.278449][ T4172] netlink: 20 bytes leftover after parsing attributes in process `syz.0.10446'.
[ 1933.682427][ T4161] EXT4-fs (loop1): 1 orphan inode deleted
[ 1933.690707][ T4161] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1933.708114][   T30] kauditd_printk_skb: 208 callbacks suppressed
[ 1933.708130][   T30] audit: type=1326 audit(1933.734:11151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4182 comm="syz.2.10448" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13e207e169 code=0x7ffc0000
[ 1933.753673][   T30] audit: type=1326 audit(1933.774:11152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4182 comm="syz.2.10448" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13e207e169 code=0x7ffc0000
[ 1933.777588][   T30] audit: type=1326 audit(1933.774:11153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4182 comm="syz.2.10448" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f13e207e169 code=0x7ffc0000
[ 1933.800829][   T30] audit: type=1326 audit(1933.774:11154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4182 comm="syz.2.10448" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13e207e169 code=0x7ffc0000
[ 1933.824280][   T30] audit: type=1326 audit(1933.774:11155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4182 comm="syz.2.10448" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13e207e169 code=0x7ffc0000
[ 1933.852443][ T4187] loop2: detected capacity change from 0 to 512
[ 1933.858766][   T30] audit: type=1326 audit(1933.774:11156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4182 comm="syz.2.10448" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f13e207e169 code=0x7ffc0000
[ 1933.909192][   T30] audit: type=1326 audit(1933.774:11157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4182 comm="syz.2.10448" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13e207e169 code=0x7ffc0000
[ 1933.933231][   T30] audit: type=1326 audit(1933.774:11158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4182 comm="syz.2.10448" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13e207e169 code=0x7ffc0000
[ 1933.967060][   T30] audit: type=1326 audit(1933.774:11159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4182 comm="syz.2.10448" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f13e207e169 code=0x7ffc0000
[ 1933.999201][   T30] audit: type=1326 audit(1933.774:11160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4182 comm="syz.2.10448" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13e207e169 code=0x7ffc0000
[ 1934.002428][ T4187] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1934.092758][ T4196] loop1: detected capacity change from 0 to 512
[ 1934.214476][ T4207] loop3: detected capacity change from 0 to 512
[ 1934.225016][ T4196] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1934.300411][ T4207] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1934.469481][ T4219] EXT4-fs (loop3): shut down requested (0)
[ 1934.536874][ T4222] netlink: 148 bytes leftover after parsing attributes in process `syz.1.10460'.
[ 1934.546200][ T4222] A link change request failed with some changes committed already. Interface ip6tnl0 may have been left with an inconsistent configuration, please check.
[ 1934.982966][ T4237] loop2: detected capacity change from 0 to 512
[ 1935.019725][ T4241] netlink: 20 bytes leftover after parsing attributes in process `syz.1.10468'.
[ 1935.049235][ T4237] EXT4-fs (loop2): 1 orphan inode deleted
[ 1935.054810][ T4237] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1935.231207][ T4249] loop2: detected capacity change from 0 to 512
[ 1935.251640][ T4252] netlink: 148 bytes leftover after parsing attributes in process `syz.0.10471'.
[ 1935.261111][ T4252] A link change request failed with some changes committed already. Interface ip6tnl0 may have been left with an inconsistent configuration, please check.
[ 1935.281548][ T4249] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1935.617024][ T4268] loop3: detected capacity change from 0 to 512
[ 1935.636162][ T4272] loop8: detected capacity change from 0 to 512
[ 1935.893017][ T4272] EXT4-fs (loop8): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1935.915529][ T4268] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1935.946067][ T4277] loop2: detected capacity change from 0 to 512
[ 1936.095741][ T4277] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1936.166230][ T4286] EXT4-fs (loop2): shut down requested (0)
[ 1936.388005][ T4298] loop1: detected capacity change from 0 to 512
[ 1936.455197][ T4298] ==================================================================
[ 1936.463090][ T4298] BUG: KASAN: use-after-free in __ext4_iget+0x2ee/0x3ef0
[ 1936.470030][ T4298] Read of size 8 at addr ffff88812cddf228 by task syz.1.10482/4298
[ 1936.476929][ T4304] netlink: 148 bytes leftover after parsing attributes in process `syz.3.10484'.
[ 1936.477755][ T4298] 
[ 1936.477763][ T4298] CPU: 0 PID: 4298 Comm: syz.1.10482 Not tainted 5.15.178-syzkaller-00034-g5e1b899f19c3 #0
[ 1936.477788][ T4298] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 1936.486994][ T4304] A link change request failed with some changes committed already. Interface ip6tnl0 may have been left with an inconsistent configuration, please check.
[ 1936.488862][ T4298] Call Trace:
[ 1936.488871][ T4298]  <TASK>
[ 1936.488880][ T4298]  dump_stack_lvl+0x151/0x1c0
[ 1936.488909][ T4298]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 1936.488932][ T4298]  ? panic+0x760/0x760
[ 1936.488951][ T4298]  ? __kasan_check_write+0x14/0x20
[ 1936.488977][ T4298]  print_address_description+0x87/0x3b0
[ 1936.488999][ T4298]  ? __se_sys_mount+0x2c4/0x3b0
[ 1936.489020][ T4298]  ? __x64_sys_mount+0xbf/0xd0
[ 1936.563709][ T4298]  kasan_report+0x179/0x1c0
[ 1936.568042][ T4298]  ? __ext4_iget+0x2ee/0x3ef0
[ 1936.572576][ T4298]  ? __ext4_iget+0x2ee/0x3ef0
[ 1936.577117][ T4298]  __asan_report_load8_noabort+0x14/0x20
[ 1936.582538][ T4298]  __ext4_iget+0x2ee/0x3ef0
[ 1936.586877][ T4298]  ? xas_nomem+0x19a/0x1d0
[ 1936.591226][ T4298]  ? ida_alloc_range+0x9fd/0xa80
[ 1936.596001][ T4298]  ? __kasan_kmalloc+0x9/0x10
[ 1936.600607][ T4298]  ? ext4_get_projid+0x140/0x140
[ 1936.605375][ T4298]  ? __kasan_check_write+0x14/0x20
[ 1936.610322][ T4298]  ? _raw_write_lock+0xa4/0x170
[ 1936.615008][ T4298]  ? __proc_create+0x65a/0xa00
[ 1936.619606][ T4298]  ? ext4_init_orphan_info+0x161/0x1080
[ 1936.624989][ T4298]  ext4_enable_quotas+0x556/0x980
[ 1936.629855][ T4298]  ? ext4_force_commit+0xc0/0xc0
[ 1936.634645][ T4298]  ? proc_create+0x2b0/0x2b0
[ 1936.639050][ T4298]  ? ext4_register_sysfs+0x281/0x2c0
[ 1936.644175][ T4298]  ext4_fill_super+0x8b95/0x96e0
[ 1936.648962][ T4298]  ? ext4_mount+0x40/0x40
[ 1936.653113][ T4298]  ? vscnprintf+0x80/0x80
[ 1936.657286][ T4298]  ? set_blocksize+0x1f0/0x380
[ 1936.661878][ T4298]  ? sb_set_blocksize+0xa8/0xf0
[ 1936.666648][ T4298]  mount_bdev+0x282/0x3b0
[ 1936.670821][ T4298]  ? ext4_mount+0x40/0x40
[ 1936.675429][ T4298]  ext4_mount+0x34/0x40
[ 1936.679412][ T4298]  legacy_get_tree+0xf1/0x190
[ 1936.683924][ T4298]  ? ext4_errno_to_code+0x140/0x140
[ 1936.688957][ T4298]  vfs_get_tree+0x88/0x290
[ 1936.693213][ T4298]  do_new_mount+0x2ba/0xb30
[ 1936.697550][ T4298]  ? do_move_mount_old+0x160/0x160
[ 1936.702508][ T4298]  ? security_capable+0x87/0xb0
[ 1936.707187][ T4298]  ? ns_capable+0x89/0xe0
[ 1936.711354][ T4298]  path_mount+0x671/0x1070
[ 1936.715637][ T4298]  __se_sys_mount+0x2c4/0x3b0
[ 1936.720116][ T4298]  ? exc_page_fault+0x47a/0x7f0
[ 1936.724805][ T4298]  ? __x64_sys_mount+0xd0/0xd0
[ 1936.729404][ T4298]  __x64_sys_mount+0xbf/0xd0
[ 1936.733831][ T4298]  x64_sys_call+0x49d/0x9a0
[ 1936.738172][ T4298]  do_syscall_64+0x3b/0xb0
[ 1936.742423][ T4298]  ? clear_bhb_loop+0x35/0x90
[ 1936.746945][ T4298]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 1936.752668][ T4298] RIP: 0033:0x7fc62804890a
[ 1936.756926][ T4298] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1936.776563][ T4298] RSP: 002b:00007fc6266b0e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1936.784806][ T4298] RAX: ffffffffffffffda RBX: 00007fc6266b0ef0 RCX: 00007fc62804890a
[ 1936.792618][ T4298] RDX: 00002000000004c0 RSI: 0000200000000500 RDI: 00007fc6266b0eb0
[ 1936.800439][ T4298] RBP: 00002000000004c0 R08: 00007fc6266b0ef0 R09: 0000000000008400
[ 1936.808277][ T4298] R10: 0000000000008400 R11: 0000000000000246 R12: 0000200000000500
[ 1936.816054][ T4298] R13: 00007fc6266b0eb0 R14: 00000000000004a6 R15: 0000200000000300
[ 1936.824005][ T4298]  </TASK>
[ 1936.826862][ T4298] 
[ 1936.829032][ T4298] Allocated by task 31551:
[ 1936.833389][ T4298]  __kasan_slab_alloc+0xb1/0xe0
[ 1936.838056][ T4298]  slab_post_alloc_hook+0x53/0x2c0
[ 1936.843125][ T4298]  kmem_cache_alloc+0xf5/0x250
[ 1936.847713][ T4298]  f2fs_alloc_inode+0x26/0x340
[ 1936.852305][ T4298]  iget_locked+0x174/0x860
[ 1936.856572][ T4298]  f2fs_iget+0x55/0x4fe0
[ 1936.860640][ T4298]  f2fs_fill_super+0x6783/0x8190
[ 1936.865427][ T4298]  mount_bdev+0x282/0x3b0
[ 1936.869593][ T4298]  f2fs_mount+0x34/0x40
[ 1936.873569][ T4298]  legacy_get_tree+0xf1/0x190
[ 1936.878086][ T4298]  vfs_get_tree+0x88/0x290
[ 1936.882338][ T4298]  do_new_mount+0x2ba/0xb30
[ 1936.886675][ T4298]  path_mount+0x671/0x1070
[ 1936.890929][ T4298]  __se_sys_mount+0x2c4/0x3b0
[ 1936.895444][ T4298]  __x64_sys_mount+0xbf/0xd0
[ 1936.899865][ T4298]  x64_sys_call+0x49d/0x9a0
[ 1936.904207][ T4298]  do_syscall_64+0x3b/0xb0
[ 1936.908462][ T4298]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 1936.914190][ T4298] 
[ 1936.916379][ T4298] Last potentially related work creation:
[ 1936.921917][ T4298]  kasan_save_stack+0x3b/0x60
[ 1936.926427][ T4298]  __kasan_record_aux_stack+0xd3/0xf0
[ 1936.931633][ T4298]  kasan_record_aux_stack_noalloc+0xb/0x10
[ 1936.937274][ T4298]  call_rcu+0x123/0x10b0
[ 1936.941356][ T4298]  evict+0x87d/0x930
[ 1936.945087][ T4298]  evict_inodes+0x642/0x6d0
[ 1936.949428][ T4298]  generic_shutdown_super+0x97/0x330
[ 1936.954548][ T4298]  kill_block_super+0x7e/0xe0
[ 1936.959063][ T4298]  kill_f2fs_super+0x2f9/0x3c0
[ 1936.963665][ T4298]  deactivate_locked_super+0xad/0x110
[ 1936.968880][ T4298]  deactivate_super+0xbe/0xf0
[ 1936.973471][ T4298]  cleanup_mnt+0x45c/0x510
[ 1936.977723][ T4298]  __cleanup_mnt+0x19/0x20
[ 1936.981976][ T4298]  task_work_run+0x129/0x190
[ 1936.986401][ T4298]  exit_to_user_mode_loop+0xc4/0xe0
[ 1936.991722][ T4298]  exit_to_user_mode_prepare+0x5a/0xa0
[ 1936.996995][ T4298]  syscall_exit_to_user_mode+0x26/0x160
[ 1937.002373][ T4298]  do_syscall_64+0x47/0xb0
[ 1937.006623][ T4298]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 1937.012360][ T4298] 
[ 1937.014527][ T4298] Second to last potentially related work creation:
[ 1937.020956][ T4298]  kasan_save_stack+0x3b/0x60
[ 1937.025556][ T4298]  __kasan_record_aux_stack+0xd3/0xf0
[ 1937.030758][ T4298]  kasan_record_aux_stack_noalloc+0xb/0x10
[ 1937.036397][ T4298]  call_rcu+0x123/0x10b0
[ 1937.040481][ T4298]  evict+0x87d/0x930
[ 1937.044211][ T4298]  evict_inodes+0x642/0x6d0
[ 1937.048553][ T4298]  generic_shutdown_super+0x97/0x330
[ 1937.053668][ T4298]  kill_block_super+0x7e/0xe0
[ 1937.058183][ T4298]  kill_f2fs_super+0x2f9/0x3c0
[ 1937.062784][ T4298]  deactivate_locked_super+0xad/0x110
[ 1937.068018][ T4298]  deactivate_super+0xbe/0xf0
[ 1937.072506][ T4298]  cleanup_mnt+0x45c/0x510
[ 1937.076756][ T4298]  __cleanup_mnt+0x19/0x20
[ 1937.081095][ T4298]  task_work_run+0x129/0x190
[ 1937.085526][ T4298]  exit_to_user_mode_loop+0xc4/0xe0
[ 1937.090560][ T4298]  exit_to_user_mode_prepare+0x5a/0xa0
[ 1937.095853][ T4298]  syscall_exit_to_user_mode+0x26/0x160
[ 1937.101231][ T4298]  do_syscall_64+0x47/0xb0
[ 1937.105485][ T4298]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 1937.111214][ T4298] 
[ 1937.113387][ T4298] The buggy address belongs to the object at ffff88812cdded20
[ 1937.113387][ T4298]  which belongs to the cache f2fs_inode_cache of size 1424
[ 1937.127913][ T4298] The buggy address is located 1288 bytes inside of
[ 1937.127913][ T4298]  1424-byte region [ffff88812cdded20, ffff88812cddf2b0)
[ 1937.141195][ T4298] The buggy address belongs to the page:
[ 1937.146676][ T4298] page:ffffea0004b37600 refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff88812cdde710 pfn:0x12cdd8
[ 1937.158032][ T4298] head:ffffea0004b37600 order:3 compound_mapcount:0 compound_pincount:0
[ 1937.166192][ T4298] flags: 0x4000000000010200(slab|head|zone=1)
[ 1937.172104][ T4298] raw: 4000000000010200 ffffea0004b35e00 0000000300000003 ffff888107fb3b00
[ 1937.180519][ T4298] raw: ffff88812cdde710 000000008015000f 00000001ffffffff 0000000000000000
[ 1937.188932][ T4298] page dumped because: kasan: bad access detected
[ 1937.195314][ T4298] page_owner tracks the page as allocated
[ 1937.200860][ T4298] page last allocated via order 3, migratetype Reclaimable, gfp_mask 0x1d2050(__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL|__GFP_RECLAIMABLE), pid 1202, ts 68290650843, free_ts 0
[ 1937.221423][ T4298]  post_alloc_hook+0x1a3/0x1b0
[ 1937.226024][ T4298]  prep_new_page+0x1b/0x110
[ 1937.230362][ T4298]  get_page_from_freelist+0x3550/0x35d0
[ 1937.235746][ T4298]  __alloc_pages+0x27e/0x8f0
[ 1937.240172][ T4298]  new_slab+0x9a/0x4e0
[ 1937.244076][ T4298]  ___slab_alloc+0x39e/0x830
[ 1937.248502][ T4298]  __slab_alloc+0x4a/0x90
[ 1937.252670][ T4298]  kmem_cache_alloc+0x139/0x250
[ 1937.257353][ T4298]  f2fs_alloc_inode+0x26/0x340
[ 1937.261960][ T4298]  iget_locked+0x174/0x860
[ 1937.266208][ T4298]  f2fs_iget+0x55/0x4fe0
[ 1937.270296][ T4298]  f2fs_fill_super+0x66aa/0x8190
[ 1937.275150][ T4298]  mount_bdev+0x282/0x3b0
[ 1937.279313][ T4298]  f2fs_mount+0x34/0x40
[ 1937.283306][ T4298]  legacy_get_tree+0xf1/0x190
[ 1937.287821][ T4298]  vfs_get_tree+0x88/0x290
[ 1937.292080][ T4298] page_owner free stack trace missing
[ 1937.297283][ T4298] 
[ 1937.299450][ T4298] Memory state around the buggy address:
[ 1937.304922][ T4298]  ffff88812cddf100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1937.312822][ T4298]  ffff88812cddf180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1937.320730][ T4298] >ffff88812cddf200: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1937.328615][ T4298]                                   ^
[ 1937.333827][ T4298]  ffff88812cddf280: fb fb fb fb fb fb fc fc fc fc fc fc fc fc fc fc
[ 1937.341724][ T4298]  ffff88812cddf300: fc fc fc fc fc fc 00 00 00 00 00 00 00 00 00 00
[ 1937.349621][ T4298] ==================================================================
[ 1937.357516][ T4298] Disabling lock debugging due to kernel taint
[ 1937.366673][ T4298] EXT4-fs warning (device loop1): ext4_enable_quotas:6423: Failed to enable quota tracking (type=0, err=-13, ino=3). Please run e2fsck to fix.
[ 1937.394850][ T4298] EXT4-fs (loop1): mount failed
[ 1937.458116][ T4308] netlink: 20 bytes leftover after parsing attributes in process `syz.8.10485'.