last executing test programs:

13m45.325358071s ago: executing program 32 (id=12):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r0 = syz_open_dev$MSR(&(0x7f0000000340), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2})
ioctl$UFFDIO_COPY(r1, 0xc028aa05, &(0x7f0000000180)={&(0x7f00002b9000/0x400000)=nil, &(0x7f00003ab000/0x2000)=nil, 0x400000, 0x2, 0x2})

13m32.482056921s ago: executing program 33 (id=33):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x22042, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_open_dev$evdev(0x0, 0x0, 0x0)
bpf$TOKEN_CREATE(0x24, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/crypto\x00', 0x0, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x8, 0x0, 0x0)
syz_usb_connect(0x6, 0x7a, 0x0, 0x0)
r2 = epoll_create1(0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e23}, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r4, &(0x7f0000000100)={0x20000014})
epoll_wait(r2, &(0x7f0000000140)=[{}], 0x1, 0x410)

13m23.869436289s ago: executing program 34 (id=46):
request_key(0x0, &(0x7f0000001ffb)={'syz', 0x1}, &(0x7f0000001fee)='R\x10rust\xe3c*sgrVex:Dd', 0xfffffffffffffff8)
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = socket$inet6(0xa, 0x1, 0x8010000000000084)
bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e21, 0xc0fe, @empty}, 0x1c)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010600000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff1b000000020000000900010073797a30000001000900038073797a3200000000140000001100014707a082b178795ad1fcc02173fc70f8d69cdbd9d470f56c7ae421"], 0x7c}, 0x1, 0x0, 0x0, 0x25}, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e21, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x14}}}, 0x1c)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000300)={0x0, @in6={{0xa, 0x0, 0x0, @empty}}, 0x0, 0x0, 0x318, 0x1, 0x24}, 0x9c)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000100)={@remote, 0x10, 0x2, 0x2, 0x5, 0xfffd}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[], 0x44}, 0x1, 0x0, 0x0, 0x4004}, 0x4804)
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00')
pread64(r3, &(0x7f0000002180)=""/4101, 0x1005, 0x1)
sendmsg$IPSET_CMD_HEADER(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x40000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x2004004}, 0x40080)
r4 = socket$alg(0x26, 0x5, 0x0)
setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, &(0x7f0000000280)="10797fcd6cd957d2b903c6bf46b4e4125a31d9c4629ff075475e4bd6e43be171", 0x20)

12m44.692040253s ago: executing program 35 (id=134):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r2)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c"], 0x38}}, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
close(r4)
r5 = socket$unix(0x1, 0x1, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket$unix(0x1, 0x1, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r9=>0x0})
sendmsg$nl_route_sched(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000026c0)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r9, {0x0, 0xb}, {0xffff, 0xffff}, {0x0, 0xe}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x100, 0x7, 0x6361, 0x7, 0xfffffdfd, 0x200006}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x20000001}, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r10=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70b923, 0x80000, {0x0, 0x0, 0x0, r10, {}, {0x2, 0xb}, {0xb, 0xb}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_FSC={0x0, 0x2, {0x4, 0x1, 0xfffffffa}}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x2000c061}, 0x4008000)
ioctl$SIOCSIFHWADDR(r4, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})

12m39.061032522s ago: executing program 36 (id=142):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x5, 0x9, 0x1}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1e, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x5}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x94)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r1, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r3)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r4)
socketpair(0x1e, 0x1, 0x0, &(0x7f0000000040)={0x0, 0x0})
ioctl$SIOCSIFHWADDR(r4, 0x8943, &(0x7f0000000100)={'syzkaller0\x00'})
ioctl$SIOCSIFHWADDR(r3, 0x8943, &(0x7f0000002280)={'syzkaller0\x00', @random="110000000002"})

12m13.12378227s ago: executing program 37 (id=158):
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
openat$mixer(0xffffffffffffff9c, 0x0, 0x1c1140, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x8805)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000032680)=""/102392, 0x18ff8)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
r2 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r2, 0x0, 0x0)
bind$inet(r1, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
getgroups(0x0, 0x0)
setgroups(0x40000000000002e6, &(0x7f0000000140)=[0x0])
keyctl$chown(0x4, 0x0, 0xee01, 0x0)
setsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f00000002c0)={{{@in=@dev={0xac, 0x14, 0x14, 0x11}, @in6=@mcast1, 0x0, 0x0, 0x0, 0x0, 0x2}, {0x0, 0xfffffffffffffffc, 0x7f, 0x0, 0x20000000000, 0xffffffffffffffff}, {0x0, 0x400000000}, 0x5, 0x0, 0x1}, {{@in6=@ipv4={'\x00', '\xff\xff', @loopback}, 0x1, 0x6c}, 0x0, @in6=@mcast2, 0x0, 0x0, 0x0, 0xb7}}, 0xe8)

11m16.929129784s ago: executing program 38 (id=216):
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
socket$kcm(0x11, 0x2, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
getpeername$qrtr(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x1000000000, 0x7, 0xfa11, 0xffffffff}, 0x0)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
socket$nl_xfrm(0x10, 0x3, 0x6)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="fc00000019000100000000000000000000000000000000000000000000000000fc01000000000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000b93760000000000000000000000000000000000000000000200000000000000010000000000000044000500ac141400000000000000000000000000000000003c00000000000000000000000000000000000000000000000000000001"], 0xfc}, 0x1, 0x0, 0x0, 0x24008040}, 0x20040000)
sendto$inet6(r2, &(0x7f0000000240)="8a", 0x1, 0x51, &(0x7f0000000080)={0xa, 0x3, 0x1, @local, 0x9}, 0x1c)

11m13.846625636s ago: executing program 39 (id=219):
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000200)={0x8, 0x8a}, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
fcntl$getown(0xffffffffffffffff, 0x9)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r3}, 0x10)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f00000001c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
recvmsg(r4, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x70cb0}], 0xc}, 0x1f00)
sendmsg$tipc(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
syz_clone3(0x0, 0x0)

10m16.113105586s ago: executing program 40 (id=265):
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
mkdir(&(0x7f0000000280)='./file0\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
add_key$user(0x0, &(0x7f0000000040)={'syz', 0x0}, 0x0, 0x0, 0x0)

9m56.426808516s ago: executing program 41 (id=294):
request_key(&(0x7f0000000040)='asymmetric\x00', &(0x7f0000001ffb)={'syz', 0x1}, &(0x7f0000001fee)='R\x10rust\xe3c*sgrVex:Dd', 0xfffffffffffffff8)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
openat$vhost_vsock(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r1 = socket$inet6(0xa, 0x1, 0x8010000000000084)
bind$inet6(r1, &(0x7f00000000c0)={0xa, 0x4e21, 0xc0fe, @empty}, 0x1c)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bind$netlink(0xffffffffffffffff, &(0x7f0000000200)={0x10, 0x0, 0x0, 0x80065c9}, 0xc)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010600000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff1b000000020000000900010073797a30000001000900038073797a3200000000140000001100014707a082b178795ad1fcc02173fc70f8d69cdbd9d470f56c7ae4218d32c5d7fe44d5f02728"], 0x7c}, 0x1, 0x0, 0x0, 0x25}, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f00000000c0)=ANY=[@ANYBLOB])
sendmsg$NFT_BATCH(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={{0x14}, [@NFT_MSG_NEWSET={0x3c, 0x12, 0xa, 0x201, 0x0, 0x0, {0x2}, [@NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_KEY_TYPE={0x8}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0xa}]}], {0x14}}, 0x64}}, 0x0)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x4e21, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x14}}}, 0x1c)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000300)={0x0, @in6={{0xa, 0x0, 0x0, @empty}}, 0x0, 0x0, 0x318, 0x1, 0x24}, 0x9c)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="4400000010000304fcfffeff3d00000000000000", @ANYRES32=0x0, @ANYBLOB="a5fdad8800000000240012000b000100676d6e65766500001400028005000c000100000005000d0001000000"], 0x44}, 0x1, 0x0, 0x0, 0x4004}, 0x4804)
r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00')
pread64(r5, &(0x7f0000002180)=""/4101, 0x1005, 0x1)
sendmsg$IPSET_CMD_HEADER(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x1c, 0xc, 0x6, 0x101, 0x0, 0x0, {0x5, 0x0, 0x9}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x2004004}, 0x40080)
r6 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r6, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(ecb-aes-aesni)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r6, 0x117, 0x1, &(0x7f0000000280)="10797fcd6cd957d2b903c6bf46b4e4125a31d9c4629ff075475e4bd6e43be1712b", 0x21)

9m55.581409792s ago: executing program 42 (id=295):
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
openat$mixer(0xffffffffffffff9c, 0x0, 0x1c1140, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x8805)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000032680)=""/102392, 0x18ff8)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
r2 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r2, 0x0, 0x0)
bind$inet(r1, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
r3 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000380)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe)
getgroups(0x0, 0x0)
setgroups(0x40000000000002e6, &(0x7f0000000140)=[0x0])
keyctl$setperm(0x5, r3, 0x30925)
connect$inet(r1, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
setsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f00000002c0)={{{@in=@dev={0xac, 0x14, 0x14, 0x11}, @in6=@mcast1, 0x0, 0x0, 0x0, 0x0, 0x2}, {0x0, 0xfffffffffffffffc, 0x7f, 0x0, 0x20000000000, 0xffffffffffffffff}, {0x0, 0x400000000}, 0x5, 0x0, 0x1}, {{@in6=@ipv4={'\x00', '\xff\xff', @loopback}, 0x1, 0x6c}, 0x0, @in6=@mcast2, 0x0, 0x0, 0x0, 0xb7}}, 0xe8)
sendmmsg(r1, &(0x7f0000007fc0), 0x800001d, 0x0)

9m33.874669154s ago: executing program 43 (id=313):
socket$inet(0x2, 0x6000000000000001, 0x0)
r0 = openat$iommufd(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r3, 0x7a7, &(0x7f0000000000)=0x10000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r3, 0x7a0, &(0x7f0000000100)={@local})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000180)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r7 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001180)={0x0}, 0x1, 0x0, 0x0, 0x4000800}, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000fe5000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, 0x0}], 0x1, 0x4e, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000000)="0f080fae04a200400f01c426660f3a15e6160fc76bdbf08666350f2170260fed9c000066b9230b00000f32", 0x2b}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r6, 0x4018aee1, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r0, 0x3ba0, &(0x7f0000000000)={0x48, 0x5, 0x0, 0x0, <r8=>0xffffffffffffffff, 0x1})
ioctl$IOMMU_TEST_OP_ACCESS_RW$syz(r0, 0x3ba0, &(0x7f0000000240)={0x48, 0x8, r8, 0x0, 0x7, 0x145975, 0x0, 0x0, 0x10005})
r9 = openat$vmci(0xffffffffffffff9c, 0x0, 0x2, 0x0)
mmap(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x6000005, 0x11, r9, 0xffffe000)
openat$udambuf(0xffffffffffffff9c, &(0x7f0000000040), 0x2)

8m44.731255181s ago: executing program 44 (id=383):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x6, &(0x7f0000000180)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000000)=<r1=>0x0)
ptrace$getregs(0xe, r1, 0x1000, &(0x7f00000006c0)=""/241)
sched_setscheduler(0x0, 0x1, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r3 = epoll_create(0x10000e9)
r4 = openat$udambuf(0xffffffffffffff9c, &(0x7f00000000c0), 0x2)
r5 = memfd_create(&(0x7f0000000880)='y\x105\xfb\xf7\x88\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xcb`\x9b=\xec\x9f\x1d\x9b@$\x8c\bb\x1a\x11x\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\'\xffO,4\xa9am\xde\xb2\xd3\xcbZJoa\xc4\x1acB\xaa\xc1\xfb Q\xd4\xf4\x01\xa52\xe2\x01G\xd4\xbd{\x9f\xa9\x97\x9b@\xdb\x00b\xe1br\xb6\x008\xe3\x10\xff\xc2\x9d\rr\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\xc6\x8a=\x04\xa35\x9b\xf5\x80E\x8f\x1e\xc7W\xda9VsA\xaf\xc6\xcf\xe1\xa1\xb5M\xbc\x91\xb0\xa8\x9eo\xebF(\x9dL\x01vRk\xaacB\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38U\xcb\xfa\xb3j\x92\f\x81\xa0\xa2-g\b\x99\x0e\x8d\x8d\x16\xd9w\\\xf8\xce\xb0j\x9d\'\x93\xef\x1d\xa0H\xd9\xbd\xd9\xaf\x12$\x8d\x16%\x8b\x10\x00'/276, 0x2)
ftruncate(r5, 0xffff)
fcntl$addseals(r5, 0x409, 0x7)
r6 = ioctl$UDMABUF_CREATE(r4, 0x40187542, &(0x7f0000000100)={r5, 0x0, 0x0, 0x1000})
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r6, &(0x7f0000000080)={0x30000009})
r7 = syz_io_uring_setup(0x112, &(0x7f00000003c0)={0x0, 0xfded}, &(0x7f0000000040)=<r8=>0x0, &(0x7f0000000280)=<r9=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r8, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r8, r9, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0x0, {0x2085}})
io_uring_enter(r7, 0x1f85, 0x40110a, 0x4d, 0x0, 0x85)

8m43.203888151s ago: executing program 45 (id=387):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
close(0xffffffffffffffff)
bpf$MAP_GET_NEXT_KEY(0x2, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10)
syz_clone(0x42000000, 0x0, 0x0, 0x0, 0x0, 0x0)

8m43.00900237s ago: executing program 46 (id=388):
r0 = openat$nullb(0xffffffffffffff9c, 0x0, 0x4000000004002, 0x0)
r1 = dup(r0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000007, 0x38011, r1, 0x0)
r2 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl(r2, 0xfffff000, &(0x7f0000000000))

6m38.040050958s ago: executing program 47 (id=737):
socket$inet_tcp(0x2, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
bpf$PROG_BIND_MAP(0xa, &(0x7f00000002c0), 0xc)
sched_setaffinity(0x0, 0x4, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000840)=@abs={0x0, 0x0, 0x4e20}, 0x9)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/10], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r3}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r4 = syz_open_procfs(0x0, &(0x7f0000000000)='smaps\x00')
lseek(r4, 0x2000, 0x0)
syz_mount_image$vfat(&(0x7f0000000240), &(0x7f0000000280)='./file0\x00', 0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="666c7573682c73686f72746e616d653d6c6f7765722c73686f72746e616d653d6d697865642c756e695f786c6174653d302c6e6f6e756d7461696c3d302c6e6f6e756d7461696c3d302c73686f72746e616d653d77696e6e742c00a56dc300a96c9b20f3fabdcb10cad696323259cc0500e5f91620d7b9aed9e1fa74020a4f00b8ff"], 0x1, 0x246, &(0x7f00000002c0)="$eJzs2s9rHGUYB/BnYqUxJd2Iv2hB+qIH9TI0OXkQSZAWxICijVAF6dRMdMm4G3aWwIrYeNGrf4Jn8ehNkIoXL7n4F3jwlkuOPYgj7aZtElbIInFD8/lc9mHf+cIzvMPLc3h3Xvv2s/W1Ol8r+jGVZTG1GFtxJ4u5mIr7tuKVl67/9vx71z94a2l5+cq7KV1duja/kFI6f+nnD7/44YXb/XPv/3j+p7OxPffRzu5Xf24/u31h5+9rn7br1K5Tp9tPRbrZ7faLm1WZVtv1ep7SO1VZ1GVqd+qyd2B9repubAxS0VmdndnolXWdis4grZeD1O+mfm+Qik+KdifleZ5mZ4L/YuX7O00Tu83jNyK7/9/sH9GK7MmUPbWYPXMje24ru7DbNK3JNsoxebD/TdM88V2cu23/T5V9h/p0RPXN5srmyvB3uL60Fu2ooozL0Yq/4u5nsmdYX31z+crldM9cfF3d2svf2lx57GB+PloxNzo/P8yng/mzMbM/vxCteHp0fmFkfjpefnFfPo9W/P5xdKOK1bibfZj/cj6lN95ePpS/eO85AIBHTZ4eGDm/5fm/rQ/zY8yHh+arM3HxzGTfnYh68Pl6UVVlTzFOcWnc1PTkez4FRZNFnIA2jlb8+svrr56ANvaKxcNHwaRPJv4PDzf9qInp420IAAAAAAAAAACAIznme4XZODfLAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA0+mfAAAA//9X7c9V")
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_DELETE(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)=ANY=[@ANYBLOB="500000000202010800000000000000000a0000013c0002800c000280050001005dfbf1142c0001801400030000000000000000000000ffffac141441140004"], 0x50}, 0x1, 0x0, 0x0, 0x4000}, 0x4040080)
r6 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r6, &(0x7f0000000540)={0x2, 0x0, @local}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
inotify_init1(0x800)

6m25.543885144s ago: executing program 5 (id=790):
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000001c0)=0x5)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
chown(&(0x7f0000000040)='./file0\x00', 0x0, 0xffffffffffffffff)
r3 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r3, 0x0, 0x0)
setsockopt$ARPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x60, &(0x7f0000000000)={'filter\x00', 0x104, 0x4, 0x3f0, 0x110, 0x1f8, 0x1f8, 0x308, 0x308, 0x308, 0x4, 0x0, {[{{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@local, @empty, @rand_addr, @rand_addr, 0x8}}}, {{@uncond, 0xc0, 0xe8}, @unspec=@NFQUEUE1={0x28, 'NFQUEUE\x00', 0x1, {0x0, 0x5}}}, {{@arp={@remote, @private, 0x0, 0x0, 0x0, 0x0, {}, {}, 0x0, 0x0, 0x0, 0xfffc, 0x0, 0x0, 'gre0\x00', 'pimreg\x00'}, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@multicast, @mac=@random="8249ca4ee4e7", @initdev={0xac, 0x1e, 0x1, 0x0}, @broadcast, 0x4}}}], {{'\x00', 0xc0, 0xe8}, {0x28, '\x00', 0x2}}}}, 0x440)
syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
madvise(&(0x7f000052f000/0x4000)=nil, 0x4000, 0x15)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f00000006c0)={[{@dioread_nolock}, {@noauto_da_alloc}, {@inlinecrypt}, {@i_version}, {@data_err_ignore}, {@barrier_val={'barrier', 0x3d, 0x9}}, {@data_err_ignore}, {@grpquota}, {@noblock_validity}, {@user_xattr}, {@resuid}, {@quota}]}, 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
pwrite64(r4, &(0x7f00000000c0)='a', 0x200000c1, 0x9000)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0)

6m16.212374446s ago: executing program 1 (id=791):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000750000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000e00000095"], 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000400)='virtio_transport_alloc_pkt\x00', r0}, 0x18)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r1, &(0x7f0000000140)={0x28, 0x0, 0x2711, @my=0x0}, 0x10)

6m11.623667014s ago: executing program 5 (id=797):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000009c0)={0x7, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5, 0x0, 0x0, 0xa}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, 0x0, &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xd5cd7000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r3=>0xffffffffffffffff})
connect$unix(r3, 0x0, 0x0)
recvmmsg(r3, 0x0, 0x0, 0x2, 0x0)
tgkill(0x0, 0x0, 0x21)
tkill(r2, 0x38)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0}, 0x18)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x8, 0x1}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r4, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x18)
getsockopt$bt_BT_RCVMTU(0xffffffffffffffff, 0x112, 0xd, 0x0, &(0x7f00000001c0))
r6 = memfd_create(&(0x7f0000000bc0)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf#2\x99\x1e\xa1`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\f<\x8f\xc1\x99\x89r\xe1?\xbdu\x98\xc3\xf8\xd2Q#\xc6g\xa0\x85\xd6G\x85\x11X\x8d,\x02\xd45\xb8\xca\x97\x9d\xcb\x1e\x80\xd6\xd5>N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec\x8aog\x87BR\x9d\xad\xd4FcB\xda\x95\xc3\xdd\x9d\x8f\x1a\xce\x18\x80\"j\xe1\xba\x1e\x97uX\xccv\xd6\vcz\x92A^\xbc\xceF\xf7\xe5:\xaf\xc5~\xbcJ e\r\x88c\x9d\xb92\xb6i4zq\xb3c\x0f\xb2t\x93\xf2E6b\xfa\xcdJ5\xe3W]`4\xd8D\x05\v\xfc)\xca\xedQ\xd0]Ot\'\xc2tDF\xf9\xa7\xb5(\x83\xa5\x0f\x1d\x1d\x06Dg\x13>\x19\xe85#\aaT\x89=\x104\xd5\x85Q\x96\x91\xea\x172P\xb3:\xadZ\xbc\xbe\x00\xf0\x14\x96\xd9M\xd7\x88QZs\xb2\xe1+$jfQodH\x05/y`~Mx\x02\x00(v\xe6`\x026\xfcgC\xb5\xf0\x13.zb\xc5bj+@\x00\x00\x00\x00\x00\x00\x00.\xd4`=z\xd1n\x8d\x8f\xa5hS\x8e[\xb3\xa3\x87\xb9\xe2_Z\x11\xef\xc2]V\xf3\x03\x94\xb9\xe1\xa68\x8d\\\xe5\xef\xacpM\xf0\xa6\x04\x10\xb7\xc0t\x83\\\xf7\x12k\x9f\x10\xd5Z\x19\xc1\xc1\x80\\o\x97\xce=U\xdd\xaa\x1b\x05\x14\x13\xa6\xbd#\xde\x04\xe6$\xec$3\xf6\x97\xc6\xeaSL\xb7A72M\x88k@\xe5\xa3\n&\x1e\xc84\xa9\xe2\xccM\x906\x95xQ-2p\xd62\'\xec\x0f\x13;I\x95fE_\r\xe7\t!A\x05\xe4\x8f\x9e0\xf8/T\x18\xf7\xa1\x9f\xde1\xd5\x80<\xf5\b\xa9\xec\x85\xaeW\xb3\xd8#)bn \xfb\xf2\x88\xfaR\xff\xdd\x80\x96_\xec5\xf0\x1c\a\x8a\x80\x00@=\r8u+%f:\x1e\x82\xfap\xf6\x89\xea\xba\xe3\xbbM%F\xdb\\\xd1eJJ*\xc67\xca\x03\xa3\xf7(\xbb\xecN\xd4\xe7\xf2:u\x8a\b\xd5\v\xca\xfd\\\xd6\xe3\x05\xb3\x03\xd5\xe0\xd2\xf2{\'\x8b\xdf\xa1\xbe}\xb2\xe4y\xbb\xe6\x1f\x10c\xf5WQ\x82\x04\x01C\x83,\x90\x1a\xfa\x8e\x17\x89\xe2\xedX\x8d\rmq\t\xb5$\xb4\x9b\x92z\xd6/-\x13,\xb5%\x8eM/\x04\xa7\x7f\x1b\x85\xf1\xa4X\x17\xbb\x1cR14\xfb!\b\x10\xe8\xb2\xd41gK\xe4\xea\xe39d\bL\xe5\x1b\xbd[\x9bWD:\r&\xe9\vn^\xcc\x86\xe3\xce1>3{\xaa{\xbd0P\x9f\xa68\xf5\x82\xb8\x9aD\x9c{\xe6\xf8\xcbD\xb5aJ\xb0\x92\x89\xbc\x80\x1ch\x89\xe7\xdd]q,\xec\xc4\xa5\x93\xe5,\x0e,>/\xaf|\xf0\x01V\x7f\xc9?\xba\x16\xe4$+}5dy\xb1\xef\xf1m\xa5\x94d9\xaf\xcfq\x8b=\x026\xef\r\x91\x18\xc5\xb6\xb9fM\x8ayZ\xbcd\xa5\x8a\x88\x98\xc3\xfc`\xa6\xba\x1f\x17\v$\x88g\xb4\xad\b\xc1\xddW\xa6\xc1\xb7\xb0\xa3\x84Q\x13GoU\xe2\xb7\x03\x9c\xd5\x0f\xa8\x0ef\"\x15\x82\xe7\xbd\xf8\xca\x10f\xfe6h\xe9\xc3\xc2\xa0O:\xac~\x1a\xf7\xbeF\xbe\xe5\xf0\x81\xd6&\xc0<Q8\xbeX\xde\xd6 \xef\x0e\xc2.\x9c=1\x15d\xddIv\x0fh\xe6M(D\xad\xeb\xcfX8\xb9\x8d\xbe(\xd3\x16?x\xbd@\x0f\xf5\xdb\xeb\xd7i*\xea\x86JX\xff;\x96\xbb\xa7\xa8u5R\xa2,\xba\xbc\x01\x12\xb3q,\x9d\xf8\xbdb`\xb3\xc6\x0f\xb3\xac\xc7\xa4O@\x81\xfc\x1a4$\x885\x97\xa9|\x99\x86*.\xda\x96RQ\xe5\xb1\xef\xb7\x10\x99\xd4\xa7\b\xcd\xe9\xa5\xf6wR\xc1\xdfH).\a\x9a\xab\x9e&+\xc4#\x90\xc9%\xb9\xd7o\x86\x13\a\xc0\x01w9u6\xdd\x9fJ^o\x1d\xda\x11?\xc1\xf5\xf7\xff\xec\x916\xceQ\xcfU\x035\x96\x8f\xc7\x84\"2\xef\x02\xcf\a+\x8a\xd1\x11\xb5\xa8\x92\f\xb3R\",\xfc!_&pD\xeb5\xc6\xc8\xff2\xee\x14\x83\x14l\x04\x80\xaa7\x80\xf1\x18\xf5\xa5\xd23\xe5\b\x00\xe8\x9c\xd4\xd0\a\x93#\xb9Z\xc0y\x97<\xe5i\xe9\xe4\xb02Cu\xe1d\r\x0e\xc1\xf1\x81^\xa7\xffz)\x19U\xe5\xd4\xf5@O#W\x8a\xbb3c+\n\x97\xa6\xf7\x90$\xd6*\xd0\x1b\x10\xe4HM:XO\x1b\rx\xc7\x12|\x7fN\xc9\xf9i\xe4\xe5-\x9b\xe407\x9d\xe8\xc6\x90\x9f_Jf\x05\r\x1b\x9af\v\xbcv\x83\xf3j\xaf\xd0F91 ^x\x85\x80[\xa3B\n#!\xc2R\xdd\xf4)\xba\x1e\xfb6U\xabc\xda\x9a)\xc3\x9a\x06\xc5\xccP)\xdf.\xa7-\x84\xdf8\xbf\xfc1^}B\xee\xccR/z\x1e\xe8\x1e\x99\x99\n\xf4u\xd4\xbd^L\xb2j\xda\xff\x1d\x10\xc8\xad\xbd_OI\xb1\xe8y\x003\a\x06\x92\x8e\n\x8b\xf3\xd4G\x85\xbd\x1a\x81+3\x99jq\xd1\xacK^\xef\xb6!8\xcd?\x1e\\\x16W2\xbd4$zn\xa9\x7f\x9dE\xaf\x0f\xdb\xe0\xfa\x10\xc3\xb2\xf8\x80\x8c\xec$\xda\xc0\x94y1\t\xc5`\xda\xca\xd1\xab:\x18\x10\x9b\xd0w', 0x0)
write$binfmt_misc(r6, &(0x7f0000000180)="e502", 0x2)
execveat(r6, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)

6m8.935394282s ago: executing program 1 (id=798):
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000180)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r2, &(0x7f0000000440)=ANY=[@ANYBLOB="b0"], 0xb0)
mkdir(&(0x7f0000000300)='./file0\x00', 0xfffffffffffffffe)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x17, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="0b00000005000000000400000900000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r4}, 0x10)
write$FUSE_INIT(r2, &(0x7f00000001c0)={0x50, 0x0, 0x0, {0x7, 0x2b, 0x4, 0x800000, 0x4, 0x400, 0x5, 0x1, 0x0, 0x0, 0x1, 0x74}}, 0x50)
write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])
r5 = open$dir(&(0x7f0000000140)='./file0\x00', 0x500, 0x40)
getdents64(r5, 0x0, 0x0)

6m7.374976005s ago: executing program 1 (id=799):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x109801, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'pimreg\x00', 0x3})
ioctl$TUNSETDEBUG(r0, 0x400454c9, 0xffffffffffffffff)
ioctl$TUNSETLINK(r0, 0x400454cd, 0x200)

6m5.679930311s ago: executing program 1 (id=800):
r0 = syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x0)
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000240)='./file0\x00', 0xc02, &(0x7f0000009b80)=ANY=[@ANYBLOB='iocharset=macromanian,uid=', @ANYRESHEX=0x0, @ANYRES32=0x0], 0x1, 0x1521, &(0x7f0000007640)="$eJzs3AuYjtXaOPD7Xms9Y0zS2ySHYa11P7zJYZkkySFJDkmSJElOCUmTbEmoGHJKGpKQHIbkMITkMDFpnM/nQ0KSNEkSklOy/tcUf7td+9t7f7tv+65v7t91Pdes+13PvZ71vPf7vs/hnZlvuw6t1aR29UZEBP8W/PVHMgDEAsBAALgGAAIAKB9fPj67P7fE5H9vI+zP9VDalZ4Bu5K4/jkb1z9n4/rnbFz/nI3rn7Nx/XM2rn/OxvVnLCfbPL3Qtbzk3IXv/+dkfPz/PySrzNgv15a5vhtAzD+bwvXP2bj+/2cF/8xKXP+cjeufU8Ve6Qmw/wX4/Z8T5Pq7PVz/nI3rz1hOdqXvP1/pBSI5+zm40q8/xhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGM5wxl/mQKAS+0rPS/GGGOMMcYYY4z9eXyuKz0DxhhjjDHGGGOM/c9DECBBQQAxkAtiITfEgQCAqyEvXAMRuBbi4TrIB9dDfigABaEQJEBhKAIaDMQAQQhFoRhE4QYoDjdCCSgJpaA0OCgDiXATlIWboRzcAuXhVqgAt0FFqASVoQrcDlXhDqgGd0J1uAtqQE2oBbXhbqgD90BduBfqwX1QH+6HBvAANIQHoRE8BI3hYWgCj0BTeBSaQXNoAS2h1X8r/wV4EV6CntALkqE39IGXoS/0g/4wAAbCKzAIXoXB8BqkwBAYCq/DMHgDhsObMAJGwih4C0bD2zAGxsI4GA+pMAEmwjswCd6FyTAFpsI0SIPpMAPeg5kwC2bD+zAHPoC5MA/mwwJIhw9hISyCDPgIFsPHkAlLYCksg+WwAlbCKlgNa2AtrIP1sAE2wibYDFtgK2yD7bADdsInsAs+hd2wB/bCZ7APPv8X80//TX43BAQUKFChwhiMwViMxTiMwzyYB/NiXoxgBOMxHvNhPsyP+bEgFsQETMAiWAQNGiQkLIpFMYpRLI7FsQSWwFJYCh06TMRELIs3Yzksh+WxPFbAClgRK2ElrIJVsCpWxWpYDatjdayBNbAW1sK78W7sjXWxLtbDelgf61+6PYWNsBE2xsbYBJtgU2yKzbAZtsAW2ApbYWtsjW2wDbbDdtge22MH7IBJmIQdsSN2wk7YGTtjF+yCXbErdsPu2D3rhVyAL+FL2AtriN7YB/tgX0zJ1R8H4AB8BQfhq/gqvoYpOASH4uv4Or6Bw/EUjsCROApHYVXxNo7BsUhiPKZiKk7EiTgJJ+FknIJTcBqm4XScgTNwJs7CWfg+zsEP8AOch/NwAaZjOi7ERZiBGbgYT2MmLsGluAyX4wpcjqtwNa7CtbgO1+IG3ICbcBNuwS24DbfhDtyBn6ACwE9xD+7BFNyH+3A/7scDeAAP4kHMwiw8hIfwMB7GI3gEj+JRPIbH8QQex5N4Ek/haTyDZ/AcnsPz+FzC140/KbkmBUQ2JZSIETEiVsSKOBEn8og8Iq/IKyIiIuJFvMgn8on8Ir8oKAqKBJEgiogiwggjSIQxACCiIiqKi+KihCghSolSwgknEkWiKCvKinKinCgvbhUVxG2ioqgk2roqooqoKtq5auJOUV1UFzVETVFL1Ba1RR1RR9QVdUU9UU/UF/VFA/GAaCh6Y398SGRXpokYgk3FUGwmmgt58ROstRiObURb0U48IUbiCOwgWrsk8bToKMZgJ/EXMRafFV3EeOwqnhfdRHfRQ7wgXhRtXE/RS0zG3qKPmIZ9RT/RXwwQM7GmeB/n5K4lXhMpYogYKl4XC/ANMVy8KUaIkWKUeEuMFm+LMWKsGCfGi1QxQUwU74hJ4l0xWUwRU8U0kSamixniPTFTzBKzxftijvhAzBXzxHyxQKSLD8VCsUhkiI/EYvGxyBRLxFKxTCwXK8RKsUqsFmvEWrFOrBcbxEaxSWwWW8RWsU1sFzvETvGJ2CU+FbvFHrFXfCb2ic/FfvGFOCC+FAfFVyJLfC0OiW/EYfGtOCK+E0fF9+KYOC5OiB/ESfGjOCVOizPirDgnfhLnxc/igvACJEohpVQykDEyl4yVuWWcvErmkcHFZ/daGS+vk/nk9TK/LCALykIyQRaWRaSWRlpJMpRFZTEZlTfI4vJGWUKWlKVkaelkGZkob5Jl5c2ynLxFlpe3ygryNllRVpKVZRV5u6wq75AQ+XUbNWRNWUvWlnfLZLhH1pX3ynryPllf3i8byAdkQ/mgbCQfko3lw7KJfEQ2lY/KZrK5bCFbylbyMdlaPi7byLaynXxCtpdPyg7yKZkkn5Ydpb/4EnlWdpHPya7yedlNdpc95M/ygvSyp+wloTfIPvJl2Vf2k/3lADlQviIHyVflYPmaTJFD5FD5uhwm35DD5ZtyhBwpR8m35Gj5thwjx8pxcrxMlRPkRPmOnCTflZPlFDlVTpNpcrrsf3Gk2VL+w/x3/iB/8C9b3yQ3yy1yq9wmt8sdcqf8RO6Su+RuuVvulXvlPrlP7pf75QF5QB6UB2WWzJKH5CF5WB6WR+QReVQelcfkcXlW/iBPyh/lKXlanpZn5Tl5Tp6/+ByAQiWUVEoFKkblUrEqt4pTV6k86mqVV12jIupaFa+uU/nU9Sq/KqAKqkIqQRVWRZRWRllFKlRFVTEVVTfgxReMKqVKK6fKqER107+Sr4qrG1UJVfI3+Zfml/x35tdKtVKtVWvVRrVR7VQ71V61Vx1UB5WkklRH1VF1Up1UZ9VZdVFdVFfVVXVT3VQP1UO9qF5UPVVPlaySVR/1suqr+qn+aoAaqF5Rg9QgNVgNVikqRQ1VQ9UwNUwNV8PVCDVCjVKj1Gg1Wo1RY9Q4NU6lqlQ1UU1Uk9QkNVlNVlPVVJWm0tQMNUPNVDPVbDVbzVFz1Fw1V81X81W6SlcL1UKVoTLUYrVYZaolaolappapFWqFWqVWqTVqjVqn1qkNaoPKVJvVZrVVbVXb1Xa1U+1Uu9QutVvtVnvVXrVP7VP71X51QB1QB9VBlaWy1CF1SB1Wh9URdUQdVUfVMXVMnVAn1El1Up1Sp9QZdUadU+fUeXVeXVAXsk/7AhGIQAXZR9qYIDaIDeKCuCBPkCfIG+QNIkEkiA/ig3zB9UH+oEBQMCgUJASFgyKBDkxgA3Gx6NHghqB4cGNQIigZlApKBy4oEyQGNwVlg5uDcsEtQfng1qBCcFtQMagUVA6qBLcHVYM7gmrBnUH14K6gRlAzqBXUDu4O6gT3BHWDe4N6wX1B/eD+oEHwQNAweDBoFDwUNA4eDpoEjwRNg0eDZkHzoEXQMmj1p47v/akCj7ueupdO1r11H/2y7qv76f56gB6oX9GD9Kt6sH5Np+gheqh+XQ/Tb+jh+k09Qo/Uo/RberR+W4/RY/U4PV6n6gl6on5HT9Lv6sl6ip6qp+k0PV3P0O/pmXqWnq3f13P0B3qunqfn6wU6XX+oF+pFOkN/pBfrj3WmXqKX6mV6uV6hV+pVerVeo9fqdXq93qA36k16s96it+pterveoXfqT/Qu/anerffovfozvU9/rvfrL/QB/aU+qL/SWfprfUh/ow/rb/UR/Z0+qr/Xx/RxfUL/oE/qH/UpfVqf0Wf1Of2TPq9/1he0zz65zz68G2WUiTExJtbEmjgTZ/KYPCavyWsiJmLiTbzJZ/KZ/Ca/KWgKmgSTYIqYIiYbGTJFTVETNVFT3BQ3JUwJU8qUMs44k2gSTVlT1pQz5Ux5U95UMBVMRVPRVDaVze3mdnOHucPcae40d5m7TE1T09Q2tU0dU8fUNXVNPVPP1Df1TQPTwDQ0DU0j08g0No1NE9PENDVNTTPTzLQwLUwr08q0Nq1NG9PGtDPtTHvT3nQwHUySSTIdTUfTyXQynU1n08V0MV1NV9PNdDM9zKUvQ3uaZJNs+pg+pq/pa/qb/magGWgGmUFmsBlsUkyKGWqGmmFmmBluhpsRZqQZlZ1q3jZjzFgzzow3qSbVTDQTzSQzyUw2k81UM9WkmTQzw8wwM81MM9vMNnPMHDPXzDXzzXyTbtLNQrPQZJgMs9gsNpkm0yw1S81ys9ysNCvNarParDVrzXpYbzaajWaz2Wy2mq1mu9ludpqdZpfZZXab3Wav2Wv2mX1mv9lvDpgD5qA5aLJMljlkDpnD5rA5Yo6Yo+aoOWaOmRPmhDlpTppT5pQ5Y86Yc6bAxeOlN7E2t42zV9k89mqb115j/zYuaAvZBFvYFrHa5rcFfhMba20JW9KWsqWts2Vsor3pd3FFW8lWtlXs7baqvcNW+11cx95j69p7bT17n61t7/5NXN/ebxvYR2xDRADb3Da2LW0T+4htah+1zWxz28K2tO3tk7aDfcom2adtR/vM7+KFdpFdbdfYtXad3W332DP2rD1sv7Xn7E+2p+1lB9pX7CD7qh1sX7Mpdsjv4lH2LTvavm3H2LF2nB3/u3iqnWbT7HQ7w75nZ9pZv4vT7Yd2js2wc+08O98u+CXOnlOG/cguth/bTBvAUrvMLrcr7Eq76v/PdZndYDfaTXaX/dRutdvsdrvD7rx0Imz32L32M7vPfm4P2W/sAfulPWiP2Cz79S9x9v4dsd/Zo/Z7e8wetyfsD/ak/VFdys7e9x/sz/aC9RYICUiSooBiKBfFUm6Ko6soD11NeekaitC1FE/XUT66nvJTASpIhSiBClMR0mTIElFIRakYRekGujS9UlSaHJWhRLqJytLNVI5uofJ0K1Wg26giVaLKVIVup6p0B1WjO6k63UU1qCbVotp0N9Whe6gu3Uv14D6qT/dTA3qAGtKD1Igeosb0MDWhR6gpPUrNqDm1oJbUih6j1vQ4taG21I6eoPb0JHWgpyiJnqaO9Ax1or9QZ3qWutBz1JWep27UnXrQC/QivUQ9qRclU2/qQy9TX+pH/WkADaRXaBC9SoPpNUqhITSUXqdh9AYNpzdpBI2kUfQWjaa3aQyNpXE0nlJpAk2kd2gSvUuTaQpNpWmURtNpBr1HM2kWzab3aQ59QHNpHs2nBZROH9JCWkQZ9BEtpo8pk5bQUlpGy2kFraRVtJrW0FpaR+tpA22kTbSZttBW2kbbaQftpE9oF31Ku2kP7aXPaB99TvvpCzpAX9JB+oqy6Gs6RN/QYfqWjtB3vhd9T8foOJ2gH+gk/Uin6DSdobN0jn6i8/QzXSBPEGIoQhmqMAhjwlxhbJg7jAuvCvOEV4d5w2vCSHhtGB9eF+YLrw/zhwXCgmGhMCEsHBYJdWhCG1IYhkXDYmE0vCEsHt4YlghLhqXC0qELy4SJ4U1h2fDmsFx4S1g+vDWsEN4WVgwrhY/cVyW8Pawa3hFWC+8Mq4d3hTXCmmGtsHZ4d1gnvCesG94b1gvvC8uF94cNwgfChuGDYaPwobBx+HDYJHwkbBo+GjYLm4ctwpZhq/CxsHX4eNgmbBu2C58I24dPhh3Cp8Kk8OmwY/jML/33L/r7/clh77BP+HL4cuj9vXJ+dEE0PfphdGF0UTQj+lF0cfTjaGZ0SXRpdFl0eXRFdGV0VXR1dE10bXRddH10Q3RjdFPU+9q5wKETTjrlAhfjcrlYl9vFuatcHne1y+uucRF3rYt317l87nqX3xVwBV0hl+AKuyJOO+OsIxe6oq6Yi7obXHF3oyvhSrpSrrRzroxLdC1dK9fKtXaPuzaurWvnnnBPuCfdk+4p95R72nV0z7hO7i+us3vWdXHPuefc866b6+56uBfci25C3l/fk8muj+vj+rq+rr/r7wa6gW6QG+QGu8EuxaW4oW6oG+aGueFuuBvhRrhRbpQb7Ua7MW6MG+fGuVSX6ia6iW6Sm+Qmu8luqpvq0lyam+FmuJlupqs669etzHVz3Xw336W7dLfQZZ8zZrjFbrHLdJluqVvqlrvlbqVb6Va71W6tW+vWu/Vuo9voNrvNbqvb6ra77W6n2+l2uV1ut7/m10HdPrff7XcH3AF30H3lstzX7pD7xh1237oj7jt31H3vjrnj7oT7wZ10P7pT7rQ74866c+4nd9797C4471IjEyITI+9EJkXejUyOTIlMjUyLpEWmR2ZE3ovMjMyKzI68H5kT+SAyNzIvMj+yIJIe+TCyMLIokhH5KLI48nEkM7IksjSyLLI8siLifeGtoS/qi/mov8EX9zf6Er6kL+VLe+fL+ER/ky/rb/bl/C2+vL/VV/C3+Yq+kq/sH/XNfHPfwrf0rfxjvrV/3LfxbX07/4Rv75/0HfxTPsk/7Tv6Z3wn/xff2T/ru/jnfFf/vO/mu/se/gX/on/J9/S9fLLv7fv4l31f38/39wP8QP+KH+Rf9YP9az7FD/FD/et+mH/DD/dv+hF+pB8V85YffekSGcb7VD/BT/Tv+En+XbjTT/FT/TSf5qf7Gf49P9PP8rP9+36O/8DP9fP8fL/Ap/sP/UK/yGf4j/xi/7HP9Esu3VT2K/0qv9qv8Wv9Or/eb/Ab/Sa/2W/xW/02v93v8Dv9J36X/9Tv9nv8Xv+Z3+c/9/v9F/6A/9If9F/5LP+1P+S/8Yf9t/6I/84f9d/7Y/64P+F/8Cf9j/6UP+3P+LP+nP/Jn/c/+wv8N2uMMcYYY/+UCZeb4rc9v97O7/0HOeKvVu4DAFdvK5T11/3ZZ5Tr8//a7icS2kcA4OleXR+6tNSokZycfHHdTAlBsXkAl74JyhYDl+Ml0A6ehCRoC2X/cP79RPdz9A/Gj94KEPdXObFwOb48/hcAmPwH4z/2xKiFFcIz8f/F+PMAShS7nJMbLsdLoN0v91faQrm/M/8Crf/B/HN/mQrQ5q9y8sDl+PL8E+FxeAaSfrMmY4wxxhhjjDH2q36icudL15+XfuPzj67PE9TlnFxwOf5H1+eMMcYYY4wxxhi78p7t3uOpx5KS2nb+1xvV/ltZ/3SjKfxPjcyNP2x4D3DpEQUA/+aAANkN+Z/ciy3/kW2lXHzr/G3X8rM+gP8dpfwzGlf4g4kxxhhjjDH2p7t80v/bx9WVmhBjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMZYD/Sf+ndiV3kfGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGPsSvt/AQAA//8aUv8e")
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x101000, 0x108)
syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000200)='./file0\x00', 0x800, &(0x7f0000000340)=ANY=[@ANYRES32=0x0, @ANYRESOCT, @ANYRES64, @ANYRES16], 0x1, 0x36e, &(0x7f0000000c00)="$eJzs3c9rI2UYwPEnaZpMumyTgygK0ge96GVoq2c1yC6IAZfuRtwVhNntREPGpMyESERsPXkVb/4DgsseFzwsqP9AL97WixdP9iIIuog4Mr/SJJ00aTZL0/b7gTZP8r7PzPvmF88byJuD9776uFn3zLrVkayhkhEReSRSlqwkMtFFXlLsycuX/nz4/PWbt96uVKtXtlSvVm68sqmqq2s/fPJZMe72oCD75Q8OxPht/+n9Zw/+u/FRw9OGp612Ry293f61Y912bN1ueE1T9ZpjW56tjZZnu1F7O2qvO+2dnZ5are3LKzuu7XlqtXratHvaaWvH7an1odVoqWmaenklbbjnmDFDTu3u1pZVmfGEd2bMw7z94/v+Mc2uW7GWRMzikZba3Sc6LgAAsJBG6v9vkhqhLNl+QZmJ1wL5MB5eBgT1fxKH9X+wWDis/++98FPn0rv3V+P6/0E+rf5/9Zcof6j+D84+9/r/u5HrRyuiM2/3JJ0fq/7HYlgbfkX+frhijwX1f/Bq6K/ov3j/3noYUP8DAAAAAAAAAAAAAAAAAAAAAHAWPPL9ku/7peQy+Tv8CkF8Pbl23BeNceaMe/wL8Y4C/ecDzqXrN2+JEX5xL7cq4nzZrXVr0WXcnnRcl5L8Gz4fYtGGE3thowbK8qOz260txwlL4f+KiIojtmxIScpD+WF89a3qlQ2NRPnh+Xe7tUxuJcivSyPM35SSPJWev5man5eXXhzIN6UkP9+RtjiyHb+PJfmfb6i++U51JL8Y9kvz+pN9SAAAAAAAmDtT1YiXz+Xh9W+0fjdN1bT2YC0vg+vzo58P9NfX66nr81zpudzpzh0AAAAAgIvCy3/atBzHdr3e2KAok/oU4qONNOVkwpGDIDdFn6HgYRgsH9dnaWCG0x45H/+CxrTDcL2eTD3mJPirIKl3ZrKF61CTkX6vThkk85+is3HSh8D1siefu+16a8F4dKbpDATJx0bj+si1WY88Lkh2zp3U+Zmvv/17tlNk4l17B5teu29MmGkYZEZu2ZvwpP3D9yeOZzn93eL7WX5kBgAAAMCCSIr+opfc8sbpDggAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAtortukjQlOe44AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAovg/AAD//5h69bA=")
open(&(0x7f0000000780)='./bus\x00', 0x14507e, 0x0)
fallocate(0xffffffffffffffff, 0x0, 0x0, 0x1000f4)
io_setup(0x7d, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r2, 0x11b, 0x4, 0x0, 0x0)
syz_emit_ethernet(0x0, 0x0, 0x0)
getdents64(r1, &(0x7f0000000f80)=""/4096, 0x1000)
accept$nfc_llcp(0xffffffffffffffff, 0x0, 0x0)
syz_usb_disconnect(r0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
getpriority(0x2, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000003c0)={[{@xino_auto}, {@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
chdir(&(0x7f0000000340)='./file0/file0\x00')
r3 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents(r3, &(0x7f0000001fc0)=""/170, 0xaa)

6m5.390439331s ago: executing program 5 (id=802):
setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0xd, 0x0, 0x0)
r0 = socket(0x18, 0x800, 0x0)
connect$pppoe(r0, &(0x7f0000000100)={0x18, 0x0, {0x2, @multicast, 'vxcan1\x00'}}, 0x1e)
r1 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r1, &(0x7f0000000040)={0x18, 0x0, {0x1, @multicast, 'ip6gre0\x00'}}, 0x1e)
r2 = socket$pppoe(0x18, 0x1, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
socket$vsock_stream(0x28, 0x1, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000500)=ANY=[@ANYBLOB], 0x10)
connect$pppoe(r2, &(0x7f0000000400)={0x18, 0x0, {0x2, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xa}, 'lo\x00'}}, 0x1e)
r3 = openat$ppp(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$PPPIOCATTCHAN(r3, 0x40047438, &(0x7f0000000040)=0x2)
ioctl$PPPIOCBRIDGECHAN(r3, 0x40047435, &(0x7f0000000200)=0x1)

6m4.020807276s ago: executing program 5 (id=803):
r0 = io_uring_setup(0x36dc, &(0x7f00000001c0)={0x0, 0x0, 0x800})
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000000}, 0x20040084)
sendmsg$nl_route_sched(r1, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000002c0)=@newqdisc={0x148, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0xfffffdfc, {0x0, 0x0, 0x0, r4, {0x3}, {}, {0x2, 0x1}}, [@qdisc_kind_options=@q_gred={{0x9}, {0x118, 0x2, [@TCA_GRED_DPS={0x10, 0x3, {0x0, 0x5, 0x1}}, @TCA_GRED_STAB={0x104, 0x2, "bb9e7ec07552af55454469e3b0a9d418f0ac62d0dd67d862e222495cc4275d34376817f53385800d592867e3155c85549f9649e096b3cdf362ed9aa37926f3b910cd8f6c42af3ea9bf0f987e3fcdb754df7a23c8c843598cf1e895962481da9208484c6d74fd5f35500967f2f17474293dbaf16ef1c57648c546079058bcaa51cfa3bc7011f99d7c09d8a80f7193702b9d60b8ff1a06e3b61d3faa850eb1c4c8fb0828c956ec912b6557bdb8018bee2501a58119e24a0ce8aef1eb317a2486ce288f42f55537eace30464854ad1bb45dbb14e4ca06635e103c365a132438672683d451a32e7bd1e73771bc9d3ea7e373f740ec6814b65cb189e2436e34dcc51f"}]}}]}, 0x148}, 0x1, 0x0, 0x0, 0x40098}, 0x4000000)
close_range(r0, 0xffffffffffffffff, 0x0)

6m2.827436545s ago: executing program 5 (id=804):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000080000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f00000005c0)='kfree_skb\x00', r1}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b7040000000000008500000043"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b000000000000000000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000980)='kfree_skb\x00', r3}, 0x18)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000580))
openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x141141, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0))
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='io.stat\x00', 0x26e1, 0x0)
close(r4)
r5 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x8901, 0x0)
ioctl$TUNSETOFFLOAD(r5, 0xc004743e, 0x110c23003f)
write$cgroup_devices(r4, &(0x7f0000000080)=ANY=[@ANYBLOB="80fd", @ANYRES64=r4], 0xa)

6m2.73479188s ago: executing program 1 (id=805):
bpf$TOKEN_CREATE(0x24, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0, r0}, 0x18)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
dup(r1)
r2 = socket$packet(0x11, 0x3, 0x300)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
setsockopt$packet_int(r2, 0x107, 0x14, &(0x7f0000000380)=0x9, 0x4)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000300)={'ip6_vti0\x00', <r3=>0x0})
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r4, <r5=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r6}, 0x10)
sendto$packet(r2, &(0x7f00000003c0)="10", 0x1, 0x4000, &(0x7f0000000140)={0x11, 0xf7, r3, 0x1, 0x0, 0x6, @local}, 0x14)
syz_emit_ethernet(0x76, &(0x7f0000000140)=ANY=[@ANYBLOB="ffffffffffffaaaaaaaaaabb86dd602e5cea00403c0020010000000000000000000000000000ff0200000000000000000000000000012c04000000000000c91000000000000000000000ffff00000000c910100000eb"], 0x0)

6m2.17883142s ago: executing program 1 (id=807):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0}, 0x18)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180), &(0x7f0000000200), 0x3, r0}, 0x38)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000400)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'lo\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}, {0xfff9, 0x8}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0x4}}]}, 0x38}}, 0x0)

5m59.427575253s ago: executing program 48 (id=807):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0}, 0x18)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180), &(0x7f0000000200), 0x3, r0}, 0x38)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000400)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'lo\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}, {0xfff9, 0x8}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0x4}}]}, 0x38}}, 0x0)

5m59.412911894s ago: executing program 5 (id=810):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
sched_setscheduler(0x0, 0x1, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, 0x0, 0x0)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0xd, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000008002b000000000000000018040000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x18, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = socket$xdp(0x2c, 0x3, 0x0)
mmap(&(0x7f0000002000/0x4000)=nil, 0x4000, 0x6, 0x8012, r3, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000003c0)='sched_switch\x00', r2}, 0x10)
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000480)='./file0\x00', 0x18008, &(0x7f0000003b40)=ANY=[], 0x7, 0x2f4, &(0x7f0000000880)="$eJzs3U1PE1sYwPGnLxRaAsPi5t5cE8OJbnQzgepaaQwkxiYSpMaXxGSQqTYdWzLTYGqM6Mqt8UO4ICzZkShfgI073bhxx8bEhSyMYzqdodAOb6VQAv9fQubJnPNMz+kMyXMmzLB+792zYt7R80ZFon1KIiIiGyJDEpVAxN9GvTghW72Wy/0/v5y/c//BrUw2Oz6l1ERm+kpaKTU4/PH5y6TfbaVX1oYerf9If1/7d+3/9T/TTwuOKjiqVK4oQ82Uv1WMGctUswWnqCs1aZmGY6pCyTHtenu53p63ynNzVWWUZgdSc7bpOMooVVXRrKpKWVXsqoo9MQolpeu6GkgJ9pJbnJoyMm0m93V4MDgitp0xYiKSbGnJLXZlQAAAoKua6/+oqE7W/0sXViv9d5cH/fp/JRFW/1/9Wj/Wtvq/Vl2G1v/B54fW/8bB6v/WiuhsOVT9j5NhONGyK9IIa412xkj5v7+eNw+XRqTn2AYIAAAAAAAAAAAAAAAAAAAAAAAOZ8N1Ndd1tWDrxkXEdbVe/wFv198fkhoTketdGDI6qOX8+z/7OP84BRoP7sUHRay387n5XH3rd1gVEUtMGRFNfnvXg68WB08eqZoh+WQt+PkL87mY15LJS8HLHxWtR5rzXXfiZnZ8VNVtz++R1Nb8tGjyT3h+OjQ/IZcubsnXRZPPj6Uslsx642jkvxpV6sbtbFN+0usHAAAAAMBpoKtNoet3Xd+pvZ6/ub5uvj8Qa6yvR0LX53E5F+/u3AEAAAAAOCuc6ouiYVmmvUuQlL37tB/Ej+jIwQz3mxX8LcPRzXSXIPjwbU3BP9jo+NcSOcDXskMQlXayhmuzUYedRXDbaKc+Mjl2/GfQC/57/+FX5w54bblvj5m2H8R2vwB4OTAAAABwCjWK/mDPWHcHBAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAGXQcb0fr9hwBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAk+JvAAAA///+mQDw")

5m43.008869627s ago: executing program 49 (id=810):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
sched_setscheduler(0x0, 0x1, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, 0x0, 0x0)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0xd, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000008002b000000000000000018040000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x18, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = socket$xdp(0x2c, 0x3, 0x0)
mmap(&(0x7f0000002000/0x4000)=nil, 0x4000, 0x6, 0x8012, r3, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000003c0)='sched_switch\x00', r2}, 0x10)
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000480)='./file0\x00', 0x18008, &(0x7f0000003b40)=ANY=[], 0x7, 0x2f4, &(0x7f0000000880)="$eJzs3U1PE1sYwPGnLxRaAsPi5t5cE8OJbnQzgepaaQwkxiYSpMaXxGSQqTYdWzLTYGqM6Mqt8UO4ICzZkShfgI073bhxx8bEhSyMYzqdodAOb6VQAv9fQubJnPNMz+kMyXMmzLB+792zYt7R80ZFon1KIiIiGyJDEpVAxN9GvTghW72Wy/0/v5y/c//BrUw2Oz6l1ERm+kpaKTU4/PH5y6TfbaVX1oYerf9If1/7d+3/9T/TTwuOKjiqVK4oQ82Uv1WMGctUswWnqCs1aZmGY6pCyTHtenu53p63ynNzVWWUZgdSc7bpOMooVVXRrKpKWVXsqoo9MQolpeu6GkgJ9pJbnJoyMm0m93V4MDgitp0xYiKSbGnJLXZlQAAAoKua6/+oqE7W/0sXViv9d5cH/fp/JRFW/1/9Wj/Wtvq/Vl2G1v/B54fW/8bB6v/WiuhsOVT9j5NhONGyK9IIa412xkj5v7+eNw+XRqTn2AYIAAAAAAAAAAAAAAAAAAAAAAAOZ8N1Ndd1tWDrxkXEdbVe/wFv198fkhoTketdGDI6qOX8+z/7OP84BRoP7sUHRay387n5XH3rd1gVEUtMGRFNfnvXg68WB08eqZoh+WQt+PkL87mY15LJS8HLHxWtR5rzXXfiZnZ8VNVtz++R1Nb8tGjyT3h+OjQ/IZcubsnXRZPPj6Uslsx642jkvxpV6sbtbFN+0usHAAAAAMBpoKtNoet3Xd+pvZ6/ub5uvj8Qa6yvR0LX53E5F+/u3AEAAAAAOCuc6ouiYVmmvUuQlL37tB/Ej+jIwQz3mxX8LcPRzXSXIPjwbU3BP9jo+NcSOcDXskMQlXayhmuzUYedRXDbaKc+Mjl2/GfQC/57/+FX5w54bblvj5m2H8R2vwB4OTAAAABwCjWK/mDPWHcHBAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAGXQcb0fr9hwBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAk+JvAAAA///+mQDw")

4m32.90476731s ago: executing program 2 (id=976):
r0 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10)
setsockopt$SO_RDS_TRANSPORT(r0, 0x114, 0x8, &(0x7f00000008c0)=0x2, 0x4)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f00006dbffc), 0x4)
bind$inet(r0, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57)
sendmsg$xdp(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000200)="0000000000aa303e97380e90231bdbdaf6a4bd866226b7cdb7c26858c4e4fd703be2f51ed6ddc4a47116ec2db75c7042a22491af0ffea4174a9de3350c0a498396b28c7d1784d04aa38922721cb7816094cb82950fd012efd26d", 0x5a}, {&(0x7f0000000900)="0f198d5aa5caa1c55b84b414797cbdd4e8c576a921a070fc828060506683fd1106a961ac55b5b8ea3342ca7de5559ca2c14e05e42aed8ba14b2c78cb540f71a817d80fbf1945a046ebda494a8048a106a4d49d7f214735ada53397db3b203885ce39ee48d69465935eade21ce36e61826c52c82f038341d9bab5687c740ed3c18897094e7e1391eb84a4052e03c0c7c39ae86d454938f65e284620b99481c33d9f5e5b7a6c0d7548723f55b213c76be37f40c850c38e265758ebd8238257a146d6eced16fd658a784c928fea7a841db1a7fd6520442dae5fc0d3a3d3a5f16fcf6fe4f062ecdad7d0f3c6cd339339533c0ef28ad1e2729907094c3de93c1b1b00ad6df89507000000fb7565d3a8e9eaea020ed173c2179fb03e0944460989240a689c7fe795d310be4e7a6b778a903280dbf426b39c3603c49049980767e31edb997f59785184cbd7b9070400000073c745f71db0906cb51780f908fa61634af8ac85d9f04f3dff0a948e81cd3229a59aaeb00995358155343e3239588a0383e4df109d5ca24276d0d83a27d0e9bf681c1bbea12a6f3c20ad50f63430333bb327eb6ae32fe8809065bce26d2dc2fbb2b48d404637d61fd86852e0e1b6ccc6f75b1107aaa5f60ef45f94e953b3f213c3cb4ca4c716565078c666f84e1a99bb4cb5c7190648132f6ff1f6cb79b93f20752753c938da6241607a742361d995188b23cb4b8269e98e822585695962620673433748e476f7cc3e37db88639c525ff3a502c82c283b00aecfe7734ab369e1ed7c75e27a5a333641817baa3ea37844e20e6266c5095abf9d47ca5f8ad93f1a4d8795daec222ada00d65cf91425fae7939ceaa8d94ec1ab5082e1d251c27b3132119b350e81771f3733be232ffb90c03a818bf458aac3314007c3e35d5e4bed6b897608b01e7e26a54433e5f5c74a2ee3c2fc50067be05a677f122b7dba7010830b879a41b579d44158fb89ea05761d2d369853bea84dfb8081ed7b891dcb3bb3361534fdc5252e4964aed936ad2838e7af14fc65c7c1c6d44c6256f2462ae83cfd6a6b2651da607fe79d345e5080098e9e6e7482cc5c267e00d8d09dcde70b60fe6220fe9530547201664db91cf1885ecc2f106b66cd99131523c99f6102ddd7403791b3a7ac59b256cc4c938fe01740ae4f19b5204ca305b1666b0c2a7e5015d6d530995843adfbac3954306d4cd82257d4d2c3283d45dbae43548fed9879328f114f7c8238ac955391b24614d91be1701ae07c170a9c299fcf3d0ac4cea07e88fbf66b697883af17a06ac3f9954eb2fbd20f101802cd023fc48c5d464c16059cc9dce8558c5322ac7612db0e2725427628c2c41a21f0d2f3962e32f710bf9e216ff1694e8d88c8a81328744b36d9ef9f08c0ea3ccd4f8729e2f00a048162834a95", 0x3f1}, {&(0x7f00000003c0)="128b9306006d4810e5ac5040ad9201847839fc378469d5765b9cc241840896c1498194a7197b45d74a8532b82037b02c9e6045c361eb", 0x36}], 0x3}, 0x0)
setsockopt$RDS_CONG_MONITOR(r0, 0x114, 0x6, &(0x7f0000000680)=0x1, 0x4)
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)=ANY=[], 0x30}}, 0x40)
recvmmsg(r0, &(0x7f0000003ec0)=[{{&(0x7f00000005c0)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, 0x80, &(0x7f0000000000)=[{&(0x7f00000012c0)=""/102, 0x66}, {&(0x7f0000001340)=""/212, 0xd4}], 0x2, &(0x7f0000001440)=""/71, 0x47}, 0x8000}, {{0x0, 0x0, &(0x7f0000001840)=[{&(0x7f00000014c0)=""/181, 0xb5}, {&(0x7f0000001d80)=""/4096, 0x1000}, {&(0x7f0000001580)=""/107, 0x6b}, {&(0x7f0000001600)=""/123, 0x7b}, {&(0x7f0000001680)=""/135, 0x87}, {&(0x7f0000001740)=""/208, 0xd0}], 0x6, &(0x7f00000018c0)=""/127, 0x7f}, 0x1a83}, {{&(0x7f0000001940)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @loopback}}}, 0x80, &(0x7f0000000400), 0x0, &(0x7f0000001ac0)=""/88, 0x58}, 0x3}, {{&(0x7f0000001b40)=@generic, 0x80, &(0x7f0000001c40)=[{&(0x7f00000006c0)=""/25, 0x19}, {&(0x7f0000001bc0)=""/123, 0x7b}], 0x2, &(0x7f0000001c80)=""/116, 0x74}}, {{&(0x7f0000002d80)=@can, 0x80, &(0x7f0000002e80)=[{&(0x7f0000002e00)=""/112, 0x70}], 0x1, &(0x7f0000002ec0)=""/4096, 0x1000}, 0x3c77}], 0x5, 0x100, 0x0)

4m27.633721834s ago: executing program 2 (id=985):
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
r0 = userfaultfd(0x80001)
openat(0xffffffffffffff9c, 0x0, 0x42, 0x53)
socket$packet(0x11, 0x3, 0x300)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x400000000008d}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000071000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback=0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
socket$pppl2tp(0x18, 0x1, 0x1)
r5 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r5, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
r6 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$inet_msfilter(r5, 0x0, 0x29, &(0x7f00000002c0)=ANY=[@ANYBLOB="e00000027f0000010100000002"], 0x18)
writev(r6, &(0x7f00000003c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1)
setsockopt$inet_mreqsrc(r5, 0x0, 0x24, &(0x7f0000000440)={@multicast2, @loopback, @empty}, 0xc)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000600)={0xaa, 0x138})
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f00000002c0)={0xaa, 0x100})
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000080)={{&(0x7f0000000000/0x400000)=nil, 0x400000}, 0x1})

4m23.749794503s ago: executing program 2 (id=988):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x3, &(0x7f0000000780), 0x8, 0x61a, &(0x7f0000000f40)="$eJzs3c9vFGUfAPDvTH/Svu/bQt68r3iQJsZAorS0gCHGRLgTAurNU6WFIIUSWqNFEkuCFxPjxYOJJw/if6EkXj149eDFkyEhxnAQQ2TNbGfKdru7tNvubul+PsnQeWY68zyz9LvPs88+z0wAXWss+yeN2B8R15KIkYp9vZHvHFv5vQd/3DyfLUmUSm/9nsTNj5PlynMl+c/h/OC/RyL5KY3Y17M+34WlG5en5+Zmr+fpicUr1yYWlm4cvnRl+uLsxdmrU69OnTh+7PiJySNbur7KrE/ffu+DkU/PvPPNV4+SyW9/OZPEyXic/0J2XdXHDmwp5+w1G4vSioeV27PX9cQWz71T/DlS/J08kVRvYMe6kP899kXE/2Mkeir+N0fik3MdLRzQUqUkijoK6DpJU/E/uP0FAdqsaAcUn+1XPwcnjVoNaRtaJkCr3T+10gGwEvt9EVH0g/Wu9A3GYLlvYOhBsqafJ3t72FrP3Iosjx9/OHM7W6KqH65GtyGwjZZvFb3cVfV/JOXYHI3BcmroQbom/tOKJdv+ZpP5j1Wla/XDA62xfCsinsvr//7YVPyPVcT/u03mL/4BAAAAAABg+9w9FRGv1Bj/F+nq+J/+GuN/hiPi5Dbk//Tv/9J7+UrDEYnA5t0/FfF6rfG/T8b4jvbkqX+XxwP0JRcuzc0eiYj/RMSh6BvI0pNV560cIXz4s31f1su/cvxftmT5F2MB8zPd662aiDszvTi91esGIu7fini+PP73QL5l7fifrP5PatT/WXxf22Ae+166c7bevhrxf86kY2iP0tcRB2vW/0+a20nj+3NMlNsDE0WrYL0XPvr8u3r5P73+B1olq/+HGsf/QFJ5v56FzZ2/PyKOLvWW6u1vtv3fn7zdU5w/8+H04uL1yYj+5PT67VObKzPsVkU8FPGSxf+hFxv3/622/yvicE9ELG8wz/89Hv613j71P3ROFv8zjev/0bX1/+ZXpu6Mfl8n++Tshur/Y+U6/VC+Rf8fVFp/P46NBmhHigsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAz7g0Iv4VSTq+up6m4+MRwxHx3xhK5+YXFl++MP/+1ZlsX/n5/2nxpN+RlXRSPP9/NCL6IiJLT+XpYv/RiNgbEV/07Cmnx8/Pz810+uIBAAAAAAAAAAAAAAAAAABghxguz/kvDVTP/8/81tPp0gEt9zD/Kd6h+/Q2fWRpYFsLArRd8/EPPOs2Hv99LS0H0H714//ho1JZW4sDtJH2P3SvJuPf1wWwC6j/oVttsE9vsNXlADpB/Q8AAAAAALvK3gN3f04iYvm1PeUl05/vM9gfdre00wUAOsYYXuhevfOdLgHQKT7jA8nq2l81J/vXH/2ftKZAAAAAAAAAAAAAAMA6B/eb/w/dqvH8f2P7YTdrMP+/VvC7XQDsIvUf/aHuh93OZ3wgecobgfn/AAAAAAAAAAAAALADDN64PD03N3t9YenZW3mjiaMGOl345emd8NJt78rj1py5LyJ2xgW2e6W4BcemDx/YtmJ0+H0JAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABY9U8AAAD//xNfJZE=")
r0 = syz_kvm_add_vcpu$x86(0x0, &(0x7f0000000080)={0x0, 0x0})
pipe2(&(0x7f00000000c0), 0x0)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000040)='kfree\x00', r1}, 0x18)
add_key$fscrypt_v1(0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r4, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
listen(r4, 0x3)
ioctl$BTRFS_IOC_DEV_INFO(r2, 0xd000941e, &(0x7f0000003380)={<r5=>0x0, "3000b65c712067aff8a142782b90e8f3"})
ioctl$BTRFS_IOC_SCRUB_PROGRESS(r1, 0xc400941d, &(0x7f0000000800)={r5, 0x7, 0x0, 0x1})
setsockopt$SO_BINDTODEVICE(r4, 0x1, 0x19, &(0x7f0000000040)='syz_tun\x00', 0x10)
syz_emit_ethernet(0x36, &(0x7f0000000380)={@local, @link_local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x2, 0x0, 0x0, 0x1}}}}}}, 0x0)
syz_emit_ethernet(0x38, &(0x7f0000000580)={@local, @link_local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x2a, 0x0, 0x0, 0x0, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x4}, {"c516"}}}}}}, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=@newqdisc={0x54, 0x10, 0x1, 0xfffffffc, 0x0, {0x0, 0x0, 0x0, 0x0, {0xffe0}, {0xf}, {0xe}}, [@TCA_RATE={0x6, 0x5, {0x9, 0x1}}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1a, {0x0, 0x0, 0x491, 0x0, 0x0, 0x0, 0x8, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x80}, 0x4000c00)
ioctl$KVM_RUN(r0, 0xae80, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x0, 0x19}, 0x94)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000280)={@mcast2, 0x800, 0x0, 0x1, 0x1}, 0x26)

4m18.382797706s ago: executing program 2 (id=998):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101097, 0x0)
mount$bind(&(0x7f0000000100)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b100a, 0x0)
mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x109041, 0x0)
unshare(0x26020480)
mount$bind(&(0x7f0000000880)='./file0/../file0\x00', &(0x7f0000000440)='./file0/file0\x00', 0x0, 0x1adc11, 0x0)

4m17.783890562s ago: executing program 2 (id=1000):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000f000000c5000000a000020095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET(r1, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000980)='kfree\x00', r0}, 0x18)
getpid()
r2 = socket$inet(0x2, 0x2, 0x1)
sendmsg$inet(r2, &(0x7f0000000200)={&(0x7f0000000000)={0x2, 0x3, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10, &(0x7f00000000c0)=[{&(0x7f0000002100)="0800a9fc0da6b30a", 0x8}], 0x1, &(0x7f0000001d00)=ANY=[@ANYBLOB='0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\a'], 0x30}, 0x0)

4m16.759508274s ago: executing program 2 (id=1002):
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x41}, 0x809d)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="000002f0d31209000000bc2e79e995"], 0x0)
write$binfmt_script(r0, &(0x7f0000000100), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
preadv(r0, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000180)="66b9800000c00f326635000800000f300f0f1c9a65660ff3b20618baa000ec672e660f38803d004000000f285473f61366b9800000c00f326635004000000f300f20e06635800000000f22e0f30fa6c8", 0x50}], 0x1, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20004000}, 0x14)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000000000/0x18000)=nil, &(0x7f00000004c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x20}}, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)

4m12.894760866s ago: executing program 50 (id=1002):
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x41}, 0x809d)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="000002f0d31209000000bc2e79e995"], 0x0)
write$binfmt_script(r0, &(0x7f0000000100), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
preadv(r0, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000180)="66b9800000c00f326635000800000f300f0f1c9a65660ff3b20618baa000ec672e660f38803d004000000f285473f61366b9800000c00f326635004000000f300f20e06635800000000f22e0f30fa6c8", 0x50}], 0x1, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20004000}, 0x14)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000000000/0x18000)=nil, &(0x7f00000004c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x20}}, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)

3m44.181878026s ago: executing program 9 (id=1062):
r0 = socket(0x1e, 0x805, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00'}, 0x2d)
connect$tipc(r0, &(0x7f0000000000)=@id, 0x10)
r4 = add_key$fscrypt_v1(&(0x7f0000000540), &(0x7f0000000080)={'fscrypt:', @desc2}, &(0x7f00000000c0)={0x0, "f1a1173fb9462d3589e67197f90be6e423ceb0ab4912f9f6a31854ec98e950cfed21fcad7ff0fbcb566a0982f8938caa52dd8d39af14c31ed56ad59300"}, 0x48, 0xffffffffffffffff)
r5 = add_key$fscrypt_v1(&(0x7f00000003c0), &(0x7f0000000040)={'fscrypt:', @auto=[0x63, 0x30, 0x62, 0x39, 0x5, 0x2, 0x64, 0x66, 0x63, 0x35, 0x34, 0x34, 0x66, 0x64, 0x64, 0x32]}, &(0x7f0000000480)={0x0, "6035ae1e0fe721441705322225930e6c1e3e2a51a92fd796bc34d7cf6e0236805b4377f7ab1a9b01c103a4c6a7ef54e6763fd7264c39ea00c508ba6062696138"}, 0x48, 0xfffffffffffffffe)
keyctl$KEYCTL_MOVE(0x4, r5, r4, 0x0, 0x0)
keyctl$restrict_keyring(0x1d, r5, 0x0, &(0x7f0000000000)='\')\x00')
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000080)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x20, 0x20, 0x7, [@enum={0x3, 0x1, 0x0, 0xf, 0x4000000, [{}]}, @struct={0x2}]}, {0x0, [0x0, 0x61, 0x61, 0x5f, 0x2e]}}, &(0x7f0000002200)=""/4110, 0x3f, 0x100e, 0x1}, 0x28)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
timer_create(0x0, 0x0, &(0x7f0000000000))
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000500)='hrtimer_start\x00', r6}, 0x10)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000500)='hrtimer_start\x00', r7}, 0x10)
timer_settime(0x0, 0x0, &(0x7f0000000200)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
socket(0x840000000002, 0x3, 0xff)

3m40.288179543s ago: executing program 9 (id=1069):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000640)={0x14, 0x3e, 0x301, 0x270bd26, 0x25dfdc00, {0x3}}, 0x14}}, 0x8004)
sendmsg$NFT_MSG_GETTABLE(r0, &(0x7f0000000380)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x4000}, 0x4000044)
socket$nl_netfilter(0x10, 0x3, 0xc)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r2, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f0000000300), 0x4)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="1e000000000000000100e00600", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB], 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r3, 0x0, 0x0}, 0x20)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r4, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r5 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r5, &(0x7f0000000140)={0x0, 0x2, &(0x7f0000000100)=[{&(0x7f0000000180)="5c00000013006bcd9e3fe3dc4e48aa31086b8703410000004000000000000000040014000d000a00100000009ee517d34460bc08eab556a705251e6182949a3651f60a84c9f5d1938837e786a6d0bdd7fcf50e4509c5bb5a00f69853", 0x5c}], 0x1, 0x0, 0x0, 0x1f000801}, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r2, 0x10e, 0x4, &(0x7f0000000640)=0x1800, 0x4)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f00000008c0)={'wlan0\x00', <r8=>0x0})
sendmsg$NL80211_CMD_NEW_INTERFACE(r6, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000980)={&(0x7f0000000000)={0x38, r7, 0x1, 0x0, 0x0, {{}, {@void, @val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_IFNAME={0x14, 0x4, 'nicvf0\x00'}, @NL80211_ATTR_IFTYPE={0x8, 0x5, 0xa}]}, 0x38}, 0x1, 0x0, 0x0, 0x10}, 0x2400c890)

3m32.652945948s ago: executing program 9 (id=1072):
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)={0x15, 0x65, 0xffff, 0x1000, 0x8, '9P2000.u'}, 0x15)
bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000001c0)={0x0, 0x0, 0x26, 0x0, 0x1}, 0x28)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0)
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000)={@multicast1, @local}, 0xc)
sendmsg$WG_CMD_SET_DEVICE(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000100)={0x0, 0x70}, 0x1, 0x0, 0x0, 0x20008040}, 0x4008891)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x3, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x2000000000000, 0x100000000, 0x0, 0x81, 0x100000, 0x0, 0x2004c8, 0x8000000, 0x0, 0x10001, 0x7, 0x8, 0x1000000005, 0x0, 0x2, 0xffffffffffffffff], 0x0, 0x200})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

3m28.951528683s ago: executing program 9 (id=1075):
r0 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r0, &(0x7f00000000c0)=[{&(0x7f0000000000)="580000001400192340834b80040d8c560a067fbc45ff810500000000000058000b480400945f6400947e5700", 0x2c}], 0x1)

3m28.349561101s ago: executing program 9 (id=1077):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x2, &(0x7f0000000c00)=@raw=[@exit, @exit], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

3m27.933159699s ago: executing program 9 (id=1079):
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000380), 0x109000, 0x0)
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
getpeername$inet6(0xffffffffffffffff, &(0x7f0000000340)={0xa, 0x0, 0x0, @empty}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f0000000000000000850000006d000000850000000800000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
ioctl$sock_SIOCETHTOOL(r2, 0x8946, &(0x7f0000000280)={'\x00', &(0x7f00000000c0)=@ethtool_ringparam={0x11, 0x1ff, 0x7f, 0x1368232d, 0x1ff0, 0x9, 0x6, 0x2, 0x3}})
sendmsg$IPSET_CMD_HEADER(0xffffffffffffffff, 0x0, 0x2)
openat$tcp_congestion(0xffffffffffffff9c, &(0x7f0000000300), 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
sendmmsg$unix(r5, &(0x7f0000004080)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="14000000000000000100000001000000", @ANYRES32=r4], 0x18}}], 0x1, 0x0)
r6 = dup3(r5, r4, 0x0)
connect$unix(r6, &(0x7f0000000100)=@abs={0x1, 0x0, 0x4e22}, 0x6e)

3m11.553129011s ago: executing program 51 (id=1079):
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000380), 0x109000, 0x0)
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
getpeername$inet6(0xffffffffffffffff, &(0x7f0000000340)={0xa, 0x0, 0x0, @empty}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f0000000000000000850000006d000000850000000800000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
ioctl$sock_SIOCETHTOOL(r2, 0x8946, &(0x7f0000000280)={'\x00', &(0x7f00000000c0)=@ethtool_ringparam={0x11, 0x1ff, 0x7f, 0x1368232d, 0x1ff0, 0x9, 0x6, 0x2, 0x3}})
sendmsg$IPSET_CMD_HEADER(0xffffffffffffffff, 0x0, 0x2)
openat$tcp_congestion(0xffffffffffffff9c, &(0x7f0000000300), 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
sendmmsg$unix(r5, &(0x7f0000004080)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="14000000000000000100000001000000", @ANYRES32=r4], 0x18}}], 0x1, 0x0)
r6 = dup3(r5, r4, 0x0)
connect$unix(r6, &(0x7f0000000100)=@abs={0x1, 0x0, 0x4e22}, 0x6e)

2m4.296647595s ago: executing program 7 (id=1273):
sched_setscheduler(0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r0=>0xffffffffffffffff})
recvmmsg(r0, &(0x7f00000000c0), 0x0, 0x40010042, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
syz_genetlink_get_family_id$tipc2(0x0, 0xffffffffffffffff)
sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
syz_mount_image$f2fs(&(0x7f00000004c0), &(0x7f0000000440)='./file0\x00', 0x2008410, &(0x7f0000001f80)=ANY=[@ANYBLOB="66617374626f6f742c71756f7461000000000000003b814e50a959736d65720f73ecea54b5e5be45ace9a88f723cb005aeff24212c651baef614d442ae89412ad3dcd0b7586d02002a6d6d65cacd4fc5002207ce994dda65c4b1d23a9bd5ba0f4ce5c2b5a5718c6aa918080002223d2753a5cac974110144cd0a1e368652324a41b31e1eb3b32dccbdf8f68bd96a45a75427a5f789d267fd92f6a5540200b81d5b9fa9b40fe4d7fbd50a6afc3a989c6d60045663c59cbdc4c700000000bc7f6b22df0191acf5912afdcc1c061835177068c40f757dd123d2600b1c544f1525aa8d00000000000000000000002e8b5c733d362417c17f527c0bfebec112d57fc69fabb9b31ef97b2147931ff60cdf666c25244218b1f1a6010000000100000020563b835d0e8e9a09070ef1691fcb2f37bda5d4e3d9d7a2d0ac82b45a53001057f321acc45d5e065a461de90100000077d200000000000040b78f0dd3836f5ab2f6a1a5b798bb7752f192c6b48e568973a59cd9c74bd9a14721856c5499cd8f93f8beaa9cf76718ce7244c8426803000000005c000208886b313bd01a22d576e414011a4f0a897515329f86d4585fa0ea17068f8af349696da4a2b3e24310ca52ec51bc23b57897cb55a2d513e6a00765ee3f58b471c54dd57f0af584afe4a21f92b515d7f2fa6fbb273ca0f751e684584320534667aea39ad7222c8ef531f514939177a47395e94c1723abb3fd44fd64fde4b45cc2f55f4ae05ff48648a4c998257856bcdcf2fa02010000001f54fb936570450e91c8d55abad76a7b7a000016f81ec9da9ccc1191c211632266d907e4d9b23496ae19bac24dc23c43f514f1b4af19988bbe61ee29a368a999435d6872d01b79c7821e875859dfbf3c57e4f1fb0be46cb5f7a0fa13516c0926d19dd2d5862085e1e4cb8279be17cba17ee4d06ad97b4ca282e73ea142b01b4a742fa11c0927ba811dd60903d575db449d775021b542db617086b3ed42e6e60fe043cff79b0c067c584bbf82657974c3736912b4b522052b9467d0da116ccc1652d861a420f09aaf67d3e9f6160100000001000000ae6335ad9896abd3cc00413638cb9bc62ab8054325d72e9144cf4f88702f586507e3147198e0bc4060a7c8f4dce73b653177ecf8228e6e6fae02510000000000000000000000000000f43739fdd2d24e50e0233acfe1c8639070fe00f40b0d01f8a0a35fcfe3ea10faf9c24b8488ed4ed83fb06a9a7c57442ede9e1fc2853b8f4d2241cff61d0125b7750e3fdae6a4ab9c776a191ed8098a780ea2bbaa64978cd3a6458fcc6b949bcbca0dceb7361f66e46731eba4f3aed335e7c8c541e82453218a19d39489e1525466ac93759787e767f601931d94c9c426489b741a6bc8abf475e4bf859e1ce7f7227069e9f51e25fa3d1b18dc565180a1af464a1dd697db85e2b27b90f6bd7cf1b6bc0bcd8ba552ced3d3cfbf9c9bc04f65b6f83cb40173b4bdc393d47e5da95b63a40ac18daf11e8d0706b47795fbe2b56d0ea7ffc5a59ede88621a08b25ca6ebe041317b62373a60951af33eb7954a9731aaa125add0913ed2435a207439e9122512d77096747a4b404459cebc8faff8f7a31758e630c75a1ff90402754d339dc21cf6b8e04e1aedf14df0b4aaf0e03194df3eb41ba066bc343b323a3162d7e7ba687633c2faa8f28b42364b72e3a457476fd6b2a54e670ba798172c44c4390f73fdab743a4cac88b2bd0545b8483f2e2f9846b138a4d8a7332978da70e9050417087c5ae034a735e8b448dd9701404", @ANYRES64], 0x1, 0x553b, &(0x7f000000ac00)="$eJzs3EtvG1UUAOA7TtPSJxFiwa4jVUiJVFt12lSwC9CKh0gV8ViwAsd2LLe2J4odJ2SFBEvEgn+CQGLFkt/AgjU7xALEDgnkuWNKKI9WduKk/T5pfGbujM+cO7ISnRnLAXhiLaS//pyES+FsCGEuhHAhCfl6Uiy51RieCyFcDiGU/rIkxfifA6dDCOdCCJdGyWPOpNj1+dXhlZWf3vjlm+/OnDr/xdffz27WwKw9H0LobsX13W6MWSvGu8V4bdjOY/fGsIhxR/desZ3FuNvcyDPs1sbH1fJ4vRWPz7Z2+qO42anVR7HV3szHt3rxhP1ha5wnf8Pd2na+3Whu5LHdz/LY2o917e3Hv237/UHM0yjyfZinD4PBOMbx5l4zzmfrXh7rvUExHvNmjebeKA6LWJwu1LNOI69jY5Irfby92e7t7KXD5na/nfXSlUr1hUr1Zrm6nTWag+aNcq3buHkjXWx1RoeVB81ad7WVZa1Os1LPukvpYqteL1er6eKt5ka71kur1cr1yrXyylKxdjV99c67aaeRLo7iy+3ezul2p59uZttpfMdSuly5/uJSeqWavr22nq6/dfv22vo77996785La6+/Uhz0QFnp4vK15eVy9Vp5ubp0DOY/+r/7kPMfTDL/T4qiH2H+yWSXB/6bDxjAI3ug/w/6f+DwnfT+P0yz/x+1VPr//+9/S5P3/xP1v8e1/z/B84eJ6P8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ5YP8x/+Vq+shC3zxfjF4uhZ4rtJIRQCiH8/g/mwukDOeeKPPP/cvz832r4Ngl5htE5zhTLuRDCarH89vRhXwUAAAB4fH310eXPYrceXxZmXRBHKd60KV34YEr5khDC/MKPU8pWGr08O6Vk+ef7VNibUrb8BtZTU0oWb7mdmla2hzI3Dh9fvD+YTyiJoXSk5QAAAEdi7kA42i4EAACAo/TprAtgNpIwfpQ5fhacf/P+/qPNswf2AQAAACdQMusCAAAAgEOX9/9+/w8AAAAeb/H3/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4g537uU0ciOIA/GwwsP+0aLX3bWVvUEZKyDHHQAFpghJIC2mAGsgtJUQQYY+QHIEUiXGsoO+TPM7Y0W9mgMsbSwYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6NJztZ4/3v97uDRnt79MntUAAAAAp2yr9bz+Y9r0f6Trv9KlP6lfREQZEadq90GMWpmDlFOd+f/q3RyeIuqEwxjjdHyPiP/peP3d9acAAAAA12uzXM2aar1ppn1PiM/UbNqUP28y5RURUU1fMqWVh+ZvprD69z2Mu0xp9QbWJFNYs+U2PH1vlGuQtkHrlFYyWdRfYt0ruxkXAADoU7sSOFOFAAAAcAVu+54A/SiOzfE547g5pQeC31o9AAAA4Asq+p4AAAAA0Lm6/vf+PwAAALhuzfv/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6NK2Ws83y9Xs3P3FB3N2+8vkWxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwBv7844CIRAGYbB3fWcy9z+sNGhobFIFwsffGAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAm9/95f/E1DiTzL02lp5HkrVTY+vU2Ds3jv4wvn4NAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXOzPSwqEQBBEwZzxv5O+/2ElQc8gQgQ0PKqoRQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBFv/vl/8TUOJPMnTaWjkeStavG1lVj70Hj6MF4+zcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXOzcP28cRRQA8Hd7t5c/gDAGuTCgIFFAQ+xLSEgJBcii4CMgWc45GC4EEhckskBuoEKu0yAoEUICmS7fIXUspQldChdGogbt3u5lkxhyiszuEv9+0uy8Pa9m3uydLD/P2gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAafedeCkp4m52mBnH5Wu39jZWsn7ngT5zY+v2fNayuPOoib55++CTb7eXqycn5ionX9WfDAAAAIdDt6zvI+JOur2U9clMXv+n5TVZzf/9M+O4rOcfrPt39jaOFl+aL+v/3369+8JkopnxPNmgq2uj4eLDqfT+oyW23rOPvKKX3/n8dy/d/A1J3t98fjfN72fn25s33+3n4ZE6sgUAHsfJsi+C8uehrB80mRgAh0avUniX9X93ptmcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOqwuxlPlXEnIuZ79+LMzt7Gyn79ja3b82U7e/36VnXMbIg0IlbXRsO0xrW03ZWr1z5ZHo2Gl+sPTkREc7MXwYdTXBPx79cUH89obhX/HHTakUajQVK8P23J5yCD8rN38CM39A0JAIAnVlq0rK6/k24vZa91ZiP++uH++v+1ShxT1v93Pzp7qzpXtf4f1LbC9ltYv/jZwpWr195Yu7h8YXhh+OmbpwZvDU6fO3Pm3EJ2rxYXViMZLjadJgAAAP9j/aJV6/9k9uH9/+OVOKas/z//bvBlda6u+n9f9zb9ms4EAADgMOpPoude+fOPzj5XdPr9+GJ5ff3yYHycnJ8aH2tN9zEdKVq1/u/ONp0VAAAAUIfdzc59+//nK3FMuf//9I8v/lwdsxsRxyIuRcTw5Mql0fn6ltNqdfyhcj5Rv+mVAgAA0JRjRavu/6f58//J5JGHJCJef3Ucl//rapr6v/ve1z9V56o+/3+6viW2UjI3vh95PxfRm2s6IwAAAJ5kR4uWFfu/p9tLH/9y/IO+5/8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6vZ3AAAA//+pzDYD")
gettid()
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r2}, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x183341, 0x0)

1m59.27845384s ago: executing program 7 (id=1298):
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = bpf$MAP_CREATE(0x0, 0x0, 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xd, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000a000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000400850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r3, 0x5, 0x3100, 0x3100, &(0x7f0000000000), 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
sendmsg$NFT_BATCH(r1, 0x0, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000002100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000090a010400000000000000000a0000040900010073797a310000000008000540000000040900020073797a310000000008000a40fffffffc200011800e000100636f6e6e6c696d69740000000c00028008000140fffff274140000"], 0x84}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
sendmsg$NFQNL_MSG_CONFIG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000001c0)={0x28, 0x2, 0x3, 0x101, 0x0, 0x0, {0x1, 0x0, 0xa}, [@NFQA_CFG_PARAMS={0x9, 0x2, {0x8, 0x1}}, @NFQA_CFG_CMD={0x8, 0x1, {0x1, 0x0, 0xf}}]}, 0x28}, 0x1, 0x0, 0x0, 0x4001}, 0x20000)
sendmsg$NFT_MSG_GETSETELEM(r1, 0x0, 0x8000)
socket$isdn_base(0x22, 0x3, 0x0)
socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000040)=0x8, 0x4)
r4 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r4, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(aes)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r5 = accept4(r4, 0x0, 0x0, 0x800)
sendmmsg$alg(r5, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0x10}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fb", 0x42}, {&(0x7f0000000600)}], 0x3}], 0x1, 0x0)
recvmsg(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x51}, {&(0x7f00000002c0)=""/92, 0x5c}], 0x2}, 0x0)
bind$inet(r0, &(0x7f0000000280)={0x2, 0x5e21, @local}, 0x10)
close(0x3)

1m59.061032298s ago: executing program 7 (id=1301):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000240)='./file2\x00', 0x0, &(0x7f0000000080)={[{@barrier_val={'barrier', 0x3d, 0x7}}]}, 0xc1, 0x7b7, &(0x7f00000007c0)="$eJzs3ctrXNcZAPDvjl6W7FYqFFp3JSi0AuNR5ap2C124dFEKNRjadW0xGgtXI43RjIwlBLYpgWwCScgikGy8zsPZZZvHNvkvsgg2TiKLKGQRJtzRHWlkzciSo5kR6PeDq3vOfeicb859nJlzmQngxBpP/+QizkbEq0nEaLY8iYiBeqo/4vLWdpvra4V0SqJW+/fXSX2bjfW1QjTtkzqdZX4dEZ+8FHEuly44tavcysrq/EypVFzK8pPVhVuTlZXV8zcXZuaKc8XFi1PT0xcu/enSxaOL9dvPV888fu0fv3//8vf//9XDVz5N4nKcydY1x3FUxmM8e00G0pdwl78fdWE9lvS6AryQ9NTs2zrL42yMRl891cZwN2sGAHTK3YioAQAnTOL+DwAnTONzgI31tUJj6u0nEt315G9bQ5Mb2djm5nb8/dmY3an6OOjIRrJrZCSJiLEjKH88It7+8L/vplN0aBwSoJV79yPi+tj43ut/sueZhcP6w34ra0P12fgzi13/oHs+Svs/f27V/8tt93+iRf9nqMW5+yKef/7nHh1BMW2l/b+/Nj3bttkUf2asL8v9rN7nG0hu3CwV02vbzyNiIgaG0vxUfdPWT0FNPP3habvym/t/37z+v3fS8tP5zha5R/1Du/eZnanO/NS4G57cj/hNf6v4k+32T9r0f68esIx//uXlt9qtS+NP421Me+PvrNqDiN+1bP+dtkz2fT5xsn44TDYOihY++OLNkXbl77T/UH2elt94L9ANafuP7B//WNL8vGbl8GV89mD043brmo//1vG3Pv4Hk//U04PZsjsz1erSVMRg8q+9yy/s7NvIN7ZP45/4bevzv93xn8uejb2+ndtf/+Ov3sv+Vcv46+61i7+z0vhnD9X++yRq2T7PrHq4Od/XrvyDtf90PTWRLTnI9e85NW0knt94AAAAAAAAAAAAAAAAAAAAAAAAAHAEchFxJpJcfjudy+XzW7/h/csYyZXKleq5G+Xlxdmo/1b2WAzkGl91Odr0fahT2ffhN/IXnsn/MSJ+ERFvDA3X8/lCuTTb6+ABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIHN69+//301n+fzWui+Hel07AKBjTvW6AgBA17n/A8DJc7j7/3DH6gEAdM+h3//Xks5UBADomgPf/693th4AQPcY/wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKDDrl65kk6179bXCml+9vbK8nz59vnZYmU+v7BcyBfKS7fyc+XyXKmYL5QX2v6je1uzUrl8azoWl+9MVouV6mRlZfXaQnl5sXrt5sLMXPFacaBrkQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAwVVWVudnSqXiksS+ieHjUY1jk+iPY1GNI0vU+rbOh+NRn/5oLBnsWTWarxLDPbo6AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABx/PwYAAP//eUchiw==")
r1 = openat(0xffffffffffffff9c, 0x0, 0x42, 0x0)
pwrite64(r1, &(0x7f0000000180)="de", 0x1, 0x72b4)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x107842, 0x0)
sendfile(r2, r2, 0x0, 0x80000000)

1m58.39499814s ago: executing program 7 (id=1304):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000480)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cf84ded40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c86e00f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec231fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895012f1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c3405000000000000003871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d37261774cc5a3bf6b466cb72812da518ff602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d50a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a31b16ac5fb73fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953f88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a5fe1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9d66ebbc8bab4ea81232fbef665f6212f875b2a00000000000000aceb111b66a500ca52fd8f848088c67ee65dfdcc4c580e9bc18c1699dca07d019bf1bf9dd3da480d6c155d7e60674ce88ab5ae07a9d16e22792d99986b531ab4e592ab5925da779e700cf20309a2137877690dc5c07956fc82d7b3bb46d3138041af18508938c9be4e5d0a98073463a5cff6c146d020743da474cb81677a6f389f0e00c33b70b7f8bab95435c27167f365a29fb09cbf35bf192f6a65616fa2ad9a6c7ca3a3ecd96aaecd993e8badb40e7eb8a22b0015e70c885cd519e28448168c6d914265998bff74ea1b0e651a6cae9419096248a0e41573827ad60fafce6e6540734c1f23f75337d836c31497e8112969a039d65aa297e2b046b5f4d11116a89f9f65693d4dc3e70fbfe0b2044fdb3f87e887d1daae8e38a0c19f668f776e19a02bb2449ee4384f6536879c85d7e41bc0276ee2b125d41ff358323311703ec01d64a573bdeb75bdcc87d01de38365ab9222713d2d1640a742d62fefb5403b2ed9969c32a0841e8c36b0107bb888eb14ac62e6d4bdfaeb9ee7436b97bf3825a19d6c8997ce285edf1d277ed703f560460417bfe702af833e83c5b987befb6d1fcf765ab7ea537d9dafb622a1ba8686cb9b1c63b84470364942e90d1cf856cead864f5e38c83b9ed86cc5725a20299ce512b165"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0xffffffffffffff22}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000900)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd608a96460014040000ffff00000000000000000000000000fe8000000000000000000000000000aa"], 0x0)

1m57.923768767s ago: executing program 7 (id=1305):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/power/disk', 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x11, 0x3, 0x0, &(0x7f0000000000)='syzkaller\x00'}, 0x94)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, 0x0, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0xb, 0x59032, 0xffffffffffffffff, 0x0)
r1 = userfaultfd(0x80801)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0xa031, 0xffffffffffffffff, 0x0)
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x4})
ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000100)={&(0x7f0000800000/0x800000)=nil, &(0x7f0000339000/0x1000)=nil, 0x800000})

1m57.670959201s ago: executing program 7 (id=1308):
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
openat$incfs(0xffffffffffffffff, &(0x7f00000000c0)='.pending_reads\x00', 0x10802, 0x80)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xd5cd7000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f0000000000000000850000006d000000850000000800000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
tkill(0x0, 0x38)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
syz_mount_image$exfat(&(0x7f0000001500), &(0x7f0000000180)='./file1\x00', 0x8000, &(0x7f0000000400)=ANY=[@ANYRES64=0x0], 0x1, 0x14fe, &(0x7f0000001580)="$eJzs3QuYjtX6MPB1r7UexjTxNslhWPe6H940WCZJckiSQ5IkSZJTQtIkSUJiyCkJSchxkhyGkBwmJo3z+ZBz0mRLkiSnnML6rqndtve//b/s/e39//y/Pffvutb1rvtaz72etd6beZ/nuebwQ9fhtZrUrt6IiMS/BH57SRFCxAghBgkh8gkhAiFE+fjy8dnjeRSk/GsnYf9ej6Zd6xWwa4nrn7Nx/XM2rn/OxvXP2bj+ORvXP2fj+udsXH/GcrKtMwvfwC3ntn/9+X/Mby/8/P//Q/z5n7Nx/f/TnM7zzxzN9f9Pctl7/89lcP1zNq5/zsb1z9m4/jkb1z9n4/ozlpNd6+fP3K5tu9b//hhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOM5Qzn/BVaCPF7/1qvizHGGGOMMcYYY/8+Pve1XgFjjDHGGGOMMcb+54GQQgktApFL5BYxIo+IFdeJOHG9yCvyiYi4QcSLG0V+cZMoIAqKQqKwSBBFRFFhBAorSISimCguouJmUULcIhJFSVFKlBZOlBFJ4lZRVtwmyonbRXlxh6gg7hQVRSVRWVQRd4mq4m5RTdwjqot7RQ1RU9QStcV9oo64X9QVD4h64kFRXzwkGoiHRUPxiGgkHhWNxWOiiXhcNBVPiGaiuWghWopW/1f5r4ie4lXRS/QWKaKP6CteE/1EfzFADBSDxOtisHhDDBFviqFimBgu3hIjxNtipHhHjBKjxRjxrhgrxonxYoKYKCaJVPGemCzeF1PEB2KqmCamixkiTcwUs8SHYraYI+aKj8Q88bGYLxaIhWKRSBefiMViicgQn4ql4jORKZaJ5WKFWClWidVijVgr1on1YoPYKDaJzWKL2Co+F9vEdrFD7BS7xG6xR3wh9oovxT7xlcgSX/+T+Wf/S343ECBAggQNGnJBLoiBGIiFWIiDOMgLeSECEYiHeMgP+aEAFIBCUAgSIAGKQlFAQCAgKAbFIApRKAElIBESoRSUAgcOkiAJysJtUA7KQXkoDxWgAlSESlAJqkAVqApVoRpUg+pQHWpADagFteA+uA/uh7pQF+pBPagP9aEBNICG0BAaQSNoDI2hCTSBptAUmkEzaAEtoBW0gtbQGtpAG2gH7aA9tIcO0AGSIRk6QkfoBJ2gM3SGLtAFukJX6AbdoTu8Aq/Aq/Aq9IYasg/0hb7QD/rBABgIA+F1GAxvwBvwJgyFYTAc3oK34G0YCWdgFIyGMTAGqspxMB4mAMlJkAqpMBkmwxSYAlNhGkyDGZAGM2EWzILZMAfmwEcwDz6Gj2EBLIBFkA7psBiWQAZkwFI4C5mwDJbDClgJq2AlrIG1sAbWwwZYD5tgE2yBLfA5fA7bYTvshJ2wG3bDF/AFfAlfwlDIgizYD/vhAByAg3AQDsEhOAyH4QgcgaNwFI7BMTgOJ+AknIDTcBrOwFk4B+fgAlyAi3ARLsPl7P/8MpuWWuaSuWSMjJGxMlbGyTiZV+aVERmR8TJe5pf5ZQFZQBaShWSCTJBFZVGJEiXJUBaTxWRURmUJWUImykRZSpaSTjqZJJNkWVlWlpPlZHl5h6wg75QVZSXZ1lWRVWRV2c5Vk/fI6rK6rCFrylqytqwt68g6sq6sK+vJerK+rC8byIdlQ9kHBsCjMrsyTeQwaCqHQzPZXLaQLeXb8KRsLUdCG9lWtpNPy9EwCjrI1i5ZPic7yvHQSb4gJ8CLsoucBF3ly7Kb7C57yFdkT9nG9ZK95VToI/vKGdBP9pcD5EA5G2rK7IrVkm/KoXKYHC7fkovgbTlSviNHydFyjHxXjpXj5Hg5QU6Uk2SqfE9Olu/LKfIDOVVOk9PlDJkmZ8pZ8kM5W86Rc+VHcp78WM6XC+RCuUimy0/kYrlEZshP5VL5mcyUy+RyuUKulKvkarlGrpXr5Hq5QW6Um+RmuUVulZ/LbXK73CF3yl1yt9wjv5B75Zdyn/xKZsmv5X75J3lAfiMPym/lIfmdPCy/l0fkD/Ko/FEekz/J4/KEPClPydPyZ3lGnpXn5Hl5Qf4iL8pL8rL0UihQUimlVaByqdwqRuVRseo6FaeuV3lVPhVRN6h4daPKr25SBVRBVUgVVgmqiCqqjEJlFalQFVPFVVTdrEqoW1SiKqlKqdLKqTIqSd2qyqrbVDl1uyqv7lAV1J2qoqqkKqsq6i5VVd2tqql7VHV1r6qhaqpaqra6T9VR96u66gFVTz2o6quHVAP1sGqoHlGN1KOqsXpMNVGPq6bqCdVMNVctVEvVSj2pWqunVBvVVrVTT6v26hnVQT2rktVzqqN6XnVSL6jO6kXVRb2kuqqXVTfVXfVQl9Rl5VUv1VulqD6qr3pN9VP91QA1UA1Sr6vB6g01RL2phqpharh6S41Qb6uR6h01So1WY9S7aqwap8arCWqimqRS1XtqsnpfTVEfqKlqmpquZqg0NVMN+PNMc/+B/Pf/Tv6QX8++RW1Vn6ttarvaoXaqXWq32qP2qL1qr9qn9qkslaX2q/3qgDqgDqqD6pA6pA6rw+qIOqKOqqPqmDqmjqsT6rw6pU6rn9UZdVadVefVBXVBXfzzeyA0aKmV1jrQuXRuHaPz6Fh9nY7T1+u8Op+O6Bt0vL5R59c36QK6oC6kC+sEXUQX1Uajtpp0qIvp4jqqb9Yl9C06UZfUpXRp7XQZnaRv/Zfzr7a+VrqVbq1b6za6jW6n2+n2ur3uoDvoZJ2sO+qOupPupDvrzrqL7qK76q66m+6me+geuqfuqb0QIkWn6L76Nd1P99cD9EA9SL+uB+vBeogeoofqoXq4Hq5H6BF6pB6pR+lReoweo8fqsXq8Hq8n6ok6VafqyXqynqKn6Kl6qp6up+s0naZn6Vl6tp6t5+q5ep6ep+fr+XqhXqjTdbperBfrDJ2hl+qlOlMv08v0Cr1Cr9Kr9Bq9Rq/T6/QGvUFv0pt0pv79GzR36B16l96l9+g9eq/eq/fpfTpLZ+n9er8+oA/og/qgPqQP6cP6sD6ij+ij+qg+po/p4/q4PqlP6tP6tD6jz+hz+py+oC/oi/qivqwvZ1/2BTKQgQ50kCvIFcQEMUFsEBvEBXFB3iBvEAkiQXwQH+QPbgoKBAWDQkHhICEoEhQNTICBDSgIg2JB8SAa3ByUCG4JEoOSQamgdOCCMkFScGtQNrgtKBfcHpQP7ggqBHcGFYNKQeWgSnBXUDW4O6gW3BNUD+4NagQ1g1pB7eC+oE5wf1A3eCCoFzwY1A8eChoEDwcNg0eCRsGjQePgsaBJ8HjQNHgiaBY0D1oELYNW/9b5vT9T8CnXy/Q2KaaP6WteM/1MfzPADDSDzOtmsHnDDDFvmqFmmBlu3jIjzNtmpHnHjDKjzRjzrhlrxpnxZoKZaCaZVPOemWzeN1PMB2aqmWammxkmzcw0s8yHZraZY+aaj8w887GZbxaYhWaRSTefmMVmickwn5ql5jOTaZaZ5WaFWWlWmdVmjVlr1pn1ZoPZaDaZzWaL2Wo+N9vMdrPD7DS7zG6zx3xh9povzT7zlckyX5v95k/mgPnGHDTfmkPmO3PYfG+OmB/MUfOjOWZ+MsfNCXPSnDKnzc/mjDlrzpnz5oL5xVw0l8xl47Mv7rM/3lGjxlyYC2MwBmMxFuMwDvNiXoxgBOMxHvNjfiyABbAQFsIETMCiWBSzERIWw2IYxSiWwBKYiIlYCkuhQ4dJmIRlsSyWw3JYHstjBayAFbEiVsbs+5G78G68G+/Be/BevBdrYk2sjbWxDtbBulgX62E9rI/1sQE2wIbYEBthI2yMjbEJNsGm2BSbYTNsgS2wFbbC1tga22AbbIftsD22xw7YAZMxGTtiR+yEnbAzdsYu2AW7Ylfsht2wB/bAntgTe2EvTMEU7It9sR/2wwE4AAfhIByMg3EIDsGhOBSH43AcgSNwJI7EUTgax+C7OBbH4XicgBNxEqZiKk7GyTgFp+BUnIrTcTqmYRrOwlk4G2fjXJyL83Aezsf5uBAXYjqm42JcjBmYgUtxKWZiJi7H5bgSV+JqXI1rcS2ux/W4ETfiZtyMW3ErbsNtuAN34C7chXtwD+7FvbgP92EWZuF+3I8H8AAexIN4CA/hYTyMR/AIHsWjeAyP4XE8DifxJJ7G03gGz+A5PIcX8Be8iJfwMnqMsXlsrL3OxtnrbV6bz8bYPL2FEH+JC9nCNsEWsUWtsQVswb+J0VqbaEvaUra0dbaMTbK3/iGuaCvZyraKvctWtXfban+I69j7bV37gK1nH7S17X1/E9e3D9kG9nHb0D5hG9nmtrFtaZvYx21T+4RtZpvbFralbW+fsR3sszbZPmc72uf/EC+2S+xau86utxvsXvulPWfP2yP2B3vB/mJ72d52kH3dDrZv2CH2TTvUDvtDPMa+a8facXa8nWAn2kl/iKfbGTbNzrSz7Id2tp3zhzjdfmLn2Qw73y6wC+2iX+PsNWXYT+1S+5nNtMvscrvCrrSr7Gq75i9rXWE32c12i91jv7Db7Ha7w+60u+zuX+PsfeyzX9ks+7U9bL+3B+w39qA9ag/Z736Ns/d31P5oj9mf7HF7wp60p+xp+7M9Y8/+uv/svZ+yl+xl660gIEmKNAWUi3JTDOWhWLqO4uh6ykv5KEI3UDzdSPnpJipABakQFaYEKkJFyRCSJaKQilFxitLNVIJuoUQqSaWoNDkqQ0l0K5Wl26gc3U7l6Q6qQHdSRapElakK3UVV6W6qRvdQdbqXalBNqkW16T6qQ/dTXXqA6tGDVJ8eogb0MDWkR6gRPUqN6TFqQo9TU3qCmlFzakEtqRU9Sa3pKWpDbakdPU3t6RnqQM9SMj1HHel56kQvUGd6kbrQS9SVXqZu1J160CvUk16lXtSbUqgP9aXXqB/1pwE0kAbR6zSY3qAh9CYNpWE0nN6iEfQ2jaR3aBSNpjH0Lo2lcTSeJtBEmkSp9B5NpvdpCn1AU2kaTacZlEYzaRZ9SLNpDs2lj2gefUzzaQEtpEWUTp/QYlpCGfQpLaXPKJOW0XJaQStpFa2mNbSW1tF62kAbaRNtpi20lT6nbbSddtBO2kW7aQ99QXvpS9pHX1EWfU376U90gL6hg/QtHaLv6DB9T0foBzpKP9Ix+omO0wk6SafoNP1MZ+gsnaPzdIF+oYt0iS6TJxFCKEMV6jAIc4W5w5gwTxgbXhfGhdeHecN8YSS8IYwPbwzzhzeFBcKCYaGwcJgQFgmLhibE0IYUhmGxsHgYDW8OS4S3hIlhybBUWDp0YZkwKbw1LBveFpYLbw/Lh3eEFcI7w4phpbByWCW8K6wa3h1WC+8Jq4f3hjXCmmGtsHZ4X1gnvD+sGz4Q1gsfDMuFD4UNwofDhuEjYaPw0bBx+FjYJHw8bBo+ETYLm4ctwpZhq/DJsHX4VNgmbBu2C58O24fPhB3CZ8Pk8LmwY/j8VcdTwj5h3/C18LXQ+wfUwuiiaHr0k+ji6JJoRvTT6NLoZ9HM6LLo8uiK6Mroqujq6Jro2ui66ProhujG6Kbo5uiWqPe1cwsHTjrltAtcLpfbxbg8LtZd5+Lc9S6vy+ci7gYX7250+d1NroAr6Aq5wi7BFXFFnXHorCMXumKuuIu6m10Jd4tLdCVdKVfaOVfGJbmWrpVr5Vq7p1wb19a1c0+7p90z7hn3rHvWPec6uuddJ/eC6+xedF3cS+4l97Lr5rq7Hu4V19O96nq53i7Fpbi+rq/r5/q5AW6AG+QGucFusBvihrihbqgb7oa7EW6EG+lGulFulBvjxrixbqwb78a7iW6iS3WpbrKb7Ka4KW6qm+qmu+kuzaW5WW6Wm+1mu7lurpvn5rn5br5b6Ba6dJfuFrvFLsNluKVuqct0mW65W+5WupVutVvt1rq1br1b7za6jW6z2+y2uq1um9vmdrgdbpfb5fa4PW6v2+v2uX0uy2W5/W6/O+AOuIPuW3fIfecOu+/dEfeDO+p+dMfcT+64O+FOulPutPvZnXFn3Tl33l1wv7iL7pK77LxLjbwXmRx5PzIl8kFkamRaZHpkRiQtMjMyK/JhZHZkTmRu5KPIvMjHkfmRBZGFkUWR9MgnkcWRJZGMyKeRpZHPIpmRZZHlkRWRlZFVEe+LbAt9MV/cR/3NvoS/xSf6kr6UL+2dL+OT/K2+rL/Nl/O3+/L+Dl/B3+kr+kq+sn/CN/PNfQvf0rfyT/rW/infxrf17fzTvr1/xnfwz/pk/5zv6J/3nfwLvrN/0XfxL/mu/mXfzXf3Pfwrvqd/1ffyvX2K7+P7+td8P9/fD/AD/SD/uh/s3/BD/Jt+qB/mh/u3/Aj/th/p3/Gj/Gg/xr/rx/pxfryf4Cf6ST7Vv+cn+/f9FP+Bn+qn+el+hk/zM/0s/6Gf7ef4uf4jP89/7Of7BX6hX+TT/Sd+sV/iM/ynfqn/zGf6ZX65X+FX+lV+tV/j1/p1fr3f4Df6TX6z3+K3+s/9Nr/d7/A7/S6/2+/xX/i9/ku/z3/ls/zXfr//kz/gv/EH/bf+kP/OH/bf+yP+B3/U/+iP+Z/8cX/Cn/Sn/Gn/sz/jz/pz/ry/4H/xF/0lf5l/Zo0xxhhj7B+irjLe57/JkX/u9xVCXL+98KH/Or6xwG/9/rkT2keEEM/17vro761GjZSUlD8fm6lEUHyBECJyJT+XuBIvE+3EMyJZtBVl/zIe81fn6i+7X6CrzB+9Q4jYv8rJzv89vjL/bX93//3luHlXnX+BEInFr+TkEVfiK/OX+2/mL9j6KvPn+SZViDZ/lRMnrsRX5k8ST4nnRfLfHMkYY4wxxhhjjP2mv6zc+Wr3t9n35wn6Sk5ucSX+e/fnjDHGGGOMMcYY+9/lxe49nn0yObltZ+78T3V8vt/e6v8t6+EOd/6BzrX+ysQYY4wxxhj7d7ty0X+tV8IYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjOVc/y9+ndjv57ra3xpkjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHG/lP9nwAAAP//sjE7Eg==")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0)

1m39.929007713s ago: executing program 52 (id=1308):
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
openat$incfs(0xffffffffffffffff, &(0x7f00000000c0)='.pending_reads\x00', 0x10802, 0x80)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xd5cd7000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f0000000000000000850000006d000000850000000800000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
tkill(0x0, 0x38)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
syz_mount_image$exfat(&(0x7f0000001500), &(0x7f0000000180)='./file1\x00', 0x8000, &(0x7f0000000400)=ANY=[@ANYRES64=0x0], 0x1, 0x14fe, &(0x7f0000001580)="$eJzs3QuYjtX6MPB1r7UexjTxNslhWPe6H940WCZJckiSQ5IkSZJTQtIkSUJiyCkJSchxkhyGkBwmJo3z+ZBz0mRLkiSnnML6rqndtve//b/s/e39//y/Pffvutb1rvtaz72etd6beZ/nuebwQ9fhtZrUrt6IiMS/BH57SRFCxAghBgkh8gkhAiFE+fjy8dnjeRSk/GsnYf9ej6Zd6xWwa4nrn7Nx/XM2rn/OxvXP2bj+ORvXP2fj+udsXH/GcrKtMwvfwC3ntn/9+X/Mby/8/P//Q/z5n7Nx/f/TnM7zzxzN9f9Pctl7/89lcP1zNq5/zsb1z9m4/jkb1z9n4/ozlpNd6+fP3K5tu9b//hhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOM5Qzn/BVaCPF7/1qvizHGGGOMMcYYY/8+Pve1XgFjjDHGGGOMMcb+54GQQgktApFL5BYxIo+IFdeJOHG9yCvyiYi4QcSLG0V+cZMoIAqKQqKwSBBFRFFhBAorSISimCguouJmUULcIhJFSVFKlBZOlBFJ4lZRVtwmyonbRXlxh6gg7hQVRSVRWVQRd4mq4m5RTdwjqot7RQ1RU9QStcV9oo64X9QVD4h64kFRXzwkGoiHRUPxiGgkHhWNxWOiiXhcNBVPiGaiuWghWopW/1f5r4ie4lXRS/QWKaKP6CteE/1EfzFADBSDxOtisHhDDBFviqFimBgu3hIjxNtipHhHjBKjxRjxrhgrxonxYoKYKCaJVPGemCzeF1PEB2KqmCamixkiTcwUs8SHYraYI+aKj8Q88bGYLxaIhWKRSBefiMViicgQn4ql4jORKZaJ5WKFWClWidVijVgr1on1YoPYKDaJzWKL2Co+F9vEdrFD7BS7xG6xR3wh9oovxT7xlcgSX/+T+Wf/S343ECBAggQNGnJBLoiBGIiFWIiDOMgLeSECEYiHeMgP+aEAFIBCUAgSIAGKQlFAQCAgKAbFIApRKAElIBESoRSUAgcOkiAJysJtUA7KQXkoDxWgAlSESlAJqkAVqApVoRpUg+pQHWpADagFteA+uA/uh7pQF+pBPagP9aEBNICG0BAaQSNoDI2hCTSBptAUmkEzaAEtoBW0gtbQGtpAG2gH7aA9tIcO0AGSIRk6QkfoBJ2gM3SGLtAFukJX6AbdoTu8Aq/Aq/Aq9IYasg/0hb7QD/rBABgIA+F1GAxvwBvwJgyFYTAc3oK34G0YCWdgFIyGMTAGqspxMB4mAMlJkAqpMBkmwxSYAlNhGkyDGZAGM2EWzILZMAfmwEcwDz6Gj2EBLIBFkA7psBiWQAZkwFI4C5mwDJbDClgJq2AlrIG1sAbWwwZYD5tgE2yBLfA5fA7bYTvshJ2wG3bDF/AFfAlfwlDIgizYD/vhAByAg3AQDsEhOAyH4QgcgaNwFI7BMTgOJ+AknIDTcBrOwFk4B+fgAlyAi3ARLsPl7P/8MpuWWuaSuWSMjJGxMlbGyTiZV+aVERmR8TJe5pf5ZQFZQBaShWSCTJBFZVGJEiXJUBaTxWRURmUJWUImykRZSpaSTjqZJJNkWVlWlpPlZHl5h6wg75QVZSXZ1lWRVWRV2c5Vk/fI6rK6rCFrylqytqwt68g6sq6sK+vJerK+rC8byIdlQ9kHBsCjMrsyTeQwaCqHQzPZXLaQLeXb8KRsLUdCG9lWtpNPy9EwCjrI1i5ZPic7yvHQSb4gJ8CLsoucBF3ly7Kb7C57yFdkT9nG9ZK95VToI/vKGdBP9pcD5EA5G2rK7IrVkm/KoXKYHC7fkovgbTlSviNHydFyjHxXjpXj5Hg5QU6Uk2SqfE9Olu/LKfIDOVVOk9PlDJkmZ8pZ8kM5W86Rc+VHcp78WM6XC+RCuUimy0/kYrlEZshP5VL5mcyUy+RyuUKulKvkarlGrpXr5Hq5QW6Um+RmuUVulZ/LbXK73CF3yl1yt9wjv5B75Zdyn/xKZsmv5X75J3lAfiMPym/lIfmdPCy/l0fkD/Ko/FEekz/J4/KEPClPydPyZ3lGnpXn5Hl5Qf4iL8pL8rL0UihQUimlVaByqdwqRuVRseo6FaeuV3lVPhVRN6h4daPKr25SBVRBVUgVVgmqiCqqjEJlFalQFVPFVVTdrEqoW1SiKqlKqdLKqTIqSd2qyqrbVDl1uyqv7lAV1J2qoqqkKqsq6i5VVd2tqql7VHV1r6qhaqpaqra6T9VR96u66gFVTz2o6quHVAP1sGqoHlGN1KOqsXpMNVGPq6bqCdVMNVctVEvVSj2pWqunVBvVVrVTT6v26hnVQT2rktVzqqN6XnVSL6jO6kXVRb2kuqqXVTfVXfVQl9Rl5VUv1VulqD6qr3pN9VP91QA1UA1Sr6vB6g01RL2phqpharh6S41Qb6uR6h01So1WY9S7aqwap8arCWqimqRS1XtqsnpfTVEfqKlqmpquZqg0NVMN+PNMc/+B/Pf/Tv6QX8++RW1Vn6ttarvaoXaqXWq32qP2qL1qr9qn9qkslaX2q/3qgDqgDqqD6pA6pA6rw+qIOqKOqqPqmDqmjqsT6rw6pU6rn9UZdVadVefVBXVBXfzzeyA0aKmV1jrQuXRuHaPz6Fh9nY7T1+u8Op+O6Bt0vL5R59c36QK6oC6kC+sEXUQX1Uajtpp0qIvp4jqqb9Yl9C06UZfUpXRp7XQZnaRv/Zfzr7a+VrqVbq1b6za6jW6n2+n2ur3uoDvoZJ2sO+qOupPupDvrzrqL7qK76q66m+6me+geuqfuqb0QIkWn6L76Nd1P99cD9EA9SL+uB+vBeogeoofqoXq4Hq5H6BF6pB6pR+lReoweo8fqsXq8Hq8n6ok6VafqyXqynqKn6Kl6qp6up+s0naZn6Vl6tp6t5+q5ep6ep+fr+XqhXqjTdbperBfrDJ2hl+qlOlMv08v0Cr1Cr9Kr9Bq9Rq/T6/QGvUFv0pt0pv79GzR36B16l96l9+g9eq/eq/fpfTpLZ+n9er8+oA/og/qgPqQP6cP6sD6ij+ij+qg+po/p4/q4PqlP6tP6tD6jz+hz+py+oC/oi/qivqwvZ1/2BTKQgQ50kCvIFcQEMUFsEBvEBXFB3iBvEAkiQXwQH+QPbgoKBAWDQkHhICEoEhQNTICBDSgIg2JB8SAa3ByUCG4JEoOSQamgdOCCMkFScGtQNrgtKBfcHpQP7ggqBHcGFYNKQeWgSnBXUDW4O6gW3BNUD+4NagQ1g1pB7eC+oE5wf1A3eCCoFzwY1A8eChoEDwcNg0eCRsGjQePgsaBJ8HjQNHgiaBY0D1oELYNW/9b5vT9T8CnXy/Q2KaaP6WteM/1MfzPADDSDzOtmsHnDDDFvmqFmmBlu3jIjzNtmpHnHjDKjzRjzrhlrxpnxZoKZaCaZVPOemWzeN1PMB2aqmWammxkmzcw0s8yHZraZY+aaj8w887GZbxaYhWaRSTefmMVmickwn5ql5jOTaZaZ5WaFWWlWmdVmjVlr1pn1ZoPZaDaZzWaL2Wo+N9vMdrPD7DS7zG6zx3xh9povzT7zlckyX5v95k/mgPnGHDTfmkPmO3PYfG+OmB/MUfOjOWZ+MsfNCXPSnDKnzc/mjDlrzpnz5oL5xVw0l8xl47Mv7rM/3lGjxlyYC2MwBmMxFuMwDvNiXoxgBOMxHvNjfiyABbAQFsIETMCiWBSzERIWw2IYxSiWwBKYiIlYCkuhQ4dJmIRlsSyWw3JYHstjBayAFbEiVsbs+5G78G68G+/Be/BevBdrYk2sjbWxDtbBulgX62E9rI/1sQE2wIbYEBthI2yMjbEJNsGm2BSbYTNsgS2wFbbC1tga22AbbIftsD22xw7YAZMxGTtiR+yEnbAzdsYu2AW7Ylfsht2wB/bAntgTe2EvTMEU7It9sR/2wwE4AAfhIByMg3EIDsGhOBSH43AcgSNwJI7EUTgax+C7OBbH4XicgBNxEqZiKk7GyTgFp+BUnIrTcTqmYRrOwlk4G2fjXJyL83Aezsf5uBAXYjqm42JcjBmYgUtxKWZiJi7H5bgSV+JqXI1rcS2ux/W4ETfiZtyMW3ErbsNtuAN34C7chXtwD+7FvbgP92EWZuF+3I8H8AAexIN4CA/hYTyMR/AIHsWjeAyP4XE8DifxJJ7G03gGz+A5PIcX8Be8iJfwMnqMsXlsrL3OxtnrbV6bz8bYPL2FEH+JC9nCNsEWsUWtsQVswb+J0VqbaEvaUra0dbaMTbK3/iGuaCvZyraKvctWtXfban+I69j7bV37gK1nH7S17X1/E9e3D9kG9nHb0D5hG9nmtrFtaZvYx21T+4RtZpvbFralbW+fsR3sszbZPmc72uf/EC+2S+xau86utxvsXvulPWfP2yP2B3vB/mJ72d52kH3dDrZv2CH2TTvUDvtDPMa+a8facXa8nWAn2kl/iKfbGTbNzrSz7Id2tp3zhzjdfmLn2Qw73y6wC+2iX+PsNWXYT+1S+5nNtMvscrvCrrSr7Gq75i9rXWE32c12i91jv7Db7Ha7w+60u+zuX+PsfeyzX9ks+7U9bL+3B+w39qA9ag/Z736Ns/d31P5oj9mf7HF7wp60p+xp+7M9Y8/+uv/svZ+yl+xl660gIEmKNAWUi3JTDOWhWLqO4uh6ykv5KEI3UDzdSPnpJipABakQFaYEKkJFyRCSJaKQilFxitLNVIJuoUQqSaWoNDkqQ0l0K5Wl26gc3U7l6Q6qQHdSRapElakK3UVV6W6qRvdQdbqXalBNqkW16T6qQ/dTXXqA6tGDVJ8eogb0MDWkR6gRPUqN6TFqQo9TU3qCmlFzakEtqRU9Sa3pKWpDbakdPU3t6RnqQM9SMj1HHel56kQvUGd6kbrQS9SVXqZu1J160CvUk16lXtSbUqgP9aXXqB/1pwE0kAbR6zSY3qAh9CYNpWE0nN6iEfQ2jaR3aBSNpjH0Lo2lcTSeJtBEmkSp9B5NpvdpCn1AU2kaTacZlEYzaRZ9SLNpDs2lj2gefUzzaQEtpEWUTp/QYlpCGfQpLaXPKJOW0XJaQStpFa2mNbSW1tF62kAbaRNtpi20lT6nbbSddtBO2kW7aQ99QXvpS9pHX1EWfU376U90gL6hg/QtHaLv6DB9T0foBzpKP9Ix+omO0wk6SafoNP1MZ+gsnaPzdIF+oYt0iS6TJxFCKEMV6jAIc4W5w5gwTxgbXhfGhdeHecN8YSS8IYwPbwzzhzeFBcKCYaGwcJgQFgmLhibE0IYUhmGxsHgYDW8OS4S3hIlhybBUWDp0YZkwKbw1LBveFpYLbw/Lh3eEFcI7w4phpbByWCW8K6wa3h1WC+8Jq4f3hjXCmmGtsHZ4X1gnvD+sGz4Q1gsfDMuFD4UNwofDhuEjYaPw0bBx+FjYJHw8bBo+ETYLm4ctwpZhq/DJsHX4VNgmbBu2C58O24fPhB3CZ8Pk8LmwY/j8VcdTwj5h3/C18LXQ+wfUwuiiaHr0k+ji6JJoRvTT6NLoZ9HM6LLo8uiK6Mroqujq6Jro2ui66ProhujG6Kbo5uiWqPe1cwsHTjrltAtcLpfbxbg8LtZd5+Lc9S6vy+ci7gYX7250+d1NroAr6Aq5wi7BFXFFnXHorCMXumKuuIu6m10Jd4tLdCVdKVfaOVfGJbmWrpVr5Vq7p1wb19a1c0+7p90z7hn3rHvWPec6uuddJ/eC6+xedF3cS+4l97Lr5rq7Hu4V19O96nq53i7Fpbi+rq/r5/q5AW6AG+QGucFusBvihrihbqgb7oa7EW6EG+lGulFulBvjxrixbqwb78a7iW6iS3WpbrKb7Ka4KW6qm+qmu+kuzaW5WW6Wm+1mu7lurpvn5rn5br5b6Ba6dJfuFrvFLsNluKVuqct0mW65W+5WupVutVvt1rq1br1b7za6jW6z2+y2uq1um9vmdrgdbpfb5fa4PW6v2+v2uX0uy2W5/W6/O+AOuIPuW3fIfecOu+/dEfeDO+p+dMfcT+64O+FOulPutPvZnXFn3Tl33l1wv7iL7pK77LxLjbwXmRx5PzIl8kFkamRaZHpkRiQtMjMyK/JhZHZkTmRu5KPIvMjHkfmRBZGFkUWR9MgnkcWRJZGMyKeRpZHPIpmRZZHlkRWRlZFVEe+LbAt9MV/cR/3NvoS/xSf6kr6UL+2dL+OT/K2+rL/Nl/O3+/L+Dl/B3+kr+kq+sn/CN/PNfQvf0rfyT/rW/infxrf17fzTvr1/xnfwz/pk/5zv6J/3nfwLvrN/0XfxL/mu/mXfzXf3Pfwrvqd/1ffyvX2K7+P7+td8P9/fD/AD/SD/uh/s3/BD/Jt+qB/mh/u3/Aj/th/p3/Gj/Gg/xr/rx/pxfryf4Cf6ST7Vv+cn+/f9FP+Bn+qn+el+hk/zM/0s/6Gf7ef4uf4jP89/7Of7BX6hX+TT/Sd+sV/iM/ynfqn/zGf6ZX65X+FX+lV+tV/j1/p1fr3f4Df6TX6z3+K3+s/9Nr/d7/A7/S6/2+/xX/i9/ku/z3/ls/zXfr//kz/gv/EH/bf+kP/OH/bf+yP+B3/U/+iP+Z/8cX/Cn/Sn/Gn/sz/jz/pz/ry/4H/xF/0lf5l/Zo0xxhhj7B+irjLe57/JkX/u9xVCXL+98KH/Or6xwG/9/rkT2keEEM/17vro761GjZSUlD8fm6lEUHyBECJyJT+XuBIvE+3EMyJZtBVl/zIe81fn6i+7X6CrzB+9Q4jYv8rJzv89vjL/bX93//3luHlXnX+BEInFr+TkEVfiK/OX+2/mL9j6KvPn+SZViDZ/lRMnrsRX5k8ST4nnRfLfHMkYY4wxxhhjjP2mv6zc+Wr3t9n35wn6Sk5ucSX+e/fnjDHGGGOMMcYY+9/lxe49nn0yObltZ+78T3V8vt/e6v8t6+EOd/6BzrX+ysQYY4wxxhj7d7ty0X+tV8IYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjOVc/y9+ndjv57ra3xpkjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHG/lP9nwAAAP//sjE7Eg==")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0)

28.793389293s ago: executing program 6 (id=1478):
sched_setscheduler(0x0, 0x1, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000040)='./file0\x00', 0x2808080, &(0x7f00000002c0)={[{@shortname_win95}, {@fat=@quiet}, {@rodir}, {@shortname_winnt}, {@uni_xlateno}, {@fat=@sys_immutable}, {@utf8}, {@iocharset={'iocharset', 0x3d, 'macromanian'}}, {@utf8}, {@shortname_win95}, {@utf8no}, {@fat=@codepage={'codepage', 0x3d, '852'}}, {@shortname_lower}]}, 0x7f, 0x2bd, &(0x7f0000000580)="$eJzs3U9rI2UYAPBnmkmaqpAcPInggB48le1+gi1SYTEnZQ56UXGzIE1YaDCwKsY9eRc8+Qm8+B08evDiN/DgUfDmIuIsyUz+dtrdLiFbyu936TPzvs/7b962EJg3n7w+PL33YHT/0dd/RLudxN6duBOPk+jGXsx9GwDATfK4KOLvohTRurRuOisvOtXV3m5GCABs2/r//6f699mqAQDX2QcffvTeca938n6WtSOG343zJCKGyTgvy4/vx+cxiH7cik78F1EslPErd3snkWbZ/MOA8UHkEcOPf6uuj/+KmOUfRSe65/Pfvds7OcpK8dZwMs6nPU9/NuOlJOK4SMqGbkcnXo0omlE1ssy/XZMfeSvefvPHavz/9+MwOvH7Z/EgBnFv1sQy/5ujLHun+OGfr8oZ5BHJZJzvz+otFY2dPRQAAAAAAAAAAAAAAAAAAAAAAG68w2yhu3p+zvyYv8PD+vLZ+UCNmvOBqhN+Jivn69zKsmx+jM84b0aZn8ZraaQvdPIAAAAAAAAAAAAAAAAAAABwTYwefnn66WDQP1sLfim++CmitmgZVG/0R3UnXSlKY2+16PJ2aoLTn5/a+3MG0ahGPUjOdTGf0DM3mF5cef8qAzuoa6dawpo1TAdRDv77qy/CG1ea4DQonmOd57trukkuqdyI0cN2/SZZ2ZkHVWNno9kDOrho064HRc3SNS7Mam1pj7Ve3u6mnc64uVjM9Trt6ZNcudPc8m/KhmQR/dra9l8hAAAAAAAAAAAAAAAAAAAg1t7/jz/PFT56IUMCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgJ1bfv//Ioju5p3NYFIl9+vSN4L9s1FNt90dTxMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAb7kkAAAD//5gAW2c=")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000600)='blkio.bfq.avg_queue_size\x00', 0x275a, 0x0)

27.880867887s ago: executing program 6 (id=1481):
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x8844)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff})
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x0)
connect$unix(r0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f00000002c0)=@framed, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f0000000e40)=@raw={'raw\x00', 0x3c1, 0x3, 0x4c0, 0x0, 0x18c, 0x203, 0x8000000, 0x19030000, 0x3f0, 0x2e0, 0x2e0, 0x3f0, 0x2e0, 0x3, 0x0, {[{{@uncond, 0x300, 0x2d8, 0x300, 0x0, {}, [@common=@unspec=@bpf0={{0x230}, {0x13, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0xe}, {}, {0x0, 0x0, 0x3}, {0x2}, {}, {0x0, 0x0, 0x0, 0x1}, {}, {}, {0x16}, {}, {}, {0x7}, {}, {0x0, 0x0, 0x0, 0x101}, {}, {}, {}, {}, {}, {}, {0xfffe}, {}, {}, {}, {0x0, 0xfd}, {}, {0x7a04}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x800}, {}, {0xb84, 0x0, 0x0, 0xf00}, {0x0, 0x1, 0x0, 0x3}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x4}]}}]}, @common=@unspec=@NFQUEUE3={0x28, 'NFQUEUE\x00', 0x3, {0x0, 0x4}}}, {{@uncond, 0x0, 0xa8, 0xf0}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0xb, 'syz1\x00', {0x6c8}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x520)

24.203196631s ago: executing program 6 (id=1485):
socket$netlink(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000001c0)=0x5)
r0 = getpid()
socketpair$unix(0x1, 0x1, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1600000000000000040000000500000000000000", @ANYBLOB, @ANYBLOB], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r3}, 0x10)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f00000001c0), 0x1, 0x4fa, &(0x7f00000005c0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=")
r4 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_GROUP_JOIN(r4, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x0, 0x3, 0x3}, 0x10)
sendmsg$tipc(r4, &(0x7f0000000280)={&(0x7f0000000040), 0x10, 0x0}, 0x0)

22.888206142s ago: executing program 6 (id=1489):
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x0, &(0x7f00000001c0)={[{@usrquota}, {@grpjquota}, {@nodelalloc}]}, 0x1, 0x4bc, &(0x7f0000000a40)="$eJzs3ctvW1UaAPDPdpMmaWb6mNGo7UjTSh2p81DjPDRqMjObWc3MotJoKrEBqYTEDSVOHMVOaaIuUth1wQKBQEIs2PMXsKErKiTEGvaIBSqCEiRAQjK613abOHGwII1p7u8n3ebch/2dU+s7Ovf4Xt8AMuts8k8uYjgiPoyIo43VrQecbfzZuH9zJllyUa9f/iKXHpestw5tve5IRKxHxEBE/P/fEc/ktsetrq7NT5fLpeXmerG2sFSsrq5duLYwPVeaKy2OTV6cmpocnRif2rO23n7puduX3vlv/9vfvHjv7svvvZtUa7i5b3M79lKj6X1xfNO2QxHxz0cRrAcKzfYM9roi/CTJ5/ebiDiX5v/RKKSfJpAF9Xq9/n39cKfd63XgwMqnY+BcfiQiGuV8fmSkMYb/bQzly5Vq7a9XKyuLs42x8rHoy1+9Vi6NNs8VjkVfLlkfS8sP18fb1ici0jHwK4XBdH1kplKe3d+uDmhzpC3/vy408h/ICKf8kF3yH7JL/kN2yX/ILvkP2SX/IbvkP2SX/Ifskv+QXfIfskv+Qyb979KlZKm37n+fvb66Ml+5fmG2VJ0fWViZGZmpLC+NzFUqc+k9Ows/9n7lSmVp7G+xcqNYK1Vrxerq2pWFyspi7Up6X/+VUt++tAroxvEzdz7ORcT63wfTJdHf3CdX4WCr13PR63uQgd4o9LoDAnrG1B9kl3N8oP0netvHBQOdXrj0cL4QeLzke10BoGfOn/L9H2SV+X/ILvP/kF3G+MAOj+jbYrf5f+DxZP4fsmu4w/O/frXp2V2jEfHriPio0He49awv4CDIf5Zrjv/PH/3jcPve/ty36VcE/RHx/BuXX7sxXastjyXbv3ywvfZ6c/v4phd2PGEAeqWVp608BgCya+P+zZnWsp9xP/9X4yKE7fEPNecmB9LvKIc2cluuVcjt0bUL67ci4uRO8XPN5503TmSGNgrb4p9o/s013iKt76H0uen7E//Upvh/2BT/9M/+X4FsuJP0P6M75V8+zel4kH9b+5/hPbp2onP/l3/Q/xU69H9nuozx7JsvfNox/q2I0zvGb8UbSGO1x0/qdr7L+PeeeuJ3nfbV32q8z07xW5JSsbawVKyurl1If0durrQ4NnlxampydGJ8qpjOURdbM9Xb/ePkB3d3a/9Qh/i7tT/Z9ucu2//d799/8uwu8f90bufP/8Qu8Qcj4i9dxv9q/JOnO+1L4s92aH9+l/jJtoku41df/c/hLg8FAPZBdXVtfrpcLi0rKCj0pHDrl1GNtkKveybgUauuJqfmSdL3uiYAAAAAAAAAAABAt/bjcuJetxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4CD4IQAA//9HcdTQ")
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x8, &(0x7f0000000180)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
r0 = openat(0xffffffffffffff9c, &(0x7f0000000e00)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r0, 0x8004587d, &(0x7f0000000080)={@desc={0x1, 0x0, @desc3}})
chdir(&(0x7f0000000140)='./file0\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000480)='./file1\x00', 0x1c0)

22.056722997s ago: executing program 6 (id=1493):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
syz_open_dev$evdev(&(0x7f0000000240), 0x20000, 0x0)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x200000e0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = socket$inet6(0xa, 0x2, 0x0)
sendmmsg$inet6(r3, &(0x7f0000000dc0)=[{{&(0x7f0000000000)={0xa, 0x4e24, 0x0, @empty, 0x5}, 0x1c, 0x0, 0x0, &(0x7f0000000180)}}], 0x1, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r4 = memfd_create(&(0x7f0000000880)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xafE*:\xe4\xdd\xa5\xa75\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc90\xb9voI\xa5/\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\x81\x00V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x9b\x88\a\xf2\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93\x9c5\xcf\t\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1q\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)u\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\xe6\xd3(\xa0G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\x94\x13^\x13\xaf\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n<V\xaa\xbfZ1\xa82\x85\x99\x0e$U\xb4X\xc7\xfa\f\b\x8f\xc4\xbeIt\xe4\xc51\xba\xb9H\xe8\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\x90ON\xaaFY\xb4\xb3\xf4\xf8JT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe5\xd3A\xcc\xd5|\x9f\x8e5\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k8\xc5', 0x1)
pwritev(r4, 0x0, 0x0, 0x9e8f, 0x0)

21.24382811s ago: executing program 6 (id=1498):
r0 = socket(0x10, 0x803, 0x0)
setsockopt$sock_int(r0, 0x1, 0x22, 0x0, 0x0)
sendto(r0, &(0x7f00000000c0)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x7, 0x4, 0x208, 0x1}, 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r4, @ANYBLOB="0000000000000000b703000021000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x18)
mount(0x0, 0x0, 0x0, 0x2000000, &(0x7f0000000480)='\x00')
setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000080)=0x7, 0x4)
socket$igmp(0x2, 0x3, 0x2)
r6 = socket$inet(0x2, 0x3, 0x6)
dup3(0xffffffffffffffff, r6, 0x0)
recvmmsg(r0, &(0x7f00000037c0), 0x41, 0x2, 0x0)

18.490651627s ago: executing program 53 (id=1498):
r0 = socket(0x10, 0x803, 0x0)
setsockopt$sock_int(r0, 0x1, 0x22, 0x0, 0x0)
sendto(r0, &(0x7f00000000c0)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x7, 0x4, 0x208, 0x1}, 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r4, @ANYBLOB="0000000000000000b703000021000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x18)
mount(0x0, 0x0, 0x0, 0x2000000, &(0x7f0000000480)='\x00')
setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000080)=0x7, 0x4)
socket$igmp(0x2, 0x3, 0x2)
r6 = socket$inet(0x2, 0x3, 0x6)
dup3(0xffffffffffffffff, r6, 0x0)
recvmmsg(r0, &(0x7f00000037c0), 0x41, 0x2, 0x0)

17.95238877s ago: executing program 4 (id=1505):
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = bpf$MAP_CREATE(0x0, 0x0, 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xd, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000a000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000400850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r3, 0x5, 0x3100, 0x3100, &(0x7f0000000000), 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
sendmsg$NFT_BATCH(r1, 0x0, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000002100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000090a010400000000000000000a0000040900010073797a310000000008000540000000040900020073797a310000000008000a40fffffffc200011800e000100636f6e6e6c696d69740000000c00028008000140fffff274140000"], 0x84}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
sendmsg$NFQNL_MSG_CONFIG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000001c0)={0x28, 0x2, 0x3, 0x101, 0x0, 0x0, {0x1, 0x0, 0xa}, [@NFQA_CFG_PARAMS={0x9, 0x2, {0x8, 0x1}}, @NFQA_CFG_CMD={0x8, 0x1, {0x1, 0x0, 0xf}}]}, 0x28}, 0x1, 0x0, 0x0, 0x4001}, 0x20000)
sendmsg$NFT_MSG_GETSETELEM(r1, 0x0, 0x8000)
socket$isdn_base(0x22, 0x3, 0x0)
socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000040)=0x8, 0x4)
r4 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r4, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(aes)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r5 = accept4(r4, 0x0, 0x0, 0x800)
sendmmsg$alg(r5, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be521634", 0xc}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b", 0x44}, {&(0x7f0000000600)}], 0x3}], 0x1, 0x0)
recvmsg(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x51}, {&(0x7f00000002c0)=""/92, 0x5c}], 0x2}, 0x0)
bind$inet(r0, &(0x7f0000000280)={0x2, 0x5e21, @local}, 0x10)
close(0x3)

17.268367386s ago: executing program 4 (id=1508):
bpf$MAP_CREATE(0x0, 0x0, 0x50)
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x1e7d, 0x2cf6, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x2, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x7}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f0000000240)={0x2c, &(0x7f0000000000)={0x0, 0xb, 0x7, {0x7, 0xd, "db2dc7b9ae"}}, 0x0, 0x0, 0x0, 0x0}, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001380)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000c00)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000280)='kfree\x00', r2}, 0x10)
syz_usb_control_io$hid(r0, 0x0, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000740), 0x20001, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
unshare(0x22040800)
sched_setscheduler(0x0, 0x2, 0x0)
getpid()

13.836918815s ago: executing program 4 (id=1515):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000080850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sys_enter\x00', r0}, 0x10)
syz_clone3(&(0x7f0000000340)={0x42107480, 0x0, 0x0, 0x0, {0x19}, 0x0, 0x0, 0x0, 0x0}, 0x58)

13.159681558s ago: executing program 4 (id=1516):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x16, 0x0, 0x4, 0x1}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0xffffffffffffffd3}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x18)
r2 = socket$inet6(0xa, 0x3, 0x8000000003c)
connect$inet6(r2, &(0x7f0000000080)={0xa, 0x2, 0x0, @dev={0xfe, 0x80, '\x00', 0x3c}, 0x4}, 0x1c)
write$binfmt_script(r2, 0x0, 0x0)
sendmsg(r2, &(0x7f00000000c0)={0x0, 0x9504, &(0x7f0000000100)=[{&(0x7f0000000000)="2b10", 0xffbd}], 0x1, 0x0, 0x0, 0x2c}, 0x4)

12.29875275s ago: executing program 4 (id=1517):
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = bpf$MAP_CREATE(0x0, 0x0, 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xd, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000a000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000400850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r3, 0x5, 0x3100, 0x3100, &(0x7f0000000000), 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
sendmsg$NFT_BATCH(r1, 0x0, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000002100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000090a010400000000000000000a0000040900010073797a310000000008000540000000040900020073797a310000000008000a40fffffffc200011800e000100636f6e6e6c696d69740000000c00028008000140fffff274140000"], 0x84}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
sendmsg$NFQNL_MSG_CONFIG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000001c0)={0x28, 0x2, 0x3, 0x101, 0x0, 0x0, {0x1, 0x0, 0xa}, [@NFQA_CFG_PARAMS={0x9, 0x2, {0x8, 0x1}}, @NFQA_CFG_CMD={0x8, 0x1, {0x1, 0x0, 0xf}}]}, 0x28}, 0x1, 0x0, 0x0, 0x4001}, 0x20000)
sendmsg$NFT_MSG_GETSETELEM(r1, 0x0, 0x8000)
socket$isdn_base(0x22, 0x3, 0x0)
socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000040)=0x8, 0x4)
r4 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r4, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(aes)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r5 = accept4(r4, 0x0, 0x0, 0x800)
sendmmsg$alg(r5, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be521634", 0xc}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b", 0x44}, {&(0x7f0000000600)}], 0x3}], 0x1, 0x0)
recvmsg(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x51}, {&(0x7f00000002c0)=""/92, 0x5c}], 0x2}, 0x0)
bind$inet(r0, &(0x7f0000000280)={0x2, 0x5e21, @local}, 0x10)
close(0x3)

11.510891582s ago: executing program 4 (id=1518):
socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000fd0f00000700"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r4}, 0x10)
timer_create(0x3, 0x0, 0x0)
unshare(0x2a020400)

8.921451715s ago: executing program 8 (id=1526):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000fbff000000000000001d8500000007000000850000002300000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f00000001c0)='kmem_cache_free\x00', r0}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
timerfd_settime(0xffffffffffffffff, 0x3, 0x0, 0x0)

8.174406941s ago: executing program 3 (id=1527):
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = bpf$MAP_CREATE(0x0, 0x0, 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xd, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000a000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000400850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r3, 0x5, 0x3100, 0x3100, &(0x7f0000000000), 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
sendmsg$NFT_BATCH(r1, 0x0, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000002100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000090a010400000000000000000a0000040900010073797a310000000008000540000000040900020073797a310000000008000a40fffffffc200011800e000100636f6e6e6c696d69740000000c00028008000140fffff274140000"], 0x84}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
sendmsg$NFQNL_MSG_CONFIG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000001c0)={0x28, 0x2, 0x3, 0x101, 0x0, 0x0, {0x1, 0x0, 0xa}, [@NFQA_CFG_PARAMS={0x9, 0x2, {0x8, 0x1}}, @NFQA_CFG_CMD={0x8, 0x1, {0x1, 0x0, 0xf}}]}, 0x28}, 0x1, 0x0, 0x0, 0x4001}, 0x20000)
sendmsg$NFT_MSG_GETSETELEM(r1, 0x0, 0x8000)
socket$isdn_base(0x22, 0x3, 0x0)
socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000040)=0x8, 0x4)
r4 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r4, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(aes)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r5 = accept4(r4, 0x0, 0x0, 0x800)
sendmmsg$alg(r5, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be5216344841", 0xe}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b", 0x44}, {&(0x7f0000000600)}], 0x3}], 0x1, 0x0)
recvmsg(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x51}, {&(0x7f00000002c0)=""/92, 0x5c}], 0x2}, 0x0)
bind$inet(r0, &(0x7f0000000280)={0x2, 0x5e21, @local}, 0x10)
close(0x3)

8.072200131s ago: executing program 8 (id=1528):
syz_mount_image$ext4(&(0x7f00000006c0)='ext4\x00', &(0x7f0000000640)='./file1\x00', 0x3000010, &(0x7f0000000680), 0x3e, 0x51b, &(0x7f0000000700)="$eJzs3c9vI1cdAPDvTOLd7G6KU0CoVKJUtGi3grU3DW0jhKBc4FQJKPclJE4UxY6j2CmbqKKp+A8QEkicOHFB4g9AQj3wB6BKleCCOCBAIARbOCABHTTjsZp17CTQrJ3Gn4/04vfm1/e9sfw8M36ZCWBqPRkRL0bETEQ8ExHVcnpaprt54bC33Nv3X13NUxJZ9vJfk0jKaf1t5eXZiLjRWyXmIuJrX474ZnI8bmf/YGul2WzsluV6t7VT7+wf3N5srWw0NhrbS0uLzy+/sPzc8p2s9J7audDP/PhLn//5p7/1u7t/vvXtvFqf+0hUYqAd56nX9EqxL/ryfbT7MIJNwEzZnsqkKwIAwJnkx/gfjIhPFMf/1ZgpjuYGzEyiZgAAAMB5yb4wH/9OIjIAAADg0kojYj6StFaOBZiPNL1SXhv4cFxPm+1O91Pr7b3ttXxexEJU0vXNZuNOOVZ4ISpJXl4sx9j2y88OlJci4tGI+F71WlGurbabaxO+9gEAAADT4sbA+f8/qmmRP92Q/xMAAAAALq6FkQUAAADgsnDKDwAAAJff4Pm/+/0DAADApfKVl17KU9Z//vXaK/t7W+1Xbq81Olu11t5qbbW9u1PbaLc3inv2tU7bXrPd3vlMbO/dq3cbnW69s39wt9Xe2+7e3XzgEdgAAADAGD368Td+nUTE4WevFSnK+wACPOAPk64AcJ4M9YPp5S7eML0qk64AMHHJKfMN3gEAgPe/mx89/vt///n/rg3A5WasDwBMH7//w/SqGAEIU2u2vAbwgV7x6qjlRv7+/8uzRsqyiDerR6e4vggAAOM1X6QkrZXnAfORprVaxCMR6UJUkvXNZuNOeX7wq2rlal5eLNZMTh0zDAAAAAAAAAAAAAAAAAAAAAAAAAD0ZFkSGQAAAHCpRaR/Soq7+UfcrD49P3h94Eryz2r8sSz88OXv31vpdncX8+l/K57ldSUiuj8opz878vFhAAAAwHlLDkfO6p2nl6+LY60VAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFPg7fuvrvbTOOP+5YsRsTAs/mzMFa9zUYmI639PYvbIeklEzJxD/MPXI+KxYfGTeCfLXouyFsPiX3vI8ReKXTM8fhoRN84hPkyzN/L+58Vhn780nixeh3/+Zsv0Xo3u/9Iy8mNFPzes/3nk2NZaQ2M8/tZP671c5Xj81yMenx3e//T732RE/KeObe1fWZYdj/+Nrx8cjGp/9qOIm0O/f5IHYtW7rZ16Z//g9mZrZaOx0dheWlp8fvmF5eeW79TXN5uN8u/QGN/92M/eGRU/b//1IfF/+5te/3tS+58etdEB/3nr3v0P9bLH3oA8/q2nhn7/zsWI+Gn53ffJMp/Pv9nPH/byRz3xkzefOKn9ayP2/2nv/60ztv+Zr37n92dcFAAYg87+wdZKs9nYPSEzd4Zl3o+ZX8xdiGr8j5nstd47d1Hq8/9m8qPVd6f0W3UBKnYkk40l1tXieP6sa10ZU9sn2i0BAAAPwbsH/ZOuCQAAAAAAAAAAAAAAAAAAAEyvcdxKbTDm4WSaCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwov8GAAD//3QT3Gw=")
quotactl$Q_QUOTAON(0xffffffff80000201, &(0x7f0000000180)=@loop={'/dev/loop', 0x0}, 0x0, 0x0)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x9)
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000180)='hugetlb.1GB.usage_in_bytes\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xa, 0x28011, r0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
creat(&(0x7f0000000100)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x10)

7.348201406s ago: executing program 8 (id=1529):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000001c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000340)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@xino_on}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
r4 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents(r4, &(0x7f0000001fc0)=""/184, 0x20002078)

7.273093426s ago: executing program 3 (id=1530):
syz_mount_image$ext4(&(0x7f0000000740)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1810714, &(0x7f0000000180)={[{@test_dummy_encryption}, {@init_itable_val}, {@minixdf}, {@jqfmt_vfsv1}, {@prjquota}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@barrier_val={'barrier', 0x3d, 0xb}}, {@errors_remount}, {@auto_da_alloc}, {@test_dummy_encryption}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0xdf, 0x475, &(0x7f0000000780)="$eJzs289vFFUcAPDvTLeAgGxFREGQKpo0/mhpQeVgYjSaeNDERA94rG0hyEINrYmQRqsxeDQk3o1HE/8CT56MejLxikcTQ0KUmIheXDO7M6VddssubNna/XySoe/NvHk/dubNvn2PCaBvDWf/JBHbI+JSRJTr0ZUJhut/rl1dmPr76sJUEtXqG78ntXR/XV2YquaK87bleY6kEeknSV5IDC7Pdu7c+VOTlcrM2Tw+Nn/63bG5c+efOnl68sTMiZkzE0ePHjk8/uwzE083qfWvFztq5ED+d+8Hs/v2vPLWxdemjl18+4evs/ru3l8/lLWjozzbMJw1/I/6Z9N47LFuF9Zj/1avtzMp9bo2tCvrGqW8c16KcgzE9YtXjpc/7mnlgDWVPbM3tz68WAU2sCR6XQOgN4ov+uz3b7HdoaHHunDlhfoPoKzd1/KtfqQUaZ5mcA3LH46IY4v/fJFt0TAPUW0ybwAAcLu+zcY/TzYb/6Wxe1m6Hfna0FBE3BMROyPi3ojYFRH3RdTS3h8RD3RY/nBD/MbxZ3r5lhrWpmz891y+trVy/FeM/mJoII/dXWv/YHL8ZGXmUP6ZjMTg5iw+3izzIouXfv6sVfnLx3/ZlpVfjAXzTC6X6hN0W4o905Pzk90alF75KGJvqVn7k6WVgCQi9kTE3s6y3lEETj7+1b5WiW7e/lV0YZ2p+mWRycJiNLS/kKy+Pjm2JSozh8aKu+JGP/504fVW5d9W+7sgu/5bV97/DSnKfybL12vnlg48324ZF375tOVvylL79/+S7P7flLxZW7PelO97f3J+/ux4xKbk1Vp8xf6J6+cW8SJ91v6Rg837/878nKz9D0ZEdhPvj4iHIuJAfu0ejohHIuLgKu3//sVH32l1bD1c/+mmz7+l+39o5fXvPDBw6rtvWpXf3vPvSC00ku+pPf9uonV1isdotufY3K1+bgAAAPB/kkbE9kjS0aVwmo6O1v8P/67YmlZm5+afOD773pnp+jsCQzGYFjNd5WXzoePJYp5jPT6RzxUXxw/n88afD9xVi49OzVame9x26HfbWvT/zG8Dva4dsOa8rwX9q7H/pz2qB3Dn+f6H/qX/Q/+6of97IEDfaNbdP2yIWwuAjaha7vgUE4SwYRjuQ//S/6F/6f/Ql27nvf61CpRWeXtfoMeBrRFRC0S6LuqzbgIH1lFvKnWhd/f4wQQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANAl/wUAAP//xgL2dQ==")
bpf$MAP_DELETE_ELEM(0x3, 0x0, 0x0)
sched_setscheduler(0x0, 0x7, 0x0)
write$P9_RVERSION(0xffffffffffffffff, 0x0, 0x15)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
open_tree(0xffffffffffffff9c, 0x0, 0x0)
r0 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, 0x0, 0x0)
write(r0, 0x0, 0x0)
symlinkat(0x0, 0xffffffffffffffff, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='mounts\x00')
read$FUSE(r1, &(0x7f0000007100)={0x2020}, 0x941f)

6.131811458s ago: executing program 3 (id=1532):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x408e, &(0x7f00000004c0)={[{@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x2e}}, {@init_itable}, {@usrquota}, {@nouid32}, {@bsdgroups}, {@oldalloc}]}, 0x3, 0x460, &(0x7f0000000780)="$eJzs3M9rHFUcAPDvTH70t4m1/ugPNbWKwR9Jk1btwYui4EFB0EM9xiQttWkjTQRbilaRepSCF0/iUfAv8CB6EfUkePGgdykU6aWtIIzM7kyz2e5uk3STjdnPB6Z9b+fNvvfdN2/3zbxOA+haQ/kfScT2iPgjIgaq2cUFhqp/Xb96fvLG1fOTSWTZG38nlXLXrp6fLIuWx20rMsNpRPpJEnsb1Dt39tzJiZmZ6TNFfnT+1Lujc2fPPX3i1MTx6ePTp8ePHDl8aOy5Z8efqTtyf/9K4szbdG3PB7P7dr/y1qXXJo9eevvnb5Iy/ro42mSo1c7HsqzN1XXWjpp00tvBhrAsPRGRd1dfZfwPRE8sdN5AvPxxRxsHrKosy7JtzXdfyIANLImlljxZfF8AG0P5Q59f/5bbGk091oUrL1QvgPK4rxdbdU9vpEWZvrrr23YaioijF/75Mt9iefchdn63Sm0CADa27/P5z1ON5n9p3FdT7q5ibWgwIu7OJx8RcU9E7IqIeyMqZe+PiAeWWX/9Ismt85/0ckR88fuKoru9fP73fLG2tXj+V87+YrCnyO2oxN+XHDsxM32w+EyGo29Tnh9rUccPL/32WbN9tfO/fMvrL+eCRTsu925afMzUxPzEncRc68pHEXt6G8Wf3FwJSCJid0TsafYmm1vXceKJr/c129cs/r6lNL4N60zZVxGPV/v/QtTFX0par0+Obo6Z6YOj5Vlxq19+vfh6s/pv3/+rK+//rQ3P/5vxDya167Vzy6/j4p+fNr2mWen535+8WUmXi8HvT8zPnxmL6E9erTa69vXxhWPLfFk+j3/4QOPxvzMWPom9EZGfxA9GxEMR8XDR9v0R8UhEHGgR/08vPvrO0uNP17z/p5bV/wuJ/qh/pXGi5+SP3y6qdLBV/I36/3AlNVy8spTvvxbNuZFl2R2czQAAAPD/k0bE9kjSkZvpNB0Zqf57+V2xNZ2ZnZt/8tjse6enqs8IDEZfWt7pGqi5HzpWXNaX+fG6/KHivvHnPVsq+ZHJ2ZmpTgcPXW5bk/Gf+6un060DVp3ntaB7Gf/QvYx/6F7GP3SvBuN/SyfaAay9Rr//H3agHcDaqxv/lv2gi7j+h+5l/EP36r39M/zAxjO3JVo/vL/ixL/FfyDQ/neWWA+JSNdFMyRWKdHpbyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID2+C8AAP//E8nlDg==")
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
pwrite64(r1, &(0x7f00000000c0)='a', 0x200000c1, 0x9000)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(0xffffffffffffffff, 0x10e, 0x4, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r3, &(0x7f0000000500)={0xa, 0x2, 0x0, @loopback}, 0x1c)
sendto$inet6(r3, 0x0, 0x0, 0x20000845, &(0x7f0000b63fe4)={0xa, 0x2}, 0x1c)
close_range(r2, 0xffffffffffffffff, 0x10000000000000)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x143042, 0x0)
ioctl$EXT4_IOC_MOVE_EXT(r4, 0x40305829, &(0x7f0000000000)={0x17c04, 0xffffffffffffffff, 0x1, 0xc73f, 0x81, 0x1})
sendmsg$nl_route(r4, 0x0, 0x4000000)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2, 0x5031, 0xffffffffffffffff, 0xc2dcc000)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
r5 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r5, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x2000}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000002ec0)=ANY=[@ANYBLOB], 0x0, 0x2}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001300)={&(0x7f0000000c00)='net_dev_start_xmit\x00', r7}, 0x10)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r6, 0x18000000000002a0, 0xb0, 0x0, &(0x7f0000000100)="b9ff03316844268cb89e14f0080047e0ffff00124000632f77fbac14fe16e000030a07080403fe80000020006558845013f2325f1a3901050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d13", 0x0, 0x24, 0x60000000}, 0x50)

5.564368109s ago: executing program 0 (id=1534):
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xa, 0x5, &(0x7f0000000040)=@framed={{0x66, 0xa, 0x0, 0x0, 0x0, 0x61, 0x11, 0x79}, [@initr0]}, &(0x7f0000000000)='GPL\x00'}, 0x80)

5.227980721s ago: executing program 0 (id=1535):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x3000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmmsg$unix(r1, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x6)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_buf(r2, 0x0, 0x8008000000010, &(0x7f00000003c0), 0x0)

4.169791852s ago: executing program 8 (id=1536):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
sched_setaffinity(0x0, 0x0, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
r4 = syz_open_procfs(0x0, &(0x7f0000000040)='net/netlink\x00')
pread64(r4, &(0x7f000001a240)=""/102400, 0x19000, 0x100008)
ioctl$UI_BEGIN_FF_UPLOAD(r4, 0xc06855c8, &(0x7f00000000c0)={0x3, 0xff, {0x52, 0x0, 0x7, {0x4, 0x2}, {0x8, 0x4}, @const={0x7ff, {0x1, 0x5, 0x6a, 0x3}}}, {0x53, 0xffff, 0x7f, {0x7, 0x3}, {0x2, 0x7}, @cond=[{0x8, 0xc, 0x81, 0x1, 0x3, 0x9}, {0x0, 0xbaf, 0x1a3, 0xb48, 0x4, 0x5f6a}]}})
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x6, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="18020000f2ffffff0000000000000000850000008a00000095000000000000003d789ade838aefd33bd610b26beb55528c474cb385573d9f5ec0798d497a5d0ab93dbb637fd8de14970b4f76b599915df77098a8cd276dee070239f0c8bff4c9d6d337c8759d1737b62feae7412f1b5c334ef700000080875789e46307b8f29c8f019360bea59a42011aaac5125f93a06d27b6cf4f033c6000c3ab63ee03e9e7023574b86ce453bc8964c32f955d410083f7567775a2ca15dbbf01550310a78644e8e1ab98703bc75b41925c55b0a4141ae3c08d264831d0f6365469c3562185000000000000004f78cd03163b2dc4a41e000000000000000000000000000000001a18f6de00bb8c95f8bdc2a54e6aefee88e5bc3a969a35af8033d11474cfa5d73d92c9bd2b72c3ce63d47075ae7c59d82cea124301000000000000000cb56281877934e999394a7dfe2bb9a29394560f87d6aedc4df6f74e8f286454fca6300d100e7eb8717c8528e445fbefe6a3139191529f22e4c0435e5c53e469f70c08bdff633307bbf119ffdb2e1d717eb2b313bce22da5fda4fc19afc54c10bc7fee0486fa294b41c1d4dc44a9801c34ada4ed759f4312dde48793cc7c5d085c5416a4ace37f055043e0702189d931168b061993d0c0eab1fe7bb6f33fcf7e22ab1981eb807374688e08d78ee7ac938fb48e7e1ae4c62fd901f35f561d555604bf40684c84035bc9e2ffab6d3c6a1557f16000f137000000000000000000000000000000e38d7306047e4ae2b07718fad474c154d7dc711b981aaae1869c45af7848ed3df4b867e00d073f7f88c69e6460d7214c6925f55541270c7e0c46b5411ec11438b1dda57bdb6275a0e43d918f1a39737b5857306810727453eb903ae59c6c1651141949b6e0c9dd81d589516accf93352b3c21842b536f5394938df816f1111f072931677f3c3cf6a23dcf0d1c53137433a12998dc5e3a9885b46026bf43a8d152bc11f2f7cdadaf937dfb52c3f9463"], &(0x7f0000000240)='syzkaller\x00', 0x4, 0xff0, &(0x7f000062b000)=""/4080, 0x0, 0x0, '\x00', 0x0, @xdp}, 0x3d)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
r6 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000180), 0x802, 0x0)
write$uinput_user_dev(r6, &(0x7f0000000200)={'syz0\x00', {}, 0x0, [0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1], [], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6]}, 0x45c)
ioctl$UI_DEV_CREATE(r6, 0x5501)
syz_open_dev$evdev(&(0x7f0000000700), 0x3, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000080)={0x100}, 0x8)

2.800516629s ago: executing program 3 (id=1537):
clock_gettime(0x0, &(0x7f0000000080))
clock_gettime(0x0, &(0x7f0000000200))
clock_gettime(0x0, &(0x7f00000002c0)={<r0=>0x0, <r1=>0x0})
setitimer(0x0, &(0x7f00000000c0)={{0x0, 0x2710}, {r0, r1/1000+60000}}, 0x0)
r2 = signalfd(0xffffffffffffffff, &(0x7f00000001c0), 0x8)
mkdir(&(0x7f0000000140)='./control\x00', 0x5)
close(r2)
r3 = inotify_init1(0x800)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10)
fcntl$setstatus(r2, 0x4, 0x2c00)
r5 = gettid()
fcntl$setown(r2, 0x8, r5)
fcntl$setsig(r3, 0xa, 0xe)
rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffffd]}, 0x0, 0x8)
rt_sigtimedwait(&(0x7f0000000040)={[0xffffffffffff7ff8]}, 0x0, 0x0, 0x8)
inotify_add_watch(r3, &(0x7f0000000180)='./control\x00', 0xa4000960)
rmdir(&(0x7f0000000100)='./control\x00')

2.111269997s ago: executing program 0 (id=1538):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@private2={0xfc, 0x2, '\x00', 0x1}, 0xff, 0x2, 0x0, 0x9, 0x8, 0x101}, 0x20)

1.649480246s ago: executing program 0 (id=1539):
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = bpf$MAP_CREATE(0x0, 0x0, 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xd, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000a000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000400850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r3, 0x5, 0x3100, 0x3100, &(0x7f0000000000), 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
sendmsg$NFT_BATCH(r1, 0x0, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000002100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000090a010400000000000000000a0000040900010073797a310000000008000540000000040900020073797a310000000008000a40fffffffc200011800e000100636f6e6e6c696d69740000000c00028008000140fffff274140000"], 0x84}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
sendmsg$NFQNL_MSG_CONFIG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000001c0)={0x28, 0x2, 0x3, 0x101, 0x0, 0x0, {0x1, 0x0, 0xa}, [@NFQA_CFG_PARAMS={0x9, 0x2, {0x8, 0x1}}, @NFQA_CFG_CMD={0x8, 0x1, {0x1, 0x0, 0xf}}]}, 0x28}, 0x1, 0x0, 0x0, 0x4001}, 0x20000)
sendmsg$NFT_MSG_GETSETELEM(r1, 0x0, 0x8000)
socket$isdn_base(0x22, 0x3, 0x0)
socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000040)=0x8, 0x4)
r4 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r4, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(aes)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r5 = accept4(r4, 0x0, 0x0, 0x800)
sendmmsg$alg(r5, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be5216344841", 0xe}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b", 0x44}, {&(0x7f0000000600)}], 0x3}], 0x1, 0x0)
recvmsg(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x51}, {&(0x7f00000002c0)=""/92, 0x5c}], 0x2}, 0x0)
bind$inet(r0, &(0x7f0000000280)={0x2, 0x5e21, @local}, 0x10)
close(0x3)

774.248206ms ago: executing program 0 (id=1540):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_msfilter(r0, 0x0, 0x29, &(0x7f0000000240)={@multicast2, @empty}, 0x10)

532.135757ms ago: executing program 8 (id=1541):
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x1c0)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x8, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
mknodat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x21c0, 0x103)
linkat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0/file1\x00', 0xffffffffffffff9c, &(0x7f00000003c0)='./file0/file2\x00', 0x0)
stat(&(0x7f0000000300)='./file0/file2\x00', 0x0)

526.405784ms ago: executing program 3 (id=1542):
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x0, 0x19}, 0x94)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, 0x0, 0x0)

262.62065ms ago: executing program 0 (id=1543):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0x8, 0x8}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000850000000f00000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r1}, 0x10)
syz_clone(0x41045900, 0x0, 0x0, 0x0, 0x0, 0x0)

259.067515ms ago: executing program 8 (id=1544):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000001000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x6, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="18020000fdffffff0000000000000000850000002c00000095"], &(0x7f0000000040)='GPL\x00', 0x5, 0xbf, &(0x7f00000020c0)=""/191}, 0x80)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r3=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r2, r3}, 0x10)
syz_emit_ethernet(0xfdef, &(0x7f0000000300)=ANY=[], 0x0)

0s ago: executing program 3 (id=1545):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000001c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000340)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@xino_on}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
r4 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents(r4, &(0x7f0000001fc0)=""/184, 0x20002078)

kernel console output (not intermixed with test programs):

rnal superblock found
[  810.049841][ T9771] EXT4-fs (loop3): Could not load journal inode
[  810.370980][ T5866] wacom 0003:056A:00BA.0009: unbalanced collection at end of report description
[  810.521935][ T5866] wacom 0003:056A:00BA.0009: parse failed
[  810.530432][ T5866] wacom 0003:056A:00BA.0009: probe with driver wacom failed with error -22
[  810.692534][ T5866] usb 7-1: USB disconnect, device number 4
[  810.720337][ T5817] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  810.752887][ T5817] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  810.787933][ T5817] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  810.806840][ T4223] team0 (unregistering): Port device team_slave_1 removed
[  810.841228][ T4223] team0 (unregistering): Port device team_slave_0 removed
[  811.400695][ T5817] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  811.526971][ T5817] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  812.727936][ T9771] bridge0: port 2(bridge_slave_1) entered disabled state
[  812.737940][ T9771] bridge0: port 1(bridge_slave_0) entered disabled state
[  813.349392][ T9771] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  813.375291][ T9771] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  813.875567][ T5817] Bluetooth: hci3: command tx timeout
[  814.759437][ T9782] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[  814.989409][ T9782] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  815.000787][ T9782] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  815.011002][ T9782] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  815.024413][ T9782] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  815.033883][ T9782] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  815.252064][ T3780] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  815.499751][ T3780] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  815.514149][ T9782] usb 7-1: config 0 descriptor??
[  815.548525][ T3780] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  815.648481][ T3780] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  816.090020][ T5817] Bluetooth: hci3: command tx timeout
[  816.307570][ T9772] chnl_net:caif_netlink_parms(): no params data found
[  816.318466][ T9782] usbhid 7-1:0.0: can't add hid device: -71
[  816.325375][ T9782] usbhid 7-1:0.0: probe with driver usbhid failed with error -71
[  816.374814][ T9782] usb 7-1: USB disconnect, device number 5
[  816.445476][ T9793] loop3: detected capacity change from 0 to 2048
[  816.479912][ T9793] EXT4-fs: Ignoring removed nobh option
[  816.790406][ T9793] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  816.804068][ T9793] ext4 filesystem being mounted at /48/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  816.938062][ T9808] netlink: 20 bytes leftover after parsing attributes in process `syz.9.1017'.
[  816.959296][ T9808] netlink: 8 bytes leftover after parsing attributes in process `syz.9.1017'.
[  817.000236][ T9808] vlan4: entered promiscuous mode
[  817.005477][ T9808] bridge0: entered promiscuous mode
[  817.318997][ T9008] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  817.436978][ T9813] loop6: detected capacity change from 0 to 512
[  817.448374][ T9813] EXT4-fs: Ignoring removed nomblk_io_submit option
[  817.585883][ T9813] EXT4-fs error (device loop6): ext4_iget_extra_inode:5104: inode #15: comm syz.6.1018: corrupted in-inode xattr: e_value size too large
[  817.631194][ T9772] bridge0: port 1(bridge_slave_0) entered blocking state
[  817.638950][ T9772] bridge0: port 1(bridge_slave_0) entered disabled state
[  817.646917][ T9772] bridge_slave_0: entered allmulticast mode
[  817.656482][ T9772] bridge_slave_0: entered promiscuous mode
[  817.700843][ T9813] EXT4-fs error (device loop6): ext4_orphan_get:1397: comm syz.6.1018: couldn't read orphan inode 15 (err -117)
[  817.751989][ T9813] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  817.776070][ T9772] bridge0: port 2(bridge_slave_1) entered blocking state
[  817.784130][ T9772] bridge0: port 2(bridge_slave_1) entered disabled state
[  817.794850][ T9772] bridge_slave_1: entered allmulticast mode
[  817.805297][ T9772] bridge_slave_1: entered promiscuous mode
[  817.978164][ T9813] EXT4-fs error (device loop6): ext4_iget_extra_inode:5104: inode #15: comm syz.6.1018: corrupted in-inode xattr: e_value size too large
[  818.030354][ T9813] overlayfs: failed to resolve './file1': -117
[  818.206548][ T9772] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  818.251673][ T9772] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  818.266060][ T9826] loop8: detected capacity change from 0 to 1024
[  818.307615][ T9826] EXT4-fs (loop8): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869)
[  818.318691][ T9826] EXT4-fs (loop8): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  818.331737][ T5817] Bluetooth: hci3: command tx timeout
[  818.369356][ T9826] JBD2: no valid journal superblock found
[  818.375329][ T9826] EXT4-fs (loop8): Could not load journal inode
[  818.640806][ T9772] team0: Port device team_slave_0 added
[  818.688375][ T9772] team0: Port device team_slave_1 added
[  818.697655][ T9236] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  818.933325][ T9826] bridge0: port 2(bridge_slave_1) entered disabled state
[  818.942932][ T9826] bridge0: port 1(bridge_slave_0) entered disabled state
[  819.159429][ T9826] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  819.192168][ T9826] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  820.037850][ T3780] netdevsim netdevsim8 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  820.079023][ T9772] batman_adv: batadv0: Adding interface: batadv_slave_0
[  820.086462][ T9772] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  820.113716][ T9772] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  820.141378][ T3780] netdevsim netdevsim8 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  820.150622][ T3780] netdevsim netdevsim8 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  820.174500][ T3780] netdevsim netdevsim8 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  820.335213][ T9772] batman_adv: batadv0: Adding interface: batadv_slave_1
[  820.342349][ T9772] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  820.369209][ T9772] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  820.538024][ T9838] loop8: detected capacity change from 0 to 512
[  820.553612][ T5817] Bluetooth: hci3: command tx timeout
[  820.676614][ T9838] EXT4-fs error (device loop8): ext4_orphan_get:1392: inode #15: comm syz.8.1027: casefold flag without casefold feature
[  820.741362][ T9838] EXT4-fs error (device loop8): ext4_orphan_get:1397: comm syz.8.1027: couldn't read orphan inode 15 (err -117)
[  820.757217][ T9838] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  820.844837][ T9772] hsr_slave_0: entered promiscuous mode
[  820.855290][ T9772] hsr_slave_1: entered promiscuous mode
[  820.941685][ T9838] overlayfs: fs on './bus' does not support file handles, falling back to index=off,nfs_export=off.
[  820.953859][ T9838] overlayfs: upperdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior.
[  821.009703][ T9844] netlink: 20 bytes leftover after parsing attributes in process `syz.9.1028'.
[  821.019114][ T9844] netlink: 8 bytes leftover after parsing attributes in process `syz.9.1028'.
[  821.528256][ T7862] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  822.110741][ T9772] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  822.148533][ T9772] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  822.190050][ T9772] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  822.231169][ T9772] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  822.398700][   T11] usb 9-1: new high-speed USB device number 6 using dummy_hcd
[  822.592385][   T11] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  822.603952][   T11] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  822.614593][   T11] usb 9-1: New USB device found, idVendor=0419, idProduct=0600, bcdDevice= 0.00
[  822.623963][   T11] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  822.758728][   T11] usb 9-1: config 0 descriptor??
[  823.191756][ T9772] 8021q: adding VLAN 0 to HW filter on device bond0
[  824.081955][ T9772] 8021q: adding VLAN 0 to HW filter on device team0
[  824.125605][ T9095] bridge0: port 1(bridge_slave_0) entered blocking state
[  824.133385][ T9095] bridge0: port 1(bridge_slave_0) entered forwarding state
[  824.244032][   T11] samsung 0003:0419:0600.000A: item fetching failed at offset 0/7
[  824.247682][ T9095] bridge0: port 2(bridge_slave_1) entered blocking state
[  824.259540][ T9095] bridge0: port 2(bridge_slave_1) entered forwarding state
[  824.261475][   T11] samsung 0003:0419:0600.000A: parse failed
[  824.273328][   T11] samsung 0003:0419:0600.000A: probe with driver samsung failed with error -22
[  824.287635][   T11] usb 9-1: USB disconnect, device number 6
[  825.406663][ T9867] loop8: detected capacity change from 0 to 1024
[  825.476639][ T9867] EXT4-fs (loop8): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869)
[  825.490532][ T9867] EXT4-fs (loop8): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  825.586588][ T9867] JBD2: no valid journal superblock found
[  825.592578][ T9867] EXT4-fs (loop8): Could not load journal inode
[  825.867849][ T9874] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1039'.
[  825.879371][ T9874] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1039'.
[  825.906023][ T9874] vlan0: entered promiscuous mode
[  825.911261][ T9874] bridge0: entered promiscuous mode
[  827.983323][ T9885] loop8: detected capacity change from 0 to 1024
[  828.070195][ T9885] EXT4-fs: Ignoring removed oldalloc option
[  828.105729][ T9772] 8021q: adding VLAN 0 to HW filter on device batadv0
[  828.154685][ T9885] EXT4-fs (loop8): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  828.271424][ T9885] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  828.849780][ T9898] loop6: detected capacity change from 0 to 256
[  828.870993][ T7862] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  829.417578][ T9905] loop6: detected capacity change from 0 to 1024
[  829.474287][ T9905] EXT4-fs (loop6): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869)
[  829.484638][ T9905] EXT4-fs (loop6): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  829.499574][   T11] usb 9-1: new high-speed USB device number 7 using dummy_hcd
[  829.581584][ T9905] JBD2: no valid journal superblock found
[  829.587666][ T9905] EXT4-fs (loop6): Could not load journal inode
[  829.710170][   T11] usb 9-1: config 0 interface 0 altsetting 128 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  829.721943][   T11] usb 9-1: config 0 interface 0 altsetting 128 endpoint 0x81 has invalid wMaxPacketSize 0
[  829.732347][   T11] usb 9-1: config 0 interface 0 has no altsetting 0
[  829.739218][   T11] usb 9-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  829.748691][   T11] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  829.856321][   T11] usb 9-1: config 0 descriptor??
[  830.911846][ T9905] bridge0: port 2(bridge_slave_1) entered disabled state
[  830.921601][ T9905] bridge0: port 1(bridge_slave_0) entered disabled state
[  831.351763][ T9905] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  831.376951][ T9905] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  832.078238][   T11] usb 9-1: string descriptor 0 read error: -22
[  832.382606][   T11] uclogic 0003:256C:006D.000B: failed retrieving string descriptor #100: -71
[  832.391997][   T11] uclogic 0003:256C:006D.000B: failed retrieving pen parameters: -71
[  832.400614][   T11] uclogic 0003:256C:006D.000B: failed probing pen v1 parameters: -71
[  832.409405][   T11] uclogic 0003:256C:006D.000B: failed probing parameters: -71
[  832.417520][   T11] uclogic 0003:256C:006D.000B: probe with driver uclogic failed with error -71
[  832.650897][   T11] usb 9-1: USB disconnect, device number 7
[  832.934690][ T9772] veth0_vlan: entered promiscuous mode
[  832.947019][ T3780] netdevsim netdevsim6 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  832.971842][ T3780] netdevsim netdevsim6 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  832.992495][ T3780] netdevsim netdevsim6 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  833.015441][ T3780] netdevsim netdevsim6 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  833.053427][ T9918] loop3: detected capacity change from 0 to 512
[  833.121992][ T9772] veth1_vlan: entered promiscuous mode
[  833.221955][ T9920] syzkaller0: entered promiscuous mode
[  833.239723][ T9920] syzkaller0: entered allmulticast mode
[  833.306769][ T9918] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  833.320783][ T9918] ext4 filesystem being mounted at /58/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  833.523767][ T9928] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  833.748418][ T9772] veth0_macvtap: entered promiscuous mode
[  833.888419][ T9772] veth1_macvtap: entered promiscuous mode
[  833.954965][ T9008] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  834.062514][ T9772] batman_adv: batadv0: Interface activated: batadv_slave_0
[  834.106697][ T9772] batman_adv: batadv0: Interface activated: batadv_slave_1
[  834.183669][ T4180] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  834.233394][ T4180] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  834.274600][ T4180] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  834.319901][ T4180] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  834.370243][   T30] audit: type=1326 audit(1757740019.206:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9935 comm="syz.3.1057" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f35fef8eba9 code=0x7ffc0000
[  834.455597][   T30] audit: type=1326 audit(1757740019.234:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9935 comm="syz.3.1057" exe="/root/syz-executor" sig=0 arch=c000003e syscall=26 compat=0 ip=0x7f35fef8eba9 code=0x7ffc0000
[  834.478583][   T30] audit: type=1326 audit(1757740019.234:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9935 comm="syz.3.1057" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f35fef8eba9 code=0x7ffc0000
[  835.279274][ T9946] input: syz1 as /devices/virtual/input/input14
[  835.412802][ T9947] loop8: detected capacity change from 0 to 1024
[  835.887276][ T9947] EXT4-fs (loop8): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869)
[  835.897574][ T9947] EXT4-fs (loop8): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  836.073272][ T9947] JBD2: no valid journal superblock found
[  836.079395][ T9947] EXT4-fs (loop8): Could not load journal inode
[  838.491618][   T30] audit: type=1326 audit(1757740023.050:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9957 comm="syz.3.1063" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f35fef8eba9 code=0x7ffc0000
[  838.516419][   T30] audit: type=1326 audit(1757740023.050:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9957 comm="syz.3.1063" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f35fef8eba9 code=0x7ffc0000
[  838.541118][   T30] audit: type=1326 audit(1757740023.069:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9957 comm="syz.3.1063" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7f35fef8eba9 code=0x7ffc0000
[  838.564364][   T30] audit: type=1326 audit(1757740023.069:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9957 comm="syz.3.1063" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f35fef8eba9 code=0x7ffc0000
[  838.587589][   T30] audit: type=1326 audit(1757740023.069:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9957 comm="syz.3.1063" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f35fef8eba9 code=0x7ffc0000
[  839.211057][   T30] audit: type=1326 audit(1757740023.219:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9957 comm="syz.3.1063" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f35fef8eba9 code=0x7ffc0000
[  839.234390][   T30] audit: type=1326 audit(1757740023.219:109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9957 comm="syz.3.1063" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f35fef8eba9 code=0x7ffc0000
[  840.074313][ T9974] loop6: detected capacity change from 0 to 1024
[  840.096328][ T9976] netlink: 'syz.9.1069': attribute type 10 has an invalid length.
[  840.104949][ T9976] netlink: 40 bytes leftover after parsing attributes in process `syz.9.1069'.
[  840.124944][ T9974] EXT4-fs: Ignoring removed nomblk_io_submit option
[  840.173795][ T9976] team0: Port device netdevsim1 added
[  840.196511][ T4180] team0: Failed to send port change of device netdevsim1 via netlink (err -105)
[  840.275210][ T9974] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  841.031951][ T9987] loop8: detected capacity change from 0 to 256
[  841.164001][   T30] kauditd_printk_skb: 5 callbacks suppressed
[  841.164081][   T30] audit: type=1804 audit(1757740025.529:115): pid=9989 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.6.1068" name="/newroot/39/file1/file1" dev="loop6" ino=15 res=1 errno=0
[  841.203517][   T11] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  847.484903][   T11] usb 4-1: Using ep0 maxpacket: 32
[  849.014883][ T9236] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  849.348512][ T9997] kvm: emulating exchange as write
[  849.635034][   T11] usb 4-1: device descriptor read/all, error -71
[  850.117462][T10002] loop6: detected capacity change from 0 to 1024
[  850.187914][T10002] EXT4-fs (loop6): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869)
[  850.198243][T10002] EXT4-fs (loop6): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  850.289758][T10002] JBD2: no valid journal superblock found
[  850.295735][T10002] EXT4-fs (loop6): Could not load journal inode
[  852.147063][T10017] loop8: detected capacity change from 0 to 128
[  852.519204][   T53] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  852.528457][   T53] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  852.822975][   T53] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  852.831216][   T53] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  853.276258][T10026] loop6: detected capacity change from 0 to 256
[  853.405635][T10026] exFAT-fs (loop6): error, invalid access to FAT bad cluster (entry 0x00000005)
[  853.416352][T10026] exFAT-fs (loop6): failed to count the number of clusters in root
[  853.425167][T10026] exFAT-fs (loop6): failed to recognize exfat type
[  853.662809][T10031] netlink: 'syz.8.1081': attribute type 10 has an invalid length.
[  853.672402][T10031] netlink: 40 bytes leftover after parsing attributes in process `syz.8.1081'.
[  853.691541][T10031] team0: Port device netdevsim1 added
[  853.907892][   T30] audit: type=1326 audit(1757740037.474:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10033 comm="syz.4.1082" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e2518eba9 code=0x7ffc0000
[  854.005288][   T30] audit: type=1326 audit(1757740037.540:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10033 comm="syz.4.1082" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f7e2518eba9 code=0x7ffc0000
[  854.028553][   T30] audit: type=1326 audit(1757740037.540:118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10033 comm="syz.4.1082" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e2518eba9 code=0x7ffc0000
[  854.052456][   T30] audit: type=1326 audit(1757740037.540:119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10033 comm="syz.4.1082" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f7e2518eba9 code=0x7ffc0000
[  854.078474][   T30] audit: type=1326 audit(1757740037.540:120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10033 comm="syz.4.1082" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e2518eba9 code=0x7ffc0000
[  854.102839][   T30] audit: type=1326 audit(1757740037.540:121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10033 comm="syz.4.1082" exe="/root/syz-executor" sig=0 arch=c000003e syscall=285 compat=0 ip=0x7f7e2518eba9 code=0x7ffc0000
[  854.126357][   T30] audit: type=1326 audit(1757740037.540:122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10033 comm="syz.4.1082" exe="/root/syz-executor" sig=0 arch=c000003e syscall=96 compat=0 ip=0xffffffffff600000 code=0x7ffc0000
[  854.149952][   T30] audit: type=1326 audit(1757740037.540:123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10033 comm="syz.4.1082" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e2518eba9 code=0x7ffc0000
[  854.523065][T10042] loop8: detected capacity change from 0 to 1024
[  854.564043][T10042] EXT4-fs (loop8): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869)
[  854.574322][T10042] EXT4-fs (loop8): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  854.634226][T10042] JBD2: no valid journal superblock found
[  854.640780][T10042] EXT4-fs (loop8): Could not load journal inode
[  855.299254][ T1287] ieee802154 phy0 wpan0: encryption failed: -22
[  855.306173][ T1287] ieee802154 phy1 wpan1: encryption failed: -22
[  855.884763][T10053] loop8: detected capacity change from 0 to 512
[  855.894464][T10053] msdos: Bad value for 'time_offset'
[  856.486866][T10056] loop8: detected capacity change from 0 to 128
[  856.595251][T10056] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=16, mo=a842c018, mo2=0002]
[  856.636150][T10056] System zones: 1-3, 19-19, 35-36
[  856.693020][T10056] EXT4-fs (loop8): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  856.754846][T10056] ext4 filesystem being mounted at /142/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  856.954298][T10056] EXT4-fs warning (device loop8): ext4_group_extend:1862: can't shrink FS - resize aborted
[  857.445446][ T7862] EXT4-fs (loop8): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  859.525274][   T11] usb 9-1: new high-speed USB device number 8 using dummy_hcd
[  859.753997][   T11] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  859.765484][   T11] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  859.775668][   T11] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  859.789038][   T11] usb 9-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  859.798487][   T11] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  859.888574][   T11] usb 9-1: config 0 descriptor??
[  860.359647][   T11] plantronics 0003:047F:FFFF.000C: reserved main item tag 0xd
[  860.480221][   T11] plantronics 0003:047F:FFFF.000C: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.8-1/input0
[  860.645507][T10073] loop6: detected capacity change from 0 to 256
[  860.670473][   T11] usb 9-1: USB disconnect, device number 8
[  861.517285][   T30] audit: type=1326 audit(1757740044.602:124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10076 comm="syz.4.1099" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e2518eba9 code=0x7ffc0000
[  861.540811][   T30] audit: type=1326 audit(1757740044.602:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10076 comm="syz.4.1099" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e2518eba9 code=0x7ffc0000
[  861.685025][   T30] audit: type=1326 audit(1757740044.658:126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10076 comm="syz.4.1099" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7e2518eba9 code=0x7ffc0000
[  861.708409][   T30] audit: type=1326 audit(1757740044.667:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10076 comm="syz.4.1099" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e2518eba9 code=0x7ffc0000
[  861.733372][   T30] audit: type=1326 audit(1757740044.677:128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10076 comm="syz.4.1099" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7e2518eba9 code=0x7ffc0000
[  861.757325][   T30] audit: type=1326 audit(1757740044.677:129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10076 comm="syz.4.1099" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e2518eba9 code=0x7ffc0000
[  861.780130][   T30] audit: type=1326 audit(1757740044.677:130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10076 comm="syz.4.1099" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7e2518eba9 code=0x7ffc0000
[  861.803498][   T30] audit: type=1326 audit(1757740044.677:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10076 comm="syz.4.1099" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e2518eba9 code=0x7ffc0000
[  861.827690][   T30] audit: type=1326 audit(1757740044.677:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10076 comm="syz.4.1099" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7e2518eba9 code=0x7ffc0000
[  861.851218][   T30] audit: type=1326 audit(1757740044.677:133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10076 comm="syz.4.1099" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e2518eba9 code=0x7ffc0000
[  862.291560][T10084] loop4: detected capacity change from 0 to 512
[  862.488525][T10084] EXT4-fs error (device loop4): ext4_orphan_get:1392: inode #15: comm syz.4.1102: casefold flag without casefold feature
[  862.543470][T10084] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.1102: couldn't read orphan inode 15 (err -117)
[  862.609742][T10084] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  863.515361][ T5871] usb 9-1: new high-speed USB device number 9 using dummy_hcd
[  863.744696][T10098] Invalid ELF header magic: != ELF
[  863.863546][ T5871] usb 9-1: Using ep0 maxpacket: 8
[  864.713182][ T5871] usb 9-1: config 179 has an invalid interface number: 65 but max is 0
[  864.722123][ T5871] usb 9-1: config 179 has no interface number 0
[  864.728662][ T5871] usb 9-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 64, changing to 10
[  864.740473][ T5871] usb 9-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 1029, setting to 1024
[  864.752260][ T5871] usb 9-1: config 179 interface 65 altsetting 12 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  864.764147][ T5871] usb 9-1: config 179 interface 65 altsetting 12 endpoint 0x83 has invalid wMaxPacketSize 0
[  864.774597][ T5871] usb 9-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  864.789963][ T5871] usb 9-1: config 179 interface 65 has no altsetting 0
[  864.798030][ T5871] usb 9-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00
[  864.807584][ T5871] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  867.300770][ T9772] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  868.072849][T10105] cgroup: Unknown subsys name 'cpuset'
[  869.103516][ T5871] usb 9-1: can't set config #179, error -71
[  869.113137][ T5871] usb 9-1: USB disconnect, device number 9
[  869.695716][T10117] loop4: detected capacity change from 0 to 128
[  870.333825][ T5110] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  870.347938][ T5110] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  870.409151][ T5110] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  870.423856][ T5110] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  870.443219][ T5110] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  873.055950][ T5817] Bluetooth: hci4: command tx timeout
[  875.275701][ T5817] Bluetooth: hci4: command tx timeout
[  876.295872][T10147] loop8: detected capacity change from 0 to 1024
[  876.345137][T10147] EXT4-fs: Ignoring removed nomblk_io_submit option
[  876.463568][T10147] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  877.504331][ T5817] Bluetooth: hci4: command tx timeout
[  877.969327][ T7862] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  878.549155][T10121] chnl_net:caif_netlink_parms(): no params data found
[  879.719927][ T5817] Bluetooth: hci4: command tx timeout
[  879.811633][   T30] kauditd_printk_skb: 6 callbacks suppressed
[  879.811711][   T30] audit: type=1326 audit(1757740061.720:140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10165 comm="syz.3.1127" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f35fef8eba9 code=0x7ffc0000
[  880.460161][   T30] audit: type=1326 audit(1757740062.028:141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10165 comm="syz.3.1127" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f35fef8eba9 code=0x7ffc0000
[  880.484551][   T30] audit: type=1326 audit(1757740062.290:142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10165 comm="syz.3.1127" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f35fef8eba9 code=0x7ffc0000
[  880.507786][   T30] audit: type=1326 audit(1757740062.290:143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10165 comm="syz.3.1127" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f35fef8eba9 code=0x7ffc0000
[  880.530829][   T30] audit: type=1326 audit(1757740062.300:144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10165 comm="syz.3.1127" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f35fef8eba9 code=0x7ffc0000
[  880.555703][   T30] audit: type=1326 audit(1757740062.318:145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10165 comm="syz.3.1127" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f35fef8eba9 code=0x7ffc0000
[  880.580081][   T30] audit: type=1326 audit(1757740062.318:146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10165 comm="syz.3.1127" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f35fef8eba9 code=0x7ffc0000
[  880.603289][   T30] audit: type=1326 audit(1757740062.328:147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10165 comm="syz.3.1127" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f35fef8eba9 code=0x7ffc0000
[  881.584175][   T30] audit: type=1326 audit(1757740062.524:148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10165 comm="syz.3.1127" exe="/root/syz-executor" sig=0 arch=c000003e syscall=129 compat=0 ip=0x7f35fef8eba9 code=0x7ffc0000
[  881.607179][   T30] audit: type=1326 audit(1757740062.524:149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10165 comm="syz.3.1127" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f35fef85b67 code=0x7ffc0000
[  882.043025][T10121] bridge0: port 1(bridge_slave_0) entered blocking state
[  882.052911][T10121] bridge0: port 1(bridge_slave_0) entered disabled state
[  882.060947][T10121] bridge_slave_0: entered allmulticast mode
[  882.070527][T10121] bridge_slave_0: entered promiscuous mode
[  882.108568][T10121] bridge0: port 2(bridge_slave_1) entered blocking state
[  882.117568][T10121] bridge0: port 2(bridge_slave_1) entered disabled state
[  882.125558][T10121] bridge_slave_1: entered allmulticast mode
[  882.135305][T10121] bridge_slave_1: entered promiscuous mode
[  882.537245][T10121] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  882.614823][T10121] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  883.503341][T10121] team0: Port device team_slave_0 added
[  883.541225][T10121] team0: Port device team_slave_1 added
[  884.427453][T10209] overlayfs: failed to resolve './bus': -2
[  887.435620][T10121] batman_adv: batadv0: Adding interface: batadv_slave_0
[  887.445362][T10121] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  887.473654][T10121] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  887.602595][T10216] loop4: detected capacity change from 0 to 512
[  887.825067][T10216] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  887.838492][T10216] ext4 filesystem being mounted at /13/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  887.889280][T10221] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1145'.
[  888.333530][ T5871] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  888.493367][T10121] batman_adv: batadv0: Adding interface: batadv_slave_1
[  888.501485][T10121] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  888.527947][T10121] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  888.552642][ T5871] usb 5-1: Using ep0 maxpacket: 8
[  888.597214][ T5871] usb 5-1: config 179 has an invalid interface number: 65 but max is 0
[  888.606142][ T5871] usb 5-1: config 179 has no interface number 0
[  888.612853][ T5871] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  888.624461][ T5871] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[  888.636382][ T5871] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  888.649508][ T5871] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024
[  888.661973][ T5871] usb 5-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  888.676198][ T5871] usb 5-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  888.685970][ T5871] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  889.379823][T10121] hsr_slave_0: entered promiscuous mode
[  889.390263][T10121] hsr_slave_1: entered promiscuous mode
[  889.399257][T10121] debugfs: 'hsr0' already exists in 'hsr'
[  889.405268][T10121] Cannot create hsr debugfs directory
[  889.426393][T10216] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  891.415767][T10227] loop8: detected capacity change from 0 to 2048
[  891.635953][T10227] EXT4-fs (loop8): mounted filesystem 00000800-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  891.712910][ T9782] usb 5-1: USB disconnect, device number 2
[  891.713824][    C1] xpad 5-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19
[  891.736220][    C1] dummy_hcd dummy_hcd.4: timer fired with no URBs pending?
[  891.871282][T10227] EXT4-fs error (device loop8): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  891.937648][T10227] EXT4-fs (loop8): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 15 with error 28
[  891.950636][T10227] EXT4-fs (loop8): This should not happen!! Data will be lost
[  891.950636][T10227] 
[  891.962732][T10227] EXT4-fs (loop8): Total free blocks count 0
[  891.971077][T10227] EXT4-fs (loop8): Free/Dirty block details
[  891.977154][T10227] EXT4-fs (loop8): free_blocks=2415919104
[  891.983281][T10227] EXT4-fs (loop8): dirty_blocks=16
[  891.988557][T10227] EXT4-fs (loop8): Block reservation details
[  891.994934][T10227] EXT4-fs (loop8): i_reserved_data_blocks=1
[  892.009074][ T9772] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  892.181431][T10236] loop3: detected capacity change from 0 to 512
[  892.216221][T10236] EXT4-fs: Ignoring removed mblk_io_submit option
[  892.247899][T10236] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  892.366981][T10236] EXT4-fs (loop3): 1 truncate cleaned up
[  892.378346][T10236] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  892.421148][ T7862] EXT4-fs (loop8): unmounting filesystem 00000800-0000-0000-0000-000000000000.
[  892.520666][   T30] kauditd_printk_skb: 20 callbacks suppressed
[  892.520746][   T30] audit: type=1800 audit(1757740073.609:170): pid=10236 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1151" name="file2" dev="loop3" ino=16 res=0 errno=0
[  892.914354][ T9008] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  894.032334][T10256] loop6: detected capacity change from 0 to 512
[  894.163765][T10256] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  894.177209][T10256] ext4 filesystem being mounted at /64/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  894.918247][ T9236] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  894.969820][T10121] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  895.139541][T10121] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  895.277677][T10121] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  895.412988][T10121] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  895.802012][ T5817] Bluetooth: hci2: command 0x0406 tx timeout
[  895.955286][T10268] loop3: detected capacity change from 0 to 2048
[  896.239112][T10268] EXT4-fs (loop3): mounted filesystem 00000800-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  896.485103][T10268] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  896.564145][T10268] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 15 with error 28
[  896.578165][T10268] EXT4-fs (loop3): This should not happen!! Data will be lost
[  896.578165][T10268] 
[  896.589668][T10268] EXT4-fs (loop3): Total free blocks count 0
[  896.595948][T10268] EXT4-fs (loop3): Free/Dirty block details
[  896.602629][T10268] EXT4-fs (loop3): free_blocks=2415919104
[  896.608611][T10268] EXT4-fs (loop3): dirty_blocks=16
[  896.614025][T10268] EXT4-fs (loop3): Block reservation details
[  896.620179][T10268] EXT4-fs (loop3): i_reserved_data_blocks=1
[  896.687038][T10121] 8021q: adding VLAN 0 to HW filter on device bond0
[  896.723149][ T9008] EXT4-fs (loop3): unmounting filesystem 00000800-0000-0000-0000-000000000000.
[  896.900909][T10121] 8021q: adding VLAN 0 to HW filter on device team0
[  896.993553][ T4180] bridge0: port 1(bridge_slave_0) entered blocking state
[  897.001162][ T4180] bridge0: port 1(bridge_slave_0) entered forwarding state
[  897.056174][T10280] loop4: detected capacity change from 0 to 1024
[  897.121328][ T4180] bridge0: port 2(bridge_slave_1) entered blocking state
[  897.128929][ T4180] bridge0: port 2(bridge_slave_1) entered forwarding state
[  897.264651][T10280] EXT4-fs error (device loop4): ext4_ext_check_inode:523: inode #2: comm syz.4.1165: pblk 0 bad header/extent: invalid eh_entries - magic f30a, entries 11, max 4(4), depth 0(0)
[  897.393494][T10280] EXT4-fs (loop4): get root inode failed
[  897.399348][T10280] EXT4-fs (loop4): mount failed
[  898.091499][   T30] audit: type=1326 audit(1757740078.819:171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10289 comm="syz.4.1169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e2518eba9 code=0x7ffc0000
[  898.115646][   T30] audit: type=1326 audit(1757740078.819:172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10289 comm="syz.4.1169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e2518eba9 code=0x7ffc0000
[  898.142596][   T30] audit: type=1326 audit(1757740078.819:173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10289 comm="syz.4.1169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7e2518eba9 code=0x7ffc0000
[  898.166344][   T30] audit: type=1326 audit(1757740078.819:174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10289 comm="syz.4.1169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e2518eba9 code=0x7ffc0000
[  898.192015][   T30] audit: type=1326 audit(1757740078.819:175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10289 comm="syz.4.1169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e2518eba9 code=0x7ffc0000
[  898.216405][   T30] audit: type=1326 audit(1757740078.847:176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10289 comm="syz.4.1169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=83 compat=0 ip=0x7f7e2518eba9 code=0x7ffc0000
[  898.239646][   T30] audit: type=1326 audit(1757740078.847:177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10289 comm="syz.4.1169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e2518eba9 code=0x7ffc0000
[  898.262730][   T30] audit: type=1326 audit(1757740078.847:178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10289 comm="syz.4.1169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e2518eba9 code=0x7ffc0000
[  898.287598][   T30] audit: type=1326 audit(1757740078.847:179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10289 comm="syz.4.1169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=293 compat=0 ip=0x7f7e2518eba9 code=0x7ffc0000
[  898.311018][   T30] audit: type=1326 audit(1757740078.847:180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10289 comm="syz.4.1169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e2518eba9 code=0x7ffc0000
[  898.621303][T10295] loop3: detected capacity change from 0 to 512
[  898.684920][T10295] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  898.806139][T10295] EXT4-fs (loop3): 1 truncate cleaned up
[  898.814304][T10295] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  898.944649][T10295] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  899.229668][T10121] 8021q: adding VLAN 0 to HW filter on device batadv0
[  899.530276][   T11] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  899.747749][   T11] usb 5-1: Using ep0 maxpacket: 16
[  899.830164][   T11] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  899.840804][   T11] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  900.017469][   T11] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  900.028418][   T11] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  900.039401][   T11] usb 5-1: Product: syz
[  900.045080][   T11] usb 5-1: Manufacturer: syz
[  900.049969][   T11] usb 5-1: SerialNumber: syz
[  900.890745][   T11] usb 5-1: 0:2 : does not exist
[  900.941498][   T11] usb 5-1: 5:0: failed to get current value for ch 0 (-22)
[  901.038173][   T11] usb 5-1: USB disconnect, device number 3
[  901.257799][T10314] loop6: detected capacity change from 0 to 2048
[  901.387449][T10314] EXT4-fs (loop6): mounted filesystem 00000800-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  901.449995][T10321] loop4: detected capacity change from 0 to 128
[  901.623406][T10314] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  901.711428][T10324] syz.4.1177: attempt to access beyond end of device
[  901.711428][T10324] loop4: rw=0, sector=121, nr_sectors = 120 limit=128
[  901.751962][T10314] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 15 with error 28
[  901.765287][T10314] EXT4-fs (loop6): This should not happen!! Data will be lost
[  901.765287][T10314] 
[  901.775331][T10314] EXT4-fs (loop6): Total free blocks count 0
[  901.781542][T10314] EXT4-fs (loop6): Free/Dirty block details
[  901.790692][T10314] EXT4-fs (loop6): free_blocks=2415919104
[  901.797835][T10314] EXT4-fs (loop6): dirty_blocks=16
[  901.803231][T10314] EXT4-fs (loop6): Block reservation details
[  901.809804][T10314] EXT4-fs (loop6): i_reserved_data_blocks=1
[  901.985365][ T9236] EXT4-fs (loop6): unmounting filesystem 00000800-0000-0000-0000-000000000000.
[  902.153540][T10121] veth0_vlan: entered promiscuous mode
[  902.230943][ T3780] kworker/u8:10: attempt to access beyond end of device
[  902.230943][ T3780] loop4: rw=1, sector=241, nr_sectors = 800 limit=128
[  902.288983][T10121] veth1_vlan: entered promiscuous mode
[  902.567637][T10121] veth0_macvtap: entered promiscuous mode
[  902.606677][T10121] veth1_macvtap: entered promiscuous mode
[  902.729676][T10121] batman_adv: batadv0: Interface activated: batadv_slave_0
[  902.787595][ T9782] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[  902.829402][T10121] batman_adv: batadv0: Interface activated: batadv_slave_1
[  902.886718][   T53] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  902.895746][   T53] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  902.980188][   T53] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  902.995355][ T9782] usb 7-1: Using ep0 maxpacket: 8
[  903.036818][ T9782] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  903.048583][ T9782] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  903.062133][ T9782] usb 7-1: New USB device found, idVendor=06cb, idProduct=81a7, bcdDevice= 0.00
[  903.071608][ T9782] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  903.294974][ T9782] usb 7-1: config 0 descriptor??
[  903.673552][   T53] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  904.721456][ T9782] hid-rmi 0003:06CB:81A7.000D: unknown main item tag 0x1
[  904.729042][ T9782] hid-rmi 0003:06CB:81A7.000D: unknown main item tag 0x0
[  904.736549][ T9782] hid-rmi 0003:06CB:81A7.000D: unknown main item tag 0x0
[  904.746918][ T9782] hid-rmi 0003:06CB:81A7.000D: unknown main item tag 0x2
[  904.754286][ T9782] hid-rmi 0003:06CB:81A7.000D: unknown main item tag 0x0
[  904.762578][ T9782] hid-rmi 0003:06CB:81A7.000D: unknown main item tag 0x0
[  905.228099][ T4180] netdevsim netdevsim9 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  905.582971][ T4180] netdevsim netdevsim9 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  905.796003][ T9782] hid-rmi 0003:06CB:81A7.000D: hidraw0: USB HID v0.00 Device [HID 06cb:81a7] on usb-dummy_hcd.6-1/input0
[  905.813142][ T9782] usb 7-1: USB disconnect, device number 6
[  906.011485][ T4180] team0: Port device netdevsim1 removed
[  906.026495][ T4180] netdevsim netdevsim9 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  906.304661][ T4180] netdevsim netdevsim9 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  907.319079][ T4180] bridge_slave_1: left allmulticast mode
[  907.325948][ T4180] bridge_slave_1: left promiscuous mode
[  907.332472][ T4180] bridge0: port 2(bridge_slave_1) entered disabled state
[  907.425804][ T4180] bridge_slave_0: left allmulticast mode
[  907.433608][ T4180] bridge_slave_0: left promiscuous mode
[  907.441559][ T4180] bridge0: port 1(bridge_slave_0) entered disabled state
[  907.708294][ T2232] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  907.941629][ T2232] usb 5-1: Using ep0 maxpacket: 16
[  907.990128][ T2232] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  908.000992][ T2232] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  908.120306][ T2232] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  908.130161][ T2232] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  908.140115][ T2232] usb 5-1: Product: syz
[  908.144461][ T2232] usb 5-1: Manufacturer: syz
[  908.149906][ T2232] usb 5-1: SerialNumber: syz
[  908.412529][T10361] loop6: detected capacity change from 0 to 2048
[  908.532082][ T2232] usb 5-1: 0:2 : does not exist
[  908.613524][T10361] EXT4-fs (loop6): mounted filesystem 00000800-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  908.641848][ T2232] usb 5-1: 5:0: failed to get current value for ch 0 (-22)
[  908.733539][T10358] loop3: detected capacity change from 0 to 8192
[  909.257512][T10361] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  909.372388][T10361] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 15 with error 28
[  909.385591][T10361] EXT4-fs (loop6): This should not happen!! Data will be lost
[  909.385591][T10361] 
[  909.395742][T10361] EXT4-fs (loop6): Total free blocks count 0
[  909.402099][T10361] EXT4-fs (loop6): Free/Dirty block details
[  909.408350][T10361] EXT4-fs (loop6): free_blocks=2415919104
[  909.414339][T10361] EXT4-fs (loop6): dirty_blocks=16
[  909.419845][T10361] EXT4-fs (loop6): Block reservation details
[  909.426085][T10361] EXT4-fs (loop6): i_reserved_data_blocks=1
[  909.790142][T10369] loop8: detected capacity change from 0 to 128
[  909.805878][ T4180] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  909.837331][   T30] kauditd_printk_skb: 14 callbacks suppressed
[  909.837412][   T30] audit: type=1800 audit(1757740089.810:195): pid=10369 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.8.1190" name="file1" dev="loop8" ino=1048700 res=0 errno=0
[  910.219144][T10371] syz.8.1190: attempt to access beyond end of device
[  910.219144][T10371] loop8: rw=0, sector=121, nr_sectors = 120 limit=128
[  910.514222][   T14] kworker/u8:1: attempt to access beyond end of device
[  910.514222][   T14] loop8: rw=1, sector=241, nr_sectors = 800 limit=128
[  910.557842][ T9236] EXT4-fs (loop6): unmounting filesystem 00000800-0000-0000-0000-000000000000.
[  910.571776][ T4180] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  910.624972][ T4180] bond0 (unregistering): Released all slaves
[  910.725471][ T2232] usb 5-1: USB disconnect, device number 4
[  910.798466][T10366] veth3: entered promiscuous mode
[  910.803805][T10366] veth3: entered allmulticast mode
[  911.758747][ T4180] hsr_slave_0: left promiscuous mode
[  911.792196][ T4180] hsr_slave_1: left promiscuous mode
[  911.800333][ T4180] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  911.808558][ T4180] batman_adv: batadv0: Removing interface: batadv_slave_0
[  911.871233][ T4180] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  911.880037][ T4180] batman_adv: batadv0: Removing interface: batadv_slave_1
[  912.004960][ T4180] veth1_macvtap: left promiscuous mode
[  912.011508][ T4180] veth0_macvtap: left promiscuous mode
[  912.017561][ T4180] veth1_vlan: left promiscuous mode
[  912.023092][ T4180] veth0_vlan: left promiscuous mode
[  913.294854][   T30] audit: type=1326 audit(1757740093.009:196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10391 comm="syz.8.1197" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f9a43b8eba9 code=0x0
[  914.676086][ T4180] team0 (unregistering): Port device team_slave_1 removed
[  914.810697][ T4180] team0 (unregistering): Port device team_slave_0 removed
[  916.334391][T10408] loop8: detected capacity change from 0 to 2048
[  916.421012][T10341] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  916.491369][T10408] EXT4-fs (loop8): mounted filesystem 00000800-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  916.614568][T10341] usb 5-1: Using ep0 maxpacket: 16
[  916.640447][T10341] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  916.651001][T10341] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  916.693285][T10341] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  916.702904][T10341] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  916.711625][T10341] usb 5-1: Product: syz
[  916.717001][T10341] usb 5-1: Manufacturer: syz
[  916.721955][T10341] usb 5-1: SerialNumber: syz
[  916.729882][T10408] EXT4-fs error (device loop8): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  916.769024][T10408] EXT4-fs (loop8): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 15 with error 28
[  916.782605][T10408] EXT4-fs (loop8): This should not happen!! Data will be lost
[  916.782605][T10408] 
[  916.792716][T10408] EXT4-fs (loop8): Total free blocks count 0
[  916.799086][T10408] EXT4-fs (loop8): Free/Dirty block details
[  916.805450][T10408] EXT4-fs (loop8): free_blocks=2415919104
[  916.811433][T10408] EXT4-fs (loop8): dirty_blocks=16
[  916.816889][T10408] EXT4-fs (loop8): Block reservation details
[  916.823041][T10408] EXT4-fs (loop8): i_reserved_data_blocks=1
[  917.030077][T10341] usb 5-1: 0:2 : does not exist
[  917.056918][T10341] usb 5-1: 5:0: failed to get current value for ch 0 (-22)
[  917.113915][T10416] loop3: detected capacity change from 0 to 128
[  917.140275][T10341] usb 5-1: USB disconnect, device number 5
[  917.189464][ T7862] EXT4-fs (loop8): unmounting filesystem 00000800-0000-0000-0000-000000000000.
[  917.198883][   T30] audit: type=1800 audit(1757740096.685:197): pid=10416 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1202" name="file1" dev="loop3" ino=1048701 res=0 errno=0
[  917.599178][T10424] loop8: detected capacity change from 0 to 256
[  917.673973][T10424] exfat: Deprecated parameter 'utf8'
[  917.679812][T10424] exfat: Deprecated parameter 'namecase'
[  917.686499][T10424] exfat: Deprecated parameter 'namecase'
[  917.692406][T10424] exfat: Deprecated parameter 'utf8'
[  917.933660][T10424] exFAT-fs (loop8): failed to load upcase table (idx : 0x00012153, chksum : 0x5270ca8d, utbl_chksum : 0xe619d30d)
[  918.228331][T10429] exFAT-fs (loop8): start_clu is invalid cluster(0x400)
[  920.613969][ T4136] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  920.622583][ T4136] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  920.977232][ T1287] ieee802154 phy0 wpan0: encryption failed: -22
[  920.983842][ T1287] ieee802154 phy1 wpan1: encryption failed: -22
[  922.332115][ T3780] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  922.340595][ T3780] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  922.963818][T10450] loop4: detected capacity change from 0 to 2048
[  923.233690][T10450] EXT4-fs (loop4): mounted filesystem 00000800-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  923.490138][T10450] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  923.593855][T10450] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 15 with error 28
[  923.606741][T10450] EXT4-fs (loop4): This should not happen!! Data will be lost
[  923.606741][T10450] 
[  923.616772][T10450] EXT4-fs (loop4): Total free blocks count 0
[  923.623120][T10450] EXT4-fs (loop4): Free/Dirty block details
[  923.629550][T10450] EXT4-fs (loop4): free_blocks=2415919104
[  923.635452][T10450] EXT4-fs (loop4): dirty_blocks=16
[  923.641104][T10450] EXT4-fs (loop4): Block reservation details
[  923.647591][T10450] EXT4-fs (loop4): i_reserved_data_blocks=1
[  924.196487][T10341] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  924.344189][ T9772] EXT4-fs (loop4): unmounting filesystem 00000800-0000-0000-0000-000000000000.
[  924.438707][T10341] usb 4-1: Using ep0 maxpacket: 16
[  924.481713][T10341] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  924.493101][T10341] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  924.589876][T10341] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  924.600477][T10341] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  924.608725][T10341] usb 4-1: Product: syz
[  924.613337][T10341] usb 4-1: Manufacturer: syz
[  924.618105][T10341] usb 4-1: SerialNumber: syz
[  925.005694][T10341] usb 4-1: 0:2 : does not exist
[  925.118981][T10341] usb 4-1: 5:0: failed to get current value for ch 0 (-22)
[  925.337661][T10341] usb 4-1: USB disconnect, device number 6
[  926.300311][T10475] tipc: Started in network mode
[  926.308682][T10475] tipc: Node identity aaaaaaaaaa32, cluster identity 4711
[  926.319705][T10475] tipc: Enabled bearer <eth:vlan0>, priority 10
[  927.105623][   T30] audit: type=1326 audit(1757740105.843:198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10479 comm="syz.4.1222" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e2518eba9 code=0x7ffc0000
[  927.128922][   T30] audit: type=1326 audit(1757740105.852:199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10479 comm="syz.4.1222" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7f7e2518eba9 code=0x7ffc0000
[  927.151631][   T30] audit: type=1326 audit(1757740105.852:200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10479 comm="syz.4.1222" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e2518eba9 code=0x7ffc0000
[  927.174604][   T30] audit: type=1326 audit(1757740105.871:201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10479 comm="syz.4.1222" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e2518eba9 code=0x7ffc0000
[  927.199790][   T30] audit: type=1326 audit(1757740105.871:202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10479 comm="syz.4.1222" exe="/root/syz-executor" sig=0 arch=c000003e syscall=326 compat=0 ip=0x7f7e2518eba9 code=0x7ffc0000
[  927.223436][   T30] audit: type=1326 audit(1757740105.871:203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10479 comm="syz.4.1222" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e2518eba9 code=0x7ffc0000
[  927.246388][   T30] audit: type=1326 audit(1757740105.880:204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10479 comm="syz.4.1222" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e2518eba9 code=0x7ffc0000
[  927.743776][ T2232] tipc: Node number set to 10005162
[  928.347904][T10491] loop4: detected capacity change from 0 to 2048
[  928.512701][T10491] EXT4-fs (loop4): mounted filesystem 00000800-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  928.657579][T10491] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  928.679448][T10502] netlink: 'syz.3.1230': attribute type 10 has an invalid length.
[  928.688261][T10502] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1230'.
[  928.706390][T10502] team0: Port device netdevsim1 added
[  928.723212][T10491] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 15 with error 28
[  928.736370][T10491] EXT4-fs (loop4): This should not happen!! Data will be lost
[  928.736370][T10491] 
[  928.746214][T10491] EXT4-fs (loop4): Total free blocks count 0
[  928.752824][T10491] EXT4-fs (loop4): Free/Dirty block details
[  928.759083][T10491] EXT4-fs (loop4): free_blocks=2415919104
[  928.765169][T10491] EXT4-fs (loop4): dirty_blocks=16
[  928.770684][T10491] EXT4-fs (loop4): Block reservation details
[  928.776825][T10491] EXT4-fs (loop4): i_reserved_data_blocks=1
[  928.875476][ T2232] usb 7-1: new high-speed USB device number 7 using dummy_hcd
[  928.940109][ T9772] EXT4-fs (loop4): unmounting filesystem 00000800-0000-0000-0000-000000000000.
[  929.068689][ T2232] usb 7-1: Using ep0 maxpacket: 16
[  929.101477][ T2232] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  929.112396][ T2232] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 3
[  929.148465][ T2232] usb 7-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  929.162179][ T2232] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  929.172629][ T2232] usb 7-1: Product: syz
[  929.177270][ T2232] usb 7-1: Manufacturer: syz
[  929.182048][ T2232] usb 7-1: SerialNumber: syz
[  929.476690][ T2232] usb 7-1: 0:2 : does not exist
[  929.548795][ T2232] usb 7-1: 5:0: failed to get current value for ch 0 (-22)
[  929.638388][T10517] loop4: detected capacity change from 0 to 256
[  929.643421][ T2232] usb 7-1: USB disconnect, device number 7
[  929.666812][   T30] audit: type=1326 audit(1757740108.349:205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10518 comm="syz.8.1239" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a43b8eba9 code=0x7ffc0000
[  929.690504][   T30] audit: type=1326 audit(1757740108.349:206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10518 comm="syz.8.1239" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a43b8eba9 code=0x7ffc0000
[  929.790181][T10517] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xb5f96684, utbl_chksum : 0xe619d30d)
[  929.816301][   T30] audit: type=1326 audit(1757740108.406:207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10518 comm="syz.8.1239" exe="/root/syz-executor" sig=0 arch=c000003e syscall=63 compat=0 ip=0x7f9a43b8eba9 code=0x7ffc0000
[  929.871453][T10521] fuse: Bad value for 'fd'
[  930.461548][T10532] netlink: 'syz.6.1245': attribute type 10 has an invalid length.
[  930.472854][T10532] netlink: 40 bytes leftover after parsing attributes in process `syz.6.1245'.
[  930.569599][T10532] team0: Port device netdevsim1 added
[  933.366038][T10341] usb 9-1: new high-speed USB device number 10 using dummy_hcd
[  933.579759][T10341] usb 9-1: Using ep0 maxpacket: 16
[  933.633534][T10341] usb 9-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  933.645238][T10341] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 3
[  933.769848][T10341] usb 9-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  933.779721][T10341] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  933.789080][T10341] usb 9-1: Product: syz
[  933.794304][T10341] usb 9-1: Manufacturer: syz
[  933.799136][T10341] usb 9-1: SerialNumber: syz
[  934.150198][T10341] usb 9-1: 0:2 : does not exist
[  934.247189][T10341] usb 9-1: 5:0: failed to get current value for ch 0 (-22)
[  934.345520][T10341] usb 9-1: USB disconnect, device number 10
[  934.366321][T10569] netlink: 'syz.4.1260': attribute type 10 has an invalid length.
[  934.374811][T10569] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1260'.
[  934.489016][T10569] team0: Failed to send port change of device netdevsim1 via netlink (err -105)
[  934.499392][T10569] team0: Failed to send options change via netlink (err -105)
[  934.507136][T10569] team0: Port device netdevsim1 added
[  934.531818][ T4053] team0: Failed to send port change of device netdevsim1 via netlink (err -105)
[  935.030617][T10579] loop4: detected capacity change from 0 to 512
[  935.144495][T10579] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  935.161850][T10579] ext4 filesystem being mounted at /43/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  935.494215][ T9772] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  936.274242][T10601] netlink: 'syz.8.1274': attribute type 10 has an invalid length.
[  936.282274][T10601] netlink: 40 bytes leftover after parsing attributes in process `syz.8.1274'.
[  936.332051][T10604] loop6: detected capacity change from 0 to 128
[  936.701017][ T2232] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  936.914137][ T2232] usb 4-1: Using ep0 maxpacket: 16
[  936.931088][T10613] netlink: 36 bytes leftover after parsing attributes in process `syz.8.1280'.
[  936.951829][ T2232] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  936.962430][ T2232] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  936.992146][T10612] loop6: detected capacity change from 0 to 512
[  937.018065][ T2232] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  937.028096][ T2232] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  937.038845][ T2232] usb 4-1: Product: syz
[  937.044351][ T2232] usb 4-1: Manufacturer: syz
[  937.049147][ T2232] usb 4-1: SerialNumber: syz
[  937.146093][T10612] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  937.159408][T10612] ext4 filesystem being mounted at /91/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  937.273725][T10612] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  937.295363][ T2232] usb 4-1: 0:2 : does not exist
[  937.354044][ T2232] usb 4-1: 5:0: failed to get current value for ch 0 (-22)
[  937.483752][ T2232] usb 4-1: USB disconnect, device number 7
[  938.720448][T10629] loop6: detected capacity change from 0 to 2048
[  938.843168][T10629] EXT4-fs (loop6): mounted filesystem 00000800-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  938.861805][T10632] netlink: 'syz.8.1288': attribute type 10 has an invalid length.
[  938.869834][T10632] netlink: 40 bytes leftover after parsing attributes in process `syz.8.1288'.
[  938.949485][T10637] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  938.994857][   T30] kauditd_printk_skb: 21 callbacks suppressed
[  938.994935][   T30] audit: type=1800 audit(1757740117.077:229): pid=10638 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.1287" name="file1" dev="loop6" ino=15 res=0 errno=0
[  939.291711][ T9236] EXT4-fs (loop6): unmounting filesystem 00000800-0000-0000-0000-000000000000.
[  939.317718][T10639] netlink: 9 bytes leftover after parsing attributes in process `syz.3.1289'.
[  939.335461][T10639] gretap0: entered promiscuous mode
[  939.443999][T10639] netlink: 5 bytes leftover after parsing attributes in process `syz.3.1289'.
[  939.453882][T10639] 0ªX¹¦D: renamed from gretap0
[  939.539057][T10639] 0ªX¹¦D: left promiscuous mode
[  939.544524][T10639] 0ªX¹¦D: entered allmulticast mode
[  939.557764][T10639] A link change request failed with some changes committed already. Interface 
30ªX¹¦D may have been left with an inconsistent configuration, please check.
[  939.858856][ T4223] Bluetooth: hci0: Frame reassembly failed (-84)
[  939.925435][T10646] loop8: detected capacity change from 0 to 512
[  939.999622][T10646] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  940.013589][T10646] ext4 filesystem being mounted at /192/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  940.144697][T10646] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  940.181218][T10653] netlink: 'syz.4.1293': attribute type 29 has an invalid length.
[  940.209814][T10653] netlink: 'syz.4.1293': attribute type 29 has an invalid length.
[  940.955770][ T2232] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  941.080589][T10665] netlink: 'syz.4.1300': attribute type 10 has an invalid length.
[  941.095931][T10665] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1300'.
[  941.165497][ T2232] usb 4-1: Using ep0 maxpacket: 16
[  941.195708][ T2232] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  941.206585][ T2232] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  941.261989][ T2232] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  941.271479][ T2232] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  941.280041][ T2232] usb 4-1: Product: syz
[  941.284550][ T2232] usb 4-1: Manufacturer: syz
[  941.289405][ T2232] usb 4-1: SerialNumber: syz
[  941.434982][T10668] loop7: detected capacity change from 0 to 2048
[  941.469667][T10668] /dev/loop7: Can't open blockdev
[  941.589736][ T2232] usb 4-1: 0:2 : does not exist
[  941.637007][ T2232] usb 4-1: 5:0: failed to get current value for ch 0 (-22)
[  941.717545][ T2232] usb 4-1: USB disconnect, device number 8
[  941.798443][T10672] loop8: detected capacity change from 0 to 4096
[  941.876493][T10672] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  941.982005][ T5817] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  942.637731][T10685] netlink: 'syz.3.1307': attribute type 29 has an invalid length.
[  942.686203][T10685] netlink: 'syz.3.1307': attribute type 29 has an invalid length.
[  942.989794][T10687] loop6: detected capacity change from 0 to 1024
[  943.112396][T10687] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  943.125673][T10687] ext4 filesystem being mounted at /97/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  943.336965][T10692] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1310'.
[  943.480688][T10695] loop7: detected capacity change from 0 to 256
[  943.635817][T10695] exFAT-fs (loop7): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[  943.975918][ T3780] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm kworker/u8:10: bg 0: block 393: padding at end of block bitmap is not set
[  944.050103][ T3780] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 880 with error 117
[  944.063305][ T3780] EXT4-fs (loop6): This should not happen!! Data will be lost
[  944.063305][ T3780] 
[  944.218174][ T4180] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 2050 with max blocks 1 with error 28
[  944.231307][ T4180] EXT4-fs (loop6): This should not happen!! Data will be lost
[  944.231307][ T4180] 
[  944.241540][ T4180] EXT4-fs (loop6): Total free blocks count 0
[  944.247816][ T4180] EXT4-fs (loop6): Free/Dirty block details
[  944.254044][ T4180] EXT4-fs (loop6): free_blocks=0
[  944.260406][ T4180] EXT4-fs (loop6): dirty_blocks=16
[  944.265702][ T4180] EXT4-fs (loop6): Block reservation details
[  945.061993][ T5110] Bluetooth: hci3: command 0x0406 tx timeout
[  945.190991][ T7862] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  945.303823][T10704] loop3: detected capacity change from 0 to 2048
[  945.430177][T10704] EXT4-fs (loop3): mounted filesystem 00000800-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  945.514650][   T30] audit: type=1800 audit(1757740123.166:230): pid=10704 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1314" name="file1" dev="loop3" ino=15 res=0 errno=0
[  946.813140][ T9008] EXT4-fs (loop3): unmounting filesystem 00000800-0000-0000-0000-000000000000.
[  949.264480][T10725] loop4: detected capacity change from 0 to 1024
[  949.273861][T10725] EXT4-fs: Ignoring removed orlov option
[  949.418311][T10725] EXT4-fs (loop4): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  949.431270][T10725] ext4 filesystem being mounted at /51/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  949.635162][   T11] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  949.683023][T10725] EXT4-fs error (device loop4): ext4_map_blocks:814: inode #15: comm syz.4.1321: lblock 0 mapped to illegal pblock 0 (length 1)
[  949.753013][T10725] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 117
[  949.766140][T10725] EXT4-fs (loop4): This should not happen!! Data will be lost
[  949.766140][T10725] 
[  950.194455][ T9772] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  950.626023][T10731] loop4: detected capacity change from 0 to 512
[  950.781847][T10731] EXT4-fs error (device loop4): ext4_orphan_get:1392: inode #15: comm syz.4.1322: casefold flag without casefold feature
[  950.875148][T10731] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.1322: couldn't read orphan inode 15 (err -117)
[  950.938406][T10731] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  953.885775][   T30] audit: type=1804 audit(1757740129.218:231): pid=10737 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.1322" name="/newroot/52/file0/bus" dev="loop4" ino=18 res=1 errno=0
[  953.908979][   T30] audit: type=1800 audit(1757740129.228:232): pid=10737 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1322" name="bus" dev="loop4" ino=18 res=0 errno=0
[  954.013217][ T9772] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  954.444829][T10743] kvm: pic: non byte read
[  954.451784][T10743] kvm: pic: level sensitive irq not supported
[  954.452080][T10743] kvm: pic: non byte read
[  954.469134][T10743] kvm: pic: level sensitive irq not supported
[  954.469436][T10743] kvm: pic: non byte read
[  954.713391][ T4223] Bluetooth: hci0: Frame reassembly failed (-84)
[  956.777882][ T5817] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  957.373818][T10754] loop6: detected capacity change from 0 to 2048
[  957.586143][T10754] EXT4-fs (loop6): mounted filesystem 00000800-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  957.815419][   T30] audit: type=1800 audit(1757740134.587:233): pid=10754 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.1328" name="file1" dev="loop6" ino=15 res=0 errno=0
[  958.100857][ T9236] EXT4-fs (loop6): unmounting filesystem 00000800-0000-0000-0000-000000000000.
[  958.223973][T10765] input: syz1 as /devices/virtual/input/input16
[  960.117905][   T11] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  960.170334][T10767] input: syz1 as /devices/virtual/input/input17
[  960.359323][   T11] usb 4-1: Using ep0 maxpacket: 16
[  960.419468][   T11] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  960.429968][   T11] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  960.472670][   T11] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  960.482172][   T11] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  960.490507][   T11] usb 4-1: Product: syz
[  960.494848][   T11] usb 4-1: Manufacturer: syz
[  960.500190][   T11] usb 4-1: SerialNumber: syz
[  960.818897][   T11] usb 4-1: 0:2 : does not exist
[  960.874761][   T11] usb 4-1: 5:0: failed to get current value for ch 0 (-22)
[  960.989882][   T11] usb 4-1: USB disconnect, device number 9
[  961.253437][ T5110] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  961.266495][ T5110] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  961.279166][ T5110] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  961.298059][ T5110] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  961.327747][ T5110] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  961.423008][T10782] loop6: detected capacity change from 0 to 256
[  962.024124][T10782] FAT-fs (loop6): Directory bread(block 64) failed
[  962.031174][T10782] FAT-fs (loop6): Directory bread(block 65) failed
[  962.038431][T10782] FAT-fs (loop6): Directory bread(block 66) failed
[  962.045263][T10782] FAT-fs (loop6): Directory bread(block 67) failed
[  962.052452][T10782] FAT-fs (loop6): Directory bread(block 68) failed
[  962.059608][T10782] FAT-fs (loop6): Directory bread(block 69) failed
[  962.066469][T10782] FAT-fs (loop6): Directory bread(block 70) failed
[  962.073560][T10782] FAT-fs (loop6): Directory bread(block 71) failed
[  962.080656][T10782] FAT-fs (loop6): Directory bread(block 72) failed
[  962.087479][T10782] FAT-fs (loop6): Directory bread(block 73) failed
[  962.187997][T10779] chnl_net:caif_netlink_parms(): no params data found
[  962.938711][T10798] loop3: detected capacity change from 0 to 2048
[  963.109087][T10798] EXT4-fs (loop3): mounted filesystem 00000800-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  963.126005][T10807] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  963.172725][T10801] input: syz1 as /devices/virtual/input/input18
[  963.311185][T10808] loop6: detected capacity change from 0 to 256
[  963.467460][T10808] exFAT-fs (loop6): failed to load upcase table (idx : 0x00011bf5, chksum : 0xdfba1b89, utbl_chksum : 0xe619d30d)
[  963.481463][T10808] exFAT-fs (loop6): bogus allocation bitmap size(need : 2, cur : 17179869186)
[  963.601139][ T9008] EXT4-fs (loop3): unmounting filesystem 00000800-0000-0000-0000-000000000000.
[  963.619854][ T5817] Bluetooth: hci0: command tx timeout
[  963.746930][T10779] bridge0: port 1(bridge_slave_0) entered blocking state
[  963.754855][T10779] bridge0: port 1(bridge_slave_0) entered disabled state
[  963.764743][T10779] bridge_slave_0: entered allmulticast mode
[  963.774369][T10779] bridge_slave_0: entered promiscuous mode
[  963.890834][T10779] bridge0: port 2(bridge_slave_1) entered blocking state
[  963.898671][T10779] bridge0: port 2(bridge_slave_1) entered disabled state
[  963.906401][T10779] bridge_slave_1: entered allmulticast mode
[  963.916711][T10779] bridge_slave_1: entered promiscuous mode
[  964.281966][T10779] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  964.326554][T10341] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  964.436219][T10779] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  964.551321][T10341] usb 5-1: Using ep0 maxpacket: 16
[  964.572869][T10341] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  964.583743][T10341] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  964.683348][T10341] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  964.687772][T10818] loop3: detected capacity change from 0 to 512
[  964.692971][T10341] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  964.708446][T10341] usb 5-1: Product: syz
[  964.713188][T10341] usb 5-1: Manufacturer: syz
[  964.717966][T10341] usb 5-1: SerialNumber: syz
[  964.772852][T10779] team0: Port device team_slave_0 added
[  964.802733][T10779] team0: Port device team_slave_1 added
[  964.878008][T10818] EXT4-fs error (device loop3): ext4_orphan_get:1392: inode #15: comm syz.3.1349: casefold flag without casefold feature
[  965.009011][T10818] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.1349: couldn't read orphan inode 15 (err -117)
[  965.051254][T10341] usb 5-1: 0:2 : does not exist
[  965.077895][T10818] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  965.078744][T10341] usb 5-1: 5:0: failed to get current value for ch 0 (-22)
[  965.140343][T10779] batman_adv: batadv0: Adding interface: batadv_slave_0
[  965.148964][T10779] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  965.176337][T10779] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  965.258598][T10341] usb 5-1: USB disconnect, device number 7
[  965.272954][T10779] batman_adv: batadv0: Adding interface: batadv_slave_1
[  965.281309][T10779] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  965.308316][T10779] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  965.626567][T10816] loop6: detected capacity change from 0 to 8192
[  965.820615][T10779] hsr_slave_0: entered promiscuous mode
[  965.832883][T10779] hsr_slave_1: entered promiscuous mode
[  965.841573][T10779] debugfs: 'hsr0' already exists in 'hsr'
[  965.849172][T10779] Cannot create hsr debugfs directory
[  965.858722][ T5817] Bluetooth: hci0: command tx timeout
[  966.952486][T10828] loop6: detected capacity change from 0 to 1024
[  967.044922][T10828] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  967.233605][T10828] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 1305 free clusters
[  967.315695][T10828] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  967.328745][T10828] EXT4-fs (loop6): This should not happen!! Data will be lost
[  967.328745][T10828] 
[  967.338825][T10828] EXT4-fs (loop6): Total free blocks count 0
[  967.345504][T10828] EXT4-fs (loop6): Free/Dirty block details
[  967.351702][T10828] EXT4-fs (loop6): free_blocks=20480
[  967.360028][T10828] EXT4-fs (loop6): dirty_blocks=16
[  967.366303][T10828] EXT4-fs (loop6): Block reservation details
[  967.372718][T10828] EXT4-fs (loop6): i_reserved_data_blocks=1
[  967.452789][T10834] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 319 with max blocks 1 with error 28
[  968.067135][ T5817] Bluetooth: hci0: command tx timeout
[  968.707726][T10779] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  968.749149][T10841] input: syz1 as /devices/virtual/input/input19
[  968.817521][T10779] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  968.872433][T10779] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  968.942121][T10779] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  969.025512][T10843] loop6: detected capacity change from 0 to 2048
[  969.084563][T10843] EXT4-fs (loop6): mounted filesystem 00000800-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  969.512691][ T9008] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  969.564713][ T9236] EXT4-fs (loop6): unmounting filesystem 00000800-0000-0000-0000-000000000000.
[  969.719956][T10779] 8021q: adding VLAN 0 to HW filter on device bond0
[  969.898465][T10779] 8021q: adding VLAN 0 to HW filter on device team0
[  969.988152][ T4136] bridge0: port 1(bridge_slave_0) entered blocking state
[  969.995775][ T4136] bridge0: port 1(bridge_slave_0) entered forwarding state
[  970.098873][ T4136] bridge0: port 2(bridge_slave_1) entered blocking state
[  970.106370][ T4136] bridge0: port 2(bridge_slave_1) entered forwarding state
[  970.292046][ T5817] Bluetooth: hci0: command tx timeout
[  970.444292][T10341] usb 7-1: new high-speed USB device number 8 using dummy_hcd
[  970.654351][T10341] usb 7-1: Using ep0 maxpacket: 16
[  970.675757][T10341] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  970.687846][T10341] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 3
[  970.753738][T10341] usb 7-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  970.764973][T10341] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  970.773415][T10341] usb 7-1: Product: syz
[  970.777907][T10341] usb 7-1: Manufacturer: syz
[  970.783489][T10341] usb 7-1: SerialNumber: syz
[  970.837279][T10859] pim6reg1: entered promiscuous mode
[  970.842843][T10859] pim6reg1: entered allmulticast mode
[  971.030078][ T2232] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  971.143628][T10341] usb 7-1: 0:2 : does not exist
[  971.211450][T10341] usb 7-1: 5:0: failed to get current value for ch 0 (-22)
[  971.227500][ T2232] usb 4-1: device descriptor read/64, error -71
[  971.341161][T10341] usb 7-1: USB disconnect, device number 8
[  971.498675][ T2232] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[  971.680925][ T2232] usb 4-1: device descriptor read/64, error -71
[  971.830869][ T2232] usb usb4-port1: attempt power cycle
[  971.834338][T10779] 8021q: adding VLAN 0 to HW filter on device batadv0
[  972.246826][ T2232] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[  972.256920][T10779] veth0_vlan: entered promiscuous mode
[  972.296662][ T2232] usb 4-1: device descriptor read/8, error -71
[  972.377656][T10779] veth1_vlan: entered promiscuous mode
[  972.386010][   T11] usb 7-1: new high-speed USB device number 9 using dummy_hcd
[  972.569244][ T2232] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[  972.592157][T10779] veth0_macvtap: entered promiscuous mode
[  972.613518][   T11] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  972.625668][   T11] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  972.635898][   T11] usb 7-1: New USB device found, idVendor=1e7d, idProduct=30d4, bcdDevice= 0.00
[  972.645358][   T11] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  972.669658][T10779] veth1_macvtap: entered promiscuous mode
[  972.689777][ T2232] usb 4-1: device descriptor read/8, error -71
[  972.773144][   T11] usb 7-1: config 0 descriptor??
[  972.822979][ T2232] usb usb4-port1: unable to enumerate USB device
[  972.890126][T10779] batman_adv: batadv0: Interface activated: batadv_slave_0
[  972.978985][T10779] batman_adv: batadv0: Interface activated: batadv_slave_1
[  973.081524][   T14] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  973.126374][   T14] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  973.175992][   T14] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  973.212194][   T14] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  973.299910][   T11] arvo 0003:1E7D:30D4.000E: hidraw0: USB HID v0.00 Device [HID 1e7d:30d4] on usb-dummy_hcd.6-1/input0
[  973.720184][T10341] usb 7-1: USB disconnect, device number 9
[  974.548619][T10880] input: syz1 as /devices/virtual/input/input20
[  974.689700][T10883] loop6: detected capacity change from 0 to 512
[  974.951077][T10883] EXT4-fs error (device loop6): ext4_orphan_get:1392: inode #15: comm syz.6.1367: casefold flag without casefold feature
[  974.967036][T10886] loop3: detected capacity change from 0 to 2048
[  975.016414][T10883] EXT4-fs error (device loop6): ext4_orphan_get:1397: comm syz.6.1367: couldn't read orphan inode 15 (err -117)
[  975.071581][T10883] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  975.162328][T10886] EXT4-fs (loop3): mounted filesystem 00000800-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  977.425261][ T9008] EXT4-fs (loop3): unmounting filesystem 00000800-0000-0000-0000-000000000000.
[  977.487524][T10907] loop4: detected capacity change from 0 to 128
[  977.602706][   T30] audit: type=1800 audit(1757740153.183:234): pid=10907 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1371" name="file1" dev="loop4" ino=1048716 res=0 errno=0
[  978.295013][T10909] syz.4.1371: attempt to access beyond end of device
[  978.295013][T10909] loop4: rw=0, sector=121, nr_sectors = 120 limit=128
[  978.547281][ T9236] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  978.628501][ T4053] kworker/u8:19: attempt to access beyond end of device
[  978.628501][ T4053] loop4: rw=1, sector=241, nr_sectors = 800 limit=128
[  978.828445][T10910] loop3: detected capacity change from 0 to 1024
[  979.281599][T10341] usb 7-1: new high-speed USB device number 10 using dummy_hcd
[  980.104610][T10341] usb 7-1: Using ep0 maxpacket: 16
[  980.892710][T10341] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  980.904704][T10341] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 3
[  980.920031][T10927] loop3: detected capacity change from 0 to 512
[  981.030596][T10341] usb 7-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  981.041443][T10341] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  981.050265][T10341] usb 7-1: Product: syz
[  981.054604][T10341] usb 7-1: Manufacturer: syz
[  981.059577][T10341] usb 7-1: SerialNumber: syz
[  981.150786][T10927] EXT4-fs error (device loop3): ext4_orphan_get:1392: inode #15: comm syz.3.1377: casefold flag without casefold feature
[  981.266650][T10927] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.1377: couldn't read orphan inode 15 (err -117)
[  981.409529][T10927] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  981.475533][T10341] usb 7-1: 0:2 : does not exist
[  981.584658][T10341] usb 7-1: 5:0: failed to get current value for ch 0 (-22)
[  982.814988][T10341] usb 7-1: USB disconnect, device number 10
[  984.099000][T10939] input: syz1 as /devices/virtual/input/input21
[  984.200683][ T9008] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  984.667669][T10943] loop8: detected capacity change from 0 to 2048
[  984.782842][T10943] EXT4-fs (loop8): mounted filesystem 00000800-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  985.112692][   T30] audit: type=1326 audit(1757740160.217:235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10942 comm="syz.6.1380" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fb1cf18eba9 code=0x0
[  985.139001][T10954] loop4: detected capacity change from 0 to 512
[  985.233189][T10954] EXT4-fs error (device loop4): ext4_orphan_get:1392: inode #15: comm syz.4.1382: casefold flag without casefold feature
[  985.275320][T10958] loop3: detected capacity change from 0 to 128
[  985.285115][T10954] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.1382: couldn't read orphan inode 15 (err -117)
[  985.347561][T10954] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  985.385880][ T7862] EXT4-fs (loop8): unmounting filesystem 00000800-0000-0000-0000-000000000000.
[  985.417422][   T30] audit: type=1800 audit(1757740160.498:236): pid=10958 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1383" name="file1" dev="loop3" ino=1048717 res=0 errno=0
[  985.933280][T10962] syz.3.1383: attempt to access beyond end of device
[  985.933280][T10962] loop3: rw=0, sector=121, nr_sectors = 120 limit=128
[  986.096820][ T4053] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  986.105843][ T4053] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  986.703139][ T1287] ieee802154 phy0 wpan0: encryption failed: -22
[  986.709753][ T1287] ieee802154 phy1 wpan1: encryption failed: -22
[  986.823692][   T14] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  986.832999][   T14] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  987.101038][   T14] kworker/u8:1: attempt to access beyond end of device
[  987.101038][   T14] loop3: rw=1, sector=241, nr_sectors = 800 limit=128
[  989.179462][ T9772] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  989.557224][T10978] loop3: detected capacity change from 0 to 256
[  989.796986][T10978] exFAT-fs (loop3): failed to load upcase table (idx : 0x000106cd, chksum : 0x3aeaf2c0, utbl_chksum : 0xe619d30d)
[  990.068294][T10980] loop6: detected capacity change from 0 to 512
[  990.207355][T10980] EXT4-fs error (device loop6): ext4_orphan_get:1392: inode #15: comm syz.6.1388: casefold flag without casefold feature
[  990.287503][T10980] EXT4-fs error (device loop6): ext4_orphan_get:1397: comm syz.6.1388: couldn't read orphan inode 15 (err -117)
[  990.410933][T10980] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  990.463794][T10341] usb 9-1: new high-speed USB device number 11 using dummy_hcd
[  991.341250][T10341] usb 9-1: Using ep0 maxpacket: 16
[  992.249303][T10341] usb 9-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  992.259857][T10341] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 3
[  992.506625][T10341] usb 9-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  992.517492][T10341] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  992.525803][T10341] usb 9-1: Product: syz
[  992.531389][T10341] usb 9-1: Manufacturer: syz
[  992.539733][T10341] usb 9-1: SerialNumber: syz
[  995.463887][ T9236] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  995.703220][T10341] usb 9-1: can't set config #1, error -71
[  995.886118][T10341] usb 9-1: USB disconnect, device number 11
[  996.350539][T11067] loop3: detected capacity change from 0 to 2048
[  996.402824][T11073] loop8: detected capacity change from 0 to 128
[  996.482565][T11067] EXT4-fs (loop3): mounted filesystem 00000800-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  996.594942][   T30] audit: type=1800 audit(1757740170.956:237): pid=11073 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.8.1395" name="file1" dev="loop8" ino=1048722 res=0 errno=0
[  996.974836][ T9008] EXT4-fs (loop3): unmounting filesystem 00000800-0000-0000-0000-000000000000.
[  996.982745][T11081] loop6: detected capacity change from 0 to 256
[  997.239807][ T4180] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  997.895955][ T4180] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  998.514224][ T4180] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  998.841054][ T4180] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  999.509382][ T4180] bridge_slave_1: left allmulticast mode
[  999.515242][ T4180] bridge_slave_1: left promiscuous mode
[  999.521995][ T4180] bridge0: port 2(bridge_slave_1) entered disabled state
[  999.573670][ T4180] bridge_slave_0: left allmulticast mode
[  999.579526][ T4180] bridge_slave_0: left promiscuous mode
[  999.586759][ T4180] bridge0: port 1(bridge_slave_0) entered disabled state
[  999.926503][T11095] loop8: detected capacity change from 0 to 512
[ 1000.094774][T11095] EXT4-fs error (device loop8): ext4_orphan_get:1392: inode #15: comm syz.8.1402: casefold flag without casefold feature
[ 1000.206603][T11095] EXT4-fs error (device loop8): ext4_orphan_get:1397: comm syz.8.1402: couldn't read orphan inode 15 (err -117)
[ 1000.222148][ T4180] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1000.274296][ T4180] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1000.285758][T11095] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1000.371966][T11105] loop3: detected capacity change from 0 to 256
[ 1000.428741][ T4180] bond0 (unregistering): Released all slaves
[ 1000.582844][T11105] exFAT-fs (loop3): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d)
[ 1000.655928][T11105] exFAT-fs (loop3): error, data size is invalid(10)
[ 1000.727340][T11100] netlink: 'syz.3.1404': attribute type 12 has an invalid length.
[ 1000.735485][T11100] netlink: 'syz.3.1404': attribute type 4 has an invalid length.
[ 1000.743838][T11100] netlink: 156 bytes leftover after parsing attributes in process `syz.3.1404'.
[ 1001.967400][T10341] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[ 1002.180737][T10341] usb 1-1: Using ep0 maxpacket: 16
[ 1002.238745][T10341] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1002.249417][T10341] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1002.465526][T10341] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1002.476116][T10341] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1002.485079][T10341] usb 1-1: Product: syz
[ 1002.489410][T10341] usb 1-1: Manufacturer: syz
[ 1002.494333][T10341] usb 1-1: SerialNumber: syz
[ 1003.029860][T10341] usb 1-1: 0:2 : does not exist
[ 1003.178741][T10341] usb 1-1: 5:0: failed to get current value for ch 0 (-22)
[ 1003.340428][ T7862] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1003.418183][T10341] usb 1-1: USB disconnect, device number 4
[ 1003.620607][ T4180] hsr_slave_0: left promiscuous mode
[ 1003.644911][ T4180] hsr_slave_1: left promiscuous mode
[ 1003.653192][ T4180] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1003.661071][ T4180] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1003.734236][ T4180] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1003.746969][ T4180] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1003.838442][ T4180] veth1_macvtap: left promiscuous mode
[ 1003.844173][ T4180] veth0_macvtap: left promiscuous mode
[ 1003.851493][ T4180] veth1_vlan: left promiscuous mode
[ 1003.857150][ T4180] veth0_vlan: left promiscuous mode
[ 1004.156456][T11122] loop3: detected capacity change from 0 to 2048
[ 1004.477265][T11122] EXT4-fs (loop3): mounted filesystem 00000800-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1004.704082][   T30] audit: type=1326 audit(1757740178.523:238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11132 comm="syz.6.1412" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1cf18eba9 code=0x7ffc0000
[ 1004.864057][   T30] audit: type=1326 audit(1757740178.570:239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11132 comm="syz.6.1412" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb1cf18eba9 code=0x7ffc0000
[ 1004.887676][   T30] audit: type=1326 audit(1757740178.570:240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11132 comm="syz.6.1412" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1cf18eba9 code=0x7ffc0000
[ 1004.911587][   T30] audit: type=1326 audit(1757740178.579:241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11132 comm="syz.6.1412" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb1cf18eba9 code=0x7ffc0000
[ 1004.934710][   T30] audit: type=1326 audit(1757740178.579:242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11132 comm="syz.6.1412" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1cf18eba9 code=0x7ffc0000
[ 1004.957971][   T30] audit: type=1326 audit(1757740178.579:243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11132 comm="syz.6.1412" exe="/root/syz-executor" sig=0 arch=c000003e syscall=33 compat=0 ip=0x7fb1cf18eba9 code=0x7ffc0000
[ 1004.985103][   T30] audit: type=1326 audit(1757740178.579:244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11132 comm="syz.6.1412" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1cf18eba9 code=0x7ffc0000
[ 1005.009925][ T9008] EXT4-fs (loop3): unmounting filesystem 00000800-0000-0000-0000-000000000000.
[ 1005.064473][ T4180] team0 (unregistering): Port device team_slave_1 removed
[ 1005.230791][ T4180] team0 (unregistering): Port device team_slave_0 removed
[ 1005.987222][ T2232] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[ 1006.111976][T11144] loop8: detected capacity change from 0 to 256
[ 1006.182203][ T2232] usb 4-1: config 0 has an invalid interface number: 156 but max is 0
[ 1006.191223][ T2232] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1006.201638][ T2232] usb 4-1: config 0 has no interface number 0
[ 1006.207943][ T2232] usb 4-1: config 0 interface 156 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7
[ 1006.221859][ T2232] usb 4-1: config 0 interface 156 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[ 1006.232969][ T2232] usb 4-1: config 0 interface 156 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1006.246583][ T2232] usb 4-1: New USB device found, idVendor=abcd, idProduct=cdee, bcdDevice= 5.b9
[ 1006.256009][ T2232] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1006.288373][T11144] exFAT-fs (loop8): failed to load upcase table (idx : 0x000106cd, chksum : 0x3aeaf2c0, utbl_chksum : 0xe619d30d)
[ 1006.305415][ T2232] usb 4-1: config 0 descriptor??
[ 1006.358182][ T2232] gspca_main: spca561-2.14.0 probing abcd:cdee
[ 1006.563009][ T2232] spca561 4-1:0.156: probe with driver spca561 failed with error -22
[ 1006.577079][ T2232] usb 4-1: Quirk or no altset; falling back to MIDI 1.0
[ 1006.584647][ T2232] usb 4-1: MIDIStreaming interface descriptor not found
[ 1006.891574][ T2232] usb 4-1: USB disconnect, device number 14
[ 1008.606381][   T42] usb 7-1: new high-speed USB device number 11 using dummy_hcd
[ 1008.798800][   T42] usb 7-1: Using ep0 maxpacket: 16
[ 1008.824362][   T42] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1008.835208][   T42] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1008.922344][   T42] usb 7-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1008.932181][   T42] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1008.940659][   T42] usb 7-1: Product: syz
[ 1008.944986][   T42] usb 7-1: Manufacturer: syz
[ 1008.949885][   T42] usb 7-1: SerialNumber: syz
[ 1009.313835][   T42] usb 7-1: 0:2 : does not exist
[ 1009.417734][   T42] usb 7-1: 5:0: failed to get current value for ch 0 (-22)
[ 1009.593336][   T42] usb 7-1: USB disconnect, device number 11
[ 1010.209404][ T2232] usb 4-1: new full-speed USB device number 15 using dummy_hcd
[ 1010.251133][T11164] loop8: detected capacity change from 0 to 2048
[ 1010.260771][T11166] kvm: kvm [11165]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0x40000078) = 0x0
[ 1010.465800][ T2232] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1010.476656][ T2232] usb 4-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[ 1010.493156][ T2232] usb 4-1: New USB device found, idVendor=abcd, idProduct=cdee, bcdDevice= 5.b9
[ 1010.503468][ T2232] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1010.540760][T11164] EXT4-fs (loop8): mounted filesystem 00000800-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1010.711655][ T2232] usb 4-1: config 0 descriptor??
[ 1010.773479][ T2232] gspca_main: spca561-2.14.0 probing abcd:cdee
[ 1010.870469][ T4223] EXT4-fs error (device loop8): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[ 1010.917496][ T4223] EXT4-fs (loop8): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[ 1010.931203][ T4223] EXT4-fs (loop8): This should not happen!! Data will be lost
[ 1010.931203][ T4223] 
[ 1010.941692][ T4223] EXT4-fs (loop8): Total free blocks count 0
[ 1010.948116][ T4223] EXT4-fs (loop8): Free/Dirty block details
[ 1010.954189][ T4223] EXT4-fs (loop8): free_blocks=2415919104
[ 1010.960484][ T4223] EXT4-fs (loop8): dirty_blocks=16
[ 1010.965760][ T4223] EXT4-fs (loop8): Block reservation details
[ 1010.972169][ T4223] EXT4-fs (loop8): i_reserved_data_blocks=1
[ 1011.119887][ T2232] spca561 4-1:0.0: probe with driver spca561 failed with error -22
[ 1011.131140][ T2232] usb 4-1: Quirk or no altset; falling back to MIDI 1.0
[ 1011.138296][ T2232] usb 4-1: MIDIStreaming interface descriptor not found
[ 1011.446853][ T2232] usb 4-1: USB disconnect, device number 15
[ 1011.622596][ T4223] EXT4-fs (loop8): Delayed block allocation failed for inode 15 at logical offset 14 with max blocks 1 with error 28
[ 1012.629786][T11183] loop3: detected capacity change from 0 to 1024
[ 1012.686429][T11183] EXT4-fs: Ignoring removed orlov option
[ 1012.692753][T11183] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1012.886934][T11183] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1012.967354][T11185] loop6: detected capacity change from 0 to 256
[ 1013.505283][ T9008] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1014.094110][T11191] pim6reg1: entered promiscuous mode
[ 1014.099711][T11191] pim6reg1: entered allmulticast mode
[ 1014.124090][   T30] audit: type=1326 audit(1757740187.344:245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11193 comm="syz.6.1434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1cf18eba9 code=0x7ffc0000
[ 1014.195592][   T30] audit: type=1326 audit(1757740187.391:246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11193 comm="syz.6.1434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb1cf18eba9 code=0x7ffc0000
[ 1014.220931][   T30] audit: type=1326 audit(1757740187.409:247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11193 comm="syz.6.1434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1cf18eba9 code=0x7ffc0000
[ 1014.244594][   T30] audit: type=1326 audit(1757740187.409:248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11193 comm="syz.6.1434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1cf18eba9 code=0x7ffc0000
[ 1014.267487][   T30] audit: type=1326 audit(1757740187.419:249): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11193 comm="syz.6.1434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb1cf18eba9 code=0x7ffc0000
[ 1014.290297][   T30] audit: type=1326 audit(1757740187.419:250): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11193 comm="syz.6.1434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1cf18eba9 code=0x7ffc0000
[ 1014.313296][   T30] audit: type=1326 audit(1757740187.419:251): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11193 comm="syz.6.1434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1cf18eba9 code=0x7ffc0000
[ 1014.338987][   T30] audit: type=1326 audit(1757740187.419:252): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11193 comm="syz.6.1434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fb1cf18eba9 code=0x7ffc0000
[ 1014.362738][   T30] audit: type=1326 audit(1757740187.419:253): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11193 comm="syz.6.1434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1cf18eba9 code=0x7ffc0000
[ 1014.386483][   T30] audit: type=1326 audit(1757740187.419:254): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11193 comm="syz.6.1434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1cf18eba9 code=0x7ffc0000
[ 1014.947298][T11201] loop3: detected capacity change from 0 to 256
[ 1014.979034][T11203] loop8: detected capacity change from 0 to 2048
[ 1015.075366][T11203] EXT4-fs (loop8): mounted filesystem 00000800-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1015.138313][T11201] exFAT-fs (loop3): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[ 1015.181898][T11201] exFAT-fs (loop3): start_clu is invalid cluster(0xffffffff)
[ 1015.503017][T11055] EXT4-fs error (device loop8): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[ 1015.551549][T11055] EXT4-fs (loop8): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[ 1015.564505][T11055] EXT4-fs (loop8): This should not happen!! Data will be lost
[ 1015.564505][T11055] 
[ 1015.574625][T11055] EXT4-fs (loop8): Total free blocks count 0
[ 1015.580907][T11055] EXT4-fs (loop8): Free/Dirty block details
[ 1015.587119][T11055] EXT4-fs (loop8): free_blocks=2415919104
[ 1015.593013][T11055] EXT4-fs (loop8): dirty_blocks=16
[ 1015.598670][T11055] EXT4-fs (loop8): Block reservation details
[ 1015.604802][T11055] EXT4-fs (loop8): i_reserved_data_blocks=1
[ 1015.625170][T11055] EXT4-fs (loop8): Delayed block allocation failed for inode 15 at logical offset 14 with max blocks 1 with error 28
[ 1016.285957][T11220] loop6: detected capacity change from 0 to 512
[ 1020.053600][T11238] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1450'.
[ 1020.237115][T11240] loop3: detected capacity change from 0 to 2048
[ 1020.506993][T11240] EXT4-fs (loop3): mounted filesystem 00000800-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1022.415266][T11247] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[ 1022.510994][   T14] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[ 1022.524685][   T14] EXT4-fs (loop3): This should not happen!! Data will be lost
[ 1022.524685][   T14] 
[ 1022.535723][   T14] EXT4-fs (loop3): Total free blocks count 0
[ 1022.542003][   T14] EXT4-fs (loop3): Free/Dirty block details
[ 1022.549147][   T14] EXT4-fs (loop3): free_blocks=2415919104
[ 1022.555237][   T14] EXT4-fs (loop3): dirty_blocks=16
[ 1022.560695][   T14] EXT4-fs (loop3): Block reservation details
[ 1022.566913][   T14] EXT4-fs (loop3): i_reserved_data_blocks=1
[ 1022.627648][   T14] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 14 with max blocks 1 with error 28
[ 1023.285787][T11259] loop6: detected capacity change from 0 to 512
[ 1023.373337][T11259] EXT4-fs (loop6): #blocks per group too big: 466944
[ 1027.265114][T11276] loop8: detected capacity change from 0 to 512
[ 1027.362790][T11276] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[ 1027.456695][T11276] EXT4-fs (loop8): 1 truncate cleaned up
[ 1027.465229][T11276] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1027.510655][T11277] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1463'.
[ 1027.842723][ T7862] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1029.495581][   T30] kauditd_printk_skb: 3 callbacks suppressed
[ 1029.495663][   T30] audit: type=1326 audit(1757740201.712:258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11297 comm="syz.6.1471" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1cf18eba9 code=0x7ffc0000
[ 1029.524829][   T30] audit: type=1326 audit(1757740201.712:259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11297 comm="syz.6.1471" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1cf18eba9 code=0x7ffc0000
[ 1029.698394][   T30] audit: type=1326 audit(1757740201.787:260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11297 comm="syz.6.1471" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb1cf18eba9 code=0x7ffc0000
[ 1029.721560][   T30] audit: type=1326 audit(1757740201.787:261): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11297 comm="syz.6.1471" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1cf18eba9 code=0x7ffc0000
[ 1029.744783][   T30] audit: type=1326 audit(1757740201.796:262): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11297 comm="syz.6.1471" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1cf18eba9 code=0x7ffc0000
[ 1029.768555][   T30] audit: type=1326 audit(1757740201.796:263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11297 comm="syz.6.1471" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb1cf18eba9 code=0x7ffc0000
[ 1029.792378][   T30] audit: type=1326 audit(1757740201.805:264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11297 comm="syz.6.1471" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1cf18eba9 code=0x7ffc0000
[ 1029.815438][   T30] audit: type=1326 audit(1757740201.805:265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11297 comm="syz.6.1471" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1cf18eba9 code=0x7ffc0000
[ 1029.838433][   T30] audit: type=1326 audit(1757740201.805:266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11297 comm="syz.6.1471" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb1cf18eba9 code=0x7ffc0000
[ 1029.861399][   T30] audit: type=1326 audit(1757740201.805:267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11297 comm="syz.6.1471" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1cf18eba9 code=0x7ffc0000
[ 1031.029882][T11311] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1476'.
[ 1031.349828][T11286] loop4: detected capacity change from 0 to 40427
[ 1031.548489][T11315] loop6: detected capacity change from 0 to 256
[ 1036.217272][T11336] loop6: detected capacity change from 0 to 512
[ 1036.292708][T11336] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1036.305965][T11336] ext4 filesystem being mounted at /145/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1036.435084][T11341] loop3: detected capacity change from 0 to 4096
[ 1036.501894][T11341] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1036.981376][ T9008] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1037.208761][ T9236] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1037.398863][T11347] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1488'.
[ 1037.543332][T11351] loop6: detected capacity change from 0 to 512
[ 1037.600706][T11351] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 1037.689457][T11351] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1037.703778][T11351] ext4 filesystem being mounted at /146/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1037.839832][T11351] EXT4-fs (loop6): shut down requested (1)
[ 1037.855571][T11351] overlayfs: failed to get origin (-5)
[ 1038.720098][ T4180] team0: Port device netdevsim1 removed
[ 1038.752489][T10953] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1039.963051][ T4180] bridge_slave_1: left allmulticast mode
[ 1039.969046][ T4180] bridge_slave_1: left promiscuous mode
[ 1039.976097][ T4180] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1040.062068][T11373] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1040.073528][T11373] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 1040.958431][ T4180] bridge_slave_0: left allmulticast mode
[ 1040.964286][ T4180] bridge_slave_0: left promiscuous mode
[ 1040.971102][ T4180] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1042.476853][ T4180] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1042.577351][ T4180] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1042.609417][ T4180] bond0 (unregistering): Released all slaves
[ 1042.785443][ T4180] tipc: Disabling bearer <eth:vlan0>
[ 1042.804918][ T4180] tipc: Left network mode
[ 1042.823079][ T5110] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1042.849532][ T5110] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1042.859433][ T5110] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1042.893061][ T5110] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1042.925893][ T5110] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1042.994762][T11388] loop3: detected capacity change from 0 to 4096
[ 1043.048216][T11388] EXT4-fs: EXT4-fs: inode_readahead_blks must be 0 or a power of 2 smaller than 2^31
[ 1043.097596][ T4180] hsr_slave_0: left promiscuous mode
[ 1043.129108][ T4180] hsr_slave_1: left promiscuous mode
[ 1043.137353][ T4180] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1043.148655][ T4180] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1043.361016][ T2232] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[ 1043.554850][ T2232] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1043.566582][ T2232] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1043.576858][ T2232] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00
[ 1043.586376][ T2232] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1043.639127][ T4180] team0 (unregistering): Port device team_slave_1 removed
[ 1043.748480][ T4180] team0 (unregistering): Port device team_slave_0 removed
[ 1043.757687][ T2232] usb 5-1: config 0 descriptor??
[ 1044.884773][ T2232] pyra 0003:1E7D:2CF6.000F: hidraw0: USB HID v0.00 Device [HID 1e7d:2cf6] on usb-dummy_hcd.4-1/input0
[ 1044.980577][ T2232] pyra 0003:1E7D:2CF6.000F: couldn't init struct pyra_device
[ 1044.988693][ T2232] pyra 0003:1E7D:2CF6.000F: couldn't install mouse
[ 1045.210495][ T5110] Bluetooth: hci2: command tx timeout
[ 1045.403055][ T2232] pyra 0003:1E7D:2CF6.000F: probe with driver pyra failed with error -32
[ 1045.559484][ T2232] usb 5-1: USB disconnect, device number 8
[ 1045.819745][ T9782] usb 9-1: new high-speed USB device number 12 using dummy_hcd
[ 1046.027877][ T9782] usb 9-1: New USB device found, idVendor=0bda, idProduct=8150, bcdDevice= 0.00
[ 1046.037699][ T9782] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1046.046500][ T9782] usb 9-1: Product: syz
[ 1046.050931][ T9782] usb 9-1: Manufacturer: syz
[ 1046.055926][ T9782] usb 9-1: SerialNumber: syz
[ 1046.452061][T11389] chnl_net:caif_netlink_parms(): no params data found
[ 1046.602894][T11417] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1046.615433][T11417] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 1047.439204][ T5110] Bluetooth: hci2: command tx timeout
[ 1047.535005][ T9782] (unnamed net_device) (uninitialized): Assigned a random MAC address: fa:b7:43:20:e5:d6
[ 1047.562983][ T9782] rtl8150 9-1:1.0: eth25: rtl8150 is detected
[ 1048.410543][T11389] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1048.419030][T11389] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1048.426731][T11389] bridge_slave_0: entered allmulticast mode
[ 1048.436320][T11389] bridge_slave_0: entered promiscuous mode
[ 1048.675175][T11389] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1048.682852][T11389] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1048.690908][T11389] bridge_slave_1: entered allmulticast mode
[ 1048.702826][T11389] bridge_slave_1: entered promiscuous mode
[ 1048.725581][ T9782] usb 9-1: USB disconnect, device number 12
[ 1049.013238][T11389] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1049.075108][T11389] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1049.364555][T11389] team0: Port device team_slave_0 added
[ 1049.421908][T11389] team0: Port device team_slave_1 added
[ 1049.663866][ T5110] Bluetooth: hci2: command tx timeout
[ 1049.698583][T11389] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1049.705915][T11389] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1049.732693][T11389] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1049.801852][T11389] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1049.809236][T11389] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1049.836109][T11389] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1050.371553][T11389] hsr_slave_0: entered promiscuous mode
[ 1050.381699][T11389] hsr_slave_1: entered promiscuous mode
[ 1050.390691][T11389] debugfs: 'hsr0' already exists in 'hsr'
[ 1050.396960][T11389] Cannot create hsr debugfs directory
[ 1050.936386][T11444] loop3: detected capacity change from 0 to 1024
[ 1050.993509][T11444] EXT4-fs: Ignoring removed nobh option
[ 1050.999462][T11444] EXT4-fs: Ignoring removed bh option
[ 1051.150538][T11444] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1051.742879][   T30] kauditd_printk_skb: 2 callbacks suppressed
[ 1051.742967][   T30] audit: type=1326 audit(1757740222.515:270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11450 comm="syz.8.1526" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a43b8eba9 code=0x7ffc0000
[ 1051.772979][   T30] audit: type=1326 audit(1757740222.515:271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11450 comm="syz.8.1526" exe="/root/syz-executor" sig=0 arch=c000003e syscall=286 compat=0 ip=0x7f9a43b8eba9 code=0x7ffc0000
[ 1051.797054][   T30] audit: type=1326 audit(1757740222.515:272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11450 comm="syz.8.1526" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a43b8eba9 code=0x7ffc0000
[ 1051.895364][ T5110] Bluetooth: hci2: command tx timeout
[ 1052.045232][ T9008] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1052.230425][T11454] loop8: detected capacity change from 0 to 512
[ 1052.294081][T11454] EXT4-fs (loop8): blocks per group (95) and clusters per group (32768) inconsistent
[ 1052.364062][ T1287] ieee802154 phy0 wpan0: encryption failed: -22
[ 1052.370703][ T1287] ieee802154 phy1 wpan1: encryption failed: -22
[ 1052.603097][T11389] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 1052.686223][T11389] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 1052.751231][T11389] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 1052.839068][T11389] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 1053.045111][T11461] loop3: detected capacity change from 0 to 512
[ 1053.098172][T11461] EXT4-fs (loop3): Test dummy encryption mode enabled
[ 1053.209879][T11461] EXT4-fs (loop3): mounted filesystem 00000005-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1053.788551][T11465] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1053.799991][T11465] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 1054.002959][ T9008] EXT4-fs (loop3): unmounting filesystem 00000005-0000-0000-0000-000000000000.
[ 1055.092081][T11473] loop3: detected capacity change from 0 to 512
[ 1055.134640][T11473] EXT4-fs: Ignoring removed oldalloc option
[ 1055.773319][T11473] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[ 1055.956300][T11473] EXT4-fs error (device loop3): ext4_iget_extra_inode:5104: inode #11: comm syz.3.1532: corrupted in-inode xattr: invalid ea_ino
[ 1056.015626][T11473] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.1532: couldn't read orphan inode 11 (err -117)
[ 1056.074448][T11389] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1056.118304][T11473] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1056.225586][T11389] 8021q: adding VLAN 0 to HW filter on device team0
[ 1056.264093][ T4180] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1056.271664][ T4180] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1056.404212][T11483] input: syz0 as /devices/virtual/input/input22
[ 1057.322325][   T74] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1057.329944][   T74] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1057.435370][ T9008] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1060.126840][T11504] =====================================================
[ 1060.134406][T11504] BUG: KMSAN: uninit-value in bpf_prog_run_generic_xdp+0x1a74/0x1ff0
[ 1060.142714][T11504]  bpf_prog_run_generic_xdp+0x1a74/0x1ff0
[ 1060.148918][T11504]  do_xdp_generic+0xd52/0x1690
[ 1060.154012][T11504]  tun_get_user+0x45be/0x6ca0
[ 1060.159097][T11504]  tun_chr_write_iter+0x3e9/0x5c0
[ 1060.164313][T11504]  vfs_write+0xbe2/0x15d0
[ 1060.168977][T11504]  __x64_sys_write+0x1fb/0x4d0
[ 1060.173918][T11504]  x64_sys_call+0x3014/0x3e20
[ 1060.179103][T11504]  do_syscall_64+0xd9/0x210
[ 1060.183846][T11504]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1060.190093][T11504] 
[ 1060.192494][T11504] Uninit was stored to memory at:
[ 1060.197976][T11504] ------------[ cut here ]------------
[ 1060.203833][T11504] WARNING: CPU: 0 PID: 11504 at kernel/stacktrace.c:29 stack_trace_print+0xd4/0xf0
[ 1060.213562][T11504] Modules linked in:
[ 1060.217611][T11504] CPU: 0 UID: 0 PID: 11504 Comm: syz.8.1544 Not tainted syzkaller #0 PREEMPT(none) 
[ 1060.227392][T11504] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1060.237764][T11504] RIP: 0010:stack_trace_print+0xd4/0xf0
[ 1060.243752][T11504] Code: fe 33 24 92 89 de ba 20 00 00 00 4c 89 e1 e8 33 13 4d ff 49 83 c6 08 49 ff cd 0f 85 6e ff ff ff eb 0b e8 0f 7f c3 00 eb d4 90 <0f> 0b 90 5b 41 5c 41 5d 41 5e 41 5f 5d e9 0a ff 0d 0f cc 66 0f 1f
[ 1060.263725][T11504] RSP: 0018:ffff88812e2773d8 EFLAGS: 00010246
[ 1060.270040][T11504] RAX: ffff8881149c0b60 RBX: 0000000000000000 RCX: 0000000000000000
[ 1060.278474][T11504] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1060.286931][T11504] RBP: ffff88812e277400 R08: 0000000000000000 R09: 0000000000000000
[ 1060.295542][T11504] R10: ffff88812da77418 R11: 0000000000000001 R12: 0000000000000000
[ 1060.303648][T11504] R13: 00000000abcd0100 R14: 0000000000000000 R15: 0000000000000000
[ 1060.311975][T11504] FS:  00007f9a44a266c0(0000) GS:ffff8881aa691000(0000) knlGS:0000000000000000
[ 1060.321241][T11504] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1060.328185][T11504] CR2: 0000200000010000 CR3: 000000013f5f4000 CR4: 00000000003526f0
[ 1060.336303][T11504] Call Trace:
[ 1060.339907][T11504]  <TASK>
[ 1060.342944][T11504]  kmsan_print_origin+0xb0/0x340
[ 1060.348276][T11504]  ? stack_trace_print+0xbd/0xf0
[ 1060.353456][T11504]  kmsan_report+0x1d3/0x320
[ 1060.358265][T11504]  ? __msan_warning+0x1b/0x30
[ 1060.363336][T11504]  ? bpf_prog_run_generic_xdp+0x1a74/0x1ff0
[ 1060.369625][T11504]  ? do_xdp_generic+0xd52/0x1690
[ 1060.374762][T11504]  ? tun_get_user+0x45be/0x6ca0
[ 1060.379824][T11504]  ? tun_chr_write_iter+0x3e9/0x5c0
[ 1060.385447][T11504]  ? vfs_write+0xbe2/0x15d0
[ 1060.390161][T11504]  ? __x64_sys_write+0x1fb/0x4d0
[ 1060.395660][T11504]  ? x64_sys_call+0x3014/0x3e20
[ 1060.400741][T11504]  ? do_syscall_64+0xd9/0x210
[ 1060.405781][T11504]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1060.412216][T11504]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[ 1060.418270][T11504]  ? ___bpf_prog_run+0xea65/0xeba0
[ 1060.423804][T11504]  ? __bpf_prog_run32+0xc2/0xf0
[ 1060.428833][T11504]  ? kmsan_get_metadata+0xfb/0x160
[ 1060.434320][T11504]  __msan_warning+0x1b/0x30
[ 1060.438993][T11504]  bpf_prog_run_generic_xdp+0x1a74/0x1ff0
[ 1060.445226][T11504]  do_xdp_generic+0xd52/0x1690
[ 1060.450194][T11504]  ? tun_get_user+0x4071/0x6ca0
[ 1060.455457][T11504]  ? filter_irq_stacks+0x49/0x190
[ 1060.460696][T11504]  ? kmsan_get_metadata+0xfb/0x160
[ 1060.466249][T11504]  ? tun_get_user+0x453a/0x6ca0
[ 1060.471292][T11504]  tun_get_user+0x45be/0x6ca0
[ 1060.476196][T11504]  ? stack_depot_save_flags+0x35/0x7b0
[ 1060.482053][T11504]  ? kmsan_get_metadata+0xfb/0x160
[ 1060.487569][T11504]  ? kmsan_get_metadata+0xfb/0x160
[ 1060.492869][T11504]  ? kmsan_internal_set_shadow_origin+0x79/0x110
[ 1060.499623][T11504]  ? kmsan_internal_unpoison_memory+0x14/0x20
[ 1060.505946][T11504]  tun_chr_write_iter+0x3e9/0x5c0
[ 1060.511468][T11504]  vfs_write+0xbe2/0x15d0
[ 1060.516146][T11504]  ? __pfx_tun_chr_write_iter+0x10/0x10
[ 1060.522090][T11504]  __x64_sys_write+0x1fb/0x4d0
[ 1060.527074][T11504]  x64_sys_call+0x3014/0x3e20
[ 1060.532228][T11504]  do_syscall_64+0xd9/0x210
[ 1060.536890][T11504]  ? irqentry_exit+0x16/0x60
[ 1060.541850][T11504]  ? clear_bhb_loop+0x40/0x90
[ 1060.546714][T11504]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1060.553096][T11504] RIP: 0033:0x7f9a43b8d65f
[ 1060.557649][T11504] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[ 1060.577998][T11504] RSP: 002b:00007f9a44a26000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[ 1060.581281][T11389] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1060.586818][T11504] RAX: ffffffffffffffda RBX: 00007f9a43dd5fa0 RCX: 00007f9a43b8d65f
[ 1060.586907][T11504] RDX: 000000000000fdef RSI: 0000200000000300 RDI: 00000000000000c8
[ 1060.586986][T11504] RBP: 00007f9a43c11e19 R08: 0000000000000000 R09: 0000000000000000
[ 1060.587055][T11504] R10: 000000000000fdef R11: 0000000000000293 R12: 0000000000000000
[ 1060.626693][T11504] R13: 00007f9a43dd6038 R14: 00007f9a43dd5fa0 R15: 00007ffe1e8b1628
[ 1060.634872][T11504]  </TASK>
[ 1060.638155][T11504] ---[ end trace 0000000000000000 ]---
[ 1060.643692][T11504] 
[ 1060.646169][T11504] Uninit was created at:
[ 1060.650802][T11504]  __kmalloc_node_track_caller_noprof+0x96d/0x12f0
[ 1060.657557][T11504]  kmalloc_reserve+0x22f/0x4b0
[ 1060.662708][T11504]  __alloc_skb+0x347/0x7d0
[ 1060.667295][T11504]  alloc_skb_with_frags+0xc5/0xa60
[ 1060.672761][T11504]  sock_alloc_send_pskb+0xad8/0xc70
[ 1060.678171][T11504]  tun_get_user+0x113f/0x6ca0
[ 1060.683182][T11504]  tun_chr_write_iter+0x3e9/0x5c0
[ 1060.688385][T11504]  vfs_write+0xbe2/0x15d0
[ 1060.693058][T11504]  __x64_sys_write+0x1fb/0x4d0
[ 1060.698004][T11504]  x64_sys_call+0x3014/0x3e20
[ 1060.703096][T11504]  do_syscall_64+0xd9/0x210
[ 1060.707736][T11504]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1060.713968][T11504] 
[ 1060.716408][T11504] CPU: 0 UID: 0 PID: 11504 Comm: syz.8.1544 Tainted: G        W           syzkaller #0 PREEMPT(none) 
[ 1060.727700][T11504] Tainted: [W]=WARN
[ 1060.731590][T11504] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1060.742148][T11504] =====================================================
[ 1060.749365][T11504] Disabling lock debugging due to kernel taint
[ 1060.755791][T11504] Kernel panic - not syncing: kmsan.panic set ...
[ 1060.762340][T11504] CPU: 0 UID: 0 PID: 11504 Comm: syz.8.1544 Tainted: G    B   W           syzkaller #0 PREEMPT(none) 
[ 1060.773512][T11504] Tainted: [B]=BAD_PAGE, [W]=WARN
[ 1060.778645][T11504] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1060.788845][T11504] Call Trace:
[ 1060.792224][T11504]  <TASK>
[ 1060.795247][T11504]  __dump_stack+0x26/0x30
[ 1060.799765][T11504]  dump_stack_lvl+0x53/0x270
[ 1060.804554][T11504]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[ 1060.810562][T11504]  dump_stack+0x1e/0x25
[ 1060.814904][T11504]  vpanic+0x361/0xc50
[ 1060.819084][T11504]  panic+0x15d/0x160
[ 1060.823207][T11504]  kmsan_report+0x31c/0x320
[ 1060.827902][T11504]  ? __msan_warning+0x1b/0x30
[ 1060.832743][T11504]  ? bpf_prog_run_generic_xdp+0x1a74/0x1ff0
[ 1060.838865][T11504]  ? do_xdp_generic+0xd52/0x1690
[ 1060.844011][T11504]  ? tun_get_user+0x45be/0x6ca0
[ 1060.849048][T11504]  ? tun_chr_write_iter+0x3e9/0x5c0
[ 1060.854446][T11504]  ? vfs_write+0xbe2/0x15d0
[ 1060.859134][T11504]  ? __x64_sys_write+0x1fb/0x4d0
[ 1060.864266][T11504]  ? x64_sys_call+0x3014/0x3e20
[ 1060.869324][T11504]  ? do_syscall_64+0xd9/0x210
[ 1060.874152][T11504]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1060.880402][T11504]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[ 1060.886387][T11504]  ? ___bpf_prog_run+0xea65/0xeba0
[ 1060.891675][T11504]  ? __bpf_prog_run32+0xc2/0xf0
[ 1060.896665][T11504]  ? kmsan_get_metadata+0xfb/0x160
[ 1060.901948][T11504]  __msan_warning+0x1b/0x30
[ 1060.906595][T11504]  bpf_prog_run_generic_xdp+0x1a74/0x1ff0
[ 1060.912591][T11504]  do_xdp_generic+0xd52/0x1690
[ 1060.917541][T11504]  ? tun_get_user+0x4071/0x6ca0
[ 1060.922540][T11504]  ? filter_irq_stacks+0x49/0x190
[ 1060.927713][T11504]  ? kmsan_get_metadata+0xfb/0x160
[ 1060.933114][T11504]  ? tun_get_user+0x453a/0x6ca0
[ 1060.938184][T11504]  tun_get_user+0x45be/0x6ca0
[ 1060.943035][T11504]  ? stack_depot_save_flags+0x35/0x7b0
[ 1060.948914][T11504]  ? kmsan_get_metadata+0xfb/0x160
[ 1060.954238][T11504]  ? kmsan_get_metadata+0xfb/0x160
[ 1060.959547][T11504]  ? kmsan_internal_set_shadow_origin+0x79/0x110
[ 1060.966070][T11504]  ? kmsan_internal_unpoison_memory+0x14/0x20
[ 1060.972361][T11504]  tun_chr_write_iter+0x3e9/0x5c0
[ 1060.977661][T11504]  vfs_write+0xbe2/0x15d0
[ 1060.982173][T11504]  ? __pfx_tun_chr_write_iter+0x10/0x10
[ 1060.987986][T11504]  __x64_sys_write+0x1fb/0x4d0
[ 1060.992960][T11504]  x64_sys_call+0x3014/0x3e20
[ 1060.997821][T11504]  do_syscall_64+0xd9/0x210
[ 1061.002456][T11504]  ? irqentry_exit+0x16/0x60
[ 1061.007235][T11504]  ? clear_bhb_loop+0x40/0x90
[ 1061.012064][T11504]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1061.018100][T11504] RIP: 0033:0x7f9a43b8d65f
[ 1061.022618][T11504] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[ 1061.042650][T11504] RSP: 002b:00007f9a44a26000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[ 1061.051257][T11504] RAX: ffffffffffffffda RBX: 00007f9a43dd5fa0 RCX: 00007f9a43b8d65f
[ 1061.059347][T11504] RDX: 000000000000fdef RSI: 0000200000000300 RDI: 00000000000000c8
[ 1061.067429][T11504] RBP: 00007f9a43c11e19 R08: 0000000000000000 R09: 0000000000000000
[ 1061.075622][T11504] R10: 000000000000fdef R11: 0000000000000293 R12: 0000000000000000
[ 1061.083789][T11504] R13: 00007f9a43dd6038 R14: 00007f9a43dd5fa0 R15: 00007ffe1e8b1628
[ 1061.092013][T11504]  </TASK>
[ 1061.095399][T11504] Kernel Offset: disabled
[ 1061.099780][T11504] Rebooting in 86400 seconds..