last executing test programs:

16.224224137s ago: executing program 0 (id=3862):
r0 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000000)={0xffffffffffffffff}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xb, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x22, '\x00', 0x0, @fallback=0x37, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = openat$selinux_status(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CAP_X2APIC_API(r1, 0x4068aea3, &(0x7f0000000240)={0x81, 0x0, 0x3})
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_normal', 0x202, 0x0)
write$binfmt_misc(r3, &(0x7f0000000100), 0x4c)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000080)=@framed={{0xffffffb4, 0x5, 0x0, 0x0, 0x0, 0x71, 0x10, 0x19, 0x100000}, [@ldst={0x6, 0x0, 0x6}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, &(0x7f00000000c0), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r5 = getpid()
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x6)
wait4(r5, 0x0, 0x287374b275c0b38e, &(0x7f0000000480))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
getcwd(0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000790000ff000000000000ea04850000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
io_uring_enter(0xffffffffffffffff, 0x47fa, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r8}, 0x10)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x804810, &(0x7f0000000d40), 0x9, 0x61c, &(0x7f0000000700)="$eJzs3U1rXFUfAPD/nbwnz/MkDQ9qXWhAtAVt0qStFBG0CK5KqS8LwY1jk5ba6QtNRFMrTaFuBHHjQnDlwrrwO2hBcOUXcOHGlVSKSDdK0ZE7uTNOk7nJTMzMtJnfD8Y5556bOeea/HvOnDnnTgA9ayr9TyFid0RcSCIm68r6IyucWj3v9m+XT6SPJMrlV35N4vKVZKX+tZLseSwi0oI/xyP5LiIm+9bXu7h86UyxVFq4mOVnls5emFlcvrTv9NniqYVTC+fmnp47fOjgocOz++t+6uSLrV7frrr00WtvvTP+4bHXv/jsTjL75Y/Hkni+VpZeV6uvvZmpmIpypv54+v/18HZX1iV9tb+TfyRrD6z1QhsbREuqv7+BiHgwxqOv7rc5Hh+81NXGAW1VTqLWRwG9JhH/0KOq44Dqe/vm3gcPtnlUAnTCrSMRT9TifyAiqvHfvzo3GMOVuYHR28ld8zxJROzfhvrTOr7/9ti19BFtmocDGlu5OpTN26/t/5NKbE7EcCU3ertwV/wXsmnciWz+8OWNqxnPK5hak8/qH9rq9QDNW7kaEQ81Gv9vHv9vZM/p8Te3WH9O/AMAAAAAAABbcONIRDzV6PO/Qm39z2CD9T9jEXW757Zu88//Cje3oRqggVtHIp5tuP63UD1loi/L/beyHmAgOXm6tLA/Iv4XEXtjYCjNz9a/6Fd1Px0R+z6a/DSv/vr1f+kjrb+6FjBrx83+NauB5otLxW24dOh5t65GPNyfv/4n7f+TBv1/Gt8Xmqxj8vHrx/PKNo9/oF3Kn0fsadj/J7Vzko3vzzFTGQ/MVEcF6z3y3sdf59Uv/qF70v5/dOP4H0rq79ez2NrrD0bEgeX+cl75Vsf/g8mrfVG3E/Hd4tLSxdmIweTo+uNzrbUZ7ifDzZ/6fkRU4qEaL2n8731s4/m/2vi/Lg5Hsnt8NeOBv8Z+yivT/0P3pPE/v3H/P3F3/996Yu76xDd59R9vqv8/WOnT92ZHzP/BxpoN0G63EwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADuR4WI+E8khelaulCYno4Yi4j/x2ihdH5x6cmT598+N5+WVb7/v1D9pt/x1XxS/f7/ibr83Jr8gYjYFRGf9I1U8tMnzpfmu33xAAAAAAAAAAAAAAAAAAAAcI8YW31at/8/9XNfV5sGdEJ/9izeoff0d7sBQNeIf+hd4h96V378/36nXNHR5gAd1Gz/X77S5oYAHbfF8b+PC2AH8P4fetVAc6cNt7sdQDfo/wEAAAAAYEfZ9eiNH5KIWHlmpPJIDWZltQ8GR7rVOqCdCnkFQ51tB9B51vBC77L0B3pXk4t/gR0sqaX+aLjZP3/1f9KeBgEAAAAAAAAAAAAA6+zZ3cT+f2BHyt3/D+x4G+z/b7Sxx+0CYAex/x96l9t8AdXBft43/dv/DwAAAAAAAAAAAAD3gOFLZ4ql0sLFxeWmE1daOfnfJ36JvKLnOtmM7UqsFO+JZtwPiYGIWFNUHl/9sz1TLL0WnW1PNWI6UddgB+vKSXTp3yMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGCdvwMAAP//emUoLA==")

15.294088685s ago: executing program 0 (id=3867):
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = openat$hwrng(0xffffffffffffff9c, 0x0, 0x40, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000240))
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x2006, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000001000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008180000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r3}, 0x10)
ppoll(&(0x7f0000000d40)=[{}], 0x25, &(0x7f0000000300)={0x0, 0x3938700}, 0x0, 0xfefd)

15.086226422s ago: executing program 0 (id=3869):
r0 = gettid()
rmdir(&(0x7f0000004340)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
r1 = socket(0x28, 0x5, 0x0)
bind$vsock_stream(r1, &(0x7f0000000040)={0x28, 0x0, 0x0, @local}, 0x10)
listen(r1, 0x0)
accept4$unix(r1, 0x0, 0x0, 0x0)
ioctl$PTP_SYS_OFFSET_PRECISE(0xffffffffffffffff, 0xc0403d08, &(0x7f0000000080))
r2 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
pipe(&(0x7f00000002c0)={<r3=>0xffffffffffffffff})
vmsplice(r3, &(0x7f00000014c0)=[{&(0x7f0000000000)='|', 0xfd}], 0xf, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
ptrace(0x10, 0x1)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$UI_DEV_CREATE(r4, 0x5501)
write$uinput_user_dev(r4, &(0x7f0000000100)={'syz0\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000], [0x800, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000, 0x40000, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2]}, 0x45c)
sendmmsg$unix(0xffffffffffffffff, &(0x7f000000edc0)=[{{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000180)="94", 0x1}], 0x1}}], 0x1, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r7, 0x4138ae84, &(0x7f0000000100)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0xddf8ffdb, 0x0, 0x0, 0x140030})
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
syz_usb_connect$uac1(0x3, 0xe2, &(0x7f0000000900)={{0x12, 0x1, 0x200, 0x0, 0x0, 0x0, 0x40, 0x1d6b, 0x101, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0xd0, 0x3, 0x1, 0x4, 0x10, 0x8, {{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, {{0xa, 0x24, 0x1, 0x7fff, 0xb}, [@selector_unit={0x5, 0x24, 0x5, 0x6, 0x10}, @output_terminal={0x9, 0x24, 0x3, 0x5, 0x303, 0x4, 0x1, 0x8}, @input_terminal={0xc, 0x24, 0x2, 0x5, 0x203, 0x5, 0x9, 0x0, 0x10, 0x81}, @processing_unit={0xc, 0x24, 0x7, 0x3, 0x0, 0x13, "7c8b33fcd1"}]}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {[@format_type_ii_discrete={0xc, 0x24, 0x2, 0x2, 0xb2, 0x8, 0xb, "e73241"}, @format_type_i_continuous={0xc, 0x24, 0x2, 0x1, 0x5, 0x1, 0x84, 0x3, "fb71b7", "a3"}]}, {{0x9, 0x5, 0x1, 0x9, 0x40, 0x9, 0x9, 0x66, {0x7, 0x25, 0x1, 0xc3, 0x8, 0x9}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {[@format_type_ii_discrete={0x9, 0x24, 0x2, 0x2, 0x4, 0x7, 0xa}, @format_type_i_discrete={0x11, 0x24, 0x2, 0x1, 0x3a, 0x3, 0x1, 0x3, '\x00\x00\x00\x00\x00\x00\x00\x00\x00'}, @as_header={0x7, 0x24, 0x1, 0x9, 0x0, 0x3}, @format_type_i_continuous={0xb, 0x24, 0x2, 0x1, 0x9, 0x3, 0x9, 0x0, "235293"}, @as_header={0x7, 0x24, 0x1, 0x4d, 0x4, 0x1001}]}, {{0x9, 0x5, 0x82, 0x9, 0x8, 0xbe, 0x40, 0x0, {0x7, 0x25, 0x1, 0x82, 0x2, 0x25}}}}}}}]}}, 0x0)
openat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x101400, 0x40)

12.7365177s ago: executing program 4 (id=3877):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0) (async)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid() (async)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) (async)
ptrace$getregs(0xe, r1, 0x6, &(0x7f00000006c0)=""/190) (async)
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5) (async)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0100000004000000080000000800000000000000", @ANYRES32, @ANYRES64=r1, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/13], 0x48) (async)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000180)={0x0, r3}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f00000009c0)={0x11, 0xc, &(0x7f0000000840)=ANY=[@ANYBLOB="1800003e000000008f9137f9198000f4d0eefdf1c000"/37, @ANYRESOCT=r2, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
getgroups(0x0, 0x0) (async)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r5}, 0x10) (async)
unshare(0x64000600)
r6 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) (async)
r7 = open(&(0x7f0000000500)='./bus\x00', 0x64842, 0x0)
pwritev2(r7, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x21000}], 0x2, 0x1800, 0x0, 0x3)
futimesat(0xffffffffffffffff, &(0x7f0000000800)='./bus\x00', &(0x7f00000007c0)) (async)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x14001, &(0x7f00000000c0)={[{@errors_remount}, {@noload}, {@user_xattr}, {@noquota}, {@noblock_validity}, {@data_err_ignore}, {@nojournal_checksum}, {@nojournal_checksum}, {@init_itable}], [], 0x3d}, 0x64, 0x51c, &(0x7f0000000200)="$eJzs3UFoJFkZAOC/Ot3ZyUx2k1UPuuC6uiuZQac72bi7wcO6guhpQV3vY0w6IaSTDunO7iQsmsGDR0FEBU968SJ48iTIghePIizoWVFRRGf0IKhTS3dXZ2aS6k5mpiedSX8fVOrV66r3v9ehqutVPaoCGFnPRcRrEXE7TdMrETGV5ReyKfY7U2u9WzffXmpNSaTpG/9IIsnyumWlbU/EpWyzCxHx5S9EfC05Grexu7e+WKtVt7PlSnNjq9LY3bu6trG4Wl2tbs7Pz7288MrCSwuzA2nnZES8+rm/fO/bP/n8q7/85Ft/vPa3y19Psvw41I77VOz3YafppfZ3cfcG2w8Y7CwqtluYmchbY+xIzo1HXCcAAHp7X0R8LCKuxFSM9T+dBQAAAB5D6Wcm439J997dEeM98gEAAIDHSKE9BjYplLPxvpNRKJTL0R7D+4G4WKjVG81PrNR3Npc7Y2Wno1RYWatVZ7OxwtNRSlrLc+30neUXDy3PR8TTEfHdqYn2cnmpXlse9sUPAAAAGBGXDvX//z3V6f8DAAAA58z0sCsAAAAAPHL6/wAAAHD+6f8DAADAufbF119vTWn3/dfLb+7urNffvLpcbayXN3aWykv17a3yar2+2n5m38Zx5dXq9a1PxebO9Uqz2mhWGrt71zbqO5vNa2v3vAIbAAAAOEVPf+Sd3ycRsf/pifbUMn6yTU+4GnBWFQ9SSTbP2a3/8FRn/udTqhRwKsaGXQFgaIrDrgAwNKVhVwAYuuSYz3sO3vlNNv/oYOsDAAAM3syHet//L/Tdcr//x8CZZyeG0eX+P4yu9v3/k47kdbIA50rJGQCMvIe+/3+sNL2vCgEAAAM32Z6SQjm7vDcZhUK5HPFk+7UApWRlrVadjYinIuJ3U6UnWstz7S2TY/sMAAAAAAAAAAAAAAAAAAAAAAAAAEBHmiaRAgAAAOdaROGvya86z/KfmXph8vD1gfHkP1ORvSL0rR++8f3ri83m9lwr/58H+c0fZPkvDuMKBgAAAIyE4v2s3O2nd/vxAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADBIt26+vdSdTjPu3z8bEdN58YtxoT2/EKWIuPivJIp3bZdExNgA4k+0/nwwL37SqtZByLz4EwOIv3+jb/yYzr6FvPiXBhAfRtk7rePPa3n7XyGea8/z979ixD3LD6r38S8Ojn9jPfb/J08Y45l3f1bpGf9GxDPF/ONPN37SI/7zeQX+/FtHsr76lb29XvHTH0XM5P7+JPfEqjQ3tiqN3b2raxuLq9XV6ub8/NzLC68svLQwW1lZq1Wzv7kxvvPhX9zu1/6LPeJPH9P+F3LKG8/J+/+712++v5Ms5cW//HxO/F//OFvjaPxC9tv38Szd+nymm97vpO/27E9/+2y/9i/3aP9x///LvQo95MqXvvmnE64KAJyCxu7e+mKtVt0+t4lWL/0MVONxS/w3PRPVeLSJbwy0wDRN09Y+9RDlJHF6X0LSv6rDPjIBAACDduekf9g1AQAAAAAAAAAAAAAAAAAAgNF1Gk8aOxxz/yCVDOIR2gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/FeAAAA//+kyeAN")
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='sys_enter\x00'}, 0x10) (async)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000780)={r6, 0xffffffffffffffdc, &(0x7f0000000880)}, 0x10)

12.668362265s ago: executing program 4 (id=3878):
r0 = gettid()
rmdir(&(0x7f0000004340)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
r1 = socket(0x28, 0x5, 0x0)
bind$vsock_stream(r1, &(0x7f0000000040)={0x28, 0x0, 0x0, @local}, 0x10)
listen(r1, 0x0)
accept4$unix(r1, 0x0, 0x0, 0x0) (fail_nth: 4)
ioctl$PTP_SYS_OFFSET_PRECISE(0xffffffffffffffff, 0xc0403d08, &(0x7f0000000080))
r2 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
pipe(&(0x7f00000002c0)={<r3=>0xffffffffffffffff})
vmsplice(r3, &(0x7f00000014c0)=[{&(0x7f0000000000)='|', 0xfd}], 0xf, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
ptrace(0x10, 0x1)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$UI_DEV_CREATE(r4, 0x5501)
write$uinput_user_dev(r4, &(0x7f0000000100)={'syz0\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000], [0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000, 0x40000, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2]}, 0x45c)
sendmmsg$unix(0xffffffffffffffff, &(0x7f000000edc0)=[{{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000180)="94", 0x1}], 0x1}}], 0x1, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r7, 0x4138ae84, &(0x7f0000000100)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0xddf8ffdb, 0x0, 0x0, 0x140030})
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
syz_usb_connect$uac1(0x3, 0xe2, &(0x7f0000000900)={{0x12, 0x1, 0x200, 0x0, 0x0, 0x0, 0x40, 0x1d6b, 0x101, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0xd0, 0x3, 0x1, 0x4, 0x10, 0x8, {{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, {{0xa, 0x24, 0x1, 0x7fff, 0xb}, [@selector_unit={0x5, 0x24, 0x5, 0x6, 0x10}, @output_terminal={0x9, 0x24, 0x3, 0x5, 0x303, 0x4, 0x1, 0x8}, @input_terminal={0xc, 0x24, 0x2, 0x5, 0x203, 0x5, 0x9, 0x0, 0x10, 0x81}, @processing_unit={0xc, 0x24, 0x7, 0x3, 0x0, 0x13, "7c8b33fcd1"}]}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {[@format_type_ii_discrete={0xc, 0x24, 0x2, 0x2, 0xb2, 0x8, 0xb, "e73241"}, @format_type_i_continuous={0xc, 0x24, 0x2, 0x1, 0x5, 0x1, 0x84, 0x3, "fb71b7", "a3"}]}, {{0x9, 0x5, 0x1, 0x9, 0x40, 0x9, 0x9, 0x66, {0x7, 0x25, 0x1, 0xc3, 0x8, 0x9}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {[@format_type_ii_discrete={0x9, 0x24, 0x2, 0x2, 0x4, 0x7, 0xa}, @format_type_i_discrete={0x11, 0x24, 0x2, 0x1, 0x3a, 0x3, 0x1, 0x3, '\x00\x00\x00\x00\x00\x00\x00\x00\x00'}, @as_header={0x7, 0x24, 0x1, 0x9, 0x0, 0x3}, @format_type_i_continuous={0xb, 0x24, 0x2, 0x1, 0x9, 0x3, 0x9, 0x0, "235293"}, @as_header={0x7, 0x24, 0x1, 0x4d, 0x4, 0x1001}]}, {{0x9, 0x5, 0x82, 0x9, 0x8, 0xbe, 0x40, 0x0, {0x7, 0x25, 0x1, 0x82, 0x2, 0x25}}}}}}}]}}, 0x0)
openat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x101400, 0x40)

6.216378768s ago: executing program 2 (id=3899):
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket(0x10, 0x803, 0x0)
socket(0x10, 0x803, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r4}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x10, 0x4, 0x4, 0x2, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000180)={@cgroup, r2, 0x2f, 0x8, 0x0, @void, @value=r2}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r5, &(0x7f00000007c0)={0x400000000000000, 0x0, &(0x7f0000000140)={&(0x7f0000001900)={0x2, 0xf, 0x0, 0x0, 0x15, 0x0, 0x0, 0x0, [@sadb_address={0x5, 0x5, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @empty}}, @sadb_x_policy={0x8, 0x12, 0x0, 0x2, 0x0, 0x0, 0x0, {0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @in6=@empty, @in6=@private1}}, @sadb_address={0x5, 0x6, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @mcast2}}, @sadb_x_sec_ctx={0x1}]}, 0xa8}}, 0x0)

5.611964188s ago: executing program 2 (id=3900):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x8, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000005010001000900000001000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r1, &(0x7f0000000080), &(0x7f0000001540)=""/155}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000005c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="1afbb115679b4e69765c8e61995ea1b538eec6e0dff51e242d905398f17cfd6e9a9aad8d1779a4539be16c5582e61911ec6b8f0486fd10ffe976fb5dbe92d1c2713e22dd0fdc8959e2457afe9c38d5164f6a711ada4b874a11728a35a5c1ef04742da236fdd20cdc181cd1962960e2af5b49aa759d9897d95bfd91375b2edd4934586bc07f483deb2608c0ef7389262d967d71701d9e2473e346aea801470b8e929005c2441ceb2f4e9f4471a1aebe1d00b9f66dc46ed1d018acc9f83ea87fa444eaa4b7f0f6ff0b9499f513b03cb9f2baa7a36028436585d908570bcb", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r2}, 0x10)
uname(&(0x7f0000000940)=""/4096)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3}, 0x10)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x40, 0x0)
ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r6 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x8, 0x3, &(0x7f0000000200)=ANY=[@ANYBLOB="8500000062000000040000000000000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @cgroup_skb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
munmap(&(0x7f0000001000/0x4000)=nil, 0x4000)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000c40)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x20, 0x20, 0x5, [@enum={0x3, 0x1, 0x0, 0xf, 0x4, [{0xc}]}, @func]}, {0x0, [0x0, 0x0, 0x61]}}, &(0x7f0000002000)=""/4115, 0x3d, 0x1013, 0x1, 0x0, 0x0, @void, @value}, 0x28)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r7=>0x0})
sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000002c0)=ANY=[@ANYBLOB="4c0000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000001c00128009000100766c616e000000000c000280060001000400000008000500", @ANYRES32=r7, @ANYBLOB='\b\x00\n\x00', @ANYRES32=r7, @ANYBLOB="34ac1645bc6b1141694a572047c5a5b1de34c66d2e678f3205bc9a42dfec533bf61e794149e75a9de05e69c0305ce4b77ec2763841be558181267de044a216480ec687c589003aa456b9f1e79cfd074e57f7adbc730e9916c7e92dfeee414af0332fa200fb0bb85f3fdf25eb80939fcd6496b567fde446b29a81afa24db1cf65b42d46ac5c7f38f2620b7d8ecc42efdf1453e26f5fe6651b8afe8160bf5be65f7176089b1f9da6fec90d"], 0x4c}, 0x1, 0xba01}, 0x810)

5.420577794s ago: executing program 2 (id=3906):
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x903d01)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d67fc880c9d640f4eacc509873f1a103c87f69"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x41)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) (async)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) (async)
pipe2$9p(0x0, 0x106080) (async)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) (async)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6) (async)
r3 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000000000401e04012810000000000109022400010000000009040000020300000009210000000122050009058103"], 0x0)
r4 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r4}, 0x10) (async)
syz_usb_control_io(r3, &(0x7f0000000540)={0x2c, &(0x7f0000000040)=ANY=[@ANYBLOB='\x00\x00'], 0x0, 0x0, 0x0, 0x0}, 0x0) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) (async)
ioctl$ifreq_SIOCGIFINDEX_team(r6, 0x8933, &(0x7f0000000000)) (async)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0) (async)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000004000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0x1, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x10, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000700)={{r7}, &(0x7f0000000680), &(0x7f00000006c0)='%ps    \x00'}, 0x20) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00', r8}, 0x10) (async)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='sched_switch\x00'}, 0x10) (async)
ioctl$sock_inet_SIOCSIFFLAGS(r6, 0x8914, &(0x7f0000000040)={'ip6tnl0\x00', 0x100})
inotify_add_watch(0xffffffffffffffff, &(0x7f0000000280)='.\x00', 0x25000001)
write$char_usb(r1, 0x0, 0x0) (async)
syz_usb_connect$uac1(0x0, 0xa4, &(0x7f0000000100)=ANY=[@ANYBLOB="2a01000020000040b708000000000000030109029200030172e5000904000000010100000a24010000000201020c0d24070000030769dc000049c40c240000e9fffff5ffffffff0924031300010005024524", @ANYRES8=r1, @ANYBLOB="051713", @ANYRES64=r0], 0x0)

4.444895817s ago: executing program 0 (id=3907):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180200000000000000000000000000001801000020646c4300000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000085000000070000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$TOKEN_CREATE(0x24, &(0x7f00000001c0)={0x0, r0}, 0x8)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_generate\x00', r1}, 0x10)
timer_create(0x2, 0x0, &(0x7f0000000100))
r2 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000000000040260933334000000000010902240001000000000904000001030100000921"], 0x0)
syz_usb_control_io$hid(r2, 0x0, 0x0)
syz_usb_control_io(r2, &(0x7f00000011c0)={0x2c, &(0x7f0000000100)=ANY=[@ANYBLOB="000002"], 0x0, 0x0, 0x0, 0x0}, 0x0)
syz_usb_ep_write(r2, 0x81, 0x64, &(0x7f0000000440)="b9424705397f0019c136bce374205285c2466eb0ef01e29655f663ee844da60be22bf21472b1e7f49ad068c4e1c0a9573325f36784ffffce4cf730ddbf395346f7fd23f2e176b224e7ea1deb33c697884689393c15d155a710eb972acd778cd33d4d8a9c")
timer_settime(0x0, 0x1, &(0x7f00000006c0)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000300)={0xffffffffffffffff, 0x20, &(0x7f0000000280)={&(0x7f00000004c0)=""/214, 0xd6, <r3=>0x0, &(0x7f00000005c0)=""/244, 0xf4}}, 0x10)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r4, 0x6, 0x13, &(0x7f0000000180)=0x100000001, 0x4)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000740), 0x8)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f00000006c0)={'syztnl0\x00', &(0x7f00000003c0)={'syztnl0\x00', <r5=>0x0, 0x2f, 0x4, 0x3, 0x837, 0x5c, @local, @mcast1, 0x8000, 0x20, 0xfffffffe, 0x7}})
pipe2$watch_queue(&(0x7f0000000700)={0xffffffffffffffff, <r6=>0xffffffffffffffff}, 0x80)
bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x19, 0x3f, &(0x7f0000000380)=ANY=[@ANYBLOB="1801000000000020000000000000000018190000", @ANYRES32=r4, @ANYRESDEC=r4], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r5, @fallback, r6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0xffffffffffffff51)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x5, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r7}, 0x10)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000))
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0)
mount$bind(&(0x7f0000000180)='./file0\x00', &(0x7f0000000440)='./file0/file0\x00', 0x0, 0x1adc51, 0x0)

4.415533019s ago: executing program 3 (id=3910):
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket(0x10, 0x803, 0x0)
socket(0x10, 0x803, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r4}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x10, 0x4, 0x4, 0x2, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000180)={@cgroup, r2, 0x2f, 0x8, 0x0, @void, @value=r2}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r5, &(0x7f00000007c0)={0x400000000000000, 0x0, &(0x7f0000000140)={&(0x7f0000001900)={0x2, 0xf, 0x0, 0x0, 0x15, 0x0, 0x0, 0x0, [@sadb_address={0x5, 0x5, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @empty}}, @sadb_x_policy={0x8, 0x12, 0x0, 0x2, 0x0, 0x0, 0x0, {0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @in6=@empty, @in6=@private1}}, @sadb_address={0x5, 0x6, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @mcast2}}, @sadb_x_sec_ctx={0x1}]}, 0xa8}}, 0x0)

4.360464513s ago: executing program 2 (id=3911):
r0 = syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f00000007c0)='./file0\x00', 0x10, &(0x7f00000014c0), 0x1, 0x793, &(0x7f0000001700)="$eJzs3c1rXFUbAPDnTpKmb9r3TV4QbF0FBA2UTkyNrYKLigsRLBR0bTtMpqFmkimZSWlCoBYR3AhaXAi66dqPunPrx1b/Bd2ISEvVtFhxISN3PjqTZiadtvloze8Htz3n3jM595l77zln5h7mBrBjjab/ZCL2R8R7ScRwY30SEQO1VH/E0Xq5myvL+XRJolp99bekVubGynI+2l6T2tPI7IuIb96OOJBZW295cWkmVywW5hv58crsmfHy4tLB07O56cJ0Ye7wxOTkoSPPHBncuFj/+H5p79X3X3ry86N/vfXo5Xe/TeJo7G1sa49jo4zGaOM9GUjfwlVe3OjKtlmy3TvAPUkvzb76VR77Yzj6aqne9F4SAHiQnI+IKgCwwyT6fwDYYZrfA9xYWc6nS/X89n4fsdWuvRARu+vxN+9v1rf0N+7Z7a7dBx26kay635FExMgG1D8aER9/+fqn6RKbdB8SoJM3L0TEyZHRZvvfan+SNXMW6nqfkPFUD2VGb8tr/2DrfJWOf55tjf9a11/m1vgnOox/Bjtcu/diNGJXe37t9Z+5sgHVdJWO/54faM1tu9kWf8NIXyP339qYbyA5dbpYSNu2/0XEWAwMpvmJdeoYu/739VUr+lrJ9vHf7xff+CStP/2/VSJzpf+2JncqV8ndb9xN1y5EPNbfKf7k1vFPuox/j/dYx8vPvfNRt21p/Gm8zWV1/Js/q6x6KeKJ6Bx/U7Le/MTD47XTYbx5UnTwxU8fDnWrv/34p0taf/OzwFZIj//Q+vGPJO3zNct3X8d3l4a/7rbtzvF3Pv93Ja/V0s3G41yuUpmfiNiVvLJ2/aHWa5v5Zvk0/rHHO1//653/6WfCkz3G33/118/uPf7NlcY/dVfH/+4Tl2/O9HWrv7fjP1lLjTXW9NL+9bqD9/PeAQAAAAAAAAAAAAAAAAAAAAAAAECvMhGxN5JM9lY6k8lm68/wfiSGMsVSuXLgVGlhbipqz8oeiYFM86cuh9t+D3Wi8Xv4zfyh2/JPR8T/I+KDwf/U8tl8qTi13cEDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQMOeLs//T/0yuN17BwBsmt13LHG9sCU7AgBsmTv3/wDAv43+HwB2Hv0/AOw8+n8A2Hn0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGyy48eOpUv1z5XlfJqfOru4MFM6e3CqUJ7Jzi7ks/nS/JnsdKk0XSxk86XZtpf+0OnvFUulM5Mxt3BuvFIoV8bLi0snZksLc5UTp2dz04UThYEtiwwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeldeXJrJFYuFeYmHJVEdrh+6B2V/Nj/x88Ef961X5qLTeOMT290yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwc/gkAAP//skMoxA==")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000100)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, r0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
open(0x0, 0x0, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x1d, 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x2, 0x4, 0x7fe2, 0x1, 0x0, 0xffffffffffffffff, 0x140000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000fd00000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000030000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r5}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x0, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0)
utime(&(0x7f0000000200)='./file0\x00', 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB], 0x48)
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000000000406d1486c0000000000001090224000100000000090400000103000000092100000001220500090581"], 0x0)
socket$inet(0x2, 0x2, 0x1)
getpgrp(0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)

3.305998932s ago: executing program 3 (id=3913):
r0 = accept4$unix(0xffffffffffffffff, &(0x7f0000000200), &(0x7f0000000000)=0x6e, 0x80000)
connect$unix(r0, &(0x7f0000000180)=@abs={0x1, 0x0, 0x10}, 0x6e)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=@base={0x2, 0x4, 0x6, 0x1, 0x1000, 0xffffffffffffffff, 0xfffffffc, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000800007b8af8ff00000000bfa2000000000000070200005ec0f8ffffffb703000008000000b70400000000000085000000010000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000200)='fdb_delete\x00', r2}, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r3, 0x8924, &(0x7f0000000000)={'bridge_slave_0\x00', @random="010000201000"})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
write$UHID_CREATE(0xffffffffffffffff, &(0x7f0000002380)={0x0, {'syz0\x00', 'syz0\x00', 'syz1\x00', &(0x7f00000000c0)=""/33, 0x21}}, 0x120)
write$UHID_DESTROY(0xffffffffffffffff, &(0x7f0000000100), 0x4)

3.20938096s ago: executing program 3 (id=3914):
gettid()
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r0 = syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f00000005c0)={[{@noblock_validity}, {}, {@sysvgroups}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@nogrpid}, {@noauto_da_alloc}, {@nomblk_io_submit}]}, 0x3, 0x56a, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH")
setxattr$trusted_overlay_upper(&(0x7f0000000380)='./file0/file0\x00', &(0x7f00000001c0), &(0x7f00000003c0)=ANY=[@ANYRES64=r0, @ANYRES16=r0, @ANYBLOB="2f860f93021fb6c659af7b9f29c33173b046762a96c5ed67e8afdff3b006f303a66c79b81fe7bb9535bbfdbc5cd8b570d3e0d35862526201137ea080f4c0954f3ebda6e43f843873bfabb08c667bac2b2d", @ANYRES8=r0, @ANYRESDEC=r0, @ANYBLOB="e3481687ca1a5e31d934daee5a461bf41cec673f6b20a2a783bac55153c7b7c10e9f2cc11091f4310e0fdffed493f471d17032c8f34f0c5c8b5518e321f0c5000892429b903bfc0cc5f833fdd56b385de29f11f7831730d1dea241935e168015bcad5e748e9ce56e8b", @ANYRES8=r0, @ANYRESDEC=r0], 0x835, 0x0)
r1 = openat$kvm(0x0, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
creat(0x0, 0x1a7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x2d)
clock_gettime(0x0, &(0x7f0000000300))
r7 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r7, 0x8933, &(0x7f0000000180)={'batadv_slave_0\x00', <r8=>0x0})
sendmsg$nl_route(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="4400000013000100"/20, @ANYRES32=r8, @ANYBLOB="000000000000000005002700000000001c001a8018000a80140007"], 0x44}}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)

2.582262663s ago: executing program 1 (id=3915):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
mkdirat(r2, &(0x7f0000000040)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r4, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018400110800395032303030"], 0x15)
r5 = dup(r4)
write$FUSE_BMAP(r5, &(0x7f0000000080)={0x18}, 0x18)
mount$9p_fd(0x0, 0x0, &(0x7f0000000200), 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r3, @ANYBLOB=',wfdno=', @ANYRESHEX=r4])

2.508252889s ago: executing program 1 (id=3917):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
mkdirat(r2, &(0x7f0000000040)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r4, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff0184001108003950323030"], 0x15)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000200), 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r3, @ANYBLOB=',wfdno=', @ANYRESHEX=r4])

2.476950381s ago: executing program 1 (id=3918):
r0 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000000)={0xffffffffffffffff}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xb, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x22, '\x00', 0x0, @fallback=0x37, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = openat$selinux_status(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CAP_X2APIC_API(r1, 0x4068aea3, &(0x7f0000000240)={0x81, 0x0, 0x3})
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_normal', 0x202, 0x0)
write$binfmt_misc(r3, &(0x7f0000000100), 0x4c)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000080)=@framed={{0xffffffb4, 0x5, 0x0, 0x0, 0x0, 0x71, 0x10, 0x19, 0x100000}, [@ldst={0x6, 0x0, 0x6}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, &(0x7f00000000c0), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r5 = getpid()
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x6)
wait4(r5, 0x0, 0x287374b275c0b38e, &(0x7f0000000480))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
getcwd(0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r8}, 0x10)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x804810, &(0x7f0000000d40), 0x9, 0x61c, &(0x7f0000000700)="$eJzs3U1rXFUfAPD/nbwnz/MkDQ9qXWhAtAVt0qStFBG0CK5KqS8LwY1jk5ba6QtNRFMrTaFuBHHjQnDlwrrwO2hBcOUXcOHGlVSKSDdK0ZE7uTNOk7nJTMzMtJnfD8Y5556bOeea/HvOnDnnTgA9ayr9TyFid0RcSCIm68r6IyucWj3v9m+XT6SPJMrlV35N4vKVZKX+tZLseSwi0oI/xyP5LiIm+9bXu7h86UyxVFq4mOVnls5emFlcvrTv9NniqYVTC+fmnp47fOjgocOz++t+6uSLrV7frrr00WtvvTP+4bHXv/jsTjL75Y/Hkni+VpZeV6uvvZmpmIpypv54+v/18HZX1iV9tb+TfyRrD6z1QhsbREuqv7+BiHgwxqOv7rc5Hh+81NXGAW1VTqLWRwG9JhH/0KOq44Dqe/vm3gcPtnlUAnTCrSMRT9TifyAiqvHfvzo3GMOVuYHR28ld8zxJROzfhvrTOr7/9ti19BFtmocDGlu5OpTN26/t/5NKbE7EcCU3ertwV/wXsmnciWz+8OWNqxnPK5hak8/qH9rq9QDNW7kaEQ81Gv9vHv9vZM/p8Te3WH9O/AMAAAAAAABbcONIRDzV6PO/Qm39z2CD9T9jEXW757Zu88//Cje3oRqggVtHIp5tuP63UD1loi/L/beyHmAgOXm6tLA/Iv4XEXtjYCjNz9a/6Fd1Px0R+z6a/DSv/vr1f+kjrb+6FjBrx83+NauB5otLxW24dOh5t65GPNyfv/4n7f+TBv1/Gt8Xmqxj8vHrx/PKNo9/oF3Kn0fsadj/J7Vzko3vzzFTGQ/MVEcF6z3y3sdf59Uv/qF70v5/dOP4H0rq79ez2NrrD0bEgeX+cl75Vsf/g8mrfVG3E/Hd4tLSxdmIweTo+uNzrbUZ7ifDzZ/6fkRU4qEaL2n8731s4/m/2vi/Lg5Hsnt8NeOBv8Z+yivT/0P3pPE/v3H/P3F3/996Yu76xDd59R9vqv8/WOnT92ZHzP/BxpoN0G63EwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADuR4WI+E8khelaulCYno4Yi4j/x2ihdH5x6cmT598+N5+WVb7/v1D9pt/x1XxS/f7/ibr83Jr8gYjYFRGf9I1U8tMnzpfmu33xAAAAAAAAAAAAAAAAAAAAcI8YW31at/8/9XNfV5sGdEJ/9izeoff0d7sBQNeIf+hd4h96V378/36nXNHR5gAd1Gz/X77S5oYAHbfF8b+PC2AH8P4fetVAc6cNt7sdQDfo/wEAAAAAYEfZ9eiNH5KIWHlmpPJIDWZltQ8GR7rVOqCdCnkFQ51tB9B51vBC77L0B3pXk4t/gR0sqaX+aLjZP3/1f9KeBgEAAAAAAAAAAAAA6+zZ3cT+f2BHyt3/D+x4G+z/b7Sxx+0CYAex/x96l9t8AdXBft43/dv/DwAAAAAAAAAAAAD3gOFLZ4ql0sLFxeWmE1daOfnfJ36JvKLnOtmM7UqsFO+JZtwPiYGIWFNUHl/9sz1TLL0WnW1PNWI6UddgB+vKSXTp3yMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGCdvwMAAP//emUoLA==")

2.308308136s ago: executing program 3 (id=3919):
r0 = syz_mount_image$ext4(&(0x7f0000000ac0)='ext4\x00', &(0x7f0000000180)='./file0\x00', 0x3810744, &(0x7f0000000700), 0x1, 0x450, &(0x7f0000000d00)="$eJzs289vFFUcAPDvzG4BAWlFREHQKhobf7S0oHLwotHEgyYmesBjbQtBFmpoTYQQrcbg0ZB4Nx5N/As8eTLqycSr3g0J0cYE9OKa2Z1pu9vd0h9btrKfT7Lw3s7bee+bN2/27XudAHrWYPZPErE7In6NiP56trHAYP2/m/OXJ/6evzyRRLX65h9JrdyN+csTRdHic7vyzFAakX6a5JU0mrl46ex4pTJ1Ic+PzJ57b2Tm4qVnzpwbPz11eur82IkTx4+NPv/c2LMdiTNr042DH04fOvDq21dfnzh59Z0fv9kREfsP148vjaNTBrPA/6zWNB97vNOVddm/1cU4k3K3W8NqlSIi666+2vjvj1Isdl5/vPJJVxsHbKrsnr29/eG5KnAHS6LbLQC6o/iiz37/Fq/bNPXYEq6/WP8BlMV9M3/Vj5Qjzcv0bWL9gxFxcu6fL7NXNK1DVFusGwAAbNR32fzn6eXzvyQi9i8pl+R7QwMRcU9E7I2IeyNiX0Tcl5e9PyIeWGP9zVtDy+ef6bV1hrYq2fzvhXxvq3H+V8z+YqCU5+6uxd+XnDpTmToaEXsiYij6tmf50VYnL07x8i+ft6t/6fwve2X1F3PB/CTXyk0LdJPjs+OdmpRe/zjiYLlV/MnCTkDW9wci4uDaTr2nSJx58utD7QrdOv4VdGCfqfpVxBP1/p+LpvgLycr7kyM7ojJ1dKS4Kpb76ecrb7Srf0Pxd0DW/zsbr/+mEv1/JUv3a2fWXseV3z5r+5uyvM7rf1vyVm3Pelv+3gfjs7MXRiO2Ja/V8g3vjy1+tsgX5bP4h460Hv97889k8T8YEdlFfDgiHoqIh/O+eyQiHo2IIyvE/8NLj73b7thW6P/Jlve/het/oLH/154onf3+23b1r+7+d7yWGsrfqd3/bqF9c3bkJdZ7NQMAAMD/TxoRuyNJhxfSaTo8XP97+X2xM61Mz8w+dWr6/fOT9WcEBqIvLVa6+pesh44mc/kZ6/mxfK24OH4sXzf+onRXLT88MV2Z7HLs0Ot2tRn/md9L3W4dsOk8rwW9q3n8p11qB3D7+f6H3mX8Q+8y/qF3tRr/HzXl7QXAncn3P/Qu4x96l/EPvcv4h560kef6NytRXuHpfYmtkoh0SzRDokWi3IHR3eUbEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQIf8FwAA//+YWPHx")
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="180000001b00000000000000000000009500000000000000"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180500000000c800000000004b64ffec850000007d000000850000002a00000095"], &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000007c0)=ANY=[@ANYRES16=r0], 0xac}}, 0x40000)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="0600000004000000ff0f00000700000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000000af10e4e313a12685c6400dfa7ffd2540921200000000000088a79e209a9cb9664613794c6afdc5"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYRESOCT=r0], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='sched_switch\x00', r4}, 0x10)
syz_mount_image$msdos(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x2000c8, &(0x7f0000000100)=ANY=[@ANYBLOB='codepage=874,nodots,dots,tz=UTC,dots,nodots,codepage=862,dots,dots,check=strict,allow_utime=000000000000000000001,sys_immutable,nodots,nfs,quiet,dots,nodots,nodots,debug,usefree,tz=UTC,flush,nodots,\x00'], 0xfd, 0x1bf, &(0x7f0000000940)="$eJzs3TGL02AYB/Cn9bzmnG4TRCHg4nSon+BEThADgtJBJ4XT5SqCt0SX9mP4Af0A0qmLRGrSxkaHWmxS6++39En/edvnHZp26ZNXN99dnL+/fPvl+udIkl70T+M0Zr04jn4sTAIA2CezooivRanrXgCAdqzx/f+t5ZYAgC17/uLlkwdZdvYsTZOI6SQf5sPyscwfPc7O7qY/HNerpnk+vLLM76XN3w7z/Gpcq/L75fp0NT+MO7fLfJ49fJo18kGcb3frAAAAAAAAAAAAAAAAAAAAAADQmVuRLvx2vs/JSTM/qvLy6Kf5QI35PQdx46A6rMcDFeM2NgUAAAAAAAAAAAAAAAAAAAD/mMuPny5ej0ZvPtTFICJWn/mTole98IbL2y76sRNtKP5qke5GG6MNPwWHEbGtxmZFUax1cn2NGHR1cQIAAAAAAAAAAAAAAAAAgP9M/affX7Oki4YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoAP1/f83KMYRscbJyzc76nSrAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7LHvAQAA///DgjXa")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r5 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000580)=ANY=[@ANYBLOB="ac0000000101010400000000000000000a0000003c0001802c000180140003000000000000000000000000000000000014000400ff0100000000000000000000000000010c00028005000100000000003c0002802c00018014000300fe8000000000000000000000000000aa14000400fe8000000000000000000000000000aa0c0002800500010000000000080007400000000018000680140004002081"], 0xac}}, 0x0)
r8 = syz_open_dev$usbfs(&(0x7f0000000c40), 0x310decfa, 0x1)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_percpu_user\x00', 0x275a, 0x0)
ioctl$USBDEVFS_CONTROL(r8, 0x80045505, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
fsetxattr$trusted_overlay_opaque(0xffffffffffffffff, &(0x7f00000004c0), &(0x7f0000000540), 0x2, 0x3)

1.593037256s ago: executing program 4 (id=3916):
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_open_dev$tty20(0xc, 0x4, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @empty}, 0x10)
connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r1}, 0x4)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff0000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sys_enter\x00', r2}, 0x10)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
ftruncate(r3, 0x2000009)
sendfile(r0, r3, 0x0, 0x7ffff004)
recvmsg(r0, &(0x7f0000000580)={0x0, 0x2, &(0x7f0000000500)=[{&(0x7f0000000740)=""/4096, 0xa15b0}], 0x1}, 0x700)
r4 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffff9)
keyctl$link(0x8, 0x0, r4)

1.588805416s ago: executing program 1 (id=3920):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x0, &(0x7f0000000240), 0x25, 0x4b6, &(0x7f0000000540)="$eJzs3c9vVFsdAPDvvW1pKYUWJfFHVBBRNISZdoCGsMKNxhASI3HlAmo7NE1nOk1nirSyKP+DiSSu9E9wYeLChJV7d7pzgwsTVOILfclbzMudmZZSOm3fo8x96Xw+ycm9555hvt/D9J4zPW3nBNC3LkTERkSciIgHETHeuZ50Stxul+xxr189md189WQ2iWbz3n+TVnt2LXb8m8ypznOORMTPfhzxy+TduPW19cWZSqW80qkXG9XlYn1t/epCdWa+PF9eKpWmp6Ynb167UTqyvp6v/vHljxbu/Pwvf/7mi79t/ODXWVpjnbad/ThK7a4PbcfJDEbEnQ8RLAcDnf6cyDsRPpc0Ir4UERez+7+ZdzYAQC80m+PRHN9ZBwCOu7S1Bpakhc5awFikaaHQXsM7F6NppVZvXHlYW12aa6+VTcRQ+nChUp7srBVOxFCS1ada52/qpV31axFxNiJ+M3yyVS/M1ipzeb7xAYA+dmrX/P/RcHv+BwCOuZG8EwAAes78DwD9x/wPAP3H/A8A/cf8DwD9x/wPAP3H/A8AfeWnd+9mpbnZ+fzruUdrq4u1R1fnyvXFQnV1tjBbW1kuzNdq863P7Kke9HyVWm156nqsPi42yvVGsb62fr9aW11q3G99rvf98lBPegUA7Ofs+ef/SCJi49bJVokdezmYq+F4S/NOAMjNQN4JALkZzDsBIDe+xwf22KL3LV1/RejZ0ecC9Mblr1n/h35l/R/6l/V/6F/W/6F/NZuJPf8BoM9Y4wf8/B8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+u7FWSdJCZy/wsUjTQiHidERMxFDycKFSnoyIMxHx9+Gh4aw+lXfSAMB7Sv+ddPb/ujx+aWx364nk4+HWMSJ+9bt7v30802isTGXX/7d9vfGsc72UR/4AwEG25umteXzL61dPZrdKL/N5+cP25qJZ3M1OabcMxmDrOBJDETH6/6RTb8verwwcQfyNpxHx1b36n7TWRiY6O5/ujp/FPt3T+Olb8dNWW/uY/V98+QhygX7zPBt/bu91/6VxoXXc+/4faY1Q729r/Nt8Z/xLt8e/gS7j34XDxrj+1590bXsa8fXBveIn2/GTLvEvHTL+P7/xrYvd2pq/j7gce8ffGavYqC4X62vrVxeqM/Pl+fJSqTQ9NT1589qNUrG1Rl3cWql+139uXTmzX/9Hu8QfOaD/3z1k///wyYNffHuf+N//zt6v/7l94mdz4vcOGX9m9E9dt+/O4s916f9Br/+VQ8Z/8a/1uUM+FADogfra+uJMpVJecdKzk+y92xcgDSe5nWRfAUfxPF/5gKnmPTIBH9qbmz7vTAAAAAAAAAAAAAAAgG568QdPefcRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA4+vTAAAA//+0tdao")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='cgroup.controllers\x00', 0x275a, 0x0) (async)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='cgroup.controllers\x00', 0x275a, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYRES32=0x0], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8e}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) (async)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
getpid() (async)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) (async)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="09000000040000000200000004"], 0x48) (async)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="09000000040000000200000004"], 0x48)
close(0x3) (async)
close(0x3)
close(0xffffffffffffffff)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x5, 0x5, 0x400, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) (async)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x5, 0x5, 0x400, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000003000004850000008600000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_GET_PROG_INFO(0xa, &(0x7f0000000b00)={r6, 0x2, 0x0}, 0x10)
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x0, 0x40002000, 0x0)
r7 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x141042, 0x0)
pwritev2(r7, &(0x7f00000001c0)=[{&(0x7f0000000080)="ff", 0xfdef}], 0x1, 0xe7b, 0x0, 0x0)

1.42829972s ago: executing program 3 (id=3921):
r0 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000000)={0xffffffffffffffff}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xb, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x22, '\x00', 0x0, @fallback=0x37, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = openat$selinux_status(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CAP_X2APIC_API(r1, 0x4068aea3, &(0x7f0000000240)={0x81, 0x0, 0x3})
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_normal', 0x202, 0x0)
write$binfmt_misc(r3, &(0x7f0000000100), 0x4c)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000080)=@framed={{0xffffffb4, 0x5, 0x0, 0x0, 0x0, 0x71, 0x10, 0x19, 0x100000}, [@ldst={0x6, 0x0, 0x6}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, &(0x7f00000000c0), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r5 = getpid()
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x6)
wait4(r5, 0x0, 0x287374b275c0b38e, &(0x7f0000000480))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
getcwd(0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000790000ff000000000000ea04850000007b000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
io_uring_enter(0xffffffffffffffff, 0x47fa, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r8}, 0x10)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x804810, &(0x7f0000000d40), 0x9, 0x61c, &(0x7f0000000700)="$eJzs3U1rXFUfAPD/nbwnz/MkDQ9qXWhAtAVt0qStFBG0CK5KqS8LwY1jk5ba6QtNRFMrTaFuBHHjQnDlwrrwO2hBcOUXcOHGlVSKSDdK0ZE7uTNOk7nJTMzMtJnfD8Y5556bOeea/HvOnDnnTgA9ayr9TyFid0RcSCIm68r6IyucWj3v9m+XT6SPJMrlV35N4vKVZKX+tZLseSwi0oI/xyP5LiIm+9bXu7h86UyxVFq4mOVnls5emFlcvrTv9NniqYVTC+fmnp47fOjgocOz++t+6uSLrV7frrr00WtvvTP+4bHXv/jsTjL75Y/Hkni+VpZeV6uvvZmpmIpypv54+v/18HZX1iV9tb+TfyRrD6z1QhsbREuqv7+BiHgwxqOv7rc5Hh+81NXGAW1VTqLWRwG9JhH/0KOq44Dqe/vm3gcPtnlUAnTCrSMRT9TifyAiqvHfvzo3GMOVuYHR28ld8zxJROzfhvrTOr7/9ti19BFtmocDGlu5OpTN26/t/5NKbE7EcCU3ertwV/wXsmnciWz+8OWNqxnPK5hak8/qH9rq9QDNW7kaEQ81Gv9vHv9vZM/p8Te3WH9O/AMAAAAAAABbcONIRDzV6PO/Qm39z2CD9T9jEXW757Zu88//Cje3oRqggVtHIp5tuP63UD1loi/L/beyHmAgOXm6tLA/Iv4XEXtjYCjNz9a/6Fd1Px0R+z6a/DSv/vr1f+kjrb+6FjBrx83+NauB5otLxW24dOh5t65GPNyfv/4n7f+TBv1/Gt8Xmqxj8vHrx/PKNo9/oF3Kn0fsadj/J7Vzko3vzzFTGQ/MVEcF6z3y3sdf59Uv/qF70v5/dOP4H0rq79ez2NrrD0bEgeX+cl75Vsf/g8mrfVG3E/Hd4tLSxdmIweTo+uNzrbUZ7ifDzZ/6fkRU4qEaL2n8731s4/m/2vi/Lg5Hsnt8NeOBv8Z+yivT/0P3pPE/v3H/P3F3/996Yu76xDd59R9vqv8/WOnT92ZHzP/BxpoN0G63EwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADuR4WI+E8khelaulCYno4Yi4j/x2ihdH5x6cmT598+N5+WVb7/v1D9pt/x1XxS/f7/ibr83Jr8gYjYFRGf9I1U8tMnzpfmu33xAAAAAAAAAAAAAAAAAAAAcI8YW31at/8/9XNfV5sGdEJ/9izeoff0d7sBQNeIf+hd4h96V378/36nXNHR5gAd1Gz/X77S5oYAHbfF8b+PC2AH8P4fetVAc6cNt7sdQDfo/wEAAAAAYEfZ9eiNH5KIWHlmpPJIDWZltQ8GR7rVOqCdCnkFQ51tB9B51vBC77L0B3pXk4t/gR0sqaX+aLjZP3/1f9KeBgEAAAAAAAAAAAAA6+zZ3cT+f2BHyt3/D+x4G+z/b7Sxx+0CYAex/x96l9t8AdXBft43/dv/DwAAAAAAAAAAAAD3gOFLZ4ql0sLFxeWmE1daOfnfJ36JvKLnOtmM7UqsFO+JZtwPiYGIWFNUHl/9sz1TLL0WnW1PNWI6UddgB+vKSXTp3yMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGCdvwMAAP//emUoLA==")

1.320221149s ago: executing program 1 (id=3922):
mount$overlay(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400))
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000d40), 0x0, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x2006, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000001000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008180000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r5}, 0x10)
request_key(&(0x7f0000000380)='syzkaller\x00', &(0x7f00000003c0)={'syz', 0x3}, 0x0, 0xfffffffffffffffd)
add_key$keyring(&(0x7f0000000540), &(0x7f0000000580)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffd)
syz_mount_image$fuse(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
symlink(&(0x7f0000000dc0)='./file0\x00', 0x0)
readlinkat(0xffffffffffffff9c, &(0x7f0000000100)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xffffffffffffffff, 0xb4)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000001280)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x0, 0x0, 0xa}, {0x0, [0x0, 0x61, 0x0, 0x0, 0x0, 0x0, 0x2e, 0x2e]}}, &(0x7f0000000040)=""/249, 0x22, 0xf9, 0x6, 0x7f, 0x0, @void, @value}, 0x28)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="1800"/18], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock_addr, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)

940.111801ms ago: executing program 2 (id=3923):
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket(0x10, 0x803, 0x0)
socket(0x10, 0x803, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r4}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x10, 0x4, 0x4, 0x2, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000180)={@cgroup, r2, 0x2f, 0x8, 0x0, @void, @value=r2}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r5, &(0x7f00000007c0)={0x400000000000000, 0x0, &(0x7f0000000140)={&(0x7f0000001900)={0x2, 0xf, 0x0, 0x0, 0x15, 0x0, 0x0, 0x0, [@sadb_address={0x5, 0x5, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @empty}}, @sadb_x_policy={0x8, 0x12, 0x0, 0x2, 0x0, 0x0, 0x0, {0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @in6=@empty, @in6=@private1}}, @sadb_address={0x5, 0x6, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @mcast2}}, @sadb_x_sec_ctx={0x1}]}, 0xa8}}, 0x0)

914.518023ms ago: executing program 0 (id=3924):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000000e00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r0}, 0x10) (async)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x2000040, &(0x7f00000007c0)={[{@errors_remount}, {@nodiscard}, {@noquota}, {@init_itable}, {@stripe={'stripe', 0x3d, 0x79}}, {@resgid}, {@sysvgroups}, {@delalloc}, {@usrquota}]}, 0x10, 0x4d2, &(0x7f00000002c0)="$eJzs3c9rHG8ZAPBnJtlvf+VrUvVQC7bFVtKi3U0a2wYPtYLYU8Fa7zUmmxCyyYbspm1CkRTvCiIqePLkRfAPEKR/gggFvUsVRbTVgwd1ZWdnaxt3m0i3OzX5fGA67zvv7j7P27Az88687ARwaJ2LiJsRMRIRlyJiPN+e5sutdvudzutePH80316SaLXu/jmJJN/W/awkX5+IiJ2IOBoRX70V8Y3kv+M2trZX5mq16kZerzRX1yuNre3Ly6tzS9Wl6trMzPS12euzV2enBtLPiYi48aXff/87P/nyjV989sFv7/3x4jfbaY3l7a/2Y5A6XS9l/xddoxGx8S6CFWAkX5f6tH97ZIjJAACwp/Y5/kcj4lPZ+f94jGRnpwAAAMBB0vrCWPwjiWgBAAAAB1aazYFN0nI+F2As0rRc7szh/XgcT2v1RvMzi/XNtYXOXNmJKKWLy7XqVD5XeCJKSbs+nc+x7dav7KrPRMTJiPje+LGsXp6v1xaKvvgBAAAAh8SJXeP/v41n4/8jRecFAAAADNhE0QkAAAAA75zxPwAAABx8xv8AAABwoH3l9u320uo+/3rh/tbmSv3+5YVqY6W8ujlfnq9vrJeX6vWl7Df7Vvf6vFq9vv65WNt8WGlWG81KY2v73mp9c615b/m1R2ADAAAAQ3Ty7JPfJBGx8/lj2dL2QdFJAUOR7NGePSTkWV753RASAoZmpOgEgMKMFp0AUJhS0QkAhdvrOkDfyTu/HHwuAADAuzH5if73/10bgIMtLToBAGDo3P+Hw6v0+gzAq8VlAhTlI3u0v/39/1brf0oIAAAYuLFsSdJyfi9wLNK0XI74MHssQClZXK5Vp/Lxwa/HS0fa9ensncmec4YBAAAAAAAAAAAAAAAAAAAAAAAAgI5WK4kWAAAAcKBFpH9Isl/zj5gcvzC2+/rAB8nfx7N1RDz40d0fPJxrNjem29v/8nJ784f59itFXMEAAAAAduuO07vjeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYpBfPH813l2HG/dMXI2KiZ/yzR7PV0ShFxPG/JjH6yvuSiBgZQPydxxFxqlf8pJ1WTEQni17xjxUYP42IEwOID4fZk/b+52av718a57J17+/faL68rf77vzS6+7+RPvufD/cZ4/TTn1X6xn8ccXq09/6nGz/pE//8PuN//Wvb2/3aWj+OmOx5/Elei1Vprq5XGlvbl5dX55aqS9W1mZnpa7PXZ6/OTlUWl2vV/N+eMb77yZ//6039P94n/sQe/b+wz/7/8+nD5x/rFEu94l883/v4e6pP/DQ/9n06L7fbJ7vlnU75VWd++qszb+r/Qp/+v/z79zjQtmNe3Gf/L9351rN9vhQAGILG1vbKXK1W3fh/LKTxXqShMJDCkfcjDYVOoeg9EwAAMGj/OekvOhMAAAAAAAAAAAAAAAAAAAA4vIbxc2K7Y+4U01UAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgDf6dwAAAP//sf7Zeg==") (async)
prlimit64(0x0, 0xe, 0x0, 0x0) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) (async)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) (async)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) (async)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x12, r3, 0x0) (async)
write$cgroup_int(r3, &(0x7f0000000000)=0x5, 0x12)
r4 = socket$packet(0x11, 0x3, 0x300)
r5 = socket$packet(0x11, 0x2, 0x300) (async)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000980)={'wg2\x00', <r6=>0x0})
sendto$packet(r5, &(0x7f0000000180)="0b031407e0ff64", 0x7, 0x0, &(0x7f0000000140)={0x11, 0x12, r6}, 0x14)

748.500597ms ago: executing program 0 (id=3925):
getpgid(0x0)
gettid()
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000), 0x62040, 0x0)
sendmsg$NFT_MSG_GETOBJ_RESET(r1, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x4c, 0x15, 0xa, 0x201, 0x0, 0x0, {0x3, 0x0, 0x1}, [@NFTA_OBJ_TYPE={0x8, 0x3, 0x1, 0x0, 0x8}, @NFTA_OBJ_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_OBJ_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_OBJ_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_OBJ_TABLE={0x9, 0x1, 'syz0\x00'}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4000001}, 0x48010)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ff7fffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f00000007c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000010000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000001a80)=@base={0x6, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000100)='sys_enter\x00', r2}, 0x10)
fsync(0xffffffffffffffff)

725.394889ms ago: executing program 4 (id=3927):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
mkdirat(r2, &(0x7f0000000040)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r4, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018400110800395032303030"], 0x15)
r5 = dup(r4)
write$FUSE_BMAP(r5, &(0x7f0000000080)={0x18}, 0x18)
mount$9p_fd(0x0, 0x0, &(0x7f0000000200), 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r3, @ANYBLOB=',wfdno=', @ANYRESHEX=r4])

708.678701ms ago: executing program 4 (id=3928):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f00000001c0)={[{@grpquota}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x800}}, {@minixdf}]}, 0x1, 0x4fa, &(0x7f00000005c0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=")
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, 0x0}, 0x0)
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000001540)='./file0\x00', 0x2000004c, &(0x7f00000002c0)=ANY=[@ANYRES64, @ANYRESDEC, @ANYRES8, @ANYRESHEX=0x0, @ANYBLOB=',me=00000000000000000000007,discard,\x00'/46], 0x1, 0x14f5, &(0x7f0000001580)="$eJzs3AuYjlXXOPC99t43Y5r0NMlh2GuvmycNtkmSHBJySJIkSXJKSJokSUgMOSUNSchxkhyGkBymMWmcz4eckyavNEkSklPY/0vv+33e9+v9vr7v//b/u65v1u+69jV7zf2s9ax71lzz3PdzXfP80HNUvRb1azcjIvEvgb9+SRFCxAghhgkhbhBCBEKISvGV4q8cL6Ag5V97EvbnejT9WnfAriWef97G88/beP55G88/b+P55208/7yN55+38fwZy8u2zyl2I6+8u/j9/7yMX///F8ktP/mbjeVv7vU/SOH55208/7yN55+38fzzNp5/3sbz/9+v1n9xjOeft/H8GcvLrvX7z7yu7brWv3+MMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxvKGc/4qLYT4t/217osxxhhjjDHGGGN/Hp//WnfAGGOMMcYYY4yx//dASKGEFoHIJ/KLGFFAxIrrRJy4XhQUN4iIuFHEi5tEIXGzKCyKiKKimEgQxUUJYQQKK0iEoqQoJaLiFlFa3CoSRRlRVpQTTpQXSeI2UUHcLiqKO0QlcaeoLO4SVURVUU1UF3eLGuIeUVPUErXFvaKOqCvqifriPtFA3C8aigdEI/GgaCweEk3Ew6KpeEQ0E4+K5uIx0UI8LlqKJ0Qr0Vq0EW1Fu/+r/FdEX/Gq6Cf6ixQxQAwUr4lBYrAYIoaKYeJ1MVy8IUaIN0WqGClGibfEaPG2GCPeEWPFODFevCsmiIlikpgspoipIk28J6aJ98V08YGYIWaKWWK2SBdzxFzxoZgn5osF4iOxUHwsFonFYolYKjLEJyJTLBNZ4lOxXHwmssUKsVKsEqvFGrFWrBPrxQaxUWwSm8UWsVVsE9vF52KH2Cl2id1ij9gr9okvxH7xpTggvhI54uv/Yf7Z/5DfCwQIkCBBg4Z8kA9iIAZiIRbiIA4KQkGIQATiIR4KQSEoDIWhKBSFBEiAElACEBAICEpCSYhCFEpDaUiERCgLZcGBgyRIggpwO1SEilAJKkFlqAxVoCpUhepQHWpADagJNaE21IY6UAfqQT24D+6D+6EhNIRG0AgaQ2NoAk2gKTSFZtAMmkNzaAEtoCW0hFbQCtpAG2gH7aA9tIcO0AE6QSfoDJ2hC3SBZEiGrtAVukE36A7doQf0gJ7QE3pBb+gNr8Ar8Cq8Cv2hjhwAA2EgDIJBMASGwlB4HYbDG/AGvAmpMBJGwVvwFrwNY+AMjIVxMB7GQw05ESbBZCA5FdIgDabBNJgO02EGzISZMBvSYQ7MhbkwD+bDfPgIFsLH8DEshsWwFDIgAzJhGWRBFiyHs5ANK2AlrILVsAZWwzpYD+tgI2yCjbAFtsA22Aafw+ewE3bCbtgNe2EvfAFfwJfwJaRCDuTAQTgIh+AQHIbDkAu5cASOwFE4CsfgGByH43ACTsIpOAmn4TScgbNwDs7BBbgAF+GlhO+a7y2zIVXIK7TUMp/MJ2NkjIyVsTJOxsmCsqCMyIiMl/GykCwkC8vCsqgsKhNkgiwhS0iUKEmGsqQsKaMyKkvL0jJRJsqysqx00skkmSQryAqyoqwoK8k7ZWV5l6wiq8qOrrqsLmvITq6mrCVry9qyjqwr68n6sr5sIBvIhrKhbCQbycaysWwiH5ZN5QAYAo/KK5NpIUdCSzkKWsnWso1sK9+GJ2V7OQY6yI6yk3xajoOx0EW2d8nyOdlVToJu8gU5GV6UPeRU6Clflr1kb9lHviL7yg6un+wvZ8AAOVDOhkFysBwih8p5UFdemVg9+aZMlSPlKPmWXApvyzHyHTlWjpPj5btygpwoJ8nJcoqcKtPke3KafF9Olx/IGXKmnCVny3Q5R86VH8p5cr5cID+SC+XHcpFcLJfIpTJDfiIz5TKZJT+Vy+VnMluukCvlKrlarpFr5Tq5Xm6QG+UmuVlukVvlNrldfi53yJ1yl9wt98i9cp/8Qu6XX8oD8iuZI7+WB+Vf5CH5jTwsv5W58jt5RH4vj8of5DH5ozwuf5In5El5Sv4sT8tf5Bl5Vp6T5+UF+au8KC/Jy9JLoUBJpZRWgcqn8qsYVUDFqutUnLpeFVQ3qIi6UcWrm1QhdbMqrIqooqqYSlDFVQllFCqrSIWqpCqlouoWVVrdqhJVGVVWlVNOlVdJ6jZVQd2uKqo7VCV1p6qs7lJVVFVVTVVXd6sa6h5VU9VStdW9qo6qq+qp+uo+1UDdrxqqB1Qj9aBqrB5STdTDqql6RDVTj6rm6jHVQj2uWqonVCvVWrVRbVU79aRqr55SHVRH1Uk9rTqrZ1QX9axKVs+prup51U29oLqrF1UP9ZLqqV5WvVRv1UddUpeVV/1Uf5WiBqiB6jU1SA1WQ9RQNUy9roarN9QI9aZKVSPVKPWWGq3eVmPUO2qsGqfGq3fVBDVRTVKT1RQ1VaWp99Q09b6arj5QM9RMNUvNVulqjhryt0oL/hv57/+T/BG/Pfs2tV19rnaonWqX2q32qL1qn9qn9qv96oA6oHJUjjqoDqpD6pA6rA6rXJWrjqgj6qg6qo6pY+q4Oq5OqJPqvPpZnVa/qDPqrDqrzqsL6oK6+LefgdCgpVZa60Dn0/l1jC6gY/V1Ok5frwvqG3RE36jj9U26kL5ZF9ZFdFFdTCfo4rqENhq11aRDXVKX0lF9iy6tb9WJuowuq8tpp8vrJH3bv5z/R/210+10e91ed9AddCfdSXfWnXUX3UUn62TdVXfV3XQ33V131z10D91T99S9dC/dR/fRfXVf3U/30yk6RQ/Ur+lBerAeoofqYfp1PVwP1yP0CJ2qU/UoPUqP1qP1GD1Gj9Vj9Xg9Xk/QE/QkPUlP0VN0mk7T0/Q0PV1P1zP0DD1Lz9LpOl3P1XP1PD1PL9AL9EK9UC/Si/QSvURn6AydqTN1ls7Sy/Vyna1X6BV6lV6l1+g1ep1epzfoDXqT3qS36C06W2/X2/UOvUPv0rv0Hr1H79P79H69Xx/QB3SOztEH9UF9SB/Sh/Vhnatz9RF9RB/VR/UxfUwf18f1CX1Cn9Kn9Gl9Wp/RZ/Q5fU5f0Bf0RX1RX9aXr1z2BTKQgQ50kC/IF8QEMUFsEBvEBXFBwaBgEAkiQXwQHxQKbg4KB0WCokGxICEoHpQITICBDSgIg5JBqSAa3BKUDm4NEoMyQdmgXOCC8kFScFtQIbg9qBjcEVQK7gwqB3cFVYKqQbWgenB3UCO4J6gZ1ApqB/cGdYK6Qb2gfnBf0CC4P2gYPBA0Ch4MGgcPBU2Ch4OmwSNBs+DRoHnwWNAieDxoGTwRtApaB22CtkG7P7W+92eKPOX6mf4mxQwwA81rZpAZbIaYoWaYed0MN2+YEeZNk2pGmlHmLTPavG3GmHfMWDPOjDfvmglmoplkJpspZqpJM++ZaeZ9M918YGaYmWaWmW3SzRwz13xo5pn5ZoH5yCw0H5tFZrFZYpaaDPOJyTTLTJb51Cw3n5lss8KsNKvMarPGrDXrzHqzwWw0m8xms8VsNdvMdvO52WF2ml1mt9lj9pp95guz33xpDpivTI752hw0fzGHzDfmsPnW5JrvzBHzvTlqfjDHzI/muPnJnDAnzSnzszltfjFnzFlzzpw3F8yv5qK5ZC4bf+Xi/srLO2rUmA/zYQzGYCzGYhzGYUEsiBGMYDzGYyEshIWxMBbFopiACVgCS+AVhIQlsSRGMYqlsTQmYiKWxbLo0GESJmEFrIAVsSJWwkpYGStjFayC1bAa3o134z14D9bCWngv3ot1sS7Wx/rYABtgQ2yIjbARNsbG2ASbYFNsis2wGTbH5tgCW2BLbImtsBW2wTbYDtthe2yPHbADdsJO2Bk7YxfsgsmYjF2xK3bDbtgdu2MP7IE9sSf2wl7YB/tgX+yL/bAfpmAKDsSBOAgH4RAcgsNwGA7H4TgCR2AqpuIoHIWjcTSOwTE4FsfheHwXJ+BEnISTcQpOxTRMw2k4DafjdJyBM3AWzsJ0TMe5OBfn4TxcgAtwIS7ERbgIl+ASzMAMzMRMzMIsXI7LMRuzcSWuxNW4GtfiWlyP63EjbsTNuBm34lbcjttxB+7AXbgL9+Ae3If7cD/uxwN4AHMwBw/iQTyEh/AwHsZczMUjeASP4lE8hsfwOB7HE3gCT+EpPI2n8QyewXN4Di/gr3gRL+Fl9BhjpYi119k4e70taG+wMbaA/fu4qC1mE2xxW8IaW9gW+YcYrbWJtowta8tZZ8vbJHvb7+IqtqqtZqvbu20Ne4+t+bu4gb3fNrQP2Eb2QVvf3vcPcWP7kG1iH7dN7RO2mW1tm9u2toV93La0T9hWtrVtY9vazvYZ28U+a5Ptc7arff53caZdZtfbDXaj3WT32y/tOXveHrU/2Av2V9vP9rfD7Ot2uH3DjrBv2lQ78nfxePuunWAn2kl2sp1ip/4unmVn23Q7x861H9p5dv7v4gz7iV1os+wiu9gusUt/i6/0lGU/tcvtZzbbrrAr7Sq72q6xa+26f+91ld1it9ptdp/9wu6wO+0uu9vusXt/i6+cxwH7lc2xX9sj9nt7yH5jD9tjNtd+91t85fyO2R/tcfuTPWFP2lP2Z3va/mLP2LO/nf+Vc//ZXrKXrbeCgCQp0hRQPspPMVSAYuk6iqPrqSDdQBG6keLpJipEN1NhKkJFqRglUHEqQYaQLBGFVJJKUZRuodJ0KyVSGSpL5chReUqi26gC3U4V6Q6qRHdSZbqLqlBVqkbV6W6qQfdQTapFteleqkN1qR7Vp/uoAd1PDekBakQPUmN6iJrQw9SUHqFm9Cg1p8eoBT1OLekJakWtqQ21pXb0JLWnp6gDdaRO9DR1pmeoCz1LyfQcdaXnqRu9QN3pRepBL1FPepl6UW/qQ69QX3qV+lF/SqEBNJBeo0E0mIbQUBpGr9NweoNG0JuUSiNpFL1Fo+ltGkPv0FgaR+PpXZpAE2kSTaYpNJXS6D2aRu/TdPqAZtBMmkWzKZ3m0Fz6kObRfFpAH9FC+pgW0WJaQkspgz6hTFpGWfQpLafPKJtW0EpaRatpDa2ldbSeNtBG2kSbaQttpW20nT6nHbSTdtFu2kN7aR99QfvpSzpAX1EOfU0H6S90iL6hw/Qt5dJ3dIS+p6P0Ax2jH+k4/UQn6CSdop/pNP1CZ+gsnaPzdIF+pYt0iS6TJxFCKEMV6jAI84X5w5iwQBgbXhfGhdeHBcMbwkh4Yxgf3hQWCm8OC4dFwqJhsTAhLB6WCE2IoQ0pDMOSYakwGt4Slg5vDRPDMmHZsFzowvJhUnhbWCG8PawY3hFWCu8MK4d3hVXCquHjD1YP7w5rhPeENcNaYe3w3rBOWDesF9YP7wsbhPeHDcMHwkbhg2HF8KGwSfhw2DR8JGwWPho2Dx8LW4SPhy3DJ8JWYeuwTdg2bBc+GbYPnwo7hB3DTuHTYefwmbBL+GyYHD4Xdg2f/8PjKeGAcGD4Wvha6P0Dakl0aTQj+kk0M7osmhX9NLo8+lk0O7oiujK6Kro6uia6Nrouuj66Iboxuim6ObolujW6Lep9/fzCgZNOOe0Cl8/ldzGugIt117k4d70r6G5wEXeji3c3uULuZlfYFXFFXTGX4Iq7Es44dNaRC11JV8pF3S2utLvVJboyrqwr55wr75JcW9fOtXPt3VOug+voOrmn3dPuGfeMe9Y9655zXd3zrpt7wXV3L7oe7iX3knvZ9XK9XR/3iuvrXnX9XH+X4lLcQDfQDXKD3BA3xA1zw9xwN9yNcCNcqkt1o9woN9qNdmPcGDfWjXXj3Xg3wU1wk9wkN8VNcWkuzU1z09x0N93NcDPcLDfLpbt0N9fNdfPcPLfALXALExe6RW6RW+KWuAyX4TJdpstyWW65W+6yXbZb6Va61W61W+vWuvVuvdvoNrrNbrPb6ra67W672+F2uF1ul9vj9rh9bp/b7/a7A+6Ay3E57qA76A65Q+6w+9bluu/cEfe9O+p+cMfcj+64+8mdcCfdKfezO+1+cWfcWXfOnXcX3K/uorvkLjvv0iLvRaZF3o9Mj3wQmRGZGZkVmR1Jj8yJzI18GJkXmR9ZEPkosjDycWRRZHFkSWRpJCPySSQzsiySFfk0sjzyWSQ7siKyMrIqsjqyJuJ98R2hL+lL+ai/xZf2t/pEX8aX9eW88+V9kr/NV/C3+4r+Dl/J3+kr+7t8FV/VV/NP+Fa+tW/j2/p2/knf3j/lO/iOvpN/2nf2z/gu/lmf7J/zXf3zvpt/wXf3L/oe/iXf07/se/nevo9/xff1r/p+vr9P8QP8QP+aH+QH+yF+qB/mX/fD/Rt+hH/Tp/qRfpR/y4/2b/sx/h0/1o/z4/27foKf6Cf5yX6Kn+rT/Ht+mn/fT/cf+Bl+pp/lZ/t0P8fP9R/6eX6+X+A/8gv9x36RX+yX+KU+w3/iM/0yn+U/9cv9Zz7br/Ar/Sq/2q/xa/06v95v8Bv9Jr/Zb/Fb/Ta/3X/ud/idfpff7ff4vX6f/8Lv91/6A/4rn+O/9gf9X/wh/40/7L/1uf47f8R/74/6H/wx/6M/7n/yJ/xJf8r/7E/7X/wZf9af8+f9Bf+rv+gv+cv8P2uMMcYYY/8t6g+OD/gn35N/W1cMFEJcv7NY7n+subnwX/eDZULniBDiuf49H/23VadOSkrK3x6brURQarEQInI1P5+4Gq8QncQzIll0FBX+aX+DZe8L9Af1o3cKEft3OTHiany1/u3/Sf0nnx6fWTk8F/9f1F8sRGKpqzkFxNX4av2K/0n9Iu3/oP8C36QJ0eHvcuLE1fhq/STxlHheJP/DIxljjDHGGGOMsb8aLKt1/6P75yv35wn6ak5+cTX+o/tzxhhjjDHGGGOMXXsv9u7z7JPJyR2784Y3vOHNv2+u9V8mxhhjjDHG2J/t6kX/te6EMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhjLu/5/fJzYtT5HxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhj7Fr7PwEAAP//SOc8Mw==")
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000003800)=[{{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000000)="83cbd890d6", 0x5}], 0x1}}, {{0x0, 0x0, &(0x7f0000003680)=[{&(0x7f0000001200)="5f44cb626b7f6ede18f90b58b16d59612248816283955866e16bc1e55e1d1802df7d8a35fd33a8de01f41a452e9fe08cd9d15380b82dbc629a11d4b2c43ff2dca014ea5bafc7cb2dde9dbee378df00a4a56a55445a719ce740c4d0bc1bd6e4829ab0096b53fdbffe80337f7e2e64e362847eed067250199801baadc05a6411e92a56c431163cda3d57e30f77fc2881685a777adf7de7d572f14d470a3f4900f2b95725f46b7a33a04c632a17277dff0c2b7a56aab790ae81a8210f0c861b1b18e6a6e8d8055a81894f1cf5fbed389b5fe6034cbd5a9bbe04812286ad8ad574d4b6d49793991ff2cf1062e17a9d172a7c7c34e235c819b552c3edf49d2b9be8c59e20d5262a89a195f52c2f9e5ae4c75a7273993c1fb63a1f42fa71b6926828b0c64d36a558022f4917b82c7ae33aa2ae897b92f4ee4bad1733c2d3f0b64d1e88f860d37cee772f5ff9be0b6332b2089634e9d704c8664d32b3c13ca8f154d7eb49f8cdb32d97d8e582145258799dcf3cb6a3c811a51199c246b19dfa6905e23edcf3bbdad4fa2f12c16c70c46e4f180d6d34407aaea64f57bfd1edfadd34654bc453f306999b5654373cb664617b93ccc2344f50eafe3ae28857632965ea29cf393c46333e2345661c55a15539f1f71aaf7f02db867525380625384d8286da4169c41316770322b6c7ebe819ed78e6e37e524a2577bf0c7e2766a71c326555b42713175dc5137581e3279d1579efafe464e56f99b567af34f9641943a38bcb743127d740fd1ba479c7104d3b2ce44342f6a2a2948c85f10772030b482ff26c2248b5c6c91a58f28f37bad8e5da92b99c1ac0b63007f0dd6061f6bf983ed01c67da004c4284", 0x265}], 0x1}}], 0x2, 0x4000c000)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_mount_image$ext4(&(0x7f0000000380)='ext3\x00', &(0x7f0000000080)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xc8000, &(0x7f0000000f00)={[{@data_writeback}, {@init_itable_val={'init_itable', 0x3d, 0xf30}}], [{@context={'context', 0x3d, 'user_u'}}, {@euid_lt}]}, 0x6, 0x51f, &(0x7f00000009c0)="$eJzs3c9vI1cdAPDvOHab7QacFg6lUtul3SpFsM6m6Y+IQ+lKQE+VEOWeXRIniuLEq8RpN9GKesUfUEAVIHHixAWJPwAJ+icgpEpw6xXQCrL0wAUZzXi8SRw7OKw3ZuPPR3qeN+955vt9dmzP84ziAMbWpYh4KyKmI+KliCjn7YW8RLNd0vvd27+9lJYkWq13/55Ekrd17/Nivlnqu29HfD85Hnd7d2+9utjKHGreu7K2cWO1ulrdnJ+fe33hjYXXFq4OOJKkeFLvVES8+c3Pfvrhr7795u++9v6ni397+QdpWtfz/oNxzPxlwICDZZXdlmKy09Ac5t5HbyIiitkIAQB4FFyOiKci4oWI+EqUYyJOPIwGAAAAHkGtb0w93qkCAAAA51MhuzY2KVSy632LMRWFQqXSvob3i/FEoVbfbnx1pb6zudy+hnY6SoWVtVr1an6t8HSUknR9Lr+GuLP+Stf6fEQ8GREflS+k61kfAAAAcDYuHpn/R3xWbs//AQAAgHPGyXgAAAA4/wac///+YecBAAAAPDzO/wMAAMC59p133klL697+7ex3AJbf291Zr793Zbm6vV7Z2FmqLNW3blZW6/XVWrUy0dmq/6891+r1m6/G5s6t2UZxuzG7vbu3uFHf2WwsZr/rvVh96ozGBQAAABx48vmP/5xERPPrF7KSeizv6z/LB8ZMUuxquP7lEWUCDMXEaTe4tPNwEgHOXPdnOjA+SoVRZwCMWtLd0HVgMJm1fPjjYxv+4fSxHHMAAMBozHzJ+X8YV77+g/H1o1EnAIxM0WE+jK3S6a8ABM6Zt/9L/2S/joHP/7dap0oIAAAYuqn2ohn5ucCpKBQqlfunBZOVtVr1akR8PiL+VC49nq7PjTBfAAAAAAAAAAAAAAAAAAAAAAAAAHgUtVpJtAAAAIBzLaLw1yQi0jJTvjzV/f3AY8m/ytkyIt7/xbs/u3Wj0diaS9v/cb+98fO8/ZVRfIMBAAAA46h0Ym9nnt6ZxwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAMN3bv73UKWcZ9+61uBDTveIXYzJbTkYpIp74ZxLFQ9slETExhPjNOxHxdK/4SZpWTOdZHIr/bHpTiIgLo4kfnfgXhxAfxtnH1yLirV6vv0Jcypa9X3/FvDyou9eyF3nP+J33v4k+73+fGzDGM5/8Zra77YeTefw7Ec8Ue7//dOInfeK/2C9g6ejq9e/t7fW7a+uXETM9P3+SI7FmGxs3Z7d3966sbdxYra5WN+fn515feGPhtYWrsytrtWp+2zPGT579bfOjPvHv3ilky8PxO+Ocbmf4wZHxP32Q0+V+g+ry709u7X+hXS0djx/x8ou9n/92qN6Pf/o38VL+OZD2z3TqzXb9sOd+/cfn+uWWxl/u8/i3n/9yq9/zP6BjYz7wweB7AQCGZnt3b/1GrVbdOoPKC68Ob4fJGeWs0qcy+f+RxllXvvVgm0d1q3M4/CD7+TSttJIhjCudM2SJ5Uf0h1IFAADOmYP5wKgzAQAAAAAAAAAAAAAAAAAAgPH1P/3zsOdPt1V3zOZohgoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcKL/BAAA///5RM24")
ioctl$KVM_RUN(r2, 0xae80, 0x0)
syz_open_dev$evdev(&(0x7f0000000080), 0x0, 0x802)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000180)="66ba4300b006ee0f01c40f009b27000000b9800000c00f3235008000000f30b80e0000000f23d80f21f835800000a00f23f8c9b9490300000f60b932c00a000000328fe858b660002fb90d090000b800680000ba000000000f30", 0x5a}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x2000000)

521.492356ms ago: executing program 4 (id=3929):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x14, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x1f, '\x00', 0x0, @lirc_mode2=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="0200000004000000060000000500000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000000000000000000000000000000000000000000000000007ae150ab1195024c22256ec587fdd4bd2fab3e5f63d49bfb856a10015aded33ef33edef304aae85d3774075f57d246269d5a7370377bf6d7655d60253988584c286d26ad26c8123a5469e3496e6f1e6c5fcecb4ff4b3f972ccef6e6ab6db58b02cc3bae696b147625b7f0d1b1d4c160f3c8776ddd7813ec97ef811614c5c"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000840)={[{@nodiscard}, {}, {@acl}, {@alloc_mode_reuse}, {@inline_xattr}, {@six_active_logs}, {@io_bits={'io_bits', 0x3d, 0xf2}}, {@nouser_xattr}, {@jqfmt_vfsv0}, {@user_xattr}, {@fsync_mode_strict}, {@adaptive_mode}, {@inline_xattr}, {@noinline_dentry}]}, 0x1, 0x5505, &(0x7f0000002480)="$eJzs3E1rY9UbAPAn7XTe//Mv4sLdXBiEFiZh0nlBd6PO4At2KKMuXGmapCEzSW5p0rR25cKluPCbiIIrl34GF67diQvFnaDknlud+gJC08ZOfz+4ee45OXnuc8Iw8NxbEsCptZj9/GMlrsSFiJiPiMsRxXmlPAp3U3guIq5GxNwTR6Wc/33ibERcjIgrk+QpZ6V869Pr42u3f3jjp6++OXfm0mdffju7XQOz9nxE9DfT+U4/xbyT4qNyvjHuFrF/a1zG9Eb/cTnOU9xprxcZdhr76xpFvNlJ6/PN7eEkbvQazUnsdDeK+c1BuuBw3NnPU3zgUWOrGLfa60XsDvMidvZSXbt76f+2veEo5WmV+T4o0sdotB/TfHu3nfaz+biIzcGonE9581Z7dxLHZSwvF8281yrqWD/MN/3f9mZ3sL2bjdtbw24+yG7X6i/U6neq9a281R61b1Ub/dadW9lSpzdZVh21G/27nTzv9Nq1Zt5fzpY6zWa1Xs+W7rXXu41BVq/XbtZuVG8vl2fXs1cfvJP1WtnSJL7cHWyPur1htpFvZekTy9lK7eaLy9m1evbW6lq29vD+/dW1t9+79+6Dl1Zff6Vc9JeysqWVGysr1fqN6kp9+RTt/6Oy6CnuHw6lMusCAE4e/T8wC0fX/289jDj6/j/0/1Nxovrf097/H8H+4VD0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp9Z3C5+/VpwspvGlcv5/5dQz5bgSEXMR8evfmI+zB3LOl3kW/mH9wp9q+LoSRYbJNc6Vx8WIuFsev/z/qL8FAAAAeHp98eHVT1K3nl4WZ10QxyndtJm7/P6U8lUiYmHx+yllm5u8PDulZMW/7zOxO6VsxQ2s81NKlm65nZlWtn9l/kA4/0SopDB3rOUAAADH4mAncLxdCAAAAMfp41kXwGxUYv9R5v6z4OIv7/94IHjhwAgAAAA4gSqzLgAAAAA4ckX/7/f/AAAA4OmWfv8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfmPnfm4TB6I4AD8bvLD/tGi1921lb1DGlrDHPUYUkCYoIAfSQhqgBnJLCRFEeBwCEYdIHttK9H2SMxnL/HiD4DAz0gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF26r9aL26vf121zdvt28owGAAAAuGRbrRf1P7PU/9rc/97c+tn0i4goI+LS3H0Un84yR01O9fL8zenz1asa7iLqhMN7TJrrS0T8aa7HH11/CgAAAPBxbZareZqtpz+zoQuiT2nRpvz2N1NeERHV7CFTWnnI+5UprP5+j+N/prR6AWuaKSwtuY1zpb1J/XM/rtpNT5oiNeXFlx2LzDZ2AACgR6Ozpt9ZCAAAAH36N3QBDKOI563M41bgJDXN9t7nsx4AAADwDhVDFwAAAAB0rp7/93T+3975fwAAADCMdP4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXdpW68VmuZq3zdnt28kzGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHhif95RIATCIAz2ru9M5v6HlQZNTU2qQPj4G4MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA3v/vL/4mpcSaZe20sPY8ka6fG1qmxd24c/WF8/RoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIv9eUmBEAiCKJgz/nfS9z+sJOgZRIiAhkcVtWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4It+98v/ialxJpk7bSwdjyRrV42tq8beg8bRg/H2bwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIud+3mNo4oDAP5mZmdrq+IaZQ8RUfCgF7vd1tbexIMSPPgnCCHd1titP9ocbCliLt4k515EjyKCEm/9H3JOIJd4y2EPETwrMzuTnfwA118zm+TzgTfvu8Mw7/tmIeQ77yUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACURm9P4iQ7dMZxXJzb3Hu4lPVbh/rM47Xt+axlcVRn0ifDi9UPUbe5RAAAADg7krK+DyHspOsLWR938vo/La/Jav5vnx7HZT1/uO4v+7L2z9ovP+8+vz9QZzxOdtOby8PBpaOptP6/Wc62Z/7yilb+5PN3L0n+hcTvrT43SvPnGX29sfFOOw/P1ZEtAPBPXCz7Iih/H8r6fpOJAXBmtCqFd1n/J51mcwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACow2g1PFnGUQhhvjWJM1t7D5eO6x+vbc+X7dqjR2vhy8k9s1ukIYSby8PBpVpnM9vu3X9we3E4HNytP3gphNDU6G8V07/9wRQXh9DI8xH8R0FcfNmzks/JCBr8oQQAwKmUFi2r63fS9YXsXDQXwh/fHaz/X63EYcr6f/fDa5vVsar1f7+2Gc6+3sqdT3v37j94ffnO4q3BrcHHb1zuv9m/cv3q1eu9/F1JzxsTAAAA/p120ar1fzx3dP3/QiUOU9b/n33T/6I6VqL+P9Zk0a/pTAAAAM62Z1/+/bfomPNRux0+X1xZudsfH/c/Xx4fG0j1bztXtGr9n8w1nRUAAABQh9FqdGD9/0YlDlOu/z/1/Qs/Vu+ZhBDOF+v/F5c+Gd6obzozrY4/J256jgAAADTrfNGq6/9pvv8/3t/yEIcQXntlHBf/BnCq+j9596sfqmNV9/9fqW+KMynujp9H3ndDaHWbzggAAIDT7ImiZcX+r+n6wkc/XXi/bf8/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQN3+DAAA//962D6S")
mkdir(&(0x7f0000000240)='./file0/../file0\x00', 0x1c5)
mkdir(&(0x7f00000009c0)='./file0\x00', 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file1\x00', 0x0, 0x101091, 0x0)
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000a00)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@nfs_export_on}]})
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000100)='./file1\x00', 0x4508, &(0x7f0000000c40), 0xa, 0x4e4, &(0x7f0000001400)="$eJzs3c9vG1kdAPDvTOKStClJgUOpRFvRorSCOklD24hDKRKip0pAuZeQOFEUJ45ip22iClLxByAhBEiceuLSvwAk1AN/AEJCgjvix65Wu+3uYQ+765XtcZqmdhztOnGVfD7SdN57Huf7fVN5PDPvyRPAkXU+Im5FRF9EXI6I4aw9zZbbtcpmY7sXzx/N1JYkqtW77yaRZG07/+aJxltiICJ+fDviZ8nrccvrG4vTxWJhNauPVZZWxsrrG1cWlqbnC/OF5cnJietTN6auTY13pZ+1ft38/v9++6s//uDmX7714N/33r7081paQ9nrrfrRDY2u5+r7oqk/Ilb3I1gP9GXrXMct/7rvuQAA0FntHP9LEfH1+vn/cPTVz04BAACAw6T63aH4KImoAgAAAIdWWp8Dm6T5bC7AUKRpPt+Yw/uVOJ4WS+XKN+dKa8uzjbmyI5FL5xaKhfFsTu1I5JJafaJeflm/uqM+GRGnIuI3w4P1en6mVJzt9c0PAAAAOCJO7Lj+/2C4cf0PAAAAHDIjvU4AAAAA2HevXP8/6V0eAAAAwP4x/g8AAACH2g/v3Kkt1ebzr2fvr68tlu5fmS2UF/NLazP5mdLqSn6+VJqv/2bfUqe/VyyVVr4dy2sPxyqFcmWsvL5xb6m0tlwZXHjlEdgAAADAATp17tm/kojY/M5gfak51uukgAORdNpg+127/+5vLsDB6svWT//U40SAA9ff6wSAnsn1OgGg5zrdB2g7eedv3c8FAADYH6Nf3Rr/H2y2Ncf/O98b6Dh6CLzB0l4nAAAcOOP/cHTltmYAAkfVF3c2JBGb26qff/y/Wv0seQEAAN0zVF+SNJ+NBQ5FmubzESfrjwXIJXMLxcJ4dn3wz+HcF2r1ifo7E6P/AAAAAAAAAAAAAAAAAAAAAAAAALBH1WoSVQAAAOBQi0jfSrIn+Y8OXxzaeX/gWPLhcH0dEQ/+cPd3D6crldWJWvt7W+2V32ftVz1PHAAAAN4Ezev05nU8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHTTi+ePZprLay8e27+473wvIkZaxe+Pgfp6IHIRcfz9JPq3vS+JiL4uxN98HBGnW8VPamnFSJZFq/iDPYyfRsSJLsSHo+xZ7fhzq9XnL43z9XXrz1+t/P8uxG9//Eu3jn99bY4/J/cY48zmLvEfR5zpb338acZP2sS/sMf4P/3Jxka716pPIkZbfv8kr8QaqyytjJXXN64sLE3PF+YLy5OTE9enbkxdmxofm1soFrJ/W8b49df+/Mlu/T/eJv5Io//n2vX/4h77//E/Hj7/cqOYaxX/0oXW37+nG/Ff2/9p9t33jaz8olr9xWhWTjYb+3O7s0//fna3/s+26X+n//9Le+z/5R/98j973BQAOADl9Y3F6WKxsKrQulCt2lEKh7IQA7tt0+sjEwAA0G0vT/p7nQkAAAAAAAAAAAAAAAAAAAAcXQfxS2M7Y+7yc9QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD3zaQAAAP//6ajYQw==")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000740)=ANY=[], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
open(0x0, 0x64842, 0x0)
chdir(&(0x7f00000001c0)='./bus\x00')
rmdir(&(0x7f0000000380)='./file0/../file0\x00')
r3 = creat(&(0x7f0000000180)='./file0/../file0/file0\x00', 0x0)
close(r3)
socket$xdp(0x2c, 0x3, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)

519.218146ms ago: executing program 3 (id=3930):
r0 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000000)={0xffffffffffffffff}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xb, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x22, '\x00', 0x0, @fallback=0x37, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = openat$selinux_status(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CAP_X2APIC_API(r1, 0x4068aea3, &(0x7f0000000240)={0x81, 0x0, 0x3})
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_normal', 0x202, 0x0)
write$binfmt_misc(r3, &(0x7f0000000100), 0x4c)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000080)=@framed={{0xffffffb4, 0x5, 0x0, 0x0, 0x0, 0x71, 0x10, 0x19, 0x100000}, [@ldst={0x6, 0x0, 0x6}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, &(0x7f00000000c0), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r5 = getpid()
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x6)
wait4(r5, 0x0, 0x287374b275c0b38e, &(0x7f0000000480))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
getcwd(0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r8}, 0x10)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x804810, &(0x7f0000000d40), 0x9, 0x61c, &(0x7f0000000700)="$eJzs3U1rXFUfAPD/nbwnz/MkDQ9qXWhAtAVt0qStFBG0CK5KqS8LwY1jk5ba6QtNRFMrTaFuBHHjQnDlwrrwO2hBcOUXcOHGlVSKSDdK0ZE7uTNOk7nJTMzMtJnfD8Y5556bOeea/HvOnDnnTgA9ayr9TyFid0RcSCIm68r6IyucWj3v9m+XT6SPJMrlV35N4vKVZKX+tZLseSwi0oI/xyP5LiIm+9bXu7h86UyxVFq4mOVnls5emFlcvrTv9NniqYVTC+fmnp47fOjgocOz++t+6uSLrV7frrr00WtvvTP+4bHXv/jsTjL75Y/Hkni+VpZeV6uvvZmpmIpypv54+v/18HZX1iV9tb+TfyRrD6z1QhsbREuqv7+BiHgwxqOv7rc5Hh+81NXGAW1VTqLWRwG9JhH/0KOq44Dqe/vm3gcPtnlUAnTCrSMRT9TifyAiqvHfvzo3GMOVuYHR28ld8zxJROzfhvrTOr7/9ti19BFtmocDGlu5OpTN26/t/5NKbE7EcCU3ertwV/wXsmnciWz+8OWNqxnPK5hak8/qH9rq9QDNW7kaEQ81Gv9vHv9vZM/p8Te3WH9O/AMAAAAAAABbcONIRDzV6PO/Qm39z2CD9T9jEXW757Zu88//Cje3oRqggVtHIp5tuP63UD1loi/L/beyHmAgOXm6tLA/Iv4XEXtjYCjNz9a/6Fd1Px0R+z6a/DSv/vr1f+kjrb+6FjBrx83+NauB5otLxW24dOh5t65GPNyfv/4n7f+TBv1/Gt8Xmqxj8vHrx/PKNo9/oF3Kn0fsadj/J7Vzko3vzzFTGQ/MVEcF6z3y3sdf59Uv/qF70v5/dOP4H0rq79ez2NrrD0bEgeX+cl75Vsf/g8mrfVG3E/Hd4tLSxdmIweTo+uNzrbUZ7ifDzZ/6fkRU4qEaL2n8731s4/m/2vi/Lg5Hsnt8NeOBv8Z+yivT/0P3pPE/v3H/P3F3/996Yu76xDd59R9vqv8/WOnT92ZHzP/BxpoN0G63EwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADuR4WI+E8khelaulCYno4Yi4j/x2ihdH5x6cmT598+N5+WVb7/v1D9pt/x1XxS/f7/ibr83Jr8gYjYFRGf9I1U8tMnzpfmu33xAAAAAAAAAAAAAAAAAAAAcI8YW31at/8/9XNfV5sGdEJ/9izeoff0d7sBQNeIf+hd4h96V378/36nXNHR5gAd1Gz/X77S5oYAHbfF8b+PC2AH8P4fetVAc6cNt7sdQDfo/wEAAAAAYEfZ9eiNH5KIWHlmpPJIDWZltQ8GR7rVOqCdCnkFQ51tB9B51vBC77L0B3pXk4t/gR0sqaX+aLjZP3/1f9KeBgEAAAAAAAAAAAAA6+zZ3cT+f2BHyt3/D+x4G+z/b7Sxx+0CYAex/x96l9t8AdXBft43/dv/DwAAAAAAAAAAAAD3gOFLZ4ql0sLFxeWmE1daOfnfJ36JvKLnOtmM7UqsFO+JZtwPiYGIWFNUHl/9sz1TLL0WnW1PNWI6UddgB+vKSXTp3yMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGCdvwMAAP//emUoLA==")

103.389781ms ago: executing program 1 (id=3931):
r0 = memfd_create(&(0x7f00000005c0)='\x103q}2[\xe0\x9a\xee\xaf\x03\x97\x9et\v\"|Ma\x86\xe7\xc0\x14\x9f\xb9h\xb1\x96\xe7=I\x860S6\xb5\xa8\xc2\x95Je%\xfeG\'\b\x00\x00\x00\x00\x00\x00\x00\x1c\xa6\xab\bi\xe4^\xd5\xfd\xa9\r\xac7A\x94k\xcd\t\x00\x90k\xd6\x05\xb6&\xd0\x9daA\xc5\x9c_\xd4\x18,\f\xd4s\xb2\x99/\xc0\x9a\xf2Oc\xc0c\x03gB!\xb0\xb8n\x01\x9bT\x95\x10\x86\xe8$\x7f\r[\xf9\x0e1v\xb1\n\x88\v\x95uy\xb5:`\x8b\nC\x18A;\xaa%\xaf\xc7\xa3\xac\xa2D\xb5\xe2\xe1\xdc(\xfd\x05\x9fB\x84O\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x1a\xa0\x17\xe3\xac\xe9\xc9\xa7\x8a\x1b\x03\"&\xac\xcap>\xccZ\x01\xbc\x18\xc1\xb9\xe9\v\x8b\x9c\xb4Q\xd4\x96EV<>\x99\xca\xb3\xe0\xc4tL\xed\xf5W\xbd#\xcf\x8a\x84\xed\x9f/\xd4\xbb\xea;-Dp\xf8\xd0F\x90\xf8\x92Ip6\xf4\x16\xe8\x14\xe0\x92!\x92-F\xe2\x14D\x91\xa8b\x04\xdd\x1d\a\xdc\xe0\x18\x85{\x80Q\xf6k\x96\xfaQ\x9fW\vO\xf0\xe4O\\\xceS\xe2\x05\x049d\x06#\x88\xc3\xdf\x85O\x1c\xc3\xad?r\xd7\x0e\x00\xd7\x83\xb0\x88\x9c\xf6Y-F\x98\xdd\x9c~\xfd\x95\xc3\xb6lC\xaa\"Y\xa2K\xecz\x84:*\xf5Y\xd1\x9b1\xbd\x9b\x15\xd4\xec\x02o\x01&\xaa\x90w\xc4\xc7\x8en\xb5\x1ag\xab&?\xbe\xcb\xe8v\xa8\xe0\xa4\x81sW\xacf\x149\xd2}\xef\x03Ga\x9a$4\x8c\xa5!p\x83\x05\x96%\x02%\xabj\n\b\xc8NC\x91}&y\xd3\xe1\xeep\'\xc5\xab\x19GsX5\x8c\n\x9fh\xee;4\xb1%V\xe0\xa9\x8e\xf30:\xd8\x18N~G\x139\xcaf2\x02F1\xc6\x82\x00E\xae\x9d\x17\x871N:\xb4\xea \x8e\xdelP\x83\x1f\'\xe2\xd6\xc0\xc3\xfc\xc9677u\xf3RUP@o>\xee\xb8\xa3\t\x02\xb7\\,\xebK\xed\x1b\xc9e\xb3\x16\xce\x9bI\xdb\xfa\x82\x85\t\x9bg\xd0s\xe2\f{\x8cp~;\xf8\x96\xf2\x91\x06\x89\xa6D\xce\xac\x03\xc1\x83\xd1\xe6 |\xa75\xd7\x80t\xfc\xf8\xd2\x12N\x1cB7^\xfd4\xae\xb0VFw\b!\xae\x1baTv\xc0z\x19\xc5\xc8w\xba\x97N\x9a`\x8f\xfc\x9ee\xf9\x00\x1cQA\x14]\r\xd4\"\xc2\x12GD\xdb{\x88\xaa\x81\xc8\xa2\xdeI\xa2\xbel\x0e\xec\x17fNI\x05\xff\x8d\xf4_\x1a\vqA\xb7\x0ed<\x98\xee\xb8\x19\xec\x9f\xee\xe1_\xacG\x8b\xa3\xc3\x13\x80\x0f\xf4I\xdeAwG\xbdkno\xa2\b\x126\x97\x9b\xf9|P\xd94\v\x15\xcb\xc0\x9d\x11\xf3\x18\xae!2\x1b\x12\xa9\xc8~\xb7S\x94\xb5\xc7;\xa90D>s\xe9\xa4N\xf8\xdb\xab\xa0\x94~\xa1]b\xa4\xe5\xe2e\x1c\x8b\xd2\xc7Md\x93\x02\xd8\xb0,\xeb\x03\xaa\v\xed\x9bR\x8a\x80\xc2\x1f\x17ej\x973wv\x83a\xe06\x96\xde\xbc%Uh;H\xf8S\xf1\xa1g\x02\xc4\xc3\xa4\xa8\x96\t\xfex\xa2?\xcb\\Y\x1e\xfe\xca\xa0i\x80O\x11\xac\xb7$\xdb\xbc\xb0\xcb\xacqU\xb5*\x00\x00\x00\x00\x00\x00\x00\f\xda\xf8oV\x89\xd3\x1f\x99+\xe5T\x8eM4\x1c\xc6\x7f\xd4\xf2\xcc\xd3\x94\xca\xd4\x00\x00\x00\x00\x00\x00\x00\x00\x00~A9\xf6IBu2L\x9e\xa2\xd0\x92\xd1\xbc\xb8\tJ\xa1\aN\x87\x95\xbb\xa9s\xab\x90\x06\xc6!p\x9e?~\xf9\xe6\xae*\v\xa3\xd9gxKN\'z]*\x93\xf7\b\x91\xd0\xff\xd9\xc6a\xb5q\x9c\xa1Go\xd58\x93\xe0,\x9f\xe4\xa9\xd9A\x9e\x95e\x98\xd0V\x9d\xed\x97\xf1\xc5\xce\xf5\x90!d\x9a\xd8\x10\xbbx\r8\xff\x8bNUK\xebA\xe5\x92f\xc4\xd1\xa8\x15\xbf\xb5iW\xdb.kbf*\x89\xf0\xecq m-~\xbbf?\xec=\xd2\xe2\x1e\x8d/o\xcd\xc8x\xdb\xe6\xd0W\xca\xc5kz\x8e9\xfa\x86\x0f\x96p', 0x3)
ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1000000})
fcntl$addseals(r0, 0x409, 0xb)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events.local\x00', 0x275a, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket(0x1, 0x803, 0x0)
getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000003c0)=ANY=[@ANYBLOB="a40000001000010400"/20, @ANYRES32=r6, @ANYBLOB="00000000000000007c0012800e00010069703665727370616e0000006800028006000300060000000600020009000000050016001100000004001200080015008af50f00050008000100000014000600fc0100000000000000000000000000010500160002"], 0xa4}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='sys_enter\x00', r3, 0x0, 0x202}, 0x18)
alarm(0x0)
write$binfmt_misc(r1, &(0x7f00000001c0), 0xed)
mmap(&(0x7f0000002000/0x2000)=nil, 0x2000, 0x1, 0x10012, r1, 0x0)
openat$ppp(0xffffffffffffff9c, 0x0, 0xc0802, 0x0)
r7 = socket$pptp(0x18, 0x1, 0x2)
bind$pptp(r7, &(0x7f0000000000)={0x18, 0x2, {0x2, @dev={0xac, 0x14, 0x14, 0x11}}}, 0x1e)
connect$pptp(r7, &(0x7f0000000700)={0x18, 0x2, {0x0, @multicast1}}, 0x1e)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x6, 0x4, 0x0, &(0x7f0000000040)='syzkaller\x00', 0x5, 0xc0, &(0x7f00000020c0)=""/192, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r9 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, 0x0)
r10 = bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000080)={r8, 0x0, 0x25, 0x2, @val=@tcx={@void, @value}}, 0x40)
r11 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x6, 0x5, &(0x7f00000001c0)=ANY=[@ANYBLOB], &(0x7f0000000040)='syzkaller\x00', 0x5, 0xc0, &(0x7f00000020c0)=""/192, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_LINK_UPDATE(0x1d, &(0x7f0000000140)={r10, r11}, 0x5)
socket$inet_tcp(0x2, 0x1, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)

0s ago: executing program 2 (id=3932):
socket$inet6(0xa, 0x800000000000002, 0x0)
r0 = syz_usb_connect$hid(0x0, 0x36, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095", @ANYRES64=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000200)='sched_switch\x00', r1}, 0x10)
socket$netlink(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
syz_usb_connect$cdc_ecm(0x3, 0x62, &(0x7f0000000180)={{0x12, 0x1, 0x201, 0x2, 0x0, 0x0, 0xff, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x50, 0x1, 0x1, 0x1, 0x10, 0x81, [{{0x9, 0x4, 0x0, 0x1, 0x2, 0x2, 0x6, 0x0, 0x8, {{0x5}, {0x5, 0x24, 0x0, 0x3ff}, {0xd, 0x24, 0xf, 0x1, 0x800, 0xc, 0x6, 0x5}, [@acm={0x4, 0x24, 0x2, 0x4}, @acm={0x4, 0x24, 0x2, 0x6}, @acm={0x4, 0x24, 0x2, 0xa}]}, {[{{0x9, 0x5, 0x81, 0x3, 0x40, 0x5, 0x7, 0x1}}], {{0x9, 0x5, 0x82, 0x2, 0x3ff, 0xd}}, {{0x9, 0x5, 0x3, 0x2, 0x10, 0x9, 0x5, 0x9}}}}}]}}]}}, &(0x7f0000000600)={0xa, &(0x7f0000000240)={0xa, 0x6, 0x250, 0x8, 0xf7, 0x4, 0xff, 0xff}, 0x29, &(0x7f0000000280)=ANY=[@ANYBLOB="050f2900021410044014247539e59b68f606243d170100000000000000000283468f426f88ac9ebd10"], 0x6, [{0x4, &(0x7f00000002c0)=@lang_id={0x4, 0x3, 0x100c}}, {0x83, &(0x7f0000000340)=@string={0x83, 0x3, "be265e91d144b704e9a4f4502124c17536d32afae1aa49c751db0176a3fde3910a612f276ead8d7f1af8204e75e3d9b3eda8d4600d4e0885c30d48c07d3a92ebb7e0caabd2dffbb92c0f9cc5db7858a6c31a704ba032ee73605ffc62258b899af5e6fb0aa23fa59e03bd10f18158d0a07c868df5796c22fd46dee1dfd472c48687"}}, {0x4, &(0x7f0000000400)=@lang_id={0x4, 0x3, 0x415}}, {0xd7, &(0x7f0000000440)=@string={0xd7, 0x3, "ea0d85b5aedcc85c73538e70855aac559440a7cd7cf88b1bc6bd5552d204582a778b321dd04289d19a06ee28a47b57e461ccaae66801fb14716e498e3291b666d260b3dbb547d80bcf316517f032adba3a0c4f406432d432196848ae7b5cd9fdbc592b4e42bc5e90f8f4d4229ce046a98f6b534743be41581c1ffbe14b2dd1bf42fa87943d6618bc930f091fe5a4e234408d56f08d892e50c4e2150f7f02828467dc207052072ad47dafe8e50c695b4e37f7fd6bc507cbec30eb5d7d55484ae867e3d84f6d5bda349dbf55555364e2daee50d762b2"}}, {0x47, &(0x7f0000000540)=@string={0x47, 0x3, "e5b5ae3539d680761ea89ade67a2f36e5d6a9f81b8d7f83401ded5b3d2c0cd42650fabefcde013b72f0c95dff6c0d50391b062fe9dd2480496c4804d0da0d4c4182c91779e"}}, {0x4, &(0x7f00000005c0)=@lang_id={0x4, 0x3, 0x200a}}]})
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r4, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
recvmmsg(r4, &(0x7f0000000040), 0x400000000000284, 0x2b, 0x0)
sendto$inet6(r4, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)

kernel console output (not intermixed with test programs):

romiscuous mode
[  972.655252][T15418] bridge0: port 3(vlan2) entered blocking state
[  972.766184][T15418] bridge0: port 3(vlan2) entered disabled state
[  972.849269][T15418] device bridge0 left promiscuous mode
[  972.931316][T15429] loop4: detected capacity change from 0 to 512
[  972.955063][T15423] bridge0: port 1(bridge_slave_0) entered blocking state
[  972.962514][T15423] bridge0: port 1(bridge_slave_0) entered disabled state
[  972.971426][T15423] device bridge_slave_0 entered promiscuous mode
[  972.978613][T15423] bridge0: port 2(bridge_slave_1) entered blocking state
[  972.985524][T15423] bridge0: port 2(bridge_slave_1) entered disabled state
[  972.992977][T15423] device bridge_slave_1 entered promiscuous mode
[  973.001118][T13552] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  973.272127][ T1301] usb 4-1: new high-speed USB device number 107 using dummy_hcd
[  973.392016][T15423] bridge0: port 2(bridge_slave_1) entered blocking state
[  973.398920][T15423] bridge0: port 2(bridge_slave_1) entered forwarding state
[  973.405988][T15423] bridge0: port 1(bridge_slave_0) entered blocking state
[  973.412955][T15423] bridge0: port 1(bridge_slave_0) entered forwarding state
[  973.468962][T15423] device veth0_vlan entered promiscuous mode
[  973.486373][ T2362] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  973.494348][ T2362] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  973.504180][ T2362] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  973.512987][ T2362] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  973.521144][ T2362] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  973.529078][ T2362] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  973.537265][ T2362] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  973.641983][T15438] loop2: detected capacity change from 0 to 1024
[  973.731251][T15438] JBD2: no valid journal superblock found
[  973.736925][T15438] EXT4-fs (loop2): error loading journal
[  973.802252][ T2362] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  973.814406][T13552] udevd[13552]: symlink '../../loop2' '/dev/disk/by-label/syzkaller.tmp-b7:2' failed: Read-only file system
[  973.826149][ T2362] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  973.845282][T15423] device veth1_macvtap entered promiscuous mode
[  973.875760][ T2362] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  973.888041][ T1301] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  973.903991][ T2362] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  973.913014][ T2362] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  973.917921][ T1301] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  973.934336][  T765] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  973.938063][ T1301] usb 4-1: New USB device found, idVendor=1d34, idProduct=000a, bcdDevice= 0.00
[  973.943003][  T765] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  973.973871][ T1301] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  974.036362][ T1301] usb 4-1: config 0 descriptor??
[  974.883551][T15460] 9pnet_fd: Insufficient options for proto=fd
[  974.921016][T15462] loop1: detected capacity change from 0 to 512
[  974.938435][T15462] EXT4-fs error (device loop1): __ext4_iget:5046: inode #11: block 1: comm syz.1.3654: invalid block
[  974.952241][T15462] EXT4-fs error (device loop1): ext4_orphan_get:1401: comm syz.1.3654: couldn't read orphan inode 11 (err -117)
[  974.964190][T15462] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  974.977832][T13552] udevd[13552]: symlink '../../loop1' '/dev/disk/by-label/syzkaller.tmp-b7:1' failed: Read-only file system
[  975.092991][ T3965] device bridge_slave_1 left promiscuous mode
[  975.133746][ T3965] bridge0: port 2(bridge_slave_1) entered disabled state
[  975.256851][ T3965] device bridge_slave_0 left promiscuous mode
[  975.331548][ T3965] bridge0: port 1(bridge_slave_0) entered disabled state
[  975.398456][ T3965] device veth1_macvtap left promiscuous mode
[  975.519120][ T3965] device veth0_vlan left promiscuous mode
[  975.563088][T15469] loop4: detected capacity change from 0 to 1024
[  975.711875][T13552] udevd[13552]: symlink '../../loop4' '/dev/disk/by-label/syzkaller.tmp-b7:4' failed: Read-only file system
[  975.725558][T15469] JBD2: no valid journal superblock found
[  975.745487][T15469] EXT4-fs (loop4): error loading journal
[  975.764974][T13552] udevd[13552]: symlink '../../loop1' '/dev/disk/by-label/syzkaller.tmp-b7:4' failed: Read-only file system
[  975.804629][ T5609] usb 4-1: USB disconnect, device number 107
[  975.868003][ T1301] usb 2-1: new high-speed USB device number 105 using dummy_hcd
[  975.934533][T15489] fuse: Bad value for 'user_id'
[  975.988747][  T765] usb 3-1: new high-speed USB device number 105 using dummy_hcd
[  976.077949][  T297] usb 1-1: new high-speed USB device number 103 using dummy_hcd
[  976.137944][ T1301] usb 2-1: device descriptor read/64, error -71
[  976.187945][ T2362] usb 5-1: new high-speed USB device number 106 using dummy_hcd
[  976.347946][  T765] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  976.358054][  T765] usb 3-1: config 0 has no interfaces?
[  976.363331][  T765] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  976.372264][  T765] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  976.381340][  T765] usb 3-1: config 0 descriptor??
[  976.437989][  T297] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  976.448035][  T297] usb 1-1: config 0 has no interfaces?
[  976.453323][  T297] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  976.462224][  T297] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  976.471184][  T297] usb 1-1: config 0 descriptor??
[  976.548001][ T2362] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  976.557971][ T1301] usb 2-1: device descriptor read/64, error -71
[  976.558117][ T2362] usb 5-1: config 0 has no interfaces?
[  976.569503][ T2362] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  976.578381][ T2362] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  976.587002][ T2362] usb 5-1: config 0 descriptor??
[  976.623323][  T297] usb 3-1: USB disconnect, device number 105
[  976.713176][ T5609] usb 1-1: USB disconnect, device number 103
[  976.833475][  T297] usb 5-1: USB disconnect, device number 106
[  976.868093][ T1301] usb 2-1: new high-speed USB device number 106 using dummy_hcd
[  977.257970][ T1301] usb 2-1: device descriptor read/64, error -71
[  977.352724][T15501] 9pnet_fd: Insufficient options for proto=fd
[  977.567933][  T297] usb 1-1: new high-speed USB device number 104 using dummy_hcd
[  977.728001][ T1301] usb 2-1: device descriptor read/64, error -71
[  977.847981][ T1301] usb usb2-port1: attempt power cycle
[  977.861494][   T28] kauditd_printk_skb: 21 callbacks suppressed
[  977.861512][   T28] audit: type=1400 audit(2000000863.040:2667): avc:  denied  { bind } for  pid=15510 comm="syz.3.3668" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  977.967982][  T297] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  977.979628][  T297] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  977.980164][T15423] EXT4-fs (loop1): unmounting filesystem.
[  977.989698][  T297] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  978.007783][  T297] usb 1-1: New USB device found, idVendor=5543, idProduct=0003, bcdDevice= 0.00
[  978.308256][  T297] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  978.322822][  T297] usb 1-1: config 0 descriptor??
[  978.339508][T15524] loop1: detected capacity change from 0 to 512
[  978.352066][  T337] udevd[337]: symlink '../../loop1' '/dev/disk/by-label/syzkaller.tmp-b7:1' failed: Read-only file system
[  978.370232][T15521] loop2: detected capacity change from 0 to 515
[  978.376548][T15521] EXT4-fs: Ignoring removed bh option
[  978.382600][T15521] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[  978.391175][T15521] EXT4-fs (loop2): failed to open journal device unknown-block(0,0) -6
[  978.417042][T15524] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  978.425901][T15524] ext4 filesystem being mounted at /3/bus supports timestamps until 2038 (0x7fffffff)
[  978.436424][T15524] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3670'.
[  978.448530][  T337] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  978.536056][  T381] udevd[381]: symlink '../../loop1' '/dev/disk/by-label/syzkaller.tmp-b7:1' failed: Read-only file system
[  978.681153][T15541] 9pnet_fd: Insufficient options for proto=fd
[  978.947047][T15547] loop4: detected capacity change from 0 to 2048
[  978.954452][ T5609] usb 3-1: new high-speed USB device number 106 using dummy_hcd
[  978.982210][T15547] Alternate GPT is invalid, using primary GPT.
[  978.988720][T15547]  loop4: p1 p2 p3
[  979.060116][  T390] udevd[390]: inotify_add_watch(7, /dev/loop4p2, 10) failed: No such file or directory
[  979.069492][  T297] uclogic 0003:5543:0003.0084: item fetching failed at offset 5/7
[  979.075339][  T337] udevd[337]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory
[  979.082447][  T381] udevd[381]: inotify_add_watch(7, /dev/loop4p3, 10) failed: No such file or directory
[  979.096625][  T297] uclogic 0003:5543:0003.0084: parse failed
[  979.102443][  T297] uclogic: probe of 0003:5543:0003.0084 failed with error -22
[  979.117815][  T297] usb 1-1: USB disconnect, device number 104
[  979.341549][T15551] loop3: detected capacity change from 0 to 1024
[  979.402392][T15551] JBD2: no valid journal superblock found
[  979.408070][T15551] EXT4-fs (loop3): error loading journal
[  979.431080][T13552] udevd[13552]: symlink '../../loop3' '/dev/disk/by-label/syzkaller.tmp-b7:3' failed: Read-only file system
[  979.458044][ T5609] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  979.468760][ T5609] usb 3-1: config 0 has no interfaces?
[  979.474286][ T5609] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  979.483195][ T5609] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  979.491917][ T5609] usb 3-1: config 0 descriptor??
[  979.500692][  T337] udevd[337]: symlink '../../loop1' '/dev/disk/by-label/syzkaller.tmp-b7:3' failed: Read-only file system
[  979.639415][T15556] loop4: detected capacity change from 0 to 4096
[  979.648467][T15556] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  979.662010][T15556] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=11845 sclass=netlink_route_socket pid=15556 comm=syz.4.3680
[  979.742293][  T297] usb 3-1: USB disconnect, device number 106
[  980.076509][T15562] loop3: detected capacity change from 0 to 516
[  980.083001][T15562] EXT4-fs: Ignoring removed bh option
[  980.088985][T15562] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[  980.097143][T15562] EXT4-fs (loop3): failed to open journal device unknown-block(0,0) -6
[  980.107986][  T765] usb 1-1: new high-speed USB device number 105 using dummy_hcd
[  980.149286][T13552] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  980.584614][T14947] EXT4-fs (loop4): unmounting filesystem.
[  980.598073][  T765] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  980.610783][T13552] udevd[13552]: symlink '../../loop1' '/dev/disk/by-label/syzkaller.tmp-b7:4' failed: Read-only file system
[  980.632811][  T765] usb 1-1: config 0 has no interfaces?
[  980.651902][  T765] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  980.670671][  T765] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  980.687121][  T765] usb 1-1: config 0 descriptor??
[  980.964105][  T765] usb 1-1: USB disconnect, device number 105
[  981.375583][T15577] loop2: detected capacity change from 0 to 512
[  981.381964][T15577] EXT4-fs: Ignoring removed bh option
[  981.387496][T15577] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[  981.396232][T15577] EXT4-fs (loop2): failed to open journal device unknown-block(0,0) -6
[  981.406057][T13552] udevd[13552]: symlink '../../loop2' '/dev/disk/by-label/\x86\x5b.tmp-b7:2' failed: Read-only file system
[  981.471758][T15423] EXT4-fs (loop1): unmounting filesystem.
[  981.520247][T15581] loop1: detected capacity change from 0 to 256
[  981.623098][T15581] exFAT-fs (loop1): Invalid boot checksum (boot checksum : 0x1119abd0, checksum : 0x134dabd0)
[  981.648804][T15583] 9pnet_fd: Insufficient options for proto=fd
[  981.675264][T15581] exFAT-fs (loop1): invalid boot region
[  981.680763][T15581] exFAT-fs (loop1): failed to recognize exfat type
[  983.046564][T15619] loop3: detected capacity change from 0 to 512
[  983.057718][T13552] udevd[13552]: symlink '../../loop3' '/dev/disk/by-label/syzkaller.tmp-b7:3' failed: Read-only file system
[  983.057966][  T765] usb 3-1: new high-speed USB device number 107 using dummy_hcd
[  983.074404][T15619] EXT4-fs (loop3): 1 orphan inode deleted
[  983.082251][T15619] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  983.091308][T15619] ext4 filesystem being mounted at /33/file1 supports timestamps until 2038 (0x7fffffff)
[  983.110326][T13552] udevd[13552]: symlink '../../loop3' '/dev/disk/by-label/syzkaller.tmp-b7:3' failed: Read-only file system
[  983.238011][   T39] usb 5-1: new high-speed USB device number 107 using dummy_hcd
[  983.263270][T15623] syz.3.3698[15623] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  983.263781][T15623] syz.3.3698[15623] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  983.558629][  T765] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  983.580763][  T765] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  983.590498][  T765] usb 3-1: New USB device found, idVendor=27b8, idProduct=01ed, bcdDevice= 0.00
[  983.599410][  T765] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  983.607651][  T765] usb 3-1: config 0 descriptor??
[  983.657975][   T39] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  983.669295][   T39] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  983.702273][   T39] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00
[  983.711409][   T39] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  983.768026][   T39] usb 5-1: config 0 descriptor??
[  983.908007][ T1301] usb 2-1: new high-speed USB device number 108 using dummy_hcd
[  983.916516][T15111] EXT4-fs (loop3): unmounting filesystem.
[  984.157930][ T1301] usb 2-1: Using ep0 maxpacket: 16
[  984.168057][  T765] usbhid 3-1:0.0: can't add hid device: -71
[  984.173917][  T765] usbhid: probe of 3-1:0.0 failed with error -71
[  984.181333][  T765] usb 3-1: USB disconnect, device number 107
[  984.259472][   T39] pyra 0003:1E7D:2CF6.0085: hidraw0: USB HID v0.00 Device [HID 1e7d:2cf6] on usb-dummy_hcd.4-1/input0
[  984.297955][ T1301] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 8
[  984.507996][ T1301] usb 2-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 6.00
[  984.516977][ T1301] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  984.524849][ T1301] usb 2-1: Product: syz
[  984.528792][ T1301] usb 2-1: Manufacturer: syz
[  984.533201][ T1301] usb 2-1: SerialNumber: syz
[  984.538339][ T1301] usb 2-1: config 0 descriptor??
[  984.578589][ T1301] ftdi_sio 2-1:0.0: FTDI USB Serial Device converter detected
[  984.586230][ T1301] usb 2-1: Detected FT232R
[  984.622407][T15646] loop2: detected capacity change from 0 to 512
[  984.631266][T15646] EXT4-fs error (device loop2): __ext4_iget:5046: inode #11: block 1: comm syz.2.3706: invalid block
[  984.634390][  T390] udevd[390]: symlink '../../loop2' '/dev/disk/by-label/syzkaller.tmp-b7:2' failed: Read-only file system
[  984.642644][T15646] EXT4-fs error (device loop2): ext4_orphan_get:1401: comm syz.2.3706: couldn't read orphan inode 11 (err -117)
[  984.665074][T15646] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  984.679484][  T390] udevd[390]: symlink '../../loop2' '/dev/disk/by-label/syzkaller.tmp-b7:2' failed: Read-only file system
[  985.015451][T15655] loop3: detected capacity change from 0 to 1024
[  985.022932][   T28] audit: type=1400 audit(2000000870.120:2668): avc:  denied  { getopt } for  pid=15631 comm="syz.1.3701" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  985.048283][T15655] JBD2: no valid journal superblock found
[  985.053912][T15655] EXT4-fs (loop3): error loading journal
[  985.117543][  T390] udevd[390]: symlink '../../loop3' '/dev/disk/by-label/syzkaller.tmp-b7:3' failed: Read-only file system
[  985.148102][T12521] usb 3-1: new high-speed USB device number 108 using dummy_hcd
[  985.261146][  T390] udevd[390]: symlink '../../loop2' '/dev/disk/by-label/syzkaller.tmp-b7:3' failed: Read-only file system
[  985.288058][   T39] pyra 0003:1E7D:2CF6.0085: couldn't init struct pyra_device
[  985.295350][   T39] pyra 0003:1E7D:2CF6.0085: couldn't install mouse
[  985.302482][   T39] pyra: probe of 0003:1E7D:2CF6.0085 failed with error -71
[  985.314178][   T39] usb 5-1: USB disconnect, device number 107
[  985.417921][T12521] usb 3-1: device descriptor read/64, error -71
[  985.701708][   T28] audit: type=1400 audit(2000000870.880:2669): avc:  denied  { setopt } for  pid=15656 comm="syz.3.3708" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  985.790675][ T3967] Bluetooth: hci0: Frame reassembly failed (-84)
[  985.796938][ T3967] Bluetooth: hci0: Frame reassembly failed (-84)
[  985.847997][T12521] usb 3-1: device descriptor read/64, error -71
[  986.077952][   T39] usb 5-1: new high-speed USB device number 108 using dummy_hcd
[  986.117985][T12521] usb 3-1: new high-speed USB device number 109 using dummy_hcd
[  986.388188][T12521] usb 3-1: device descriptor read/64, error -71
[  986.437953][   T39] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  986.448896][   T39] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  986.458497][   T39] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  986.471460][   T39] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  986.480417][   T39] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  986.488902][   T39] usb 5-1: config 0 descriptor??
[  986.596722][ T1301] ftdi_sio ttyUSB0: Unable to read latency timer: -71
[  986.638008][ T1301] ftdi_sio ttyUSB0: Unable to write latency timer: -71
[  986.657938][ T1301] ftdi_sio 2-1:0.0: GPIO initialisation failed: -71
[  986.666962][ T1301] usb 2-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  986.691515][ T1301] usb 2-1: USB disconnect, device number 108
[  986.708836][ T1301] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  986.728388][ T1301] ftdi_sio 2-1:0.0: device disconnected
[  986.736480][T15671] netlink: 20 bytes leftover after parsing attributes in process `syz.1.3711'.
[  986.747269][T15671] device vlan2 entered promiscuous mode
[  986.752703][T15671] device syz_tun entered promiscuous mode
[  986.817941][T12521] usb 3-1: device descriptor read/64, error -71
[  987.209835][T12521] usb usb3-port1: attempt power cycle
[  988.495865][ T4319] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  988.559423][T14659] EXT4-fs (loop2): unmounting filesystem.
[  989.542234][T15700] loop2: detected capacity change from 0 to 1024
[  989.762475][T15700] JBD2: no valid journal superblock found
[  989.768193][T15700] EXT4-fs (loop2): error loading journal
[  989.909739][   T39] usbhid 5-1:0.0: can't add hid device: -71
[  989.930643][   T39] usbhid: probe of 5-1:0.0 failed with error -71
[  989.939943][   T39] usb 5-1: USB disconnect, device number 108
[  989.955804][T15705] loop4: detected capacity change from 0 to 515
[  989.962443][T15705] EXT4-fs: Ignoring removed bh option
[  989.968019][ T2362] usb 2-1: new high-speed USB device number 109 using dummy_hcd
[  989.975551][T15705] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[  989.984466][T15705] EXT4-fs (loop4): failed to open journal device unknown-block(0,0) -6
[  989.997521][  T337] udevd[337]: symlink '../../loop4' '/dev/disk/by-label/\x86\x5b.tmp-b7:4' failed: Read-only file system
[  990.250726][  T765] usb 1-1: new high-speed USB device number 106 using dummy_hcd
[  990.366211][T15715] loop2: detected capacity change from 0 to 1024
[  990.728739][T15715] JBD2: no valid journal superblock found
[  990.734446][T15715] EXT4-fs (loop2): error loading journal
[  990.748107][T13552] udevd[13552]: symlink '../../loop2' '/dev/disk/by-label/syzkaller.tmp-b7:2' failed: Read-only file system
[  990.803485][T15717] loop4: detected capacity change from 0 to 512
[  990.814915][T13552] udevd[13552]: symlink '../../loop4' '/dev/disk/by-label/syzkaller.tmp-b7:4' failed: Read-only file system
[  990.830641][T15717] EXT4-fs (loop4): 1 orphan inode deleted
[  990.836213][T15717] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  990.845270][T15717] ext4 filesystem being mounted at /48/file1 supports timestamps until 2038 (0x7fffffff)
[  990.858049][ T2362] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  990.860048][T13552] udevd[13552]: symlink '../../loop4' '/dev/disk/by-label/syzkaller.tmp-b7:4' failed: Read-only file system
[  990.869257][ T2362] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  990.889772][ T2362] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  990.900543][T13552] udevd[13552]: symlink '../../loop4' '/dev/disk/by-label/syzkaller.tmp-b7:4' failed: Read-only file system
[  990.902554][ T2362] usb 2-1: New USB device found, idVendor=5543, idProduct=0003, bcdDevice= 0.00
[  990.922757][ T2362] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  990.931494][ T2362] usb 2-1: config 0 descriptor??
[  990.944954][T14947] EXT4-fs (loop4): unmounting filesystem.
[  991.008301][  T765] usb 1-1: New USB device found, idVendor=0df6, idProduct=0056, bcdDevice=a0.b5
[  991.018319][  T765] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  991.029818][  T765] usb 1-1: config 0 descriptor??
[  991.060586][T15725] loop2: detected capacity change from 0 to 512
[  991.072689][T15725] EXT4-fs error (device loop2): __ext4_iget:5046: inode #11: block 1: comm syz.2.3727: invalid block
[  991.077692][  T390] udevd[390]: symlink '../../loop2' '/dev/disk/by-label/syzkaller.tmp-b7:2' failed: Read-only file system
[  991.095658][T15725] EXT4-fs error (device loop2): ext4_orphan_get:1401: comm syz.2.3727: couldn't read orphan inode 11 (err -117)
[  991.107696][T15725] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  991.246206][  T390] udevd[390]: symlink '../../loop2' '/dev/disk/by-label/syzkaller.tmp-b7:2' failed: Read-only file system
[  991.278104][  T765] asix 1-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -61
[  991.288513][  T765] asix: probe of 1-1:0.0 failed with error -61
[  991.484438][ T2362] uclogic 0003:5543:0003.0086: item fetching failed at offset 5/7
[  991.493012][ T2362] uclogic 0003:5543:0003.0086: parse failed
[  991.498938][ T2362] uclogic: probe of 0003:5543:0003.0086 failed with error -22
[  991.701523][ T2362] usb 2-1: USB disconnect, device number 109
[  991.748063][   T39] usb 3-1: new high-speed USB device number 111 using dummy_hcd
[  991.912130][T15733] device vlan2 entered promiscuous mode
[  991.917609][T15733] device bridge0 entered promiscuous mode
[  991.924874][T15733] bridge0: port 3(vlan2) entered blocking state
[  991.931254][T15733] bridge0: port 3(vlan2) entered disabled state
[  991.947885][T15733] device bridge0 left promiscuous mode
[  992.122539][T15739] loop4: detected capacity change from 0 to 1024
[  992.131578][   T39] usb 3-1: device descriptor read/64, error -71
[  992.294188][T15739] JBD2: no valid journal superblock found
[  992.299952][T15739] EXT4-fs (loop4): error loading journal
[  992.340328][  T390] udevd[390]: symlink '../../loop4' '/dev/disk/by-label/syzkaller.tmp-b7:4' failed: Read-only file system
[  992.382924][T13552] udevd[13552]: symlink '../../loop2' '/dev/disk/by-label/syzkaller.tmp-b7:4' failed: Read-only file system
[  992.385753][T15744] x_tables: duplicate underflow at hook 1
[  992.538014][   T39] usb 3-1: device descriptor read/64, error -71
[  992.667929][T12521] usb 4-1: new high-speed USB device number 108 using dummy_hcd
[  992.865266][   T39] usb 3-1: new high-speed USB device number 112 using dummy_hcd
[  992.979927][T15757] FAULT_INJECTION: forcing a failure.
[  992.979927][T15757] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  992.993040][T15757] CPU: 1 PID: 15757 Comm: syz.4.3736 Tainted: G        W          6.1.99-syzkaller-00049-g1fe91f863a7f #0
[  993.004165][T15757] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  993.014045][T15757] Call Trace:
[  993.017167][T15757]  <TASK>
[  993.019948][T15757]  dump_stack_lvl+0x151/0x1b7
[  993.024477][T15757]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[  993.029756][T15757]  ? release_firmware_map_entry+0x191/0x191
[  993.035480][T15757]  dump_stack+0x15/0x1b
[  993.039477][T15757]  should_fail_ex+0x3d0/0x520
[  993.043986][T15757]  should_fail+0xb/0x10
[  993.047977][T15757]  should_fail_usercopy+0x1a/0x20
[  993.052839][T15757]  copyin+0x1e/0x90
[  993.056485][T15757]  _copy_from_iter+0x3c9/0xe00
[  993.061088][T15757]  ? copyout_mc+0x80/0x80
[  993.065251][T15757]  ? __check_object_size+0x76/0x650
[  993.070285][T15757]  ? __virt_addr_valid+0x1db/0x2f0
[  993.075234][T15757]  ? __check_object_size+0x48e/0x650
[  993.080356][T15757]  netlink_sendmsg+0x8c8/0xd30
[  993.084955][T15757]  ? netlink_getsockopt+0x540/0x540
[  993.089992][T15757]  ? security_socket_sendmsg+0x82/0xb0
[  993.095285][T15757]  ? netlink_getsockopt+0x540/0x540
[  993.100316][T15757]  ____sys_sendmsg+0x5d3/0x9a0
[  993.104918][T15757]  ? __sys_sendmsg_sock+0x40/0x40
[  993.109774][T15757]  __sys_sendmsg+0x2a9/0x390
[  993.114199][T15757]  ? ____sys_sendmsg+0x9a0/0x9a0
[  993.118971][T15757]  ? __kasan_check_write+0x14/0x20
[  993.123923][T15757]  ? requeue_task_rt+0x410/0x410
[  993.128699][T15757]  ? fpregs_restore_userregs+0x130/0x290
[  993.134247][T15757]  __x64_sys_sendmsg+0x7f/0x90
[  993.138849][T15757]  x64_sys_call+0x16a/0x9a0
[  993.143288][T15757]  do_syscall_64+0x3b/0xb0
[  993.147613][T15757]  ? clear_bhb_loop+0x55/0xb0
[  993.152138][T15757]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  993.157877][T15757] RIP: 0033:0x7f8c9937dff9
[  993.162113][T15757] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  993.181678][T15757] RSP: 002b:00007f8c991de038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  993.189888][T15757] RAX: ffffffffffffffda RBX: 00007f8c99536130 RCX: 00007f8c9937dff9
[  993.197698][T15757] RDX: 0000000000000000 RSI: 00000000200012c0 RDI: 0000000000000009
[  993.205510][T15757] RBP: 00007f8c991de090 R08: 0000000000000000 R09: 0000000000000000
[  993.213323][T15757] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  993.221132][T15757] R13: 0000000000000000 R14: 00007f8c99536130 R15: 00007ffd4a61e0b8
[  993.228948][T15757]  </TASK>
[  993.268166][T12521] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  993.334013][T15760] loop1: detected capacity change from 0 to 1024
[  993.341553][T15760] JBD2: no valid journal superblock found
[  993.347164][T15760] EXT4-fs (loop1): error loading journal
[  993.360991][T13552] udevd[13552]: symlink '../../loop1' '/dev/disk/by-label/syzkaller.tmp-b7:1' failed: Read-only file system
[  993.390507][T12521] usb 4-1: config 0 has no interfaces?
[  993.395908][T12521] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  993.404788][T12521] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  993.413207][T12521] usb 4-1: config 0 descriptor??
[  993.457952][   T39] usb 3-1: device descriptor read/64, error -71
[  993.661356][ T2362] usb 4-1: USB disconnect, device number 108
[  993.692029][T15763] device vlan2 entered promiscuous mode
[  993.697434][T15763] device bridge0 entered promiscuous mode
[  993.703704][T15763] bridge0: port 3(vlan2) entered blocking state
[  993.709819][T15763] bridge0: port 3(vlan2) entered disabled state
[  993.716425][T15763] device bridge0 left promiscuous mode
[  993.781505][T12521] usb 1-1: USB disconnect, device number 106
[  993.867934][   T39] usb 3-1: device descriptor read/64, error -71
[  993.987972][   T39] usb usb3-port1: attempt power cycle
[  994.096831][T14659] EXT4-fs (loop2): unmounting filesystem.
[  994.144607][   T28] audit: type=1400 audit(2000000879.320:2670): avc:  denied  { watch_reads } for  pid=15770 comm="syz.0.3741" path="/48" dev="tmpfs" ino=271 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  995.449643][   T28] audit: type=1400 audit(2000000880.610:2671): avc:  denied  { map } for  pid=15770 comm="syz.0.3741" path="socket:[108611]" dev="sockfs" ino=108611 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  995.457253][  T765] usb 2-1: new high-speed USB device number 110 using dummy_hcd
[  996.880247][T15794] loop3: detected capacity change from 0 to 1024
[  997.005643][T15798] FAULT_INJECTION: forcing a failure.
[  997.005643][T15798] name failslab, interval 1, probability 0, space 0, times 0
[  997.018149][T15798] CPU: 0 PID: 15798 Comm: syz.0.3749 Tainted: G        W          6.1.99-syzkaller-00049-g1fe91f863a7f #0
[  997.029193][T15798] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  997.039085][T15798] Call Trace:
[  997.042216][T15798]  <TASK>
[  997.045087][T15798]  dump_stack_lvl+0x151/0x1b7
[  997.049603][T15798]  ? asm_sysvec_call_function_single+0x1b/0x20
[  997.055596][T15798]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[  997.060883][T15798]  ? __wake_up_klogd+0xd5/0x110
[  997.065566][T15798]  ? dump_stack+0x9/0x1b
[  997.069663][T15798]  dump_stack+0x15/0x1b
[  997.073870][T15798]  should_fail_ex+0x3d0/0x520
[  997.078328][T15798]  ? alloc_vmap_area+0x1a5/0x1aa0
[  997.083284][T15798]  __should_failslab+0xaf/0xf0
[  997.087875][T15798]  should_failslab+0x9/0x20
[  997.092213][T15798]  kmem_cache_alloc_node+0x3e/0x2d0
[  997.097258][T15798]  alloc_vmap_area+0x1a5/0x1aa0
[  997.101940][T15798]  ? vm_map_ram+0x940/0x940
[  997.106273][T15798]  ? __kasan_kmalloc+0x9c/0xb0
[  997.110890][T15798]  ? kmalloc_node_trace+0x3d/0xb0
[  997.115736][T15798]  __get_vm_area_node+0x171/0x370
[  997.120598][T15798]  __vmalloc_node_range+0x335/0x1560
[  997.125715][T15798]  ? kvm_dev_ioctl+0x19c/0x10d0
[  997.130667][T15798]  ? _raw_spin_lock+0xa4/0x1b0
[  997.135265][T15798]  ? vmap+0x2b0/0x2b0
[  997.139171][T15798]  ? kvm_dev_ioctl+0x154/0x10d0
[  997.143854][T15798]  ? vscnprintf+0x80/0x80
[  997.148022][T15798]  ? kvm_dev_ioctl+0x19c/0x10d0
[  997.152708][T15798]  __vmalloc+0x7a/0x90
[  997.156620][T15798]  ? kvm_dev_ioctl+0x19c/0x10d0
[  997.161304][T15798]  kvm_dev_ioctl+0x19c/0x10d0
[  997.165820][T15798]  ? __fget_files+0x2cb/0x330
[  997.170329][T15798]  ? kvm_reboot+0x40/0x40
[  997.174498][T15798]  ? security_file_ioctl+0x84/0xb0
[  997.179438][T15798]  ? kvm_reboot+0x40/0x40
[  997.183627][T15798]  __se_sys_ioctl+0x114/0x190
[  997.188124][T15798]  __x64_sys_ioctl+0x7b/0x90
[  997.192546][T15798]  x64_sys_call+0x98/0x9a0
[  997.196798][T15798]  do_syscall_64+0x3b/0xb0
[  997.201052][T15798]  ? clear_bhb_loop+0x55/0xb0
[  997.205566][T15798]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  997.211294][T15798] RIP: 0033:0x7f9fb477dff9
[  997.215548][T15798] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  997.234989][T15798] RSP: 002b:00007f9fb552a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  997.243235][T15798] RAX: ffffffffffffffda RBX: 00007f9fb4936058 RCX: 00007f9fb477dff9
[  997.251176][T15798] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000008
[  997.258989][T15798] RBP: 00007f9fb552a090 R08: 0000000000000000 R09: 0000000000000000
[  997.266799][T15798] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  997.274612][T15798] R13: 0000000000000000 R14: 00007f9fb4936058 R15: 00007ffcfae9f2d8
[  997.282425][T15798]  </TASK>
[  997.285828][T15798] syz.0.3749: vmalloc error: size 41016, vm_struct allocation failed, mode:0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null),cpuset=syz0,mems_allowed=0
[  997.301687][T15798] CPU: 0 PID: 15798 Comm: syz.0.3749 Tainted: G        W          6.1.99-syzkaller-00049-g1fe91f863a7f #0
[  997.312748][T15798] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  997.322640][T15798] Call Trace:
[  997.325768][T15798]  <TASK>
[  997.328545][T15798]  dump_stack_lvl+0x151/0x1b7
[  997.333057][T15798]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[  997.338351][T15798]  ? _raw_spin_unlock_irqrestore+0x5b/0x80
[  997.343994][T15798]  dump_stack+0x15/0x1b
[  997.347983][T15798]  warn_alloc+0x21a/0x3a0
[  997.352151][T15798]  ? zone_watermark_ok_safe+0x270/0x270
[  997.357533][T15798]  ? __get_vm_area_node+0x186/0x370
[  997.362569][T15798]  ? __get_vm_area_node+0x186/0x370
[  997.367607][T15798]  __vmalloc_node_range+0x35a/0x1560
[  997.372732][T15798]  ? _raw_spin_lock+0xa4/0x1b0
[  997.377323][T15798]  ? vmap+0x2b0/0x2b0
[  997.381142][T15798]  ? kvm_dev_ioctl+0x154/0x10d0
[  997.385824][T15798]  ? vscnprintf+0x80/0x80
[  997.389996][T15798]  ? kvm_dev_ioctl+0x19c/0x10d0
[  997.394676][T15798]  __vmalloc+0x7a/0x90
[  997.398585][T15798]  ? kvm_dev_ioctl+0x19c/0x10d0
[  997.403270][T15798]  kvm_dev_ioctl+0x19c/0x10d0
[  997.407789][T15798]  ? __fget_files+0x2cb/0x330
[  997.412298][T15798]  ? kvm_reboot+0x40/0x40
[  997.416465][T15798]  ? security_file_ioctl+0x84/0xb0
[  997.421411][T15798]  ? kvm_reboot+0x40/0x40
[  997.425578][T15798]  __se_sys_ioctl+0x114/0x190
[  997.430094][T15798]  __x64_sys_ioctl+0x7b/0x90
[  997.434518][T15798]  x64_sys_call+0x98/0x9a0
[  997.438770][T15798]  do_syscall_64+0x3b/0xb0
[  997.443024][T15798]  ? clear_bhb_loop+0x55/0xb0
[  997.447534][T15798]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  997.453262][T15798] RIP: 0033:0x7f9fb477dff9
[  997.457516][T15798] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  997.476961][T15798] RSP: 002b:00007f9fb552a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  997.485204][T15798] RAX: ffffffffffffffda RBX: 00007f9fb4936058 RCX: 00007f9fb477dff9
[  997.493016][T15798] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000008
[  997.500829][T15798] RBP: 00007f9fb552a090 R08: 0000000000000000 R09: 0000000000000000
[  997.508641][T15798] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  997.516535][T15798] R13: 0000000000000000 R14: 00007f9fb4936058 R15: 00007ffcfae9f2d8
[  997.524581][T15798]  </TASK>
[  997.527601][T15798] Mem-Info:
[  997.530587][T15798] active_anon:21749 inactive_anon:680 isolated_anon:0
[  997.530587][T15798]  active_file:8965 inactive_file:12991 isolated_file:0
[  997.530587][T15798]  unevictable:0 dirty:329 writeback:0
[  997.530587][T15798]  slab_reclaimable:8436 slab_unreclaimable:81928
[  997.530587][T15798]  mapped:33822 shmem:13799 pagetables:586
[  997.530587][T15798]  sec_pagetables:0 bounce:0
[  997.530587][T15798]  kernel_misc_reclaimable:0
[  997.530587][T15798]  free:1494801 free_pcp:8937 free_cma:0
[  997.575577][T15798] Node 0 active_anon:86996kB inactive_anon:2720kB active_file:35860kB inactive_file:51964kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:135288kB dirty:1316kB writeback:0kB shmem:55196kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB kernel_stack:5200kB pagetables:2344kB sec_pagetables:0kB all_unreclaimable? no
[  997.608390][T15798] DMA32 free:2966484kB boost:0kB min:62552kB low:78188kB high:93824kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:2971568kB mlocked:0kB bounce:0kB free_pcp:5084kB local_pcp:5084kB free_cma:0kB
[  997.636518][T15798] lowmem_reserve[]: 0 3932 3932 3932
[  997.642235][T15798] Normal free:3012720kB boost:0kB min:84900kB low:106124kB high:127348kB reserved_highatomic:0KB active_anon:86996kB inactive_anon:2720kB active_file:35860kB inactive_file:51964kB unevictable:0kB writepending:1316kB present:5242880kB managed:4026400kB mlocked:0kB bounce:0kB free_pcp:30664kB local_pcp:23104kB free_cma:0kB
[  997.672281][T15798] lowmem_reserve[]: 0 0 0 0
[  997.676708][T15798] DMA32: 3*4kB (M) 1*8kB (M) 2*16kB (M) 3*32kB (M) 3*64kB (M) 3*128kB (M) 3*256kB (M) 3*512kB (M) 2*1024kB (UM) 2*2048kB (UM) 722*4096kB (M) = 2966484kB
[  997.692389][T15798] Normal: 1554*4kB (UME) 1275*8kB (UE) 461*16kB (UE) 138*32kB (UE) 305*64kB (UME) 70*128kB (UME) 29*256kB (UME) 35*512kB (UME) 18*1024kB (UM) 6*2048kB (UME) 708*4096kB (M) = 3012720kB
[  997.710941][T15798] 36369 total pagecache pages
[  997.715417][T15798] 680 pages in swap cache
[  997.719611][T15798] Free swap  = 121620kB
[  997.723617][T15798] Total swap = 124996kB
[  997.727568][T15798] 2097051 pages RAM
[  997.731243][T15798] 0 pages HighMem/MovableOnly
[  997.735718][T15798] 347559 pages reserved
[  997.739815][T15798] 0 pages cma reserved
[  997.755187][T15794] JBD2: no valid journal superblock found
[  997.760876][T15794] EXT4-fs (loop3): error loading journal
[  997.790373][T13552] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  997.880553][T15809] loop4: detected capacity change from 0 to 256
[  997.887349][T15809] exfat: Unknown parameter 'uid¸01777777777777777777777'
[  997.973160][T15811] FAULT_INJECTION: forcing a failure.
[  997.973160][T15811] name failslab, interval 1, probability 0, space 0, times 0
[  997.985684][T15811] CPU: 0 PID: 15811 Comm: syz.1.3751 Tainted: G        W          6.1.99-syzkaller-00049-g1fe91f863a7f #0
[  997.996699][T15811] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  998.006595][T15811] Call Trace:
[  998.009713][T15811]  <TASK>
[  998.012503][T15811]  dump_stack_lvl+0x151/0x1b7
[  998.017008][T15811]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[  998.022303][T15811]  dump_stack+0x15/0x1b
[  998.026294][T15811]  should_fail_ex+0x3d0/0x520
[  998.030815][T15811]  ? security_file_alloc+0x29/0x120
[  998.035847][T15811]  __should_failslab+0xaf/0xf0
[  998.040440][T15811]  should_failslab+0x9/0x20
[  998.044788][T15811]  kmem_cache_alloc+0x3b/0x2c0
[  998.049384][T15811]  ? __alloc_file+0x29/0x2a0
[  998.053821][T15811]  security_file_alloc+0x29/0x120
[  998.058667][T15811]  __alloc_file+0xb2/0x2a0
[  998.062920][T15811]  alloc_empty_file+0x95/0x180
[  998.067521][T15811]  path_openat+0xec/0x2d60
[  998.071781][T15811]  ? kasan_set_track+0x60/0x70
[  998.076373][T15811]  ? kasan_set_track+0x4b/0x70
[  998.080970][T15811]  ? kasan_save_alloc_info+0x1f/0x30
[  998.086091][T15811]  ? __kasan_slab_alloc+0x6c/0x80
[  998.090954][T15811]  ? slab_post_alloc_hook+0x53/0x2c0
[  998.096073][T15811]  ? getname_flags+0xba/0x520
[  998.100585][T15811]  ? getname+0x19/0x20
[  998.104500][T15811]  ? do_sys_openat2+0xe0/0x870
[  998.109092][T15811]  ? __x64_sys_openat+0x243/0x290
[  998.113955][T15811]  ? entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  998.119858][T15811]  ? do_filp_open+0x480/0x480
[  998.124374][T15811]  do_filp_open+0x230/0x480
[  998.128740][T15811]  ? vfs_tmpfile+0x480/0x480
[  998.133143][T15811]  ? alloc_fd+0x4fa/0x5a0
[  998.137308][T15811]  do_sys_openat2+0x151/0x870
[  998.141817][T15811]  ? bit_wait_io_timeout+0x120/0x120
[  998.146938][T15811]  ? __mutex_lock_slowpath+0x10/0x10
[  998.152056][T15811]  ? do_sys_open+0x220/0x220
[  998.156496][T15811]  ? fput+0x15b/0x1b0
[  998.160299][T15811]  ? ksys_write+0x260/0x2c0
[  998.164642][T15811]  ? __this_cpu_preempt_check+0x13/0x20
[  998.170024][T15811]  __x64_sys_openat+0x243/0x290
[  998.174710][T15811]  ? __ia32_sys_open+0x270/0x270
[  998.179484][T15811]  ? debug_smp_processor_id+0x17/0x20
[  998.184689][T15811]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  998.190592][T15811]  ? exit_to_user_mode_prepare+0x39/0xa0
[  998.196059][T15811]  x64_sys_call+0x6bf/0x9a0
[  998.200401][T15811]  do_syscall_64+0x3b/0xb0
[  998.204653][T15811]  ? clear_bhb_loop+0x55/0xb0
[  998.209168][T15811]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  998.214993][T15811] RIP: 0033:0x7f81af77dff9
[  998.219240][T15811] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  998.238674][T15811] RSP: 002b:00007f81b04e6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  998.246923][T15811] RAX: ffffffffffffffda RBX: 00007f81af936130 RCX: 00007f81af77dff9
[  998.254747][T15811] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000000000007
[  998.262632][T15811] RBP: 00007f81b04e6090 R08: 0000000000000000 R09: 0000000000000000
[  998.270439][T15811] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  998.278262][T15811] R13: 0000000000000000 R14: 00007f81af936130 R15: 00007ffdeb516318
[  998.286074][T15811]  </TASK>
[  998.822164][  T765] usb 2-1: device not accepting address 110, error -71
[  999.038781][T15809] loop4: detected capacity change from 0 to 40427
[  999.045733][T15809] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  999.053682][T15809] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  999.058789][T13552] udevd[13552]: symlink '../../loop4' '/dev/disk/by-uuid/922c7623-35ee-4af3-bdd7-07040bb1b7db.tmp-b7:4' failed: Read-only file system
[  999.062922][T15809] F2FS-fs (loop4): invalid crc value
[  999.085358][T15809] F2FS-fs (loop4): Found nat_bits in checkpoint
[  999.148183][T15809] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  999.155139][T15809] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  999.169134][T13552] udevd[13552]: symlink '../../loop4' '/dev/disk/by-uuid/922c7623-35ee-4af3-bdd7-07040bb1b7db.tmp-b7:4' failed: Read-only file system
[  999.192614][T15809] overlayfs: workdir and upperdir must be separate subtrees
[  999.243268][  T765] usb 2-1: new high-speed USB device number 111 using dummy_hcd
[  999.337996][   T28] audit: type=1326 audit(2000000884.500:2672): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15832 comm="syz.0.3758" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fb477dff9 code=0x7ffc0000
[  999.507414][   T28] audit: type=1326 audit(2000000884.500:2673): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15832 comm="syz.0.3758" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fb477dff9 code=0x7ffc0000
[  999.531418][   T28] audit: type=1326 audit(2000000884.500:2674): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15832 comm="syz.0.3758" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f9fb477dff9 code=0x7ffc0000
[  999.534374][T15842] loop3: detected capacity change from 0 to 2048
[  999.561463][   T28] audit: type=1326 audit(2000000884.500:2675): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15832 comm="syz.0.3758" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fb477dff9 code=0x7ffc0000
[  999.567354][T13552] udevd[13552]: symlink '../../loop3' '/dev/disk/by-label/syzkaller.tmp-b7:3' failed: Read-only file system
[  999.596335][   T28] audit: type=1326 audit(2000000884.500:2676): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15832 comm="syz.0.3758" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fb477dff9 code=0x7ffc0000
[  999.597912][   T39] usb 1-1: new high-speed USB device number 107 using dummy_hcd
[  999.619897][   T28] audit: type=1326 audit(2000000884.500:2677): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15832 comm="syz.0.3758" exe="/root/syz-executor" sig=0 arch=c000003e syscall=132 compat=0 ip=0x7f9fb477dff9 code=0x7ffc0000
[  999.650958][   T28] audit: type=1326 audit(2000000884.500:2678): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15832 comm="syz.0.3758" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fb477dff9 code=0x7ffc0000
[  999.676721][   T28] audit: type=1326 audit(2000000884.500:2679): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15832 comm="syz.0.3758" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fb477dff9 code=0x7ffc0000
[  999.700875][   T28] audit: type=1326 audit(2000000884.500:2680): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15832 comm="syz.0.3758" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9fb477dff9 code=0x7ffc0000
[  999.725877][   T28] audit: type=1326 audit(2000000884.500:2681): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15832 comm="syz.0.3758" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fb477dff9 code=0x7ffc0000
[  999.726305][ T3962] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  999.749983][T15842] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  999.772644][T13552] udevd[13552]: symlink '../../loop3' '/dev/disk/by-label/syzkaller.tmp-b7:3' failed: Read-only file system
[  999.828122][  T765] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  999.839049][  T765] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  999.849261][  T765] usb 2-1: New USB device found, idVendor=056a, idProduct=00f8, bcdDevice= 4.00
[  999.859505][  T765] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  999.870805][  T765] usb 2-1: config 0 descriptor??
[  999.909418][ T3962] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[ 1000.138645][   T39] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1000.182618][   T39] usb 1-1: New USB device found, idVendor=146d, idProduct=c086, bcdDevice= 0.00
[ 1000.193161][   T39] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1000.227034][   T39] usb 1-1: config 0 descriptor??
[ 1000.268518][   T39] usbhid 1-1:0.0: couldn't find an input interrupt endpoint
[ 1000.357912][T13353] usb 4-1: new high-speed USB device number 109 using dummy_hcd
[ 1000.369028][  T765] wacom 0003:056A:00F8.0087: unknown main item tag 0x0
[ 1000.375801][  T765] wacom 0003:056A:00F8.0087: unknown main item tag 0x0
[ 1000.382717][  T765] wacom 0003:056A:00F8.0087: unknown main item tag 0x0
[ 1000.389488][  T765] wacom 0003:056A:00F8.0087: unknown main item tag 0x0
[ 1000.396077][  T765] wacom 0003:056A:00F8.0087: unknown main item tag 0x0
[ 1000.403575][  T765] wacom 0003:056A:00F8.0087: hidraw0: USB HID v0.00 Device [HID 056a:00f8] on usb-dummy_hcd.1-1/input0
[ 1000.567930][  T765] usb 5-1: new high-speed USB device number 109 using dummy_hcd
[ 1000.579741][ T2362] usb 2-1: USB disconnect, device number 111
[ 1000.717962][T13353] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1000.727875][T13353] usb 4-1: New USB device found, idVendor=146d, idProduct=c086, bcdDevice= 0.00
[ 1000.736778][T13353] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1000.745733][T13353] usb 4-1: config 0 descriptor??
[ 1000.788653][T13353] usbhid 4-1:0.0: couldn't find an input interrupt endpoint
[ 1000.958578][  T765] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1000.969397][  T765] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1000.978957][  T765] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1000.991812][  T765] usb 5-1: New USB device found, idVendor=5543, idProduct=0003, bcdDevice= 0.00
[ 1001.000844][  T765] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1001.018059][  T765] usb 5-1: config 0 descriptor??
[ 1001.519052][  T765] uclogic 0003:5543:0003.0088: item fetching failed at offset 5/7
[ 1001.526879][  T765] uclogic 0003:5543:0003.0088: parse failed
[ 1001.532658][  T765] uclogic: probe of 0003:5543:0003.0088 failed with error -22
[ 1001.719721][  T765] usb 5-1: USB disconnect, device number 109
[ 1002.382207][   T39] usb 1-1: USB disconnect, device number 107
[ 1002.531046][  T734] usb 4-1: USB disconnect, device number 109
[ 1002.555238][T15111] EXT4-fs (loop3): unmounting filesystem.
[ 1004.636336][  T734] usb 4-1: new high-speed USB device number 110 using dummy_hcd
[ 1005.397964][  T734] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1005.407947][  T734] usb 4-1: config 0 has no interfaces?
[ 1005.413185][  T734] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1005.422069][  T734] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1005.430711][  T734] usb 4-1: config 0 descriptor??
[ 1005.597748][T15901] loop2: detected capacity change from 0 to 1024
[ 1005.641116][T15901] JBD2: no valid journal superblock found
[ 1005.646679][T15901] EXT4-fs (loop2): error loading journal
[ 1005.647339][T13552] udevd[13552]: symlink '../../loop2' '/dev/disk/by-label/syzkaller.tmp-b7:2' failed: Read-only file system
[ 1005.673609][  T765] usb 4-1: USB disconnect, device number 110
[ 1005.703820][T15907] device vlan2 entered promiscuous mode
[ 1005.709308][T15907] device bridge0 entered promiscuous mode
[ 1005.715491][T15907] bridge0: port 3(vlan2) entered blocking state
[ 1005.721638][T15907] bridge0: port 3(vlan2) entered disabled state
[ 1005.731754][T15907] device bridge0 left promiscuous mode
[ 1005.807146][T15913] loop1: detected capacity change from 0 to 256
[ 1005.814024][T15911] loop2: detected capacity change from 0 to 512
[ 1005.846102][T13552] udevd[13552]: symlink '../../loop2' '/dev/disk/by-label/syzkaller.tmp-b7:2' failed: Read-only file system
[ 1005.863885][T15913] exFAT-fs (loop1): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[ 1005.908304][T15911] EXT4-fs error (device loop2): __ext4_iget:5046: inode #11: block 1: comm syz.2.3779: invalid block
[ 1005.919380][T15911] EXT4-fs error (device loop2): ext4_orphan_get:1401: comm syz.2.3779: couldn't read orphan inode 11 (err -117)
[ 1005.934135][T15911] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[ 1005.957695][T13552] udevd[13552]: symlink '../../loop2' '/dev/disk/by-label/syzkaller.tmp-b7:2' failed: Read-only file system
[ 1005.999339][T15922] loop4: detected capacity change from 0 to 1024
[ 1006.273835][T15924] loop3: detected capacity change from 0 to 1024
[ 1006.480194][T15926] overlayfs: failed to create directory ./bus/work (errno: 22); mounting read-only
[ 1006.491068][T15926] overlayfs: failed to resolve './file0': -2
[ 1006.736692][T15926] overlayfs: failed to create directory ./bus/work (errno: 22); mounting read-only
[ 1006.747328][T15926] overlayfs: failed to resolve './file0': -2
[ 1006.787497][   T28] kauditd_printk_skb: 52 callbacks suppressed
[ 1006.794950][   T28] audit: type=1400 audit(2000000891.180:2734): avc:  denied  { setattr } for  pid=15912 comm="syz.1.3781" name="file1" dev="loop1" ino=1049441 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[ 1006.819778][T15922] JBD2: no valid journal superblock found
[ 1006.825342][T15922] EXT4-fs (loop4): error loading journal
[ 1006.874468][   T28] audit: type=1400 audit(2000000891.910:2735): avc:  denied  { rmdir } for  pid=15915 comm="syz.0.3782" name="work" dev="incremental-fs" ino=342 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[ 1006.920425][T15924] JBD2: no valid journal superblock found
[ 1006.925988][T15924] EXT4-fs (loop3): error loading journal
[ 1006.934183][  T390] udevd[390]: symlink '../../loop3' '/dev/disk/by-label/syzkaller.tmp-b7:3' failed: Read-only file system
[ 1006.949456][  T337] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 1006.954420][T14659] EXT4-fs (loop2): unmounting filesystem.
[ 1006.961869][T13552] udevd[13552]: symlink '../../loop2' '/dev/disk/by-label/syzkaller.tmp-b7:3' failed: Read-only file system
[ 1007.342984][T15937] device vlan2 entered promiscuous mode
[ 1007.348602][T15937] device bridge0 entered promiscuous mode
[ 1007.355039][T15937] bridge0: port 3(vlan2) entered blocking state
[ 1007.362394][T15937] bridge0: port 3(vlan2) entered disabled state
[ 1007.370024][T15937] device bridge0 left promiscuous mode
[ 1007.410573][   T39] usb 1-1: new high-speed USB device number 108 using dummy_hcd
[ 1007.656887][T15941] loop3: detected capacity change from 0 to 1024
[ 1007.743212][T15941] JBD2: no valid journal superblock found
[ 1007.748901][T15941] EXT4-fs (loop3): error loading journal
[ 1008.527390][T15954] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3792'.
[ 1008.638007][   T39] usb 1-1: Using ep0 maxpacket: 8
[ 1008.704477][T15957] loop3: detected capacity change from 0 to 1024
[ 1008.715042][T15957] JBD2: no valid journal superblock found
[ 1008.720736][T15957] EXT4-fs (loop3): error loading journal
[ 1008.729994][T13552] udevd[13552]: symlink '../../loop3' '/dev/disk/by-label/syzkaller.tmp-b7:3' failed: Read-only file system
[ 1008.741884][  T734] usb 5-1: new high-speed USB device number 110 using dummy_hcd
[ 1008.758113][   T39] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1008.877969][   T39] usb 1-1: New USB device found, idVendor=05ac, idProduct=8501, bcdDevice=20.9d
[ 1008.886987][   T39] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=105
[ 1008.895949][   T39] usb 1-1: config 0 descriptor??
[ 1008.917952][   T39] usb 1-1: can't set config #0, error -71
[ 1008.924870][   T39] usb 1-1: USB disconnect, device number 108
[ 1009.107967][  T734] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1009.118122][  T734] usb 5-1: config 0 has no interfaces?
[ 1009.123490][  T734] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1009.132726][  T734] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1009.147298][  T734] usb 5-1: config 0 descriptor??
[ 1009.147355][T15962] loop2: detected capacity change from 0 to 512
[ 1009.160608][T15962] EXT4-fs error (device loop2): __ext4_iget:5046: inode #11: block 1: comm syz.2.3794: invalid block
[ 1009.165696][T13552] udevd[13552]: symlink '../../loop2' '/dev/disk/by-label/syzkaller.tmp-b7:2' failed: Read-only file system
[ 1009.171849][T15962] EXT4-fs error (device loop2): ext4_orphan_get:1401: comm syz.2.3794: couldn't read orphan inode 11 (err -117)
[ 1009.194414][T15962] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[ 1009.208948][T13552] udevd[13552]: symlink '../../loop2' '/dev/disk/by-label/syzkaller.tmp-b7:2' failed: Read-only file system
[ 1009.277919][   T39] usb 1-1: new high-speed USB device number 109 using dummy_hcd
[ 1009.393704][  T734] usb 5-1: USB disconnect, device number 110
[ 1010.435712][T15973] loop3: detected capacity change from 0 to 1024
[ 1010.474712][T15973] JBD2: no valid journal superblock found
[ 1010.480416][T15973] EXT4-fs (loop3): error loading journal
[ 1010.499693][T14659] EXT4-fs (loop2): unmounting filesystem.
[ 1010.550060][T13552] udevd[13552]: symlink '../../loop3' '/dev/disk/by-label/syzkaller.tmp-b7:3' failed: Read-only file system
[ 1010.687997][   T39] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1010.738496][   T39] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1010.758128][   T39] usb 1-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[ 1010.766988][   T39] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1010.788538][   T39] usb 1-1: config 0 descriptor??
[ 1011.068173][T15989] device vlan2 entered promiscuous mode
[ 1011.073625][T15989] device bridge0 entered promiscuous mode
[ 1011.079789][T15989] bridge0: port 3(vlan2) entered blocking state
[ 1011.085922][T15989] bridge0: port 3(vlan2) entered disabled state
[ 1011.092868][T15989] device bridge0 left promiscuous mode
[ 1011.759588][T16011] loop2: detected capacity change from 0 to 1024
[ 1011.767059][T16011] JBD2: no valid journal superblock found
[ 1011.772758][T16011] EXT4-fs (loop2): error loading journal
[ 1011.828554][  T337] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 1012.189159][   T39] input: HID 256c:006d Pen as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:256C:006D.0089/input/input70
[ 1012.201919][   T39] input: HID 256c:006d Pad as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:256C:006D.0089/input/input71
[ 1012.215547][   T39] uclogic 0003:256C:006D.0089: input,hiddev96,hidraw0: USB HID v0.00 Keypad [HID 256c:006d] on usb-dummy_hcd.0-1/input0
[ 1012.627923][ T2362] usb 2-1: new high-speed USB device number 112 using dummy_hcd
[ 1012.635635][T16024] loop3: detected capacity change from 0 to 128
[ 1012.642172][T16024] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[ 1012.654448][T16024] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[ 1012.737918][T14290] usb 3-1: new high-speed USB device number 114 using dummy_hcd
[ 1013.037971][ T2362] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1013.048803][ T2362] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1013.058383][ T2362] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1013.071001][ T2362] usb 2-1: New USB device found, idVendor=04d9, idProduct=a070, bcdDevice= 0.00
[ 1013.079833][ T2362] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1013.088521][ T2362] usb 2-1: config 0 descriptor??
[ 1013.157988][T14290] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1013.168178][T14290] usb 3-1: config 0 has no interfaces?
[ 1013.173509][T14290] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1013.182421][T14290] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1013.190891][T14290] usb 3-1: config 0 descriptor??
[ 1013.390861][T16026] device vlan2 entered promiscuous mode
[ 1013.396239][T16026] device bridge0 entered promiscuous mode
[ 1013.402787][T16026] bridge0: port 3(vlan2) entered blocking state
[ 1013.409156][T16026] bridge0: port 3(vlan2) entered disabled state
[ 1013.416117][T16026] device bridge0 left promiscuous mode
[ 1013.420269][  T421] usb 1-1: USB disconnect, device number 109
[ 1013.431150][T12580] usb 3-1: USB disconnect, device number 114
[ 1013.498291][T16034] loop3: detected capacity change from 0 to 2048
[ 1013.509822][  T337] udevd[337]: symlink '../../loop3' '/dev/disk/by-label/syzkaller.tmp-b7:3' failed: Read-only file system
[ 1013.510598][T16034] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[ 1013.535695][  T337] udevd[337]: symlink '../../loop3' '/dev/disk/by-label/syzkaller.tmp-b7:3' failed: Read-only file system
[ 1013.569031][ T2362] holtek_mouse 0003:04D9:A070.008A: item fetching failed at offset 1/5
[ 1013.577414][ T2362] holtek_mouse 0003:04D9:A070.008A: hid parse failed: -22
[ 1013.587979][ T2362] holtek_mouse: probe of 0003:04D9:A070.008A failed with error -22
[ 1013.615083][ T3969] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[ 1013.629859][ T3969] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[ 1013.642239][ T3969] EXT4-fs (loop3): This should not happen!! Data will be lost
[ 1013.642239][ T3969] 
[ 1013.652088][ T3969] EXT4-fs (loop3): Total free blocks count 0
[ 1013.657984][ T3969] EXT4-fs (loop3): Free/Dirty block details
[ 1013.663661][ T3969] EXT4-fs (loop3): free_blocks=2415919104
[ 1013.669394][ T3969] EXT4-fs (loop3): dirty_blocks=2640
[ 1013.674558][ T3969] EXT4-fs (loop3): Block reservation details
[ 1013.680652][ T3969] EXT4-fs (loop3): i_reserved_data_blocks=165
[ 1013.695340][ T3969] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 2050 with max blocks 584 with error 28
[ 1013.735395][T16043] loop3: detected capacity change from 0 to 1024
[ 1013.746816][T13552] udevd[13552]: symlink '../../loop3' '/dev/disk/by-label/syzkaller.tmp-b7:3' failed: Read-only file system
[ 1013.749630][T16043] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[ 1013.759988][T13552] udevd[13552]: symlink '../../loop3' '/dev/disk/by-uuid/00000000-0000-0008-0000-000000000000.tmp-b7:3' failed: Read-only file system
[ 1013.783239][   T39] usb 2-1: USB disconnect, device number 112
[ 1013.898570][T13552] udevd[13552]: symlink '../../loop3' '/dev/disk/by-label/syzkaller.tmp-b7:3' failed: Read-only file system
[ 1013.911292][T13552] udevd[13552]: symlink '../../loop3' '/dev/disk/by-uuid/00000000-0000-0008-0000-000000000000.tmp-b7:3' failed: Read-only file system
[ 1014.664752][T16051] loop2: detected capacity change from 0 to 1024
[ 1014.721043][T16051] JBD2: no valid journal superblock found
[ 1014.726655][T16051] EXT4-fs (loop2): error loading journal
[ 1014.736736][T16048] overlayfs: './file1' not a directory
[ 1015.005576][T15111] EXT4-fs (loop3): unmounting filesystem.
[ 1015.018270][T13552] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 1015.075301][T16060] loop3: detected capacity change from 0 to 512
[ 1015.094563][T13552] udevd[13552]: symlink '../../loop3' '/dev/disk/by-label/syzkaller.tmp-b7:3' failed: Read-only file system
[ 1015.115205][T16060] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[ 1015.124142][T16060] ext4 filesystem being mounted at /65/bus supports timestamps until 2038 (0x7fffffff)
[ 1015.154576][T13552] udevd[13552]: symlink '../../loop3' '/dev/disk/by-label/syzkaller.tmp-b7:3' failed: Read-only file system
[ 1015.535460][   T28] audit: type=1326 audit(2000000900.520:2736): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16057 comm="syz.0.3822" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fb477dff9 code=0x7ffc0000
[ 1015.807927][   T28] audit: type=1326 audit(2000000900.520:2737): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16057 comm="syz.0.3822" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fb477dff9 code=0x7ffc0000
[ 1015.831922][   T28] audit: type=1326 audit(2000000900.520:2738): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16057 comm="syz.0.3822" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f9fb477dff9 code=0x7ffc0000
[ 1015.855605][   T28] audit: type=1326 audit(2000000900.530:2739): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16057 comm="syz.0.3822" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fb477dff9 code=0x7ffc0000
[ 1015.857910][  T476] usb 1-1: new high-speed USB device number 110 using dummy_hcd
[ 1015.887248][   T28] audit: type=1326 audit(2000000900.530:2740): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16057 comm="syz.0.3822" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fb477dff9 code=0x7ffc0000
[ 1015.911304][   T28] audit: type=1326 audit(2000000900.530:2741): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16057 comm="syz.0.3822" exe="/root/syz-executor" sig=0 arch=c000003e syscall=132 compat=0 ip=0x7f9fb477dff9 code=0x7ffc0000
[ 1015.935859][   T28] audit: type=1326 audit(2000000900.530:2742): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16057 comm="syz.0.3822" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fb477dff9 code=0x7ffc0000
[ 1015.961056][   T28] audit: type=1326 audit(2000000900.530:2743): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16057 comm="syz.0.3822" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fb477dff9 code=0x7ffc0000
[ 1015.985471][T15111] EXT4-fs (loop3): unmounting filesystem.
[ 1015.999758][   T28] audit: type=1326 audit(2000000900.540:2744): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16057 comm="syz.0.3822" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9fb477dff9 code=0x7ffc0000
[ 1016.023396][   T28] audit: type=1326 audit(2000000900.540:2745): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16057 comm="syz.0.3822" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fb477dff9 code=0x7ffc0000
[ 1016.046237][T16084] FAULT_INJECTION: forcing a failure.
[ 1016.046237][T16084] name failslab, interval 1, probability 0, space 0, times 0
[ 1016.059405][T16084] CPU: 0 PID: 16084 Comm: syz.1.3825 Tainted: G        W          6.1.99-syzkaller-00049-g1fe91f863a7f #0
[ 1016.070521][T16084] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 1016.080429][T16084] Call Trace:
[ 1016.083533][T16084]  <TASK>
[ 1016.086317][T16084]  dump_stack_lvl+0x151/0x1b7
[ 1016.090913][T16084]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[ 1016.096295][T16084]  ? __kasan_check_write+0x14/0x20
[ 1016.101238][T16084]  ? _raw_spin_lock+0xa4/0x1b0
[ 1016.105843][T16084]  ? _raw_spin_trylock_bh+0x190/0x190
[ 1016.111050][T16084]  dump_stack+0x15/0x1b
[ 1016.115042][T16084]  should_fail_ex+0x3d0/0x520
[ 1016.119641][T16084]  ? __alloc_file+0x29/0x2a0
[ 1016.124074][T16084]  __should_failslab+0xaf/0xf0
[ 1016.128668][T16084]  should_failslab+0x9/0x20
[ 1016.133006][T16084]  kmem_cache_alloc+0x3b/0x2c0
[ 1016.137624][T16084]  ? _raw_spin_trylock_bh+0x190/0x190
[ 1016.142812][T16084]  __alloc_file+0x29/0x2a0
[ 1016.147156][T16084]  alloc_empty_file+0x95/0x180
[ 1016.151751][T16084]  alloc_file+0x5a/0x5e0
[ 1016.155849][T16084]  alloc_file_pseudo+0x259/0x2f0
[ 1016.160604][T16084]  ? security_inode_alloc+0x29/0x120
[ 1016.165844][T16084]  ? alloc_empty_file_noaccount+0x80/0x80
[ 1016.171399][T16084]  ? _raw_spin_lock+0xa4/0x1b0
[ 1016.175999][T16084]  ? _raw_spin_trylock_bh+0x190/0x190
[ 1016.181210][T16084]  ? inode_init_always+0x737/0x970
[ 1016.186159][T16084]  sock_alloc_file+0xbb/0x260
[ 1016.190667][T16084]  do_accept+0x3c5/0x6f0
[ 1016.194748][T16084]  ? __ia32_sys_listen+0x70/0x70
[ 1016.199523][T16084]  __sys_accept4+0xa7/0x120
[ 1016.203860][T16084]  __x64_sys_accept4+0x9a/0xb0
[ 1016.208461][T16084]  x64_sys_call+0x798/0x9a0
[ 1016.212800][T16084]  do_syscall_64+0x3b/0xb0
[ 1016.217051][T16084]  ? clear_bhb_loop+0x55/0xb0
[ 1016.221575][T16084]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1016.227384][T16084] RIP: 0033:0x7f81af77dff9
[ 1016.231780][T16084] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1016.251750][T16084] RSP: 002b:00007f81b0528038 EFLAGS: 00000246 ORIG_RAX: 0000000000000120
[ 1016.259986][T16084] RAX: ffffffffffffffda RBX: 00007f81af935f80 RCX: 00007f81af77dff9
[ 1016.267798][T16084] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003
[ 1016.275609][T16084] RBP: 00007f81b0528090 R08: 0000000000000000 R09: 0000000000000000
[ 1016.283419][T16084] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1016.291232][T16084] R13: 0000000000000000 R14: 00007f81af935f80 R15: 00007ffdeb516318
[ 1016.299051][T16084]  </TASK>
[ 1016.350907][T16089] device vlan2 entered promiscuous mode
[ 1016.356370][T16089] device bridge0 entered promiscuous mode
[ 1016.362896][T16089] bridge0: port 3(vlan2) entered blocking state
[ 1016.369029][T16089] bridge0: port 3(vlan2) entered disabled state
[ 1016.380033][T16089] device bridge0 left promiscuous mode
[ 1016.486900][   T39] usb 2-1: new high-speed USB device number 113 using dummy_hcd
[ 1016.529346][  T476] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1016.560447][  T476] usb 1-1: New USB device found, idVendor=146d, idProduct=c086, bcdDevice= 0.00
[ 1016.572956][  T476] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1016.624676][  T476] usb 1-1: config 0 descriptor??
[ 1016.668466][  T476] usbhid 1-1:0.0: couldn't find an input interrupt endpoint
[ 1017.368219][   T39] usb 2-1: config 1 has an invalid descriptor of length 209, skipping remainder of the config
[ 1017.378444][   T39] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1017.387277][   T39] usb 2-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[ 1017.447927][  T765] usb 5-1: new high-speed USB device number 111 using dummy_hcd
[ 1017.588245][   T39] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1017.603162][   T39] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1017.629063][   T39] usb 2-1: Product: syz
[ 1017.637346][   T39] usb 2-1: Manufacturer: syz
[ 1017.643577][   T39] usb 2-1: SerialNumber: syz
[ 1017.817977][  T765] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1017.828860][  T765] usb 5-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[ 1017.837724][  T765] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1017.846678][  T765] usb 5-1: config 0 descriptor??
[ 1018.197561][T16113] loop3: detected capacity change from 0 to 512
[ 1018.204227][T16113] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[ 1018.210689][  T390] udevd[390]: symlink '../../loop3' '/dev/disk/by-label/syzkaller.tmp-b7:3' failed: Read-only file system
[ 1018.216193][T16113] EXT4-fs (loop3): 1 truncate cleaned up
[ 1018.230709][T16113] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[ 1018.244869][  T390] udevd[390]: symlink '../../loop3' '/dev/disk/by-label/syzkaller.tmp-b7:3' failed: Read-only file system
[ 1018.328601][  T765] keytouch 0003:0926:3333.008B: fixing up Keytouch IEC report descriptor
[ 1018.338113][  T734] usb 1-1: USB disconnect, device number 110
[ 1018.344881][  T765] input: HID 0926:3333 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:0926:3333.008B/input/input72
[ 1018.745812][  T390] udevd[390]: symlink '../../loop3' '/dev/disk/by-label/syzkaller.tmp-b7:3' failed: Read-only file system
[ 1019.424390][  T765] keytouch 0003:0926:3333.008B: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.4-1/input0
[ 1019.437731][  T765] usb 5-1: USB disconnect, device number 111
[ 1019.511750][T15111] EXT4-fs (loop3): unmounting filesystem.
[ 1019.527650][T16127] loop3: detected capacity change from 0 to 256
[ 1019.550153][T16127] exFAT-fs (loop3): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[ 1019.627674][T16133] device vlan2 entered promiscuous mode
[ 1019.633560][T16133] device bridge0 entered promiscuous mode
[ 1019.639973][T16133] bridge0: port 3(vlan2) entered blocking state
[ 1019.646209][T16133] bridge0: port 3(vlan2) entered disabled state
[ 1019.655576][T16133] device bridge0 left promiscuous mode
[ 1019.722010][T16135] 9pnet: Could not find request transport: fd0x0000000000000007
[ 1020.017950][  T315] usb 4-1: new high-speed USB device number 111 using dummy_hcd
[ 1020.257906][  T315] usb 4-1: Using ep0 maxpacket: 16
[ 1020.408148][  T315] usb 4-1: config 0 has an invalid descriptor of length 255, skipping remainder of the config
[ 1020.597222][   T28] kauditd_printk_skb: 21 callbacks suppressed
[ 1020.604093][   T28] audit: type=1326 audit(2000000905.620:2767): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16142 comm="syz.0.3842" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fb477dff9 code=0x7ffc0000
[ 1020.689855][   T28] audit: type=1326 audit(2000000905.620:2768): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16142 comm="syz.0.3842" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fb477dff9 code=0x7ffc0000
[ 1020.713684][   T28] audit: type=1326 audit(2000000905.630:2769): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16142 comm="syz.0.3842" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f9fb477dff9 code=0x7ffc0000
[ 1020.741098][   T28] audit: type=1326 audit(2000000905.630:2770): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16142 comm="syz.0.3842" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f9fb477e033 code=0x7ffc0000
[ 1020.764544][   T28] audit: type=1326 audit(2000000905.650:2771): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16142 comm="syz.0.3842" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f9fb477cadf code=0x7ffc0000
[ 1020.788249][   T28] audit: type=1326 audit(2000000905.660:2772): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16142 comm="syz.0.3842" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f9fb477e087 code=0x7ffc0000
[ 1020.816561][   T28] audit: type=1326 audit(2000000905.660:2773): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16142 comm="syz.0.3842" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f9fb477c990 code=0x7ffc0000
[ 1020.840791][   T28] audit: type=1326 audit(2000000905.660:2774): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16142 comm="syz.0.3842" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f9fb477cc8a code=0x7ffc0000
[ 1020.864244][   T28] audit: type=1326 audit(2000000905.670:2775): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16142 comm="syz.0.3842" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fb477dff9 code=0x7ffc0000
[ 1020.888072][   T28] audit: type=1326 audit(2000000905.670:2776): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16142 comm="syz.0.3842" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fb477dff9 code=0x7ffc0000
[ 1020.918638][  T315] usb 4-1: New USB device found, idVendor=045e, idProduct=0721, bcdDevice=90.c4
[ 1020.936850][  T315] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1020.988342][  T315] usb 4-1: Product: syz
[ 1021.004128][  T315] usb 4-1: Manufacturer: syz
[ 1021.046805][  T315] usb 4-1: SerialNumber: syz
[ 1021.099269][   T39] usb 2-1: 0:2 : does not exist
[ 1021.200908][  T315] usb 4-1: config 0 descriptor??
[ 1021.208202][   T39] usb 2-1: USB disconnect, device number 113
[ 1021.450168][T13552] udevd[13552]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[ 1021.778032][  T315] usb 4-1: Found UVC 0.00 device syz (045e:0721)
[ 1021.784506][  T315] usb 4-1: No valid video chain found.
[ 1021.808617][  T315] usb 4-1: USB disconnect, device number 111
[ 1021.827925][T14290] usb 3-1: new high-speed USB device number 115 using dummy_hcd
[ 1021.852771][T16168] device vlan2 entered promiscuous mode
[ 1021.858322][T16168] device bridge0 entered promiscuous mode
[ 1021.864333][T16168] bridge0: port 3(vlan2) entered blocking state
[ 1021.870599][T16168] bridge0: port 3(vlan2) entered disabled state
[ 1021.877202][T16168] device bridge0 left promiscuous mode
[ 1022.187982][T14290] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1022.199123][T16173] loop3: detected capacity change from 0 to 512
[ 1022.201681][T14290] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1022.216259][T14290] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1022.225863][T13552] udevd[13552]: symlink '../../loop3' '/dev/disk/by-label/syzkaller.tmp-b7:3' failed: Read-only file system
[ 1022.229004][T14290] usb 3-1: New USB device found, idVendor=5543, idProduct=0003, bcdDevice= 0.00
[ 1022.241217][T16173] EXT4-fs error (device loop3): __ext4_iget:5046: inode #11: block 1: comm syz.3.3851: invalid block
[ 1022.249209][T14290] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1022.261853][T16173] EXT4-fs error (device loop3): ext4_orphan_get:1401: comm syz.3.3851: couldn't read orphan inode 11 (err -117)
[ 1022.268668][T14290] usb 3-1: config 0 descriptor??
[ 1022.284143][T16173] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[ 1022.298036][  T337] udevd[337]: symlink '../../loop3' '/dev/disk/by-label/syzkaller.tmp-b7:3' failed: Read-only file system
[ 1022.570897][T16179] loop4: detected capacity change from 0 to 2048
[ 1022.583062][  T337] udevd[337]: symlink '../../loop4' '/dev/disk/by-label/syzkaller.tmp-b7:4' failed: Read-only file system
[ 1022.589789][T16179] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[ 1022.608614][  T337] udevd[337]: symlink '../../loop4' '/dev/disk/by-label/syzkaller.tmp-b7:4' failed: Read-only file system
[ 1023.022719][T14290] uclogic 0003:5543:0003.008C: item fetching failed at offset 5/7
[ 1023.030635][T14290] uclogic 0003:5543:0003.008C: parse failed
[ 1023.036369][T14290] uclogic: probe of 0003:5543:0003.008C failed with error -22
[ 1023.045788][T14290] usb 3-1: USB disconnect, device number 115
[ 1023.087183][   T39] usb 5-1: new high-speed USB device number 112 using dummy_hcd
[ 1023.119845][T15111] EXT4-fs (loop3): unmounting filesystem.
[ 1023.128435][T13552] udevd[13552]: symlink '../../loop4' '/dev/disk/by-label/syzkaller.tmp-b7:3' failed: Read-only file system
[ 1023.557930][   T39] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1023.567821][   T39] usb 5-1: New USB device found, idVendor=146d, idProduct=c086, bcdDevice= 0.00
[ 1023.576736][   T39] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1023.585232][   T39] usb 5-1: config 0 descriptor??
[ 1023.614523][T16194] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3855'.
[ 1023.638475][   T39] usbhid 5-1:0.0: couldn't find an input interrupt endpoint
[ 1023.907964][T14290] usb 3-1: new high-speed USB device number 116 using dummy_hcd
[ 1024.177914][T14290] usb 3-1: device descriptor read/64, error -71
[ 1024.567907][T14290] usb 3-1: device descriptor read/64, error -71
[ 1024.837912][T14290] usb 3-1: new high-speed USB device number 117 using dummy_hcd
[ 1025.107924][T14290] usb 3-1: device descriptor read/64, error -71
[ 1025.497904][T14290] usb 3-1: device descriptor read/64, error -71
[ 1025.591559][ T2362] usb 5-1: USB disconnect, device number 112
[ 1025.598586][T14947] EXT4-fs (loop4): unmounting filesystem.
[ 1025.618010][T14290] usb usb3-port1: attempt power cycle
[ 1026.000103][T16215] input: syz1 as /devices/virtual/input/input73
[ 1026.092826][T15423] device syz_tun left promiscuous mode
[ 1026.403724][T16220] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1026.410870][T16220] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1026.422576][T16220] device bridge_slave_0 entered promiscuous mode
[ 1026.434432][T16220] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1026.443968][T16220] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1026.456996][T16220] device bridge_slave_1 entered promiscuous mode
[ 1026.517888][T14290] usb 3-1: new high-speed USB device number 118 using dummy_hcd
[ 1026.552455][T16220] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1026.559343][T16220] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1026.566434][T16220] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1026.573250][T16220] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1026.601419][ T2362] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1026.609713][ T2362] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1026.616808][ T2362] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1026.628591][ T2362] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1026.636659][ T2362] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1026.643545][ T2362] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1026.669042][T16230] FAULT_INJECTION: forcing a failure.
[ 1026.669042][T16230] name failslab, interval 1, probability 0, space 0, times 0
[ 1026.669061][  T765] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1026.669278][  T765] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1026.681806][T16230] CPU: 1 PID: 16230 Comm: syz.3.3865 Tainted: G        W          6.1.99-syzkaller-00049-g1fe91f863a7f #0
[ 1026.689293][  T765] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1026.696126][T16230] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 1026.720420][  T765] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1026.724254][T16230] Call Trace:
[ 1026.724264][T16230]  <TASK>
[ 1026.724273][T16230]  dump_stack_lvl+0x151/0x1b7
[ 1026.738315][T14290] usb 3-1: device descriptor read/8, error -71
[ 1026.742220][T16230]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[ 1026.753513][T16230]  dump_stack+0x15/0x1b
[ 1026.757498][T16230]  should_fail_ex+0x3d0/0x520
[ 1026.762008][T16230]  ? security_inode_alloc+0x29/0x120
[ 1026.767124][T16230]  __should_failslab+0xaf/0xf0
[ 1026.771727][T16230]  should_failslab+0x9/0x20
[ 1026.776068][T16230]  kmem_cache_alloc+0x3b/0x2c0
[ 1026.780671][T16230]  security_inode_alloc+0x29/0x120
[ 1026.785617][T16230]  inode_init_always+0x720/0x970
[ 1026.790386][T16230]  ? sockfs_init_fs_context+0xb0/0xb0
[ 1026.795597][T16230]  new_inode_pseudo+0x98/0x1d0
[ 1026.800198][T16230]  __sock_create+0x135/0x760
[ 1026.804624][T16230]  __sys_socketpair+0x29f/0x6e0
[ 1026.809308][T16230]  ? __ia32_sys_socket+0x90/0x90
[ 1026.814082][T16230]  ? __ia32_sys_read+0x90/0x90
[ 1026.818686][T16230]  ? debug_smp_processor_id+0x17/0x20
[ 1026.823889][T16230]  ? fpregs_assert_state_consistent+0xb6/0xe0
[ 1026.829793][T16230]  __x64_sys_socketpair+0x9b/0xb0
[ 1026.834738][T16230]  x64_sys_call+0x19b/0x9a0
[ 1026.839079][T16230]  do_syscall_64+0x3b/0xb0
[ 1026.843333][T16230]  ? clear_bhb_loop+0x55/0xb0
[ 1026.847850][T16230]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1026.853571][T16230] RIP: 0033:0x7f9c9cf7dff9
[ 1026.857827][T16230] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1026.877397][T16230] RSP: 002b:00007f9c9de34038 EFLAGS: 00000246 ORIG_RAX: 0000000000000035
[ 1026.885641][T16230] RAX: ffffffffffffffda RBX: 00007f9c9d135f80 RCX: 00007f9c9cf7dff9
[ 1026.893447][T16230] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1026.901263][T16230] RBP: 00007f9c9de34090 R08: 0000000000000000 R09: 0000000000000000
[ 1026.909331][T16230] R10: 0000000020000140 R11: 0000000000000246 R12: 0000000000000001
[ 1026.917141][T16230] R13: 0000000000000000 R14: 00007f9c9d135f80 R15: 00007ffe78a73028
[ 1026.924959][T16230]  </TASK>
[ 1026.929400][T16230] socket: no more sockets
[ 1026.939522][ T2362] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1026.957924][T14290] usb 3-1: device descriptor read/8, error -71
[ 1026.964804][  T765] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1026.983969][ T2362] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1027.004760][T16220] device veth0_vlan entered promiscuous mode
[ 1027.013131][  T765] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1027.021638][  T765] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1027.037402][T16220] device veth1_macvtap entered promiscuous mode
[ 1027.046880][T16236] device vlan2 entered promiscuous mode
[ 1027.052526][T16236] device bridge0 entered promiscuous mode
[ 1027.059147][T16236] bridge0: port 3(vlan2) entered blocking state
[ 1027.065274][T16236] bridge0: port 3(vlan2) entered disabled state
[ 1027.072099][T16236] device bridge0 left promiscuous mode
[ 1027.081793][ T2362] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1027.095945][ T2362] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1027.104268][ T2362] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1027.206780][   T28] kauditd_printk_skb: 46 callbacks suppressed
[ 1027.206798][   T28] audit: type=1400 audit(2000000912.380:2823): avc:  denied  { accept } for  pid=16241 comm="syz.0.3869" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[ 1027.378257][T16254] loop1: detected capacity change from 0 to 1024
[ 1027.774636][T14290] usb 3-1: new high-speed USB device number 119 using dummy_hcd
[ 1028.294220][T16254] JBD2: no valid journal superblock found
[ 1028.299855][T16254] EXT4-fs (loop1): error loading journal
[ 1028.329410][ T3969] device bridge_slave_1 left promiscuous mode
[ 1028.335545][ T3969] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1028.344828][ T3969] device bridge_slave_0 left promiscuous mode
[ 1028.359527][T13552] udevd[13552]: symlink '../../loop1' '/dev/disk/by-label/syzkaller.tmp-b7:1' failed: Read-only file system
[ 1028.376664][ T3969] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1028.383772][T16259] loop3: detected capacity change from 0 to 16
[ 1028.390890][T16259] erofs: (device loop3): erofs_fc_fill_super: rootino(nid 36) is not a directory(i_mode 66300)
[ 1028.395943][  T337] udevd[337]: symlink '../../loop3' '/dev/disk/by-uuid/dc990305-0000-0000-0000-00c46e0e7dba.tmp-b7:3' failed: Read-only file system
[ 1028.468680][ T3969] device veth1_macvtap left promiscuous mode
[ 1028.483595][ T3969] device veth0_vlan left promiscuous mode
[ 1028.523832][T14290] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1028.632166][   T28] audit: type=1400 audit(2000000913.800:2824): avc:  denied  { watch } for  pid=16258 comm="syz.3.3873" path="/proc/255/net" dev="proc" ino=110627 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1
[ 1028.814321][T14290] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1028.823951][T14290] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1028.836641][T14290] usb 3-1: New USB device found, idVendor=5543, idProduct=0003, bcdDevice= 0.00
[ 1028.845529][T14290] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1028.845762][T16263] loop4: detected capacity change from 0 to 1024
[ 1028.855190][T14290] usb 3-1: config 0 descriptor??
[ 1028.868173][  T337] udevd[337]: symlink '../../loop4' '/dev/disk/by-label/syzkaller.tmp-b7:4' failed: Read-only file system
[ 1028.869613][T16263] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[ 1028.879476][  T765] usb 1-1: new high-speed USB device number 111 using dummy_hcd
[ 1028.887653][T16263] ext4 filesystem being mounted at /81/file1 supports timestamps until 2038 (0x7fffffff)
[ 1028.909231][  T337] udevd[337]: symlink '../../loop4' '/dev/disk/by-label/syzkaller.tmp-b7:4' failed: Read-only file system
[ 1029.001904][T16270] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=23 sclass=netlink_tcpdiag_socket pid=16270 comm=syz.1.3875
[ 1029.123423][  T337] udevd[337]: symlink '../../loop4' '/dev/disk/by-label/syzkaller.tmp-b7:4' failed: Read-only file system
[ 1029.247930][  T765] usb 1-1: config 1 has an invalid descriptor of length 209, skipping remainder of the config
[ 1029.258151][  T765] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1029.266974][  T765] usb 1-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[ 1029.339028][T14290] uclogic 0003:5543:0003.008D: item fetching failed at offset 5/7
[ 1029.346801][T14290] uclogic 0003:5543:0003.008D: parse failed
[ 1029.352934][T14290] uclogic: probe of 0003:5543:0003.008D failed with error -22
[ 1029.437938][  T765] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1029.446945][  T765] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1029.454928][  T765] usb 1-1: Product: syz
[ 1029.459133][  T765] usb 1-1: Manufacturer: syz
[ 1029.463560][  T765] usb 1-1: SerialNumber: syz
[ 1029.521956][T14947] EXT4-fs (loop4): unmounting filesystem.
[ 1029.542969][T12580] usb 3-1: USB disconnect, device number 119
[ 1029.562800][T16284] FAULT_INJECTION: forcing a failure.
[ 1029.562800][T16284] name failslab, interval 1, probability 0, space 0, times 0
[ 1029.576236][T16284] CPU: 0 PID: 16284 Comm: syz.4.3878 Tainted: G        W          6.1.99-syzkaller-00049-g1fe91f863a7f #0
[ 1029.587445][T16284] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 1029.597340][T16284] Call Trace:
[ 1029.600462][T16284]  <TASK>
[ 1029.603240][T16284]  dump_stack_lvl+0x151/0x1b7
[ 1029.607753][T16284]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[ 1029.613053][T16284]  ? __kasan_check_write+0x14/0x20
[ 1029.617995][T16284]  ? _raw_spin_lock+0xa4/0x1b0
[ 1029.622600][T16284]  ? _raw_spin_trylock_bh+0x190/0x190
[ 1029.627805][T16284]  dump_stack+0x15/0x1b
[ 1029.631799][T16284]  should_fail_ex+0x3d0/0x520
[ 1029.636312][T16284]  ? __alloc_file+0x29/0x2a0
[ 1029.640747][T16284]  __should_failslab+0xaf/0xf0
[ 1029.645345][T16284]  should_failslab+0x9/0x20
[ 1029.649835][T16284]  kmem_cache_alloc+0x3b/0x2c0
[ 1029.654415][T16284]  ? _raw_spin_trylock_bh+0x190/0x190
[ 1029.659614][T16284]  __alloc_file+0x29/0x2a0
[ 1029.663864][T16284]  alloc_empty_file+0x95/0x180
[ 1029.668468][T16284]  alloc_file+0x5a/0x5e0
[ 1029.672643][T16284]  alloc_file_pseudo+0x259/0x2f0
[ 1029.677405][T16284]  ? security_inode_alloc+0x29/0x120
[ 1029.682527][T16284]  ? alloc_empty_file_noaccount+0x80/0x80
[ 1029.688087][T16284]  ? _raw_spin_lock+0xa4/0x1b0
[ 1029.692688][T16284]  ? _raw_spin_trylock_bh+0x190/0x190
[ 1029.697893][T16284]  ? inode_init_always+0x737/0x970
[ 1029.702846][T16284]  sock_alloc_file+0xbb/0x260
[ 1029.707353][T16284]  do_accept+0x3c5/0x6f0
[ 1029.711431][T16284]  ? __ia32_sys_listen+0x70/0x70
[ 1029.716207][T16284]  __sys_accept4+0xa7/0x120
[ 1029.720561][T16284]  __x64_sys_accept4+0x9a/0xb0
[ 1029.725490][T16284]  x64_sys_call+0x798/0x9a0
[ 1029.729830][T16284]  do_syscall_64+0x3b/0xb0
[ 1029.734083][T16284]  ? clear_bhb_loop+0x55/0xb0
[ 1029.738601][T16284]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1029.744329][T16284] RIP: 0033:0x7f8c9937dff9
[ 1029.748575][T16284] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1029.768021][T16284] RSP: 002b:00007f8c9a0a3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000120
[ 1029.776356][T16284] RAX: ffffffffffffffda RBX: 00007f8c99535f80 RCX: 00007f8c9937dff9
[ 1029.784163][T16284] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003
[ 1029.791972][T16284] RBP: 00007f8c9a0a3090 R08: 0000000000000000 R09: 0000000000000000
[ 1029.799783][T16284] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1029.807602][T16284] R13: 0000000000000000 R14: 00007f8c99535f80 R15: 00007ffd4a61e0b8
[ 1029.815411][T16284]  </TASK>
[ 1029.890084][T16287] loop1: detected capacity change from 0 to 128
[ 1029.901918][  T337] udevd[337]: symlink '../../loop1' '/dev/disk/by-label/SYZKALLER.tmp-b7:1' failed: Read-only file system
[ 1029.913829][  T337] udevd[337]: symlink '../../loop1' '/dev/disk/by-uuid/1DD9-F30B.tmp-b7:1' failed: Read-only file system
[ 1030.147924][ T2362] usb 5-1: new high-speed USB device number 113 using dummy_hcd
[ 1030.242628][T16292] loop2: detected capacity change from 0 to 512
[ 1030.255105][  T337] udevd[337]: symlink '../../loop2' '/dev/disk/by-label/syzkaller.tmp-b7:2' failed: Read-only file system
[ 1030.270471][T16292] EXT4-fs (loop2): 1 orphan inode deleted
[ 1030.273341][T16295] device vlan2 entered promiscuous mode
[ 1030.276340][T16292] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[ 1030.283501][T16295] device bridge0 entered promiscuous mode
[ 1030.290261][T16292] ext4 filesystem being mounted at /82/file1 supports timestamps until 2038 (0x7fffffff)
[ 1030.297159][T16295] bridge0: port 3(vlan2) entered blocking state
[ 1030.312155][T16295] bridge0: port 3(vlan2) entered disabled state
[ 1030.320836][  T337] udevd[337]: symlink '../../loop2' '/dev/disk/by-label/syzkaller.tmp-b7:2' failed: Read-only file system
[ 1030.334065][T16295] device bridge0 left promiscuous mode
[ 1030.507977][ T2362] usb 5-1: config 1 has an invalid descriptor of length 209, skipping remainder of the config
[ 1030.518148][ T2362] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1030.794502][ T2362] usb 5-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[ 1030.957984][ T2362] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1030.966954][ T2362] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1030.974761][ T2362] usb 5-1: Product: syz
[ 1030.978753][ T2362] usb 5-1: Manufacturer: syz
[ 1030.983125][ T2362] usb 5-1: SerialNumber: syz
[ 1031.096883][T14659] EXT4-fs (loop2): unmounting filesystem.
[ 1031.142220][T16311] FAULT_INJECTION: forcing a failure.
[ 1031.142220][T16311] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1031.155289][T16311] CPU: 1 PID: 16311 Comm: syz.2.3885 Tainted: G        W          6.1.99-syzkaller-00049-g1fe91f863a7f #0
[ 1031.166575][T16311] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 1031.176559][T16311] Call Trace:
[ 1031.179679][T16311]  <TASK>
[ 1031.182477][T16311]  dump_stack_lvl+0x151/0x1b7
[ 1031.186971][T16311]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[ 1031.192268][T16311]  ? signal_setup_done+0x448/0x5f0
[ 1031.197300][T16311]  dump_stack+0x15/0x1b
[ 1031.201294][T16311]  should_fail_ex+0x3d0/0x520
[ 1031.205812][T16311]  should_fail+0xb/0x10
[ 1031.209796][T16311]  should_fail_usercopy+0x1a/0x20
[ 1031.214663][T16311]  _copy_from_user+0x1e/0xc0
[ 1031.219087][T16311]  restore_sigcontext+0xce/0x700
[ 1031.223856][T16311]  ? fpu__clear_user_states+0x171/0x200
[ 1031.229264][T16311]  ? __do_compat_sys_x32_rt_sigreturn+0x1e0/0x1e0
[ 1031.235493][T16311]  ? _raw_spin_lock_irq+0xa5/0x1b0
[ 1031.240455][T16311]  __do_sys_rt_sigreturn+0x153/0x1e0
[ 1031.245569][T16311]  ? x32_copy_siginfo_to_user+0x270/0x270
[ 1031.251199][T16311]  ? debug_smp_processor_id+0x17/0x20
[ 1031.256406][T16311]  ? fpregs_assert_state_consistent+0xb6/0xe0
[ 1031.262489][T16311]  ? exit_to_user_mode_prepare+0x39/0xa0
[ 1031.267949][T16311]  x64_sys_call+0x91/0x9a0
[ 1031.272206][T16311]  do_syscall_64+0x3b/0xb0
[ 1031.276455][T16311]  ? clear_bhb_loop+0x55/0xb0
[ 1031.280965][T16311]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1031.286696][T16311] RIP: 0033:0x7f126d119959
[ 1031.290949][T16311] Code: 64 c7 00 16 00 00 00 b8 ff ff ff ff c3 0f 1f 40 00 90 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 c7 c0 0f 00 00 00 0f 05 <0f> 1f 80 00 00 00 00 48 81 ec 48 01 00 00 49 89 d0 64 48 8b 04 25
[ 1031.310396][T16311] RSP: 002b:00007f126dfcaa80 EFLAGS: 00000202 ORIG_RAX: 000000000000000f
[ 1031.318636][T16311] RAX: ffffffffffffffda RBX: 00007f126d335f80 RCX: 00007f126d119959
[ 1031.326448][T16311] RDX: 00007f126dfcaa80 RSI: 00007f126dfcabb0 RDI: 0000000000000021
[ 1031.334257][T16311] RBP: 00007f126dfcb090 R08: 0000000000000000 R09: 0000000000000000
[ 1031.342077][T16311] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000002
[ 1031.349887][T16311] R13: 0000000000000000 R14: 00007f126d335f80 R15: 00007fff6e67d2c8
[ 1031.357700][T16311]  </TASK>
[ 1031.408976][T16317] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3887'.
[ 1031.707915][T15975] usb 4-1: new high-speed USB device number 112 using dummy_hcd
[ 1031.768059][  T734] usb 3-1: new high-speed USB device number 120 using dummy_hcd
[ 1031.925173][T16324] loop1: detected capacity change from 0 to 1024
[ 1031.983620][T16324] JBD2: no valid journal superblock found
[ 1031.989299][T16324] EXT4-fs (loop1): error loading journal
[ 1032.048823][  T390] udevd[390]: symlink '../../loop1' '/dev/disk/by-label/syzkaller.tmp-b7:1' failed: Read-only file system
[ 1032.117897][  T734] usb 3-1: Using ep0 maxpacket: 8
[ 1032.147961][T15975] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1032.158166][T15975] usb 4-1: config 0 has no interfaces?
[ 1032.163454][T15975] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1032.172413][T15975] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1032.180840][T15975] usb 4-1: config 0 descriptor??
[ 1032.237933][  T734] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0
[ 1032.247587][  T734] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0xF has invalid wMaxPacketSize 0
[ 1032.421844][T14290] usb 4-1: USB disconnect, device number 112
[ 1032.427945][  T734] usb 3-1: New USB device found, idVendor=054c, idProduct=06c3, bcdDevice=9b.1d
[ 1032.436870][  T734] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1032.444691][  T734] usb 3-1: Product: syz
[ 1032.448660][  T734] usb 3-1: Manufacturer: syz
[ 1032.453030][  T734] usb 3-1: SerialNumber: syz
[ 1032.458277][  T734] usb 3-1: config 0 descriptor??
[ 1032.595838][T16327] loop1: detected capacity change from 0 to 512
[ 1032.604686][T16327] EXT4-fs error (device loop1): __ext4_iget:5046: inode #11: block 1: comm syz.1.3890: invalid block
[ 1032.615846][T16327] EXT4-fs error (device loop1): ext4_orphan_get:1401: comm syz.1.3890: couldn't read orphan inode 11 (err -117)
[ 1032.628355][T16327] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[ 1032.708652][   T28] audit: type=1326 audit(2000000917.890:2825): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16313 comm="syz.2.3886" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f126d17dff9 code=0x0
[ 1032.838020][  T765] usb 1-1: 0:2 : does not exist
[ 1032.847363][  T765] usb 1-1: USB disconnect, device number 111
[ 1032.898783][T15975] usb 3-1: USB disconnect, device number 120
[ 1032.950113][T16336] loop3: detected capacity change from 0 to 2048
[ 1032.959958][T16336] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[ 1033.145734][   T28] audit: type=1326 audit(2000000918.310:2826): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16335 comm="syz.3.3892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c9cf7dff9 code=0x7ffc0000
[ 1033.185817][   T28] audit: type=1326 audit(2000000918.310:2827): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16335 comm="syz.3.3892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c9cf7dff9 code=0x7ffc0000
[ 1033.215733][   T28] audit: type=1326 audit(2000000918.310:2828): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16335 comm="syz.3.3892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f9c9cf7dff9 code=0x7ffc0000
[ 1033.240316][   T28] audit: type=1326 audit(2000000918.310:2829): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16335 comm="syz.3.3892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c9cf7dff9 code=0x7ffc0000
[ 1033.265002][   T28] audit: type=1326 audit(2000000918.310:2830): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16335 comm="syz.3.3892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c9cf7dff9 code=0x7ffc0000
[ 1033.288831][   T28] audit: type=1326 audit(2000000918.310:2831): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16335 comm="syz.3.3892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=132 compat=0 ip=0x7f9c9cf7dff9 code=0x7ffc0000
[ 1033.312267][   T28] audit: type=1326 audit(2000000918.310:2832): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16335 comm="syz.3.3892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c9cf7dff9 code=0x7ffc0000
[ 1033.335633][   T28] audit: type=1326 audit(2000000918.310:2833): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16335 comm="syz.3.3892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c9cf7dff9 code=0x7ffc0000
[ 1033.359167][   T28] audit: type=1326 audit(2000000918.320:2834): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16335 comm="syz.3.3892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9c9cf7dff9 code=0x7ffc0000
[ 1033.359192][T15975] usb 3-1: new high-speed USB device number 121 using dummy_hcd
[ 1033.453000][T16220] EXT4-fs (loop1): unmounting filesystem.
[ 1033.462457][T13552] udevd[13552]: symlink '../../loop3' '/dev/disk/by-label/syzkaller.tmp-b7:1' failed: Read-only file system
[ 1033.467957][   T39] usb 4-1: new high-speed USB device number 113 using dummy_hcd
[ 1033.672598][T16345] loop1: detected capacity change from 0 to 1024
[ 1033.730871][T16345] JBD2: no valid journal superblock found
[ 1033.736526][T16345] EXT4-fs (loop1): error loading journal
[ 1033.773137][T13552] udevd[13552]: symlink '../../loop1' '/dev/disk/by-label/syzkaller.tmp-b7:1' failed: Read-only file system
[ 1033.838106][T15975] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1033.849743][T15975] usb 3-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1033.856213][T13552] udevd[13552]: symlink '../../loop3' '/dev/disk/by-label/syzkaller.tmp-b7:1' failed: Read-only file system
[ 1033.862847][T15975] usb 3-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[ 1033.882952][T15975] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1033.891387][T15975] usb 3-1: config 0 descriptor??
[ 1033.918045][   T39] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1033.927697][   T39] usb 4-1: New USB device found, idVendor=146d, idProduct=c086, bcdDevice= 0.00
[ 1033.937097][T15975] usbhid 3-1:0.0: couldn't find an input interrupt endpoint
[ 1033.944451][   T39] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1033.954252][   T39] usb 4-1: config 0 descriptor??
[ 1034.008522][   T39] usbhid 4-1:0.0: couldn't find an input interrupt endpoint
[ 1034.441523][T16349] loop1: detected capacity change from 0 to 1024
[ 1034.448959][T16349] JBD2: no valid journal superblock found
[ 1034.454657][T16349] EXT4-fs (loop1): error loading journal
[ 1034.463599][T13552] udevd[13552]: symlink '../../loop1' '/dev/disk/by-label/syzkaller.tmp-b7:1' failed: Read-only file system
[ 1034.477986][ T2362] usb 5-1: 0:2 : does not exist
[ 1034.479683][T13552] udevd[13552]: symlink '../../loop3' '/dev/disk/by-label/syzkaller.tmp-b7:1' failed: Read-only file system
[ 1034.484810][ T2362] usb 5-1: USB disconnect, device number 113
[ 1034.698319][T13552] udevd[13552]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[ 1035.417489][T16358] loop1: detected capacity change from 0 to 1024
[ 1035.501117][T16358] JBD2: no valid journal superblock found
[ 1035.506754][T16358] EXT4-fs (loop1): error loading journal
[ 1035.552023][T13552] udevd[13552]: symlink '../../loop1' '/dev/disk/by-label/syzkaller.tmp-b7:1' failed: Read-only file system
[ 1035.569205][T13552] udevd[13552]: symlink '../../loop3' '/dev/disk/by-label/syzkaller.tmp-b7:1' failed: Read-only file system
[ 1035.938178][   T39] usb 3-1: USB disconnect, device number 121
[ 1035.972832][T15975] usb 4-1: USB disconnect, device number 113
[ 1035.973488][T15111] EXT4-fs (loop3): unmounting filesystem.
[ 1035.998846][T16360] device vlan2 entered promiscuous mode
[ 1036.004287][T16360] device bridge0 entered promiscuous mode
[ 1036.010594][T16360] bridge0: port 3(vlan2) entered blocking state
[ 1036.016729][T16360] bridge0: port 3(vlan2) entered disabled state
[ 1036.023688][T16360] device bridge0 left promiscuous mode
[ 1036.189536][T16364] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1036.196452][T16364] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1036.204140][T16364] device bridge_slave_0 entered promiscuous mode
[ 1036.211572][T16364] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1036.218612][T16364] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1036.225995][T16364] device bridge_slave_1 entered promiscuous mode
[ 1036.306490][T16364] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1036.313372][T16364] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1036.320491][T16364] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1036.327249][T16364] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1036.357659][  T315] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1036.365761][  T315] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1036.373040][  T315] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1036.389731][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1036.397782][   T39] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1036.404665][   T39] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1036.459201][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1036.467617][   T39] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1036.474492][   T39] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1036.490278][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1036.498151][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1036.509493][ T2362] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1036.523653][T16364] device veth0_vlan entered promiscuous mode
[ 1036.524731][T16378] loop1: detected capacity change from 0 to 1024
[ 1036.539973][T16378] JBD2: no valid journal superblock found
[ 1036.542823][T13552] udevd[13552]: symlink '../../loop1' '/dev/disk/by-label/syzkaller.tmp-b7:1' failed: Read-only file system
[ 1036.545557][T16378] EXT4-fs (loop1): error loading journal
[ 1036.562766][T14290] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1036.570856][T14290] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1036.578804][T14290] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1036.593849][T16364] device veth1_macvtap entered promiscuous mode
[ 1036.600765][ T2362] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1036.614552][ T2362] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1036.622879][ T2362] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1036.657965][T15975] usb 4-1: new high-speed USB device number 114 using dummy_hcd
[ 1036.671404][T16380] bridge0: port 3(vlan2) entered blocking state
[ 1036.677516][T16380] bridge0: port 3(vlan2) entered disabled state
[ 1036.708668][ T3961] device bridge_slave_1 left promiscuous mode
[ 1036.714607][ T3961] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1036.722145][ T3961] device bridge_slave_0 left promiscuous mode
[ 1036.728272][ T3961] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1036.736254][ T3961] device veth1_macvtap left promiscuous mode
[ 1036.742186][ T3961] device veth0_vlan left promiscuous mode
[ 1037.027987][T15975] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1037.038188][T15975] usb 4-1: config 0 has no interfaces?
[ 1037.043493][T15975] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1037.052372][T15975] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1037.060971][T15975] usb 4-1: config 0 descriptor??
[ 1037.067917][ T2362] usb 3-1: new high-speed USB device number 122 using dummy_hcd
[ 1037.323388][T15975] usb 4-1: USB disconnect, device number 114
[ 1037.400684][T16392] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1037.407550][T16392] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1037.415049][T16392] device bridge_slave_0 entered promiscuous mode
[ 1037.422006][T16392] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1037.429101][ T2362] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1037.429264][T16392] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1037.439834][ T2362] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1037.439862][ T2362] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1037.448079][T16392] device bridge_slave_1 entered promiscuous mode
[ 1037.467870][ T2362] usb 3-1: New USB device found, idVendor=041e, idProduct=2801, bcdDevice= 0.10
[ 1037.484161][ T2362] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1037.494405][ T2362] usb 3-1: config 0 descriptor??
[ 1037.549014][T16392] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1037.555894][T16392] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1037.562969][T16392] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1037.569965][T16392] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1037.593432][T15975] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1037.602616][T15975] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1037.609947][T15975] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1037.628905][T15975] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1037.636948][T15975] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1037.643827][T15975] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1037.651128][T15975] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1037.659951][T15975] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1037.666797][T15975] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1037.674195][T15975] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1037.682151][T15975] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1037.699877][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1037.711779][T12580] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1037.719700][T12580] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1037.726974][T12580] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1037.737585][T16392] device veth0_vlan entered promiscuous mode
[ 1037.751248][T12580] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1037.764199][T16392] device veth1_macvtap entered promiscuous mode
[ 1037.775272][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1037.789855][  T476] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1037.875341][T16404] loop2: detected capacity change from 0 to 2048
[ 1037.887133][  T337] udevd[337]: symlink '../../loop2' '/dev/disk/by-label/syzkaller.tmp-b7:2' failed: Read-only file system
[ 1037.898557][ T2362] usbhid 3-1:0.0: can't add hid device: -71
[ 1037.904411][ T2362] usbhid: probe of 3-1:0.0 failed with error -71
[ 1037.918995][ T2362] usb 3-1: USB disconnect, device number 122
[ 1037.931139][T16404] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[ 1037.948695][T16073] device bridge_slave_1 left promiscuous mode
[ 1037.954756][T16073] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1037.962346][T16073] device bridge_slave_0 left promiscuous mode
[ 1037.968607][T16073] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1037.976873][T16073] device veth1_macvtap left promiscuous mode
[ 1037.983214][T16073] device veth0_vlan left promiscuous mode
[ 1038.087986][T12580] usb 1-1: new high-speed USB device number 112 using dummy_hcd
[ 1038.175555][   T28] kauditd_printk_skb: 23 callbacks suppressed
[ 1038.175589][   T28] audit: type=1326 audit(2000000923.330:2858): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16403 comm="syz.2.3911" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f336977dff9 code=0x7ffc0000
[ 1038.254060][   T28] audit: type=1326 audit(2000000923.330:2859): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16403 comm="syz.2.3911" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f336977dff9 code=0x7ffc0000
[ 1038.282090][   T28] audit: type=1326 audit(2000000923.330:2860): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16403 comm="syz.2.3911" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f336977dff9 code=0x7ffc0000
[ 1038.307591][   T28] audit: type=1326 audit(2000000923.330:2861): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16403 comm="syz.2.3911" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f336977dff9 code=0x7ffc0000
[ 1038.331016][   T28] audit: type=1326 audit(2000000923.330:2862): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16403 comm="syz.2.3911" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f336977dff9 code=0x7ffc0000
[ 1038.354949][   T28] audit: type=1326 audit(2000000923.340:2863): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16403 comm="syz.2.3911" exe="/root/syz-executor" sig=0 arch=c000003e syscall=132 compat=0 ip=0x7f336977dff9 code=0x7ffc0000
[ 1038.378735][   T28] audit: type=1326 audit(2000000923.340:2864): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16403 comm="syz.2.3911" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f336977dff9 code=0x7ffc0000
[ 1038.402935][   T28] audit: type=1326 audit(2000000923.340:2865): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16403 comm="syz.2.3911" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f336977dff9 code=0x7ffc0000
[ 1038.427254][   T28] audit: type=1326 audit(2000000923.340:2866): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16403 comm="syz.2.3911" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f336977dff9 code=0x7ffc0000
[ 1038.451100][   T28] audit: type=1326 audit(2000000923.340:2867): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16403 comm="syz.2.3911" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f336977dff9 code=0x7ffc0000
[ 1038.480500][T16413] loop1: detected capacity change from 0 to 512
[ 1038.487163][T16413] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1038.493364][T13552] udevd[13552]: symlink '../../loop1' '/dev/disk/by-label/syzkaller.tmp-b7:1' failed: Read-only file system
[ 1038.500851][T16413] EXT4-fs error (device loop1): ext4_orphan_get:1396: inode #15: comm syz.1.3912: casefold flag without casefold feature
[ 1038.522436][T16413] EXT4-fs error (device loop1): ext4_xattr_inode_iget:404: inode #12: comm syz.1.3912: missing EA_INODE flag
[ 1038.534218][T16413] EXT4-fs error (device loop1): ext4_xattr_inode_iget:409: comm syz.1.3912: error while reading EA inode 12 err=-117
[ 1038.546805][T16413] EXT4-fs (loop1): 1 orphan inode deleted
[ 1038.553885][T16413] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[ 1038.610619][T13552] udevd[13552]: symlink '../../loop1' '/dev/disk/by-label/syzkaller.tmp-b7:1' failed: Read-only file system
[ 1038.647936][ T2362] usb 3-1: new high-speed USB device number 123 using dummy_hcd
[ 1038.969682][T12580] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1038.979725][T12580] usb 1-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1038.992709][T12580] usb 1-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[ 1039.001757][T12580] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1039.011929][T12580] usb 1-1: config 0 descriptor??
[ 1039.018401][T16420] loop3: detected capacity change from 0 to 1024
[ 1039.025063][T16420] EXT4-fs: Ignoring removed orlov option
[ 1039.030802][T16420] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1039.032738][  T337] udevd[337]: symlink '../../loop3' '/dev/disk/by-label/syzkaller.tmp-b7:3' failed: Read-only file system
[ 1039.049338][T12580] usbhid 1-1:0.0: couldn't find an input interrupt endpoint
[ 1039.069465][T16420] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[ 1039.084602][T13552] udevd[13552]: symlink '../../loop3' '/dev/disk/by-label/syzkaller.tmp-b7:3' failed: Read-only file system
[ 1039.272769][T16424] A link change request failed with some changes committed already. Interface batadv_slave_0 may have been left with an inconsistent configuration, please check.
[ 1039.678231][T16220] EXT4-fs (loop1): unmounting filesystem.
[ 1039.693799][T13552] udevd[13552]: symlink '../../loop3' '/dev/disk/by-label/syzkaller.tmp-b7:1' failed: Read-only file system
[ 1039.708765][ T2362] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1039.720013][ T2362] usb 3-1: New USB device found, idVendor=146d, idProduct=c086, bcdDevice= 0.00
[ 1039.735278][ T2362] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1039.744194][ T2362] usb 3-1: config 0 descriptor??
[ 1039.788852][ T2362] usbhid 3-1:0.0: couldn't find an input interrupt endpoint
[ 1039.899034][T16433] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1039.899487][T15111] EXT4-fs (loop3): unmounting filesystem.
[ 1039.906082][T16433] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1039.919848][T16433] device bridge_slave_0 entered promiscuous mode
[ 1039.926801][T16433] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1039.938619][T13552] udevd[13552]: symlink '../../loop2' '/dev/disk/by-label/syzkaller.tmp-b7:3' failed: Read-only file system
[ 1039.939246][T16439] loop3: detected capacity change from 0 to 512
[ 1039.950285][T16433] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1039.962551][T16439] EXT4-fs error (device loop3): __ext4_iget:5046: inode #11: block 1: comm syz.3.3919: invalid block
[ 1039.986961][T13552] udevd[13552]: symlink '../../loop3' '/dev/disk/by-label/syzkaller.tmp-b7:3' failed: Read-only file system
[ 1040.040633][T16441] loop1: detected capacity change from 0 to 1024
[ 1040.230978][T16439] EXT4-fs error (device loop3): ext4_orphan_get:1401: comm syz.3.3919: couldn't read orphan inode 11 (err -117)
[ 1040.238473][  T337] udevd[337]: symlink '../../loop1' '/dev/disk/by-label/syzkaller.tmp-b7:1' failed: Read-only file system
[ 1040.243184][T16441] JBD2: no valid journal superblock found
[ 1040.256155][T16433] device bridge_slave_1 entered promiscuous mode
[ 1040.259546][T16441] EXT4-fs (loop1): error loading journal
[ 1040.269633][T16439] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[ 1040.275729][T13552] udevd[13552]: symlink '../../loop3' '/dev/disk/by-label/syzkaller.tmp-b7:3' failed: Read-only file system
[ 1040.321427][  T337] udevd[337]: symlink '../../loop3' '/dev/disk/by-label/syzkaller.tmp-b7:1' failed: Read-only file system
[ 1040.398369][T16433] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1040.405252][T16433] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1040.412389][T16433] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1040.419260][T16433] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1040.445612][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1040.453211][   T39] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1040.460698][   T39] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1040.472770][  T765] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1040.480939][  T765] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1040.487786][  T765] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1040.496607][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1040.504775][   T39] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1040.511647][   T39] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1040.525806][  T765] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1040.535671][  T765] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1040.553146][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1040.564912][  T765] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1040.572993][  T765] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1040.580417][  T765] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1040.591196][T16433] device veth0_vlan entered promiscuous mode
[ 1040.602690][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1040.611861][T16433] device veth1_macvtap entered promiscuous mode
[ 1040.622223][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1040.635712][T15975] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1040.682023][T16448] loop1: detected capacity change from 0 to 512
[ 1040.700052][T16448] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[ 1040.709075][T16448] ext4 filesystem being mounted at /21/file0 supports timestamps until 2038 (0x7fffffff)
[ 1040.774453][T16451] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[ 1040.788914][T16451] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 1 with max blocks 33 with error 28
[ 1040.801758][T16451] EXT4-fs (loop1): This should not happen!! Data will be lost
[ 1040.801758][T16451] 
[ 1040.811463][T16451] EXT4-fs (loop1): Total free blocks count 0
[ 1040.817314][T16451] EXT4-fs (loop1): Free/Dirty block details
[ 1040.823285][T16451] EXT4-fs (loop1): free_blocks=65280
[ 1040.828341][T16451] EXT4-fs (loop1): dirty_blocks=33
[ 1040.833263][T16451] EXT4-fs (loop1): Block reservation details
[ 1040.839115][T16451] EXT4-fs (loop1): i_reserved_data_blocks=33
[ 1040.841772][T15111] EXT4-fs (loop3): unmounting filesystem.
[ 1040.885950][T16220] EXT4-fs (loop1): unmounting filesystem.
[ 1040.979280][T16073] device bridge_slave_1 left promiscuous mode
[ 1041.077405][T16459] loop3: detected capacity change from 0 to 1024
[ 1041.087952][T16073] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1041.099112][T16073] device bridge_slave_0 left promiscuous mode
[ 1041.105674][T16073] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1041.118842][T16459] JBD2: no valid journal superblock found
[ 1041.124511][T16459] EXT4-fs (loop3): error loading journal
[ 1041.181649][T16073] device veth1_macvtap left promiscuous mode
[ 1041.247396][T16073] device veth0_vlan left promiscuous mode
[ 1041.317692][  T476] usb 3-1: USB disconnect, device number 123
[ 1041.322382][T16364] EXT4-fs (loop2): unmounting filesystem.
[ 1041.336384][  T765] usb 1-1: USB disconnect, device number 112
[ 1041.560439][T16468] loop4: detected capacity change from 0 to 512
[ 1041.590651][T16468] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[ 1041.601839][T16468] ext4 filesystem being mounted at /2/bus supports timestamps until 2038 (0x7fffffff)
[ 1041.646175][T16469] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1041.653182][T16469] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1041.660800][T16469] device bridge_slave_0 entered promiscuous mode
[ 1041.667775][T16469] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1041.675239][T16469] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1041.683368][T16469] device bridge_slave_1 entered promiscuous mode
[ 1041.690247][T16433] EXT4-fs (loop4): unmounting filesystem.
[ 1041.777408][T16469] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1041.784316][T16469] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1041.791595][T16469] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1041.798441][T16469] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1041.849351][  T476] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1041.867371][  T476] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1041.877224][  T476] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1041.962866][T16483] loop3: detected capacity change from 0 to 1024
[ 1041.974198][T16483] JBD2: no valid journal superblock found
[ 1041.979905][T16483] EXT4-fs (loop3): error loading journal
[ 1042.001993][  T476] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 1042.114941][  T476] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1042.155186][  T476] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1042.162087][  T476] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1042.198195][  T476] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 1042.224129][  T476] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1042.242579][  T476] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1042.249464][  T476] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1042.280952][T16486] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3931'.
[ 1042.290395][T16486] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3931'.
[ 1042.301747][  T734] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 1042.310069][  T734] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1042.328780][  T734] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 1042.336782][  T734] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1042.348078][T16481] loop4: detected capacity change from 0 to 40427
[ 1042.357214][  T476] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 1042.359180][T16481] ================================================================================
[ 1042.374672][  T476] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1042.375906][T16481] UBSAN: shift-out-of-bounds in fs/f2fs/super.c:919:5
[ 1042.389763][T16481] shift exponent 162 is too large for 64-bit type 'unsigned long'
[ 1042.395673][T16469] device veth0_vlan entered promiscuous mode
[ 1042.397525][T16481] CPU: 0 PID: 16481 Comm: syz.4.3929 Tainted: G        W          6.1.99-syzkaller-00049-g1fe91f863a7f #0
[ 1042.414316][T16481] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 1042.416886][  T734] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 1042.424209][T16481] Call Trace:
[ 1042.424218][T16481]  <TASK>
[ 1042.424228][T16481]  dump_stack_lvl+0x151/0x1b7
[ 1042.432457][  T734] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1042.434886][T16481]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[ 1042.446815][T16469] device veth1_macvtap entered promiscuous mode
[ 1042.449642][T16481]  dump_stack+0x15/0x1b
[ 1042.449670][T16481]  __ubsan_handle_shift_out_of_bounds+0x3e1/0x440
[ 1042.471446][T16481]  parse_options+0x4b19/0x4b30
[ 1042.476029][T16481]  ? mount_bdev+0x282/0x3b0
[ 1042.480365][T16481]  ? f2fs_mount+0x34/0x40
[ 1042.484545][T16481]  ? default_options+0xc60/0xc60
[ 1042.489067][  T476] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1042.489339][T16481]  ? kstrdup+0x54/0x70
[ 1042.496693][  T476] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1042.500250][T16481]  ? memcpy+0x56/0x70
[ 1042.500275][T16481]  f2fs_fill_super+0x23bc/0x6dc0
[ 1042.500319][T16481]  ? kill_f2fs_super+0x3c0/0x3c0
[ 1042.500349][T16481]  ? set_blocksize+0x1cb/0x360
[ 1042.500379][T16481]  ? sb_set_blocksize+0xa8/0xf0
[ 1042.500406][T16481]  mount_bdev+0x282/0x3b0
[ 1042.500429][T16481]  ? kill_f2fs_super+0x3c0/0x3c0
[ 1042.500459][T16481]  f2fs_mount+0x34/0x40
[ 1042.500488][T16481]  legacy_get_tree+0xf1/0x190
[ 1042.500513][T16481]  ? trace_raw_output_f2fs__rw_end+0x110/0x110
[ 1042.500550][T16481]  vfs_get_tree+0x88/0x290
[ 1042.500576][T16481]  do_new_mount+0x2ba/0xb30
[ 1042.500601][T16481]  ? do_move_mount_old+0x160/0x160
[ 1042.500622][T16481]  ? security_capable+0x87/0xb0
[ 1042.514441][  T476] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 1042.516580][T16481]  ? ns_capable+0x89/0xe0
[ 1042.522002][  T476] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1042.526038][T16481]  path_mount+0x671/0x1070
[ 1042.531284][  T476] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 1042.534891][T16481]  ? user_path_at_empty+0x14e/0x1a0
[ 1042.534925][T16481]  __se_sys_mount+0x2c4/0x3b0
[ 1042.613356][T16481]  ? __x64_sys_mount+0xd0/0xd0
[ 1042.617952][T16481]  ? __kasan_check_write+0x14/0x20
[ 1042.622895][T16481]  ? fpregs_restore_userregs+0x130/0x290
[ 1042.628366][T16481]  __x64_sys_mount+0xbf/0xd0
[ 1042.632793][T16481]  x64_sys_call+0x49d/0x9a0
[ 1042.637218][T16481]  do_syscall_64+0x3b/0xb0
[ 1042.641470][T16481]  ? clear_bhb_loop+0x55/0xb0
[ 1042.645983][T16481]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1042.651714][T16481] RIP: 0033:0x7fec8057f79a
[ 1042.656052][T16481] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1042.675844][T16481] RSP: 002b:00007fec8141ce68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1042.684084][T16481] RAX: ffffffffffffffda RBX: 00007fec8141cef0 RCX: 00007fec8057f79a
[ 1042.691896][T16481] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 00007fec8141ceb0
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[ 1042.699710][T16481] RBP: 0000000020000140 R08: 00007fec8141cef0 R09: 0000000000000000
[ 1042.707520][T16481] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000200000c0
[ 1042.715333][T16481] R13: 00007fec8141ceb0 R14: 0000000000005505 R15: 0000000020000840
[ 1042.723150][T16481]  </TASK>
[ 1042.734537][  T734] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 1042.753079][  T734] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1042.776705][T16481] ================================================================================
[ 1042.814348][T16481] F2FS-fs (loop4): Not support 17179869184, larger than 256
[ 1042.828472][  T765] usb 3-1: new high-speed USB device number 124 using dummy_hcd
[ 1042.837682][  T734] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 1042.868368][  T734] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1043.288569][ T3961] device bridge_slave_1 left promiscuous mode
[ 1043.294491][ T3961] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1043.301828][ T3961] device bridge_slave_0 left promiscuous mode
[ 1043.307736][ T3961] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1043.315496][ T3961] device veth1_macvtap left promiscuous mode
[ 1043.321393][ T3961] device veth0_vlan left promiscuous mode
[ 1044.109059][ T3961] device bridge_slave_1 left promiscuous mode
[ 1044.115158][ T3961] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1044.122724][ T3961] device bridge_slave_0 left promiscuous mode
[ 1044.128719][ T3961] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1044.136217][ T3961] device bridge_slave_1 left promiscuous mode
[ 1044.142211][ T3961] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1044.149560][ T3961] device bridge_slave_0 left promiscuous mode
[ 1044.155459][ T3961] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1044.163276][ T3961] device bridge_slave_1 left promiscuous mode
[ 1044.169312][ T3961] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1044.176486][ T3961] device bridge_slave_0 left promiscuous mode
[ 1044.182578][ T3961] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1044.190188][ T3961] device bridge_slave_1 left promiscuous mode
[ 1044.196089][ T3961] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1044.203429][ T3961] device bridge_slave_0 left promiscuous mode
[ 1044.209434][ T3961] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1044.217226][ T3961] device bridge_slave_1 left promiscuous mode
[ 1044.223211][ T3961] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1044.230380][ T3961] device bridge_slave_0 left promiscuous mode
[ 1044.236370][ T3961] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1044.245056][ T3961] device veth1_macvtap left promiscuous mode
[ 1044.250902][ T3961] device veth0_vlan left promiscuous mode
[ 1044.256764][ T3961] device veth1_macvtap left promiscuous mode
[ 1044.262660][ T3961] device veth0_vlan left promiscuous mode
[ 1044.268390][ T3961] device veth1_macvtap left promiscuous mode
[ 1044.274193][ T3961] device veth0_vlan left promiscuous mode
[ 1044.280252][ T3961] device veth1_macvtap left promiscuous mode
[ 1044.286060][ T3961] device veth0_vlan left promiscuous mode
[ 1044.292028][ T3961] device veth1_macvtap left promiscuous mode
[ 1044.298072][ T3961] device veth0_vlan left promiscuous mode